feat: add fluxcd and calico crd schema to container build
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
f7e2c84931
commit
1034182de6
18
Dockerfile
18
Dockerfile
@ -12,6 +12,8 @@ ARG YQ_VERSION
|
||||
ARG HELM_VERSION
|
||||
ARG KUSTOMIZE_VERSION
|
||||
ARG KUBECONFORM_VERSION
|
||||
ARG CALICO_VERSION
|
||||
ARG FLUXCD_VERSION
|
||||
|
||||
# renovate: datasource=github-releases depName=kubernetes/kubernetes
|
||||
ENV KUBECTL_VERSION="${KUBECTL_VERSION:-v1.26.0}"
|
||||
@ -23,8 +25,12 @@ ENV HELM_VERSION="${HELM_VERSION:-v3.10.3}"
|
||||
ENV KUSTOMIZE_VERSION="${KUSTOMIZE_VERSION:-v4.5.7}"
|
||||
# renovate: datasource=github-releases depName=yannh/kubeconform
|
||||
ENV KUBECONFORM_VERSION="${KUBECONFORM_VERSION:-v0.5.0}"
|
||||
# renovate: datasource=github-releases depName=projectcalico/calico
|
||||
ENV CALICO_VERSION="${CALICO_VERSION:-v3.24.5}"
|
||||
# renovate: datasource=github-releases depName=fluxcd/flux2
|
||||
ENV FLUXCD_VERSION="${FLUXCD_VERSION:-v0.38.2}"
|
||||
|
||||
RUN apk --update add curl tar bash && \
|
||||
RUN apk --update add curl tar bash python3 py3-yaml && \
|
||||
curl -SsfL -o /usr/local/bin/kubectl "https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl" && \
|
||||
curl -SsfL -o /usr/local/bin/kubectl-convert "https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl-convert" && \
|
||||
curl -SsfL -o /usr/local/bin/yq "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64" && \
|
||||
@ -34,12 +40,22 @@ RUN apk --update add curl tar bash && \
|
||||
| tar xz -C /usr/local/bin kustomize && \
|
||||
curl -SsfL "https://github.com/yannh/kubeconform/releases/download/${KUBECONFORM_VERSION}/kubeconform-linux-amd64.tar.gz" \
|
||||
| tar xz -C /usr/local/bin kubeconform && \
|
||||
curl -SsfL -o /usr/local/bin/openapi2jsonschema "https://raw.githubusercontent.com/yannh/kubeconform/${KUBECONFORM_VERSION}/scripts/openapi2jsonschema.py" && \
|
||||
chmod 755 /usr/local/bin/kubectl && \
|
||||
chmod 755 /usr/local/bin/kubectl-convert && \
|
||||
chmod 755 /usr/local/bin/yq && \
|
||||
chmod 755 /usr/local/bin/helm && \
|
||||
chmod 755 /usr/local/bin/kustomize && \
|
||||
chmod 755 /usr/local/bin/kubeconform && \
|
||||
chmod 755 /usr/local/bin/openapi2jsonschema && \
|
||||
mkdir -p /etc/kube-tools/schemas/flux/master-standalone-strict && \
|
||||
mkdir -p /etc/kube-tools/schemas/calico/master-standalone-strict && \
|
||||
curl -SsfL "https://github.com/fluxcd/flux2/releases/download/${FLUXCD_VERSION}/crd-schemas.tar.gz" \
|
||||
| tar xz -C /etc/kube-tools/schemas/flux/master-standalone-strict && \
|
||||
curl -SsfL -o /tmp/calico.crds.yaml "https://raw.githubusercontent.com/projectcalico/calico/${CALICO_VERSION}/manifests/calico.yaml" && \
|
||||
cd /etc/kube-tools/schemas/calico/master-standalone-strict && \
|
||||
openapi2jsonschema /tmp/calico.crds.yaml && \
|
||||
for file in *.json ; do mv $file ${file//_v1/_v3} ; done && \
|
||||
rm -rf /var/cache/apk/* && \
|
||||
rm -rf /tmp/*
|
||||
|
||||
|
@ -30,10 +30,6 @@ KUSTOMIZE_CONFIG="kustomization.yaml"
|
||||
|
||||
FLUX_PATH="${1:-.}"
|
||||
|
||||
printf "INFO - Downloading Flux OpenAPI schemas\n"
|
||||
mkdir -p /tmp/flux-crd-schemas/master-standalone-strict
|
||||
curl -sL https://github.com/fluxcd/flux2/releases/latest/download/crd-schemas.tar.gz | tar zxf - -C /tmp/flux-crd-schemas/master-standalone-strict
|
||||
|
||||
find "${FLUX_PATH%/}" -type f -name '*.yaml' -print0 | while IFS= read -r -d $'\0' file; do
|
||||
printf "INFO - Validating %s\n" "$file"
|
||||
yq e 'true' "$file" >/dev/null
|
||||
@ -41,12 +37,12 @@ done
|
||||
|
||||
kubeconform_config=(
|
||||
"-strict"
|
||||
"-ignore-missing-schemas"
|
||||
"-schema-location" "default"
|
||||
"-schema-location" "/tmp/flux-crd-schemas"
|
||||
"-schema-location" "/etc/kube-tools/schemas/flux"
|
||||
"-schema-location" "/etc/kube-tools/schemas/calico/master-standalone-strict/{{ .ResourceKind }}_{{ .ResourceAPIVersion }}.json"
|
||||
"-exit-on-error"
|
||||
"-summary"
|
||||
"-skip" "Secret"
|
||||
"-skip" "Secret,CustomResourceDefinition"
|
||||
)
|
||||
|
||||
printf "\nINFO - Validating clusters\n"
|
||||
|
Loading…
Reference in New Issue
Block a user