Skip to content

fix(ci): Add kubeconform testing #11

fix(ci): Add kubeconform testing

fix(ci): Add kubeconform testing #11

Workflow file for this run

name: Flux Helm Diff
on:
pull_request:
permissions:
contents: read
pull-requests: write
jobs:
flux-diff:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Check for helm-release.yaml changes
id: changed
run: |
# Get changed files
changed_files=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.sha }} | grep -E 'helm-release\.yaml$' || true)
if [ -n "$changed_files" ]; then
echo "changed_files=$changed_files" >> $GITHUB_OUTPUT
echo "changed=true" >> $GITHUB_OUTPUT
else
echo "changed=false" >> $GITHUB_OUTPUT
fi
- name: Set up flux-local
if: steps.changed.outputs.changed == 'true'
uses: docker/setup-buildx-action@v3
- name: Run flux-local diff
if: steps.changed.outputs.changed == 'true'
id: flux-diff
run: |
# Create temp directory for outputs
mkdir -p /tmp/flux-diff
# Run flux-local for each changed helm-release.yaml file
echo "Running flux-local diff for changed files:"
echo "${{ steps.changed.outputs.changed_files }}"
# Convert changed files to array and process each
IFS=$'\n' read -d '' -r -a files <<< "${{ steps.changed.outputs.changed_files }}"
all_diff=""
# Get directory containing the helm-release.yaml
dir=$(dirname "$file")
for file in "${files[@]}"; do
if [ -f "$file" ]; then
echo "Processing: $file"
# Run flux-local diff for this file
docker run --rm \
-v $(pwd):/workdir \
-w /workdir \
ghcr.io/allenporter/flux-local flux-local diff \
--path "$dir" \
--output diff 2>&1 | tee /tmp/flux-diff/$(basename "$file").log || true
# Check if diff file was created and has content
diff_file="/tmp/flux-diff/$(basename "$file").patch"
if [ -f "$diff_file" ] && [ -s "$diff_file" ]; then
echo "=== Diff for $file ===" >> /tmp/flux-diff/all.patch
cat "$diff_file" >> /tmp/flux-diff/all.patch
echo -e "\n" >> /tmp/flux-diff/all.patch
fi
fi
done
- name: Generate Diff Output
if: steps.changed.outputs.changed == 'true'
id: diff-output
run: |
if [ -f /tmp/flux-diff/all.patch ] && [ -s /tmp/flux-diff/all.patch ]; then
# Output diff for use in subsequent steps
echo "diff<<EOF" >> $GITHUB_OUTPUT
cat /tmp/flux-diff/all.patch >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
# Add to job summary
echo "## Flux Diff Results" >> $GITHUB_STEP_SUMMARY
echo "### Changed Helm Releases:" >> $GITHUB_STEP_SUMMARY
IFS=$'\n' read -d '' -r -a files <<< "${{ steps.changed.outputs.changed_files }}"
for file in "${files[@]}"; do
echo "- \`$file\`" >> $GITHUB_STEP_SUMMARY
done
echo "" >> $GITHUB_STEP_SUMMARY
echo '```diff' >> $GITHUB_STEP_SUMMARY
cat /tmp/flux-diff/all.patch >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
echo "has_diff=true" >> $GITHUB_OUTPUT
else
echo "No differences found in helm releases" >> $GITHUB_STEP_SUMMARY
echo "has_diff=false" >> $GITHUB_OUTPUT
fi
- name: Add PR Comment
if: steps.diff-output.outputs.has_diff == 'true'
uses: actions/github-script@v7
with:
script: |
const diff = `${{ steps.diff-output.outputs.diff }}`;
const changedFiles = `${{ steps.changed.outputs.changed_files }}`.split('\n').filter(Boolean);
const header = `## Flux Diff Results`;
const changedFilesList = changedFiles.map(file => `- \`${file}\``).join('\n');
const diffSection = `\`\`\`diff\n${diff}\n\`\`\``;
const body = `${header}\n\n### Changed Helm Releases:\n${changedFilesList}\n\n${diffSection}`;
// Create or update comment
const { data: comments } = await github.rest.issues.listComments({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
});
const existingComment = comments.find(comment =>
comment.user.type === 'Bot' &&
comment.body.includes('Flux Diff Results')
);
if (existingComment) {
await github.rest.issues.updateComment({
owner: context.repo.owner,
repo: context.repo.repo,
comment_id: existingComment.id,
body: body
});
} else {
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
body: body
});
}