on: pull_request: jobs: validate: runs-on: docker defaults: run: shell: sh env: DOCKER_HOST: tcp://172.17.0.1:2375 steps: - name: Checkout uses: actions/checkout@v4 - name: Validate manifests run: | kubeconform \ -strict \ -summary \ -ignore-missing-schemas \ -schema-location default \ -schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json' \ ./manifests/ - name: Create test cluster run: k3d cluster create test --wait - name: Install ArgoCD run: | kubectl create namespace argocd kubectl apply -n argocd --server-side -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml kubectl apply -f https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.27.0/controller.yaml kubectl wait --for=condition=available --timeout=180s \ deployment/argocd-server \ deployment/argocd-repo-server \ deployment/argocd-applicationset-controller \ -n argocd kubectl wait --for=condition=available --timeout=60s \ deployment/sealed-secrets-controller -n kube-system - name: Import SealedSecrets key env: SEALED_SECRETS_KEY: ${{ secrets.SEALED_SECRETS_KEY }} run: | echo "$SEALED_SECRETS_KEY" | kubectl apply -f - kubectl rollout restart deployment/sealed-secrets-controller -n kube-system kubectl rollout status deployment/sealed-secrets-controller -n kube-system --timeout=60s - name: Apply ArgoCD apps run: kubectl apply -f apps/ - name: Wait for ArgoCD sync run: | sleep 10 kubectl wait applications \ --all \ --namespace argocd \ --for=jsonpath='{.status.health.status}'=Healthy \ --timeout=300s - name: Wait for all deployments run: kubectl wait --for=condition=available --timeout=300s deployment --all --all-namespaces - name: Cleanup if: always() run: k3d cluster delete test