feat(ci): add CRD schema generation for kubeconform validation
Add scripts to extract OpenAPI v3 schemas from CRD definitions in all kustomize overlays and write JSON schema files to ci/crd-schemas/ for kubeconform validation. This allows kubeconform to validate CRD instances (Elasticsearch, Kibana, CNPG Cluster, VictoriaMetrics, etc.) instead of skipping or erroring on them. - ci/generate-crd-schemas.py: extracts schemas from CRD YAML on stdin - ci/generate-crd-schemas.sh: iterates overlays, pipes to Python script - ci/validate-apps.sh, ci/validate-clusters.sh: add local schema-location fallback - Makefile: add generate-schemas target - add generate-schemas step to kubeconform woodpecker pipeline so schemas
This commit is contained in:
Executable
+23
@@ -0,0 +1,23 @@
|
||||
#!/usr/bin/env bash
|
||||
# Extract OpenAPI v3 schemas from CRD definitions in all kustomize overlays
|
||||
# and write JSON schema files to ci/crd-schemas/ for kubeconform validation.
|
||||
#
|
||||
# Run this script whenever CRD versions change, then commit the output.
|
||||
# Usage: ci/generate-crd-schemas.sh [output-dir]
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
OUTPUT_DIR="${1:-${SCRIPT_DIR}/crd-schemas}"
|
||||
mkdir -p "$OUTPUT_DIR"
|
||||
|
||||
total=0
|
||||
|
||||
while IFS= read -r -d "" k; do
|
||||
dir="$(dirname "$k")"
|
||||
n=$(kustomize build --enable-helm "$dir" 2>/dev/null \
|
||||
| python3 "$SCRIPT_DIR/generate-crd-schemas.py" "$OUTPUT_DIR") || continue
|
||||
total=$((total + n))
|
||||
done < <(find apps/overlays clusters -name kustomization.yaml -print0 | sort -z)
|
||||
|
||||
echo "Generated ${total} schema(s) in ${OUTPUT_DIR}" >&2
|
||||
Reference in New Issue
Block a user