on: push: branches: - dev jobs: validate: runs-on: docker defaults: run: shell: sh env: DOCKER_HOST: tcp://172.17.0.1:2375 steps: - name: Setup run: apk add bash curl - name: Checkout uses: actions/checkout@v4 - name: Install kubeconform run: | wget -O- https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xz mv kubeconform /usr/local/bin - name: Validate manifests run: | kubeconform \ -strict \ -summary \ -ignore-missing-schemas \ -schema-location default \ -schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json' \ ./manifests/ - name: Install k3d run: | curl -fsSL -o /tmp/k3d https://github.com/k3d-io/k3d/releases/download/v5.7.4/k3d-linux-amd64 chmod +x /tmp/k3d mv /tmp/k3d /usr/local/bin - name: Install kubectl run: | curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" chmod +x kubectl mv kubectl /usr/local/bin - name: Create test cluster run: | k3d cluster create test --wait kubectl cluster-info - name: Install ArgoCD run: | kubectl create namespace argocd kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml kubectl wait --for=condition=available --timeout=180s deployment/argocd-server -n argocd - name: Install SealedSecrets run: | kubectl apply -f https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.27.0/controller.yaml kubectl wait --for=condition=available --timeout=60s deployment/sealed-secrets-controller -n kube-system - name: Import SealedSecrets key env: SEALED_SECRETS_KEY: ${{ secrets.SEALED_SECRETS_KEY }} run: | echo "$SEALED_SECRETS_KEY" | kubectl apply -f - kubectl rollout restart deployment/sealed-secrets-controller -n kube-system kubectl rollout status deployment/sealed-secrets-controller -n kube-system --timeout=60s - name: Apply ArgoCD apps run: | kubectl apply -f apps/ - name: Wait for everything run: | sleep 30 kubectl wait --for=condition=available --timeout=120s deployment --all --all-namespaces - name: Cleanup if: always() run: | k3d cluster delete test