Files
argocd-apps/ci/generate-schemas.sh
T
unkinben 817bde2289
ci/woodpecker/pr/kubeconform Pipeline was canceled
ci/woodpecker/pr/pre-commit Pipeline was canceled
Add JSON schema generation for kubeconform CRD validation
- ci/generate-schemas.sh generates schemas from CRD manifests and K8s swagger
- Sources: ArgoCD v3.3.2, Gateway API v1.5.1, Kubernetes v1.33.7
- Optionally fetches live cluster CRDs via kubectl when available
- Generated schemas committed to schemas/ for CI use
- Run `make schemas` to regenerate after CRD version bumps
- validate-apps.sh and validate-clusters.sh check local schemas first
- Remove CustomResourceDefinition from kubeconform skip list
2026-06-28 17:17:56 +10:00

128 lines
4.9 KiB
Bash
Executable File

#!/usr/bin/env bash
set -euo pipefail
SCHEMA_DIR="${1:-schemas}"
rm -rf "$SCHEMA_DIR"
mkdir -p "$SCHEMA_DIR"
CRD_URLS=(
"https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/github_user/argoproj/argo-cd/refs/tags/v3.3.2/manifests/ha/install.yaml"
"https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/github/kubernetes-sigs/gateway-api/releases/download/v1.5.1/standard-install.yaml"
)
SWAGGER_URL="https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/github_user/kubernetes/kubernetes/refs/tags/v1.33.7/api/openapi-spec/swagger.json"
write_schema='
import json, os
def write_schema(schema, schema_dir, group, kind, version):
"""Strip descriptions and write compact JSON with trailing newline."""
def strip_descriptions(obj):
if isinstance(obj, dict):
return {k: strip_descriptions(v) for k, v in obj.items() if k != "description"}
if isinstance(obj, list):
return [strip_descriptions(i) for i in obj]
return obj
schema = strip_descriptions(schema)
group_dir = os.path.join(schema_dir, group) if group else schema_dir
os.makedirs(group_dir, exist_ok=True)
fname = f"{kind}_{version}.json".lower()
with open(os.path.join(group_dir, fname), "w") as f:
json.dump(schema, f, indent=2, sort_keys=True)
f.write("\n")
print(f" Generated: {group}/{fname}" if group else f" Generated: {fname}", file=__import__("sys").stderr)
'
if command -v kubectl &>/dev/null && kubectl cluster-info &>/dev/null 2>&1; then
echo "==> Fetching CRDs from cluster..." >&2
kubectl get crds -o json | python3 -c "
import sys, json, os
$write_schema
data = json.load(sys.stdin)
for crd in data.get('items', []):
spec = crd.get('spec', {})
group = spec.get('group', '')
kind = spec.get('names', {}).get('kind', '')
for ver in spec.get('versions', []):
version = ver.get('name', '')
openapi = ver.get('schema', {}).get('openAPIV3Schema', {})
if not openapi:
continue
schema = dict(openapi)
schema['\$schema'] = 'http://json-schema.org/draft-07/schema#'
schema['type'] = 'object'
schema.setdefault('properties', {})
schema['properties'].setdefault('apiVersion', {'type': 'string'})
schema['properties'].setdefault('kind', {'type': 'string'})
schema['properties'].setdefault('metadata', {'type': 'object'})
write_schema(schema, '$SCHEMA_DIR', group, kind, version)
"
else
echo "==> kubectl not available, skipping cluster CRDs" >&2
fi
echo "==> Downloading CRD manifests..." >&2
for url in "${CRD_URLS[@]}"; do
echo " Fetching: $url" >&2
curl -sSfL "$url"
done | python3 -c "
import sys, json, yaml, os
$write_schema
for doc in yaml.safe_load_all(sys.stdin):
if doc is None or doc.get('kind') != 'CustomResourceDefinition':
continue
spec = doc.get('spec', {})
group = spec.get('group', '')
kind = spec.get('names', {}).get('kind', '')
for ver in spec.get('versions', []):
version = ver.get('name', '')
openapi = ver.get('schema', {}).get('openAPIV3Schema', {})
if not openapi:
continue
group_dir = os.path.join('$SCHEMA_DIR', group)
fname = f'{kind}_{version}.json'.lower()
if os.path.exists(os.path.join(group_dir, fname)):
continue
schema = dict(openapi)
schema['\$schema'] = 'http://json-schema.org/draft-07/schema#'
schema['type'] = 'object'
schema.setdefault('properties', {})
schema['properties'].setdefault('apiVersion', {'type': 'string'})
schema['properties'].setdefault('kind', {'type': 'string'})
schema['properties'].setdefault('metadata', {'type': 'object'})
write_schema(schema, '$SCHEMA_DIR', group, kind, version)
"
echo "==> Downloading Kubernetes swagger spec..." >&2
curl -sSfL "$SWAGGER_URL" | python3 -c "
import sys, json, os
$write_schema
swagger = json.load(sys.stdin)
definitions = swagger.get('definitions', {})
for defn_name, defn in definitions.items():
for gvk in defn.get('x-kubernetes-group-version-kind', []):
group = gvk.get('group', '')
version = gvk.get('version', '')
kind = gvk.get('kind', '')
schema = {
'\$schema': 'http://json-schema.org/draft-07/schema#',
'type': 'object',
'properties': {},
'additionalProperties': True,
}
for prop_name, prop_val in defn.get('properties', {}).items():
prop_copy = {k: v for k, v in prop_val.items() if k != '\$ref'}
if not prop_copy.get('type') and len(prop_copy) > 0:
prop_copy['type'] = 'object'
prop_copy['additionalProperties'] = True
schema['properties'][prop_name] = prop_copy
write_schema(schema, '$SCHEMA_DIR', group, kind, version)
"
total=$(find "$SCHEMA_DIR" -name '*.json' | wc -l)
echo "==> Schema generation complete: $total schemas in $SCHEMA_DIR" >&2