diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..3550a30 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use flake diff --git a/_docker/crd-extractor.sh b/.github/scripts/crd-extractor.sh old mode 100644 new mode 100755 similarity index 91% rename from _docker/crd-extractor.sh rename to .github/scripts/crd-extractor.sh index 6a8b2ad..9551637 --- a/_docker/crd-extractor.sh +++ b/.github/scripts/crd-extractor.sh @@ -1,5 +1,9 @@ #!/usr/bin/env bash +set -e + +SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) + # Create temp folder for CRDs TMP_CRD_DIR=$HOME/.datree/crds mkdir -p "$TMP_CRD_DIR" @@ -37,7 +41,7 @@ if [ $NUM_OF_CRDS == 0 ]; then fi # Convert crds to jsonSchema -python3 /opt/openapi2jsonschema.py "$TMP_CRD_DIR"/*.yaml +python3 "${SCRIPT_DIR}/openapi2jsonschema.py" "$TMP_CRD_DIR"/*.yaml conversionResult=$? # Copy and rename files to support kubeval @@ -60,4 +64,3 @@ if [ $conversionResult == 0 ]; then fi rm -rf "$TMP_CRD_DIR" -chown -R "$PUID:$PGID" /crds diff --git a/_docker/openapi2jsonschema.py b/.github/scripts/openapi2jsonschema.py similarity index 100% rename from _docker/openapi2jsonschema.py rename to .github/scripts/openapi2jsonschema.py diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt new file mode 100644 index 0000000..c3726e8 --- /dev/null +++ b/.github/scripts/requirements.txt @@ -0,0 +1 @@ +pyyaml diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml deleted file mode 100644 index 248e4fc..0000000 --- a/.github/workflows/release.yaml +++ /dev/null @@ -1,59 +0,0 @@ -# yamllint disable rule:comments ---- -# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json -name: Release - -'on': - workflow_dispatch: - push: - branches: - - master - paths: - - _docker/** - -env: - IMAGE_REGISTRY: ghcr.io - -jobs: - push: - name: Build and push image - runs-on: ubuntu-latest - permissions: - packages: write - id-token: write - steps: - - name: Generate Token - uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0 - id: generate-token - with: - app_id: "${{ secrets.BOT_APP_ID }}" - private_key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" - - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - token: "${{ steps.generate-token.outputs.token }}" - - - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3 - - - name: Login to GitHub Container Registry - uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3.2.0 - - - name: Build and Push - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 - with: - context: ./_docker - platforms: linux/amd64,linux/arm64 - file: ./_docker/Dockerfile - push: true - tags: | - ${{ env.IMAGE_REGISTRY }}/${{ github.repository_owner }}/crd-extractor:latest -# yamllint enable rule:comments diff --git a/.github/workflows/update-schemas.yaml b/.github/workflows/update-schemas.yaml new file mode 100644 index 0000000..08f30e6 --- /dev/null +++ b/.github/workflows/update-schemas.yaml @@ -0,0 +1,54 @@ +# yamllint disable rule:comments +--- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json +name: "Update schemas" + +'on': + workflow_dispatch: + schedule: + - cron: '0 * * * *' + +jobs: + render-readme: + name: Update schemas + runs-on: gha-runner-scale-set + steps: + - name: Generate Token + uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0 + id: generate-token + with: + app_id: "${{ secrets.BOT_APP_ID }}" + private_key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" + + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + token: "${{ steps.generate-token.outputs.token }}" + + - name: Setup Python + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + with: + python-version: '3.11' + cache: 'pip' # caching pip dependencies + + - name: Install Requirements + run: | + sudo apt-get update && sudo apt-get install --yes --no-install-recommends git + pip install -r ./.github/scripts/requirements.txt && pip freeze + + - name: Setup kubectl + uses: azure/setup-kubectl@3e0aec4d80787158d308d7b364cb1b702e7feb7f # v4.0.0 + + - name: Refresh schemas + run: | + ./.github/scripts/crd-extractor.sh + + - name: Commit Changes + uses: stefanzweifel/git-auto-commit-action@8756aa072ef5b4a080af5dc8fef36c5d586e521d # v5.0.0 + with: + repository: /home/runner/_work/schemas/schemas + commit_message: "feat: update schemas" + commit_user_name: "RoboDexo2000[bot]" + commit_user_email: "150604236+RoboDexo2000[bot]@users.noreply.github.com" + commit_author: "RoboDexo2000 <150604236+RoboDexo2000[bot]@users.noreply.github.com>" +# yamllint enable rule:comments diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..69d93e1 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.direnv +.devenv diff --git a/_docker/Dockerfile b/_docker/Dockerfile deleted file mode 100644 index a334d62..0000000 --- a/_docker/Dockerfile +++ /dev/null @@ -1,20 +0,0 @@ -FROM public.ecr.aws/docker/library/python:3-slim-bookworm - -ENV PUID=1000 -ENV PGID=1000 - -COPY crd-extractor.sh /usr/bin/crd-extractor -COPY openapi2jsonschema.py /opt/openapi2jsonschema.py - -# hadolint ignore=DL3008,DL3013 -RUN apt-get update \ - && apt-get install --yes --no-install-recommends bash curl \ - && apt-get clean autoclean \ - && rm -rf /var/lib/apt/lists/* \ - && curl -L -o /usr/bin/kubectl "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" \ - && chmod +x /usr/bin/kubectl /usr/bin/crd-extractor \ - && pip install --no-cache-dir pyaml \ - && mkdir -p /crds /root/.datree \ - && ln -s /crds /root/.datree/crdSchemas - -ENTRYPOINT ["/usr/bin/crd-extractor"] diff --git a/build.sh b/build.sh deleted file mode 100755 index d992046..0000000 --- a/build.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/usr/bin/env bash - -set -e - -[ -f "${KUBECONFIG}" ] || (echo "Missing kubeconfig" && exit 1) -docker run --rm -it -v "${KUBECONFIG}:/root/.kube/config" -v "$(pwd):/crds" -e PUID=1000 -e PGID=1000 ghcr.io/deedee-ops/crd-extractor -git add -A -git commit -m "chore(deps): update schemas" diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..fa6bbfd --- /dev/null +++ b/flake.lock @@ -0,0 +1,61 @@ +{ + "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1711703276, + "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..01f3a6f --- /dev/null +++ b/flake.nix @@ -0,0 +1,22 @@ +{ + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + flake-utils.url = "github:numtide/flake-utils"; + }; + outputs = { self, nixpkgs, flake-utils }: + flake-utils.lib.eachDefaultSystem + (system: + let + pkgs = import nixpkgs { + inherit system; + }; + in + { + devShells.default = pkgs.mkShell { + buildInputs = [ + pkgs.yamllint + ]; + }; + } + ); +}