Skip to content

Feat/delete unessecary #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
michi8620 wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Feat/delete unessecary #4

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
0167039
deleted kubeconform action
mg365348 Nov 8, 2025
dee281d
return helm script
mg365348 Nov 8, 2025
705951c
deleted scripts
mg365348 Nov 8, 2025
7b60eb3
fixed
mg365348 Nov 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 5 additions & 8 deletions .github/workflows/ci-kind-deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,17 +27,11 @@ jobs:

- name: Run helm lint
run: |
./scripts/helm_lint.sh ./helm
helm lint ./helm

- name: Render chart manifests
run: helm template ./helm > rendered-manifests.yaml

Comment on lines 32 to 34
Copy link

@coderabbitai coderabbitai bot Nov 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Kubeconform manifest validation step removed—shifts validation burden downstream.

The removal of the kubeconform validation step eliminates Kubernetes OpenAPI schema validation from the lint stage. Invalid manifests will now only be caught during the deploy-pr job (later in the workflow), increasing the feedback cycle. While deployment testing will still catch manifest errors, this degrades the linting job's strictness.

Clarify the rationale: Is this validation truly unnecessary, or should it be retained as a defensive measure?

Additionally, the "Render chart manifests" step (line 32–33) now renders manifests without validating them. Consider whether this step serves a purpose (e.g., debugging, artifact generation) or should be removed.

I'll verify this review comment by examining the workflow file and understanding the validation logic. Let me gather the necessary information.


---

🏁 Script executed:

```shell
#!/bin/bash
# Inspect the full workflow file to understand current structure
cat .github/workflows/ci-kind-deploy.yml

Length of output: 5997

🏁 Script executed:

#!/bin/bash
# Search for kubeconform references in the repository
rg -n -C3 "kubeconform" --type yaml

Length of output: 0

🏁 Script executed:

#!/bin/bash
# Search for "deploy-pr" job to understand downstream validation
rg -n -C5 "deploy-pr" .github/workflows/

Length of output: 766

🏁 Script executed:

#!/bin/bash
# Check git history for this file to see what was changed
git log --oneline -10 -- .github/workflows/ci-kind-deploy.yml

Length of output: 79

🏁 Script executed:

#!/bin/bash
# Look for any helm validation or manifest validation steps in workflows
rg -n "helm.*template|manifest.*validat|kubeconform" .github/workflows/ -A2 -B2

Length of output: 312

Kubeconform validation was removed—schema validation no longer occurs in the lint stage.

Git history confirms kubeconform action was deleted (commit 0167039). The lint job now only runs helm lint (which checks syntax, not Kubernetes OpenAPI schema) and renders manifests without validation. The deploy-pr job validates deployment with smoke tests, not manifest schema validation—these are functional tests and will not catch manifest structural errors that kubeconform would catch.

Address both points:

  1. Restore kubeconform or document the rationale: Kubernetes schema validation in the lint stage is a defensive measure. If intentionally removed, clarify why downstream functional testing is sufficient and accept the risk of invalid manifests reaching deployment.

  2. Clarify the "Render chart manifests" step: This generates rendered-manifests.yaml without validation or further use. Either remove it or document its purpose (e.g., debugging, artifact retention).

🤖 Prompt for AI Agents 
In .github/workflows/ci-kind-deploy.yml around lines 32–34, kubeconform/schema
validation was removed so the lint job only runs helm lint and renders manifests
without validation; restore kubeconform to this workflow (reintroduce the
kubeconform action after rendering the manifests and fail the job on schema
validation errors) or, if removal was intentional, add a comment and/or
workflow-level documentation explaining why schema validation is no longer
needed and why downstream smoke tests are sufficient; also clarify the "Render
chart manifests" step by either removing it if unused, or documenting its
purpose and ensuring the rendered-manifests.yaml is meaningfully consumed (for
example upload as a workflow artifact or pass to kubeconform) so the step isn’t
a no-op.

- name: Validate rendered manifests with kubeconform
uses: instrumenta/kubeconform-action@v1
with:
files: rendered-manifests.yaml
args: -strict

unit-tests:
name: Unit tests
runs-on: ubuntu-latest
Expand Down Expand Up @@ -111,7 +105,10 @@ jobs:
uses: actions/checkout@v4

- name: Setup kind
uses: engineerd/setup-kind@v0.5.0
uses: helm/kind-action@v1
with:
cluster_name: kind
wait: 120s

- name: Build Docker image
run: docker build -t $IMAGE .
Expand Down