chore(deps): update all non-major dependencies #417
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# thanks to https://github.com/giantswarm/devctl/blob/v5.9.0/pkg/gen/input/workflows/internal/file/check_values_schema.yaml.template for the idea | |
name: 'Check if values schema file has been updated' | |
on: | |
pull_request: | |
branches: | |
- master | |
paths: | |
- 'chart/k8gb/values.yaml' | |
- 'chart/k8gb/values.schema.json' | |
permissions: # added using https://github.com/step-security/secure-workflows | |
contents: read | |
jobs: | |
check: | |
name: 'Check values.yaml and its schema in PR' | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@394d78e5b40cc35c170eb909b1f81551f37feb05 | |
with: | |
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs | |
- name: 'Checkout' | |
uses: actions/checkout@8530928916aaef40f59e6f221989ccb31f5759e7 | |
- name: 'Check if values.schema.json was updated' | |
run: | | |
VALUES_FILE=chart/k8gb/values.yaml | |
SCHEMA_FILE=chart/k8gb/values.schema.json | |
# check if the values.json is covered by the schema | |
pip3 install json-spec | |
yq -o=json eval ${VALUES_FILE} > /tmp/values.json | |
json validate --schema-file=${SCHEMA_FILE} --document-file=/tmp/values.json | |
echo "PASSED: values.yaml and values.schema.json both appear to have been updated and the document is valid against the schema" |