# Reusable CI Workflow for Kubernetes Services

This directory contains a reusable CI workflow that automatically detects and validates your Kubernetes services, whether they use Helm + Kubernetes or just Kubernetes manifests.

## Features

- **Automatic Detection**: Automatically detects if your service uses Helm (helmfile.yaml) or just Kubernetes manifests
- **Conditional Validation**: Only runs Helm validation when helmfile.yaml exists
- **Flexible Paths**: Configurable paths for k8s directory and helmfile
- **Comprehensive Validation**: Validates both Kubernetes manifests and Helm charts
- **CI Summary**: Provides a clear summary of what was validated

## Usage

### Basic Usage (Recommended)

Simply call the workflow without any parameters - it will automatically detect your service type:

```yaml
jobs:
  ci:
    uses: ./.gitea/workflows/ci.yaml
```

### Advanced Usage with Custom Paths

If your service uses non-standard directory names:

```yaml
jobs:
  ci:
    uses: ./.gitea/workflows/ci.yaml
    with:
      k8s_dir: 'kubernetes/'
      helmfile_path: 'helm/helmfile.yaml'
```

### Force Skip Helm Validation

If you want to skip Helm validation even when helmfile.yaml exists:

```yaml
jobs:
  ci:
    uses: ./.gitea/workflows/ci.yaml
    with:
      skip_helm_validation: true
```

## Input Parameters

| Parameter | Description | Default | Required |
|-----------|-------------|---------|----------|
| `k8s_dir` | Path to Kubernetes manifests directory | `k8s/` | No |
| `helmfile_path` | Path to helmfile.yaml | `helmfile.yaml` | No |
| `skip_helm_validation` | Skip Helm validation even if helmfile exists | `false` | No |

## Directory Structure Requirements

### For Kubernetes-only services:
```
your-service/
├── k8s/
│   ├── deployment.yaml
│   ├── service.yaml
│   └── ...
└── .gitea/workflows/your-workflow.yaml
```

### For Helm + Kubernetes services:
```
your-service/
├── k8s/
│   ├── deployment.yaml
│   ├── service.yaml
│   └── ...
├── helmfile.yaml
└── .gitea/workflows/your-workflow.yaml
```

## What Gets Validated

### Always (if k8s/ directory exists):
- Kubernetes manifest validation using `kubectl --dry-run`
- Namespace extraction from repository name
- Basic Kubernetes syntax and schema validation

### Conditionally (if helmfile.yaml exists and Helm validation not skipped):
- Helm chart validation using `helmfile diff`
- Kubernetes manifests in Helm context
- Helm-specific configurations and values

## Example Workflows

See `example-usage.yaml` for complete examples of how to use this workflow in different scenarios.

## Dependencies

This workflow requires:
- `./.gitea/actions/extract-namespace-from-repo-name` action
- `KUBECONFIG` secret configured in your repository
- Access to your Kubernetes cluster

## Troubleshooting

### Helm validation skipped unexpectedly
- Check if `helmfile.yaml` exists in the expected location
- Verify the `skip_helm_validation` parameter is not set to `true`
- Ensure the file path is correct if using custom paths

### Kubernetes validation skipped
- Verify the `k8s/` directory (or custom path) exists
- Check the directory contains valid Kubernetes manifests

### Permission issues
- Ensure the `KUBECONFIG` secret is properly configured
- Verify the workflow has access to your Kubernetes cluster