.github/workflows/lint.yaml

name: "Lint"

on:
  push:
    branches:
      - main
  workflow_dispatch:

jobs:
  lint:
    name: "Lint"
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - uses: ibiqlik/action-yamllint@v3
        with:
          file_or_dir: .
          format: standard
          config_file: .yamllint.yml

  kubeval_manifests:
    name: "run kubeval on plain K8s manifests"
    runs-on: ubuntu-latest
    needs: lint
    steps:
      - uses: cedi-dev/gh-action-install-kubeval@main

      - name: Checkout
        uses: actions/checkout@v4

      - name: Manifests
        run: |
          for manifest in ./manifests/*/*.yaml
          do
            if [[ $manifest == "./manifests/deploy-secrets/helm.secret.yaml" ]]; then
              continue
            fi
            if [[ $manifest == "./manifests/deploy-secrets/hetzner.secret.yaml" ]]; then
              continue
            fi
            echo "$manifest"
            kubeval --ignore-missing-schemas --strict --schema-location https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/ $manifest
          done

  kubeval_charts:
    name: "run kubeval on charts"
    runs-on: ubuntu-latest
    needs: lint
    steps:
      - uses: cedi-dev/gh-action-install-kubeval@main

      - name: Checkout
        uses: actions/checkout@v4

      - name: Charts
        run: |
          for chart in ./charts/*/
          do
            echo "$chart"
              for app in $stage*/
              do
                  helm template $chart --values $chart/values.yaml | kubeval --ignore-missing-schemas --strict --schema-location https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/
              done
          done

  kubeval_kustomize:
    name: "run kubeval on Kustomize overlays"
    runs-on: ubuntu-latest
    needs: lint
    steps:
      - uses: cedi-dev/gh-action-install-kubeval@main

      - name: Checkout
        uses: actions/checkout@v4

      - name: Kustomize
        run: |
          for kust in ./kustomize/overlays/*/*
          do
            if [[ $kust != "./kustomize/overlays/oauth2-proxy/" ]]; then
              echo "$kust"
              kustomize build --enable-alpha-plugins --enable-helm $kust | kubeval --ignore-missing-schemas --strict --schema-location https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/
              echo "\n"
            else
              for oauth in ./kustomize/overlays/oauth2-proxy/*/
              do
                echo "$oauth"
                kustomize build --enable-alpha-plugins --enable-helm $oauth | kubeval --ignore-missing-schemas --strict --schema-location https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/
                echo "\n"
              done
            fi
          done