From 5b700f75461633bc1ae1fe9f160ecea32af6bc12 Mon Sep 17 00:00:00 2001
From: Willian Paixao <willian@ufpa.br>
Date: Sun, 3 Nov 2024 15:50:48 +0100
Subject: [PATCH] fix(actions): fix kubeconform workflow

---
 .github/workflows/flux-diff.yaml   | 28 ++++++++++++++++++++++------
 .github/workflows/kubeconform.yaml | 17 +++++++----------
 2 files changed, 29 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml
index b0080e49f..d4e7ba85d 100644
--- a/.github/workflows/flux-diff.yaml
+++ b/.github/workflows/flux-diff.yaml
@@ -20,8 +20,10 @@ jobs:
       pull-requests: write
     strategy:
       matrix:
-        paths: ["kubernetes"]
+        paths: ["kubernetes/raspberry/**", "kubernetes/turing/**"]
         resources: ["helmrelease", "kustomization"]
+      max-parallel: 4
+      fail-fast: false
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -35,26 +37,29 @@ jobs:
           path: default
 
       - name: Diff Resources
-        uses: docker://ghcr.io/allenporter/flux-local:main
+        uses: docker://ghcr.io/allenporter/flux-local:v6.0.1
         with:
           args: >-
             diff ${{ matrix.resources }}
             --unified 6
-            --path /github/workspace/pull/${{ matrix.paths }}/main/flux
-            --path-orig /github/workspace/default/${{ matrix.paths }}/main/flux
+            --path /github/workspace/pull/${{ matrix.paths }}/flux
+            --path-orig /github/workspace/default/${{ matrix.paths }}/flux
             --strip-attrs "helm.sh/chart,checksum/config,app.kubernetes.io/version,chart"
             --limit-bytes 10000
             --all-namespaces
-            --sources "home-kubernetes"
+            --sources "flux-systems"
             --output-file diff.patch
 
       - name: Generate Diff
         id: diff
         run: |
-          cat diff.patch
           echo "diff<<EOF" >> $GITHUB_OUTPUT
           cat diff.patch >> $GITHUB_OUTPUT
           echo "EOF" >> $GITHUB_OUTPUT
+          echo "### Diff" >> $GITHUB_STEP_SUMMARY
+          echo '```diff' >> $GITHUB_STEP_SUMMARY
+          cat diff.patch >> $GITHUB_STEP_SUMMARY
+          echo '```' >> $GITHUB_STEP_SUMMARY
 
       - if: ${{ steps.diff.outputs.diff != '' }}
         name: Add comment
@@ -66,3 +71,14 @@ jobs:
             ```diff
             ${{ steps.diff.outputs.diff }}
             ```
+
+  # Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7
+  flux-diff-success:
+    if: ${{ always() }}
+    needs: ["flux-diff"]
+    name: Flux Diff Successful
+    runs-on: ubuntu-latest
+    steps:
+      - if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
+        name: Check matrix status
+        run: exit 1
diff --git a/.github/workflows/kubeconform.yaml b/.github/workflows/kubeconform.yaml
index 58a63cc17..aef2b59d9 100644
--- a/.github/workflows/kubeconform.yaml
+++ b/.github/workflows/kubeconform.yaml
@@ -6,6 +6,7 @@ on:
   pull_request:
     branches: ["main"]
     paths: ["kubernetes/**"]
+  workflow_dispatch:
 
 env:
   KUBERNETES_DIR: ./kubernetes
@@ -17,13 +18,9 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v4
-
-      - name: Setup Homebrew
-        uses: Homebrew/actions/setup-homebrew@master
-
-      - name: Setup Workflow Tools
-        run: brew install fluxcd/tap/flux kubeconform kustomize
-
-      - name: Run kubeconform
-        shell: bash
-        run: bash ./scripts/kubeconform.sh ${{ env.KUBERNETES_DIR }}
+      - name: Login to Github Packages
+        run: echo "${{ github.token }}" | docker login https://ghcr.io -u ${GITHUB_ACTOR} --password-stdin
+      - uses: docker://ghcr.io/yannh/kubeconform:latest
+        with:
+          entrypoint: "/kubeconform"
+          args: "-summary -output json -ignore-missing-schemas -ignore-filename-pattern json ${{ env.KUBERNETES_DIR }}"