Files
argocd-apps/.pre-commit-config.yaml
T
unkinben 93581bfde2
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline failed
feat(ci): add CRD schema generation for kubeconform validation
Add scripts to extract OpenAPI v3 schemas from CRD definitions in all
kustomize overlays and write JSON schema files to ci/crd-schemas/ for
kubeconform validation. This allows kubeconform to validate CRD instances
(Elasticsearch, Kibana, CNPG Cluster, VictoriaMetrics, etc.) instead of
skipping or erroring on them.

- ci/generate-crd-schemas.py: extracts schemas from CRD YAML on stdin
- ci/generate-crd-schemas.sh: iterates overlays, pipes to Python script
- ci/validate-apps.sh, ci/validate-clusters.sh: add local schema-location fallback
- Makefile: add generate-schemas target
- add generate-schemas step to kubeconform woodpecker pipeline so schemas
2026-06-02 15:24:31 +10:00

43 lines
1.2 KiB
YAML

repos:
# General file checks
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: check-executables-have-shebangs
- id: check-json
- id: check-added-large-files
args: ['--maxkb=2048']
- id: check-merge-conflict
- id: check-shebang-scripts-are-executable
- id: check-symlinks
- id: check-toml
- id: check-yaml
args: [--allow-multiple-documents]
- id: detect-aws-credentials
args: [--allow-missing-credentials]
- id: detect-private-key
- id: end-of-file-fixer
- id: forbid-new-submodules
- id: pretty-format-json
- id: trailing-whitespace
# YAML linting
- repo: https://github.com/adrienverge/yamllint.git
rev: v1.37.1
hooks:
- id: yamllint
args:
[
"-d {extends: relaxed, rules: {line-length: disable}, ignore: chart}",
"-s",
]
# Kubernetes manifest validation
- repo: local
hooks:
- id: no_plain_secrets
name: prevent plain kubernetes secrets
entry: ci/validate-no-secrets.sh
language: system
pass_filenames: false