93581bfde2
Add scripts to extract OpenAPI v3 schemas from CRD definitions in all kustomize overlays and write JSON schema files to ci/crd-schemas/ for kubeconform validation. This allows kubeconform to validate CRD instances (Elasticsearch, Kibana, CNPG Cluster, VictoriaMetrics, etc.) instead of skipping or erroring on them. - ci/generate-crd-schemas.py: extracts schemas from CRD YAML on stdin - ci/generate-crd-schemas.sh: iterates overlays, pipes to Python script - ci/validate-apps.sh, ci/validate-clusters.sh: add local schema-location fallback - Makefile: add generate-schemas target - add generate-schemas step to kubeconform woodpecker pipeline so schemas
25 lines
925 B
Bash
Executable File
25 lines
925 B
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
KUBE_VERSION="1.33.7"
|
|
|
|
schema_args=(
|
|
-schema-location "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{.NormalizedKubernetesVersion}}-standalone{{.StrictSuffix}}/{{.ResourceKind}}{{.KindSuffix}}.json"
|
|
-schema-location "https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json"
|
|
-schema-location "file://${PWD}/ci/crd-schemas/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json"
|
|
)
|
|
|
|
while IFS= read -r -d "" k; do
|
|
dir="$(dirname "$k")"
|
|
echo "==> kubeconform: $dir" >&2
|
|
|
|
kustomize build --enable-helm "$dir" \
|
|
| kubeconform \
|
|
-kubernetes-version "$KUBE_VERSION" \
|
|
-summary \
|
|
-output pretty \
|
|
-verbose \
|
|
-skip GpuDevicePlugin,LBNodeAgent,ServiceGroup \
|
|
"${schema_args[@]}"
|
|
done < <(find apps/overlays -name kustomization.yaml -print0)
|