added kubeval

Signed-off-by: André Bauer <[email protected]>

Author: monotek

Diff for: .github/ct.yaml

@@ -13,6 +13,9 @@
 helm-extra-args: --timeout 600
 check-version-increment: true
 debug: true
+chart-dirs: 
+  - charts
+  - packages
 chart-repos:
   - stable=https://kubernetes-charts.storage.googleapis.com/
   - bitnami=https://charts.bitnami.com

Diff for: .github/kubeval.sh

@@ -0,0 +1,45 @@
+#!/bin/bash
+#
+# use kubeval to validate helm generated kubernetes manifest
+#
+
+# Copyright (c) 2019 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Eclipse Public License 2.0 which is available at
+# http://www.eclipse.org/legal/epl-2.0
+#
+# SPDX-License-Identifier: EPL-2.0
+
+set -o errexit
+set -o pipefail
+
+CHART_DIRS="$(git diff --find-renames --name-only "$(git rev-parse --abbrev-ref HEAD)" remotes/origin/master -- charts packages | grep '[cC]hart.yaml' | sed -e 's#/[Cc]hart.yaml##g')"
+HELM_VERSION="v3.1.1"
+KUBEVAL_VERSION="0.14.0"
+SCHEMA_LOCATION="https://raw.githubusercontent.com/instrumenta/kubernetes-json-schema/master/"
+
+# install helm
+curl --silent --show-error --fail --location --output get_helm.sh https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get
+chmod 700 get_helm.sh
+./get_helm.sh --version "${HELM_VERSION}"
+
+# install kubeval
+curl --silent --show-error --fail --location --output /tmp/kubeval.tar.gz https://github.com/instrumenta/kubeval/releases/download/"${KUBEVAL_VERSION}"/kubeval-linux-amd64.tar.gz
+sudo tar -C /usr/local/bin -xf /tmp/kubeval.tar.gz kubeval
+
+# add helm repos to resolve dependencies
+helm repo add bitnami https://charts.bitnami.com
+helm repo add stable https://kubernetes-charts.storage.googleapis.com/
+
+# validate charts
+for CHART_DIR in ${CHART_DIRS};do
+  echo "helm dependency build..."
+  helm dependency build "${CHART_DIR}"
+
+  echo "kubeval(idating) ${CHART_DIR##charts/} chart..."
+  helm template "${CHART_DIR}" | kubeval --strict --ignore-missing-schemas --kubernetes-version "${KUBERNETES_VERSION#v}" --schema-location "${SCHEMA_LOCATION}"
+done

Diff for: .github/lint-scripts.sh

@@ -26,5 +26,3 @@ while read -r FILE; do
   echo lint "${FILE}"
   shellcheck -x "${FILE}"
 done < "${TMP_FILE}"
-
-rm "${TMP_FILE}"

Diff for: .github/workflows/ci.yaml

@@ -40,10 +40,32 @@ jobs:
           command: lint
           config: .github/ct.yaml
 
+  kubeval-chart:
+    runs-on: ubuntu-latest
+    needs: lint-chart
+    strategy:
+      matrix:
+        k8s:
+          - v1.12.10
+          - v1.13.11
+          - v1.14.10
+          - v1.15.7
+          - v1.16.4
+          - v1.17.0
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v1
+      - name: Run kubeval
+        env:
+          KUBERNETES_VERSION: ${{ matrix.k8s }}         
+        run: .github/kubeval.sh 
+
   install-chart:
     name: install-chart
     runs-on: ubuntu-latest
-    needs: lint-chart
+    needs: 
+      - lint-chart
+      - kubeval-chart
     strategy:
       matrix:
         k8s: