fix(container): update image ghcr.io/cross-seed/cross-seed ( 6.13.6 → 6.13.7 ) #9968
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Kustomization Completeness Check | |
| on: | |
| pull_request: | |
| branches: ["main"] | |
| push: | |
| branches: ["main"] | |
| jobs: | |
| filter: | |
| name: Kustomization Check - Filter | |
| runs-on: ubuntu-latest | |
| outputs: | |
| changed-files: ${{ steps.changed-files.outputs.changed_files }} | |
| steps: | |
| - name: Get Changed Files | |
| id: changed-files | |
| uses: bjw-s-labs/action-changed-files@a9a36fb08ce06db9b02fbd8026cc2c0945eb9841 # v0.6.0 | |
| with: | |
| patterns: |- | |
| .github/workflows/kustomization-completeness.yaml | |
| kubernetes/**/*.yaml | |
| kubernetes/**/*.yml | |
| check-completeness: | |
| if: ${{ needs.filter.outputs.changed-files != '[]' }} | |
| needs: filter | |
| name: Kustomization Completeness - Check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Install yq for YAML processing | |
| uses: mikefarah/yq@751d8ad57b84f1794661bc70c0afb92a22ad7b3c # v4.53.2 | |
| - name: Setup kubectl | |
| uses: azure/setup-kubectl@829323503d1be3d00ca8346e5391ca0b07a9ab0d # v5.1.0 | |
| - name: Check App-Level Kustomizations | |
| run: | | |
| echo "🔍 Checking app-level kustomization.yaml files for missing resources..." | |
| # Find all app-level kustomization.yaml files | |
| find kubernetes/apps -name "kustomization.yaml" -type f | while IFS= read -r kustomization_file; do | |
| dir=$(dirname "$kustomization_file") | |
| echo "Checking: $kustomization_file" | |
| # Get current resources from kustomization.yaml (using grep instead of yq for reliability) | |
| # Only get resources under the "resources:" section, stop at other sections | |
| current_resources=$(awk ' | |
| /^resources:/ { in_resources=1; next } | |
| /^[a-zA-Z]/ && in_resources { in_resources=0 } | |
| in_resources && /^ - / { | |
| gsub(/^ - /, ""); | |
| gsub(/^\.\//, ""); | |
| } | |
| ' "$kustomization_file" | sort) | |
| # Find all YAML files in the same directory (excluding kustomization.yaml) | |
| actual_files=$(find "$dir" -maxdepth 1 -name "*.yaml" -not -name "kustomization.yaml" -type f | \ | |
| xargs -I {} basename {} | sort) | |
| # Check for missing resources | |
| missing_in_kustomization="" | |
| for file in $actual_files; do | |
| if ! echo "$current_resources" | grep -q "^$file$"; then | |
| # Skip Flux Kustomization files (ks.yaml or files with Flux Kustomization kind) | |
| if [[ "$file" == "ks.yaml" ]] || \ | |
| (grep -q "^kind: Kustomization$" "$dir/$file" && grep -q "kustomize.toolkit.fluxcd.io" "$dir/$file"); then | |
| continue | |
| fi | |
| # Check if this file should be included (has Kubernetes resources) | |
| # Look for apiVersion and kind in the file | |
| if grep -q "^apiVersion:" "$dir/$file" && grep -q "^kind:" "$dir/$file"; then | |
| missing_in_kustomization="$missing_in_kustomization $file" | |
| fi | |
| fi | |
| done | |
| # Check for resources listed but files/directories don't exist | |
| missing_files="" | |
| for resource in $current_resources; do | |
| if [ -n "$resource" ]; then | |
| resource_path="$dir/$resource" | |
| # Check if it's neither a file nor a directory | |
| if [ ! -f "$resource_path" ] && [ ! -d "$resource_path" ]; then | |
| missing_files="$missing_files $resource" | |
| fi | |
| fi | |
| done | |
| # Report findings | |
| if [ -n "$missing_in_kustomization" ] || [ -n "$missing_files" ]; then | |
| echo "❌ Issues found in $kustomization_file:" | |
| if [ -n "$missing_in_kustomization" ]; then | |
| echo " Missing from kustomization:$missing_in_kustomization" | |
| # Check if any missing files are commented out | |
| for missing_file in $missing_in_kustomization; do | |
| if grep -q "# - .*$missing_file" "$kustomization_file"; then | |
| echo " ℹ️ Note: $missing_file is commented out (may be intentionally excluded)" | |
| fi | |
| done | |
| fi | |
| if [ -n "$missing_files" ]; then | |
| echo " Referenced but missing files/directories:$missing_files" | |
| fi | |
| echo "$kustomization_file" >> /tmp/problematic_kustomizations.txt | |
| else | |
| echo "✅ $kustomization_file - Complete" | |
| fi | |
| done | |
| # Check results | |
| if [ -f /tmp/problematic_kustomizations.txt ]; then | |
| echo "" | |
| echo "💥 Found kustomization.yaml files with missing resources:" | |
| cat /tmp/problematic_kustomizations.txt | |
| echo "" | |
| echo "Please add missing YAML files to the resources section of the appropriate kustomization.yaml files." | |
| exit 1 | |
| else | |
| echo "" | |
| echo "🎉 All app-level kustomization.yaml files are complete!" | |
| fi | |
| - name: Check Cluster-Level Kustomizations | |
| run: | | |
| echo "🔍 Checking cluster-level kustomization.yaml files for missing directories..." | |
| # Find all cluster-level kustomization.yaml files | |
| find kubernetes/clusters -path "*/apps/kustomization.yaml" -type f | while IFS= read -r kustomization_file; do | |
| dir=$(dirname "$kustomization_file") | |
| echo "Checking: $kustomization_file" | |
| # Get current resources from kustomization.yaml (using awk for better parsing) | |
| # Only get resources under the "resources:" section, stop at other sections | |
| current_resources=$(awk ' | |
| /^resources:/ { in_resources=1; next } | |
| /^[a-zA-Z]/ && in_resources { in_resources=0 } | |
| in_resources && /^ - / { | |
| gsub(/^ - /, ""); | |
| gsub(/^\.\//, ""); | |
| } | |
| ' "$kustomization_file" | sort) | |
| # Find all directories in the same directory | |
| actual_dirs=$(find "$dir" -maxdepth 1 -type d -not -path "$dir" | \ | |
| xargs -I {} basename {} | sort) | |
| # Check for missing directory resources | |
| missing_in_kustomization="" | |
| for dir_name in $actual_dirs; do | |
| if ! echo "$current_resources" | grep -q "^$dir_name$"; then | |
| # Skip directories that have been migrated to standalone Flux Kustomizations | |
| if [ -f "$dir/$dir_name/.migrated-to-ks" ]; then | |
| echo " ℹ️ Skipping $dir_name (migrated to standalone Flux Kustomizations)" | |
| continue | |
| fi | |
| # Check if this directory has a kustomization.yaml (should be included) | |
| if [ -f "$dir/$dir_name/kustomization.yaml" ]; then | |
| # Check if there's a {dir}/ks.yaml file that includes this directory | |
| # (e.g., media/ks.yaml includes everything in media/) | |
| if ! echo "$current_resources" | grep -q "^$dir_name/ks\.yaml$"; then | |
| missing_in_kustomization="$missing_in_kustomization $dir_name" | |
| fi | |
| fi | |
| fi | |
| done | |
| # Check for resources listed but directories don't exist | |
| missing_dirs="" | |
| for resource in $current_resources; do | |
| if [ -n "$resource" ]; then | |
| resource_dir="$dir/$resource" | |
| # If it's a file (like media/ks.yaml), check if the file exists | |
| if [[ "$resource" == *"/ks.yaml" ]]; then | |
| if [ ! -f "$resource_dir" ]; then | |
| missing_dirs="$missing_dirs $resource" | |
| fi | |
| # Otherwise, check if it's a directory | |
| elif [ ! -d "$resource_dir" ]; then | |
| missing_dirs="$missing_dirs $resource" | |
| fi | |
| fi | |
| done | |
| # Report findings | |
| if [ -n "$missing_in_kustomization" ] || [ -n "$missing_dirs" ]; then | |
| echo "❌ Issues found in $kustomization_file:" | |
| if [ -n "$missing_in_kustomization" ]; then | |
| echo " Missing directories from kustomization:$missing_in_kustomization" | |
| fi | |
| if [ -n "$missing_dirs" ]; then | |
| echo " Referenced but missing directories:$missing_dirs" | |
| fi | |
| echo "$kustomization_file" >> /tmp/problematic_cluster_kustomizations.txt | |
| else | |
| echo "✅ $kustomization_file - Complete" | |
| fi | |
| done | |
| # Check results | |
| if [ -f /tmp/problematic_cluster_kustomizations.txt ]; then | |
| echo "" | |
| echo "💥 Found cluster-level kustomization.yaml files with missing resources:" | |
| cat /tmp/problematic_cluster_kustomizations.txt | |
| echo "" | |
| echo "Please add missing directories to the resources section of the appropriate kustomization.yaml files." | |
| exit 1 | |
| else | |
| echo "" | |
| echo "🎉 All cluster-level kustomization.yaml files are complete!" | |
| fi | |
| - name: Check Cluster App Subdirectory Kustomizations | |
| run: | | |
| echo "🔍 Checking cluster app subdirectory kustomization.yaml files for missing resources..." | |
| # Find all kustomization.yaml files in cluster app subdirectories (but not the main apps/kustomization.yaml) | |
| find kubernetes/clusters -path "*/apps/*/kustomization.yaml" -type f | while IFS= read -r kustomization_file; do | |
| dir=$(dirname "$kustomization_file") | |
| echo "Checking: $kustomization_file" | |
| # Get current resources from kustomization.yaml | |
| current_resources=$(awk ' | |
| /^resources:/ { in_resources=1; next } | |
| /^[a-zA-Z]/ && in_resources { in_resources=0 } | |
| in_resources && /^ - / { | |
| gsub(/^ - /, ""); | |
| gsub(/^\.\//, ""); | |
| } | |
| ' "$kustomization_file" | sort) | |
| # Find all YAML files in the same directory (excluding kustomization.yaml) | |
| actual_files=$(find "$dir" -maxdepth 1 -name "*.yaml" -not -name "kustomization.yaml" -type f | \ | |
| xargs -I {} basename {} | sort) | |
| # Check for missing resources | |
| missing_in_kustomization="" | |
| for file in $actual_files; do | |
| if ! echo "$current_resources" | grep -q "^$file$"; then | |
| # Skip Flux Kustomization files (ks.yaml or files with Flux Kustomization kind) | |
| if [[ "$file" == "ks.yaml" ]] || \ | |
| (grep -q "^kind: Kustomization$" "$dir/$file" && grep -q "kustomize.toolkit.fluxcd.io" "$dir/$file"); then | |
| continue | |
| fi | |
| # Check if this file should be included (has Kubernetes resources) | |
| if grep -q "^apiVersion:" "$dir/$file" && grep -q "^kind:" "$dir/$file"; then | |
| missing_in_kustomization="$missing_in_kustomization $file" | |
| fi | |
| fi | |
| done | |
| # Check for resources listed but files/directories don't exist | |
| missing_files="" | |
| for resource in $current_resources; do | |
| if [ -n "$resource" ]; then | |
| resource_path="$dir/$resource" | |
| if [ ! -f "$resource_path" ] && [ ! -d "$resource_path" ]; then | |
| missing_files="$missing_files $resource" | |
| fi | |
| fi | |
| done | |
| # Report findings | |
| if [ -n "$missing_in_kustomization" ] || [ -n "$missing_files" ]; then | |
| echo "❌ Issues found in $kustomization_file:" | |
| if [ -n "$missing_in_kustomization" ]; then | |
| echo " Missing from kustomization:$missing_in_kustomization" | |
| for missing_file in $missing_in_kustomization; do | |
| if grep -q "# - .*$missing_file" "$kustomization_file"; then | |
| echo " ℹ️ Note: $missing_file is commented out (may be intentionally excluded)" | |
| fi | |
| done | |
| fi | |
| if [ -n "$missing_files" ]; then | |
| echo " Referenced but missing files/directories:$missing_files" | |
| fi | |
| echo "$kustomization_file" >> /tmp/problematic_cluster_app_kustomizations.txt | |
| else | |
| echo "✅ $kustomization_file - Complete" | |
| fi | |
| done | |
| # Check results | |
| if [ -f /tmp/problematic_cluster_app_kustomizations.txt ]; then | |
| echo "" | |
| echo "💥 Found cluster app subdirectory kustomization.yaml files with missing resources:" | |
| cat /tmp/problematic_cluster_app_kustomizations.txt | |
| echo "" | |
| echo "Please add missing YAML files to the resources section of the appropriate kustomization.yaml files." | |
| exit 1 | |
| else | |
| echo "" | |
| echo "🎉 All cluster app subdirectory kustomization.yaml files are complete!" | |
| fi | |
| - name: Check for Orphaned YAML Files | |
| run: | | |
| echo "🔍 Checking for orphaned YAML files not included in any kustomization..." | |
| # Find all YAML files in kubernetes/apps | |
| find kubernetes/apps -name "*.yaml" -not -name "kustomization.yaml" -type f | while IFS= read -r yaml_file; do | |
| # Check if this file has Kubernetes resources | |
| if grep -q "^apiVersion:" "$yaml_file" && grep -q "^kind:" "$yaml_file"; then | |
| dir=$(dirname "$yaml_file") | |
| filename=$(basename "$yaml_file") | |
| # Check if there's a kustomization.yaml in the same directory | |
| if [ -f "$dir/kustomization.yaml" ]; then | |
| # Check if this file is referenced in the resources section | |
| resources_list=$(awk ' | |
| /^resources:/ { in_resources=1; next } | |
| /^[a-zA-Z]/ && in_resources { in_resources=0 } | |
| in_resources && /^ - / { | |
| gsub(/^ - /, ""); | |
| gsub(/^\.\//, ""); | |
| } | |
| ' "$dir/kustomization.yaml") | |
| if ! echo "$resources_list" | grep -q "^$filename$"; then | |
| echo "⚠️ Orphaned file: $yaml_file" | |
| echo "$yaml_file" >> /tmp/orphaned_files.txt | |
| fi | |
| else | |
| echo "⚠️ No kustomization.yaml found for: $yaml_file" | |
| echo "$yaml_file" >> /tmp/orphaned_files.txt | |
| fi | |
| fi | |
| done | |
| # Report orphaned files as warnings (non-blocking) | |
| if [ -f /tmp/orphaned_files.txt ]; then | |
| echo "" | |
| echo "⚠️ Found potentially orphaned YAML files:" | |
| cat /tmp/orphaned_files.txt | |
| echo "" | |
| echo "These files contain Kubernetes resources but are not referenced in kustomization.yaml files." | |
| echo "This is a warning - please verify these files are intentionally excluded." | |
| else | |
| echo "" | |
| echo "✅ No orphaned YAML files found!" | |
| fi | |
| - name: Validate Kustomization Build | |
| run: | | |
| echo "🔍 Testing kustomization builds to ensure they work..." | |
| # Test app-level kustomizations | |
| failed_count=0 | |
| total_count=0 | |
| for kustomization_file in $(find kubernetes/apps -name "kustomization.yaml" -type f); do | |
| dir=$(dirname "$kustomization_file") | |
| echo "Testing build: $dir" | |
| total_count=$((total_count + 1)) | |
| # Try to build the kustomization (dry-run) | |
| if kubectl kustomize "$dir" >/dev/null 2>&1; then | |
| echo "✅ $dir - Build successful" | |
| else | |
| echo "❌ $dir - Build failed" | |
| echo "$dir" >> /tmp/failed_builds.txt | |
| failed_count=$((failed_count + 1)) | |
| fi | |
| done | |
| # Test cluster-level kustomizations | |
| for kustomization_file in $(find kubernetes/clusters -path "*/apps/kustomization.yaml" -type f); do | |
| dir=$(dirname "$kustomization_file") | |
| echo "Testing build: $dir" | |
| total_count=$((total_count + 1)) | |
| # Try to build the kustomization (dry-run) | |
| if kubectl kustomize "$dir" >/dev/null 2>&1; then | |
| echo "✅ $dir - Build successful" | |
| else | |
| echo "❌ $dir - Build failed" | |
| echo "$dir" >> /tmp/failed_builds.txt | |
| failed_count=$((failed_count + 1)) | |
| fi | |
| done | |
| echo "📊 Tested $total_count kustomizations" | |
| # Check results | |
| if [ -f /tmp/failed_builds.txt ]; then | |
| echo "" | |
| echo "💥 Found $failed_count kustomization builds that failed:" | |
| cat /tmp/failed_builds.txt | |
| echo "" | |
| echo "These kustomizations have syntax or reference errors." | |
| exit 1 | |
| else | |
| echo "" | |
| echo "🎉 All kustomization builds successful!" | |
| fi | |
| - name: Summary | |
| if: always() | |
| run: | | |
| echo "📋 Kustomization Completeness Check Summary" | |
| echo "==========================================" | |
| echo "✅ App-level kustomization completeness checked" | |
| echo "✅ Cluster-level kustomization completeness checked" | |
| echo "✅ Cluster app subdirectory kustomization completeness checked" | |
| echo "✅ Orphaned YAML files identified (warnings)" | |
| echo "✅ Kustomization build validation completed" | |
| echo "" | |
| echo "This ensures:" | |
| echo "- All YAML files are properly included in kustomizations" | |
| echo "- All referenced resources actually exist" | |
| echo "- All kustomizations can be built successfully" | |
| echo "- No resources are accidentally orphaned" |