Update all non-major dependencies #215
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # thanks to https://github.com/giantswarm/devctl/blob/v5.9.0/pkg/gen/input/workflows/internal/file/check_values_schema.yaml.template for the idea | |
| name: 'Check if values schema file has been updated' | |
| on: | |
| pull_request: | |
| branches: | |
| - master | |
| paths: | |
| - 'helm-chart/log2rbac-operator/values.yaml' | |
| - 'helm-chart/log2rbac-operator/values.schema.json' | |
| permissions: | |
| contents: read | |
| jobs: | |
| check: | |
| name: 'Check values.yaml and its schema in PR' | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 | |
| with: | |
| egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs | |
| - name: 'Checkout' | |
| uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 | |
| - name: 'Check if values.schema.json was updated' | |
| run: | | |
| VALUES_FILE=helm-chart/log2rbac-operator/values.yaml | |
| SCHEMA_FILE=helm-chart/log2rbac-operator/values.schema.json | |
| # check if the values.json is covered by the schema | |
| cat <<EOF >> requirements.txt | |
| json-spec==0.10.1 --hash=sha256:c30d7c8bee07bd3fdf620b8902398d0ab58c735adedfeff07e6a7fc358f8cbeb | |
| six==1.16.0 --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254 | |
| EOF | |
| pip3 install --require-hashes -I -r requirements.txt | |
| yq -o=json eval ${VALUES_FILE} > /tmp/values.json | |
| json validate --schema-file=${SCHEMA_FILE} --document-file=/tmp/values.json | |
| echo "PASSED: values.yaml and values.schema.json both appear to have been updated and the document is valid against the schema" |