A flexible GitHub Action to validate Helm charts with Kubeconform.

Assuming you have a charts directory under which you have a set of charts and a schemas directory containing any custom resource schemas, like this:

charts
└───foo
│  ├───templates
│  └───tests
└───bar
│  ├───templates
│  └───tests
└───schemas

You can validate the charts in your workflow like this:

jobs:
    kubeconform:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
      with:
        fetch-depth: 0

    - name: Generate and validate releases
      uses: shivjm/[email protected]
      with:
        additionalSchemaPaths: |
          schemas/{{ .ResourceKind }}.json
        chartsDirectory: "charts"

See action.yml for more information on the parameters.

The default Kubernetes schema will always be automatically included. If you need to add custom schemas, additionalSchemaPaths should be a list of paths, one per line, in the format expected by Kubeconform. These are relative to the root of your repository.

Every chart subdirectory must have a tests subdirectory containing values files as you would pass to Helm. Each file will be passed on its own to helm template release charts/chart and the results will be validated by Kubeconform.

Kubeconform will be run in strict mode. Pass strict: "false" to disable this.

I needed an action to validate some Helm charts. nlamirault/helm-kubeconform-action doesn’t offer enough flexibility and downloads two Git repositories during execution. It was a good opportunity to try writing some bad Go and dip my toes into the world of writing GitHub Actions—specifically, a Docker container action.