feat: add --ignore-paths support

Add `--ignore-paths` flag to CLI and actions.

Some repositories may contain yaml files that are not kustomize or
cluster resources. Allow skipping those paths.

Fixes: #211

Author: jkoelker

README.md

@@ -168,6 +168,16 @@ metadata.labels.helm.sh/chart  (PersistentVolumeClaim/default/hajimari-data)
     + hajimari-2.0.1
 ```
 
+Ignore specific paths
+
+You can exclude non-Kubernetes or otherwise irrelevant files and directories during
+diff with the `--ignore-paths` flag. Patterns are `.gitignore`-style and may be
+comma-separated. A trailing slash matches a directory and all its contents (e.g., `.github/`).
+
+```bash
+$ flux-local diff ks apps --path clusters/prod --ignore-paths ".github/,scripts/"
+```
+
 
 ### flux-local test
 
@@ -214,6 +224,16 @@ You may also validate `HelmRelease` objects can be templated properly with the `
 flag. This will run `kustomize build` then run `helm template` on all the `HelmRelease` objects
 found.
 
+Ignore specific paths
+
+Use `--ignore-paths` to omit directories/files from discovery and build when running tests.
+Patterns are `.gitignore`-style and may be comma-separated. A trailing slash matches a directory
+and all its contents (e.g., `.github/`).
+
+```bash
+$ flux-local test --path clusters/prod --ignore-paths ".github/,local/"
+```
+
 ## GitHub Action
 
 You may use `flux-local` as a github action to verify the health of the cluster on changes
@@ -236,6 +256,19 @@ helm release expansion enabled.
     enable-helm: true
 ```
 
+Ignore paths during builds
+
+You can exclude directories/files from discovery and builds using `.gitignore`-style
+patterns via the `ignore-paths` input (comma-separated, relative to `path`). A trailing
+slash matches a directory and all its contents (e.g., `.github/`).
+
+```yaml
+- uses: allenporter/flux-local/action/[email protected]
+  with:
+    path: clusters/prod
+    ignore-paths: ".github/,scripts/,local/"
+```
+
 ### diff action
 
 The `diff` action will show you the final diffs of `Kustomization` or `HelmRelease`
@@ -254,6 +287,7 @@ This is an example that diffs a `HelmRelease`:
     live-branch: main
     path: clusters/prod
     resource: helmrelease
+    ignore-paths: ".github/,scripts/"
 - name: PR Comments
   uses: mshick/add-pr-comment@v2
   if: ${{ steps.diff.outputs.diff != '' }}
@@ -291,6 +325,7 @@ jobs:
           live-branch: main
           path: ${{ matrix.cluster_path }}
           resource: ${{ matrix.resource }}
+          ignore-paths: ".github/,scripts/"
       - name: PR Comments
         uses: mshick/add-pr-comment@v2
         if: ${{ steps.diff.outputs.diff != '' }}

action/diff/action.yml

@@ -40,6 +40,9 @@ inputs:
   kustomize-build-flags:
     description: Additional flags to pass to kustomize build
     default: ""
+  ignore-paths:
+    description: Comma-separated .gitignore-style patterns to ignore during build
+    default: ""
   sources:
     description: GitRepository or OCIRepository to include with optional source mappings like `flux-system` or `cluster=./kubernetes/`
     default: ""
@@ -112,6 +115,7 @@ runs:
             --limit-bytes ${{ inputs.limit-bytes }} \
             --all-namespaces \
             --kustomize-build-flags="${{ inputs.kustomize-build-flags }}" \
+            --ignore-paths "${{ inputs.ignore-paths }}" \
             --sources "${{ inputs.sources }}" \
             --output-file diff.patch \
             ${extra_flags}

action/test/action.yml

@@ -22,6 +22,9 @@ inputs:
   kustomize-build-flags:
     description: Additional flags to pass to kustomize build
     default: ""
+  ignore-paths:
+    description: Comma-separated .gitignore-style patterns to ignore during build
+    default: ""
   sources:
     description: GitRepository or OCIRepository to include with optional source mappings like `flux-system` or `cluster=./kubernetes/`
     default: ""
@@ -62,6 +65,7 @@ runs:
           --${{ inputs.enable-helm != 'true' && 'no-' || '' }}enable-helm \
           --api-versions "${{ inputs.api-versions }}" \
           --kustomize-build-flags="${{ inputs.kustomize-build-flags }}" \
+          --ignore-paths "${{ inputs.ignore-paths }}" \
           --sources "${{ inputs.sources }}" \
           --path ${{ inputs.path }} \
           --verbosity ${{ inputs.debug != 'true' && '0' || '1' }} \

flux_local/git_repo.py

@@ -63,6 +63,8 @@
 )
 from .exceptions import InputException
 from .context import trace_context
+import os
+import fnmatch
 
 __all__ = [
     "build_manifest",
@@ -315,6 +317,8 @@ class Options:
 
     kustomize_flags: list[str] = field(default_factory=list)
     skip_kustomize_path_validation: bool = False
+    # Patterns passed to `flux build --ignore-paths` (may be repeated)
+    ignore_paths: list[str] = field(default_factory=list)
 
 
 @dataclass
@@ -407,17 +411,21 @@ def adjust_ks_path(doc: Kustomization, selector: PathSelector) -> Path | None:
 class CachableBuilder:
     """Wrapper around flux_build that caches contents."""
 
-    def __init__(self) -> None:
+    def __init__(self, ignore_paths: list[str] | None = None) -> None:
         """Initialize CachableBuilder."""
         self._cache: dict[str, kustomize.Kustomize] = {}
+        self._ignore_paths = list(ignore_paths or [])
 
     async def build(
         self, kustomization: Kustomization, path: Path
     ) -> kustomize.Kustomize:
-        key = f"{kustomization.namespaced_name} @ {path}"
+        ignore_key = ",".join(sorted(self._ignore_paths))
+        key = f"{kustomization.namespaced_name} @ {path} | ignore=[{ignore_key}]"
         if cmd := self._cache.get(key):
             return cmd
-        cmd = kustomize.flux_build(kustomization, path)
+        cmd = kustomize.flux_build(
+            kustomization, path, ignore_paths=self._ignore_paths
+        )
         cmd = await cmd.stash()
         self._cache[key] = cmd
         return cmd
@@ -466,10 +474,110 @@ async def visit_kustomization(
 
     kinds = [CLUSTER_KUSTOMIZE_KIND, CONFIG_MAP_KIND, SECRET_KIND]
 
+    def _normalize_patterns(patterns: list[str]) -> list[str]:
+        out: list[str] = []
+        for p in patterns:
+            for part in p.split(","):
+                part = part.strip()
+                if part:
+                    out.append(part)
+        return out
+
+    def _is_ignored(rel_path: Path, patterns: list[str]) -> bool:
+        # Convert to posix path for pattern matching
+        s = rel_path.as_posix()
+        for pat in patterns:
+            # Support trailing slash semantics from .gitignore (e.g., 'dir/')
+            if pat.endswith('/'):
+                base = pat[:-1]
+                if s == base or s.startswith(base + '/'):
+                    return True
+            if fnmatch.fnmatch(s, pat):
+                return True
+            # Treat trailing '/**' patterns as also matching the directory itself
+            if pat.endswith('/**'):
+                base = pat[:-3]
+                if s == base or s.startswith(base + '/'):
+                    return True
+        return False
+
+    def _candidate_dirs(root: Path, patterns: list[str]) -> list[Path]:
+        """Return directories likely containing Flux Kustomizations, honoring ignore patterns.
+
+        This scans YAML files textually for the Flux Kustomization apiVersion to avoid
+        bulk YAML parsing errors from unrelated, non-Kubernetes YAML files.
+        """
+        candidates: set[Path] = set()
+        norm = _normalize_patterns(patterns)
+        for dirpath, dirnames, filenames in os.walk(root):
+            rel_dir = Path(dirpath).resolve().relative_to(root.resolve())
+            # Prune ignored subdirectories in-place for efficiency
+            pruned = []
+            for d in list(dirnames):
+                sub_rel = (rel_dir / d)
+                if _is_ignored(sub_rel, norm):
+                    pruned.append(d)
+            for d in pruned:
+                dirnames.remove(d)
+
+            # Skip this directory entirely if ignored
+            if rel_dir != Path('.') and _is_ignored(rel_dir, norm):
+                continue
+
+            for name in filenames:
+                if not (name.endswith('.yaml') or name.endswith('.yml')):
+                    continue
+                file_rel = rel_dir / name
+                if _is_ignored(file_rel, norm):
+                    continue
+                p = Path(dirpath) / name
+                try:
+                    with open(p, 'r', encoding='utf-8', errors='ignore') as f:
+                        # Read a chunk; we only need to detect a Flux Kustomization doc
+                        data = f.read(200000)
+                except OSError:
+                    continue
+                if 'kustomize.toolkit.fluxcd.io' in data and 'kind: Kustomization' in data:
+                    candidates.add(Path(dirpath))
+                    break
+        return sorted(candidates)
+
     with trace_context(f"Kustomization '{label}'"):
         cmd: kustomize.Kustomize
         if visit_ks is None:
-            cmd = kustomize.filter_resources(kinds, selector.root / path)
+            # When ignore paths are provided, avoid scanning the entire tree at once.
+            # Instead, limit grep to directories that appear to contain Flux Kustomizations.
+            if options.ignore_paths:
+                ks_docs: list[dict[str, Any]] = []
+                cfg_docs: list[dict[str, Any]] = []
+                root_path = selector.root / path
+                for d in _candidate_dirs(root_path, options.ignore_paths):
+                    sub_cmd = kustomize.filter_resources(kinds, d)
+                    sub_cmd = await sub_cmd.stash()
+                    ks_cmd = sub_cmd.grep(GREP_SOURCE_REF_KIND)
+                    cfg_cmd = sub_cmd.filter_resources([CONFIG_MAP_KIND, SECRET_KIND])
+                    ks_docs.extend(await ks_cmd.objects())
+                    cfg_docs.extend(await cfg_cmd.objects())
+            else:
+                cmd = kustomize.filter_resources(kinds, selector.root / path)
+                cmd = await cmd.stash()
+                ks_cmd = cmd.grep(GREP_SOURCE_REF_KIND)
+                cfg_cmd = cmd.filter_resources([CONFIG_MAP_KIND, SECRET_KIND])
+                try:
+                    ks_docs = await ks_cmd.objects()
+                    cfg_docs = await cfg_cmd.objects()
+                except KustomizePathException as err:
+                    raise FluxException(err) from err
+                except FluxException as err:
+                    if visit_ks is None:
+                        raise FluxException(
+                            f"Error building Fluxtomization in '{selector.root}' "
+                            f"path '{path}': {ERROR_DETAIL_BAD_PATH} {err}"
+                        ) from err
+                    raise FluxException(
+                        f"Error building Fluxtomization '{visit_ks.namespaced_name}' "
+                        f"path '{path}': {ERROR_DETAIL_BAD_KS} {err}"
+                    ) from err
         else:
             if not await isdir(selector.root / path):
                 if options.skip_kustomize_path_validation:
@@ -484,25 +592,24 @@ async def visit_kustomization(
                 )
             cmd = await builder.build(visit_ks, selector.root / path)
             cmd = cmd.filter_resources(kinds)
-        cmd = await cmd.stash()
-        ks_cmd = cmd.grep(GREP_SOURCE_REF_KIND)
-        cfg_cmd = cmd.filter_resources([CONFIG_MAP_KIND, SECRET_KIND])
-
-        try:
-            ks_docs = await ks_cmd.objects()
-            cfg_docs = await cfg_cmd.objects()
-        except KustomizePathException as err:
-            raise FluxException(err) from err
-        except FluxException as err:
-            if visit_ks is None:
+            cmd = await cmd.stash()
+            ks_cmd = cmd.grep(GREP_SOURCE_REF_KIND)
+            cfg_cmd = cmd.filter_resources([CONFIG_MAP_KIND, SECRET_KIND])
+            try:
+                ks_docs = await ks_cmd.objects()
+                cfg_docs = await cfg_cmd.objects()
+            except KustomizePathException as err:
+                raise FluxException(err) from err
+            except FluxException as err:
+                if visit_ks is None:
+                    raise FluxException(
+                        f"Error building Fluxtomization in '{selector.root}' "
+                        f"path '{path}': {ERROR_DETAIL_BAD_PATH} {err}"
+                    ) from err
                 raise FluxException(
-                    f"Error building Fluxtomization in '{selector.root}' "
-                    f"path '{path}': {ERROR_DETAIL_BAD_PATH} {err}"
+                    f"Error building Fluxtomization '{visit_ks.namespaced_name}' "
+                    f"path '{path}': {ERROR_DETAIL_BAD_KS} {err}"
                 ) from err
-            raise FluxException(
-                f"Error building Fluxtomization '{visit_ks.namespaced_name}' "
-                f"path '{path}': {ERROR_DETAIL_BAD_KS} {err}"
-            ) from err
 
     return VisitResult(
         kustomizations=list(
@@ -752,7 +859,7 @@ async def build_manifest(
     if not selector.cluster.enabled:
         return Manifest(clusters=[])
 
-    builder = CachableBuilder()
+    builder = CachableBuilder(ignore_paths=options.ignore_paths)
 
     with trace_context(f"Cluster '{str(selector.path.path)}'"):
         results = await kustomization_traversal(selector.path, builder, options)

flux_local/kustomize.py

@@ -182,10 +182,13 @@ async def _resource_lock(key: str) -> AsyncIterator[None]:
 class FluxBuild(Task):
     """A task that issues a flux build command."""
 
-    def __init__(self, ks: Kustomization, path: Path) -> None:
+    def __init__(
+        self, ks: Kustomization, path: Path, ignore_paths: list[str] | None = None
+    ) -> None:
         """Initialize Build."""
         self._ks = ks
         self._path = path
+        self._ignore_paths = list(ignore_paths or [])
 
     async def run(self, stdin: bytes | None = None) -> bytes:
         """Run the task."""
@@ -207,6 +210,11 @@ async def run(self, stdin: bytes | None = None) -> bytes:
             "--path",
             str(self._path),
         ]
+        # Pass through any ignore paths in .gitignore format (comma-separated)
+        if self._ignore_paths:
+            combined = ",".join([p for p in self._ignore_paths if p])
+            if combined:
+                args.extend(["--ignore-paths", combined])
         if self._ks.namespace:
             args.extend(
                 [
@@ -230,9 +238,11 @@ def __str__(self) -> str:
         return f"flux build {format_path(self._path)}"
 
 
-def flux_build(ks: Kustomization, path: Path) -> Kustomize:
+def flux_build(
+    ks: Kustomization, path: Path, ignore_paths: list[str] | None = None
+) -> Kustomize:
     """Build cluster artifacts from the specified path."""
-    return Kustomize(cmds=[FluxBuild(ks, path)])
+    return Kustomize(cmds=[FluxBuild(ks, path, ignore_paths=ignore_paths)])
 
 
 def grep(expr: str, path: Path, invert: bool = False) -> Kustomize:

flux_local/tool/selector.py

@@ -139,6 +139,15 @@ def add_common_flags(args: ArgumentParser) -> None:
         default="",
         help="If present, additional flags to pass to `kustomize build`",
     )
+    args.add_argument(
+        "--ignore-paths",
+        action="append",
+        default=[],
+        help=(
+            "Comma-separated .gitignore-style patterns to ignore when building. "
+            "Passed through to `flux build --ignore-paths`. May be set multiple times."
+        ),
+    )
 
 
 def add_ks_selector_flags(args: ArgumentParser) -> None:
@@ -162,6 +171,8 @@ def options(  # type: ignore[no-untyped-def]
     options.skip_kustomize_path_validation = kwargs.get(
         "skip_invalid_kustomization_paths", False
     )
+    # Pass through flux ignore paths
+    options.ignore_paths = kwargs.get("ignore_paths") or []
     return options
 
 

flux_local/tool/test.py

@@ -144,7 +144,9 @@ def runtest(self) -> None:
     async def async_runtest(self) -> None:
         """Run the Kustomizations test."""
         cmd = await kustomize.flux_build(
-            self.kustomization, Path(self.kustomization.path)
+            self.kustomization,
+            Path(self.kustomization.path),
+            ignore_paths=self.test_config.options.ignore_paths,
         ).stash()
         await cmd.objects()