name: Check with kubeconform on: push: branches: [ main ] jobs: lint: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: bmuschko/setup-kubeconform@v1 name: Setup Kubeconform - name: Kubeconform validation id: kubeconform run: | # Create a temporary file to store validation output VALIDATION_OUTPUT=$(mktemp) # Run kubeconform and capture output find . -name '*.yaml' \ ! -name '*values.yaml' \ ! -path './.gitea/*' \ -print0 \ | xargs -0 kubeconform \ -summary \ -verbose \ -output pretty \ -ignore-missing-schemas \ -schema-location default \ -schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json' \ -schema-location 'https://raw.githubusercontent.com/SchemaStore/schemastore/refs/heads/master/src/schemas/json/kustomization.json' > $VALIDATION_OUTPUT 2>&1 # Store exit code VALIDATION_EXIT_CODE=$? # Output the content for logs cat $VALIDATION_OUTPUT # Store the validation output in a file for the next step echo "VALIDATION_OUTPUT<> $GITHUB_ENV cat $VALIDATION_OUTPUT >> $GITHUB_ENV echo "EOF" >> $GITHUB_ENV # Set output variable to indicate validation status echo "status=$VALIDATION_EXIT_CODE" >> $GITHUB_OUTPUT # Exit with the same code as kubeconform exit $VALIDATION_EXIT_CODE continue-on-error: true - name: Telegram notify on validation failure if: steps.kubeconform.outputs.status != '0' uses: appleboy/telegram-action@master with: to: ${{ secrets.TELEGRAM_TO }} token: ${{ secrets.TELEGRAM_TOKEN }} message: | 🚨 Kubernetes manifest validation failed! Repository: ${{ github.repository }} Branch: ${{ github.ref_name }} Commit: ${{ github.sha }} Validation errors: ``` ${{ env.VALIDATION_OUTPUT }} ``` See full details: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}