Skip to content
KubeCheck 🔍

Kubernetes: Improve validation results handling in KubeCheck workflow… #3

Sign in to view logs

Kubernetes: Improve validation results handling in KubeCheck workflow…

Kubernetes: Improve validation results handling in KubeCheck workflow… #3

Workflow file for this run

.github/workflows/kubecheck.yml at ffc5212
name: KubeCheck 🔍
on:
push:
paths:
- '**/*.yaml'
- '**/*.yml'
jobs:
fetch_commit_info:
runs-on: ubuntu-latest
outputs:
sha: ${{ steps.meta.outputs.sha }}
message: ${{ steps.meta.outputs.message }}
timestamp: ${{ steps.meta.outputs.timestamp }}
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Get commit metadata
id: meta
run: |
echo "sha=${GITHUB_SHA}" >> "$GITHUB_OUTPUT"
echo "message=$(git log -1 --pretty=%s)" >> "$GITHUB_OUTPUT"
echo "timestamp=$(git log -1 --format=%cI)" >> "$GITHUB_OUTPUT"
validate_kubeconform:
runs-on: ubuntu-latest
needs: fetch_commit_info
outputs:
summary: ${{ steps.kubeval.outputs.summary || steps.kubeval_skip.outputs.summary }}
results: ${{ steps.kubeval.outputs.results || steps.kubeval_skip.outputs.results }}
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Install kubeconform
run: |
curl -L https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xz
sudo mv kubeconform /usr/local/bin/
- name: Detect changed YAML files
id: detect_changes
run: |
git fetch origin ${{ github.event.before }}
CHANGED_FILES=$(git diff --name-only ${{ github.event.before }} ${{ github.sha }} | grep -E '\.ya?ml$' || true)
if [ -z "$CHANGED_FILES" ]; then
echo "No Kubernetes YAML changes found. Skipping validation."
echo "changed=false" >> $GITHUB_OUTPUT
else
echo "$CHANGED_FILES" > changed_yamls.txt
echo "changed=true" >> $GITHUB_OUTPUT
fi
- name: Validate Kubernetes YAML
id: kubeval
if: steps.detect_changes.outputs.changed == 'true'
run: |
set +e
RESULTS=""
PASS_COUNT=0
FAIL_COUNT=0
while IFS= read -r file; do
output=$(kubeconform -strict -verbose "$file" 2>&1)
if echo "$output" | grep -q "PASS"; then
emoji="✅"
PASS_COUNT=$((PASS_COUNT + 1))
else
emoji="❌"
FAIL_COUNT=$((FAIL_COUNT + 1))
fi
RESULTS="${RESULTS}${emoji} \`${file}\`\n${output}\n\n"
done < changed_yamls.txt
SUMMARY="✅ Passed: ${PASS_COUNT} | ❌ Failed: ${FAIL_COUNT}"
echo "$RESULTS" > validation_output.txt
echo "results<<EOF" >> $GITHUB_OUTPUT
echo "$RESULTS" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
echo "summary=${SUMMARY}" >> $GITHUB_OUTPUT
echo -e "$RESULTS"
- name: Set summary for skipped validation
if: steps.detect_changes.outputs.changed == 'false'
id: kubeval_skip
run: |
echo "summary=✅ No Kubernetes YAML files changed. Skipped validation." >> $GITHUB_OUTPUT
echo "results=" >> $GITHUB_OUTPUT
- name: Upload validation results
if: always()
uses: actions/upload-artifact@v3
with:
name: validation-results
path: validation_output.txt
- name: Fail if any errors
if: steps.detect_changes.outputs.changed == 'true'
run: |
if grep -q "❌" validation_output.txt; then
echo "Validation failed."
exit 1
fi
post_comment:
runs-on: ubuntu-latest
needs: [fetch_commit_info, validate_kubeconform]
if: always()
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Comment on commit
working-directory: ${{ github.workspace }}
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
SHA: ${{ needs.fetch_commit_info.outputs.sha }}
COMMIT_MSG: ${{ needs.fetch_commit_info.outputs.message }}
COMMIT_TIME: ${{ needs.fetch_commit_info.outputs.timestamp }}
SUMMARY: ${{ needs.validate_kubeconform.outputs.summary }}
RESULTS: ${{ needs.validate_kubeconform.outputs.results }}
REPO: ${{ github.repository }}
run: chmod +x .github/scripts/comment-kubecheck.sh && bash .github/scripts/comment-kubecheck.sh