From db0f239f90ce900754c3522512f400b57e4cc985 Mon Sep 17 00:00:00 2001
From: Delnat Wito <wito.delnat@gmail.com>
Date: Thu, 13 Oct 2022 14:33:11 +0200
Subject: [PATCH] feat: add Monokle Validation configuration

---
 .github/workflows/main.yml | 35 ++++++++++++++++++++++++++++++++---
 monokle.validation.yaml    | 16 ++++++++++++++++
 2 files changed, 48 insertions(+), 3 deletions(-)
 create mode 100644 monokle.validation.yaml

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index a508ad6..c3fd2e0 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -2,11 +2,11 @@ name: Test Kubernetes
 on: [push]
 
 jobs:
-  validate_job:
+  validate_kustomize:
     runs-on: ubuntu-latest
     permissions:
       security-events: write
-    name: Validate with Monokle
+    name: Validate Kustomize with Monokle
     steps:
       - id: checkout
         uses: actions/checkout@master
@@ -16,7 +16,7 @@ jobs:
           renderEngine: "kustomize"
           kustomizationPath: "./kustomize-happy-cms/overlays/local"
       - id: validate
-        uses: kubeshop/monokle-action@v0.1.4
+        uses: kubeshop/monokle-action@v0.2.0
         with:
           path: ${{ steps.bake.outputs.manifestsBundle }}
       - id: upload-sarif
@@ -24,3 +24,32 @@ jobs:
         uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: ${{ steps.validate.outputs.sarif }}
+  validate_vanilla:
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+    name: Validate vanilla Kubernetes resources with Monokle
+    steps:
+      - id: checkout
+        uses: actions/checkout@master
+      - id: validate
+        uses: kubeshop/monokle-action@v0.2.0
+        with:
+          path: vanilla-panda-blog
+  validate_helm:
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+    name: Validate Helm with Monokle
+    steps:
+      - id: checkout
+        uses: actions/checkout@master
+      - id: bake
+        uses: azure/k8s-bake@v2.2
+        with:
+          renderEngine: "helm"
+          helmChart: "./helm-yellow-wordpress"
+      - id: validate
+        uses: kubeshop/monokle-action@v0.2.0
+        with:
+          path: ${{ steps.bake.outputs.manifestsBundle }}
diff --git a/monokle.validation.yaml b/monokle.validation.yaml
new file mode 100644
index 0000000..d951335
--- /dev/null
+++ b/monokle.validation.yaml
@@ -0,0 +1,16 @@
+plugins:
+  yaml-syntax: true
+  kubernetes-schema: true
+  resource-links: true
+  labels: false
+rules:
+  yaml-syntax/no-bad-alias: "warn"
+  yaml-syntax/no-bad-directive: false
+  open-policy-agent/no-last-image: "err"
+  open-policy-agent/cpu-limit: "err"
+  open-policy-agent/memory-limit: "err"
+  open-policy-agent/memory-request: "err"
+  open-policy-agent/no-latest-image: "err"
+settings:
+  kubernetes-schema:
+    schemaVersion: v1.24.2