Kubeval, validating Kubernetes config files
236 views
Skip to first unread message
Gareth Rushgrove
Jun 29, 2017, 2:29:37 AM6/29/17
to kubernete...@googlegroups.com
Hi All
Following on from my last post about the Kubernetes type schemas, I've
pushed a simple tool that makes use of them.
https://github.com/garethr/kubeval
On the Kubernetes type schemas thread William Stewart said "Totally
looked for something similar awhile ago so I could do client-side
validation of resources rendered from templates."
Kubeval is a tool to do exactly that. Just point it at one or more
YAML or JSON files and it will validate them against the schemas and
return relevant errors and a non-zero exit code if it finds anything
amiss.
kubeval my-invalid-rc.yaml a-deployment.yaml
This also allows for validating against specific versions of the
published schemas, and against the OpenShift definitions which add a
few more types.
kubeval -v 1.6.6 my-deployment.yaml
kubeval --openshift -v 1.5.1 my-deployment.yaml
I envisage this being useful locally when writing or generating
configuration files. I've been using entr to run the validator when a
file changes for instance:
ls configs/* | entr kubeval configs/*
This should also be useful in a continuous integration system as well.
If you have Kubernetes configs in a Git repo, either as examples or as
the main artefact, then you should be able to add a simple step in
Travis or anything else to check there validity.
This is the first release so there are undoubtedly some issues. I
intend to clean up the code a bunch when I get a moment but this is
working now and I'd love folks to try it out and let me know what you
think.
Cheers
Gareth
--
Gareth Rushgrove
@garethr
devopsweekly.com
morethanseven.net
garethrushgrove.com
Following on from my last post about the Kubernetes type schemas, I've
pushed a simple tool that makes use of them.
https://github.com/garethr/kubeval
On the Kubernetes type schemas thread William Stewart said "Totally
looked for something similar awhile ago so I could do client-side
validation of resources rendered from templates."
Kubeval is a tool to do exactly that. Just point it at one or more
YAML or JSON files and it will validate them against the schemas and
return relevant errors and a non-zero exit code if it finds anything
amiss.
kubeval my-invalid-rc.yaml a-deployment.yaml
This also allows for validating against specific versions of the
published schemas, and against the OpenShift definitions which add a
few more types.
kubeval -v 1.6.6 my-deployment.yaml
kubeval --openshift -v 1.5.1 my-deployment.yaml
I envisage this being useful locally when writing or generating
configuration files. I've been using entr to run the validator when a
file changes for instance:
ls configs/* | entr kubeval configs/*
This should also be useful in a continuous integration system as well.
If you have Kubernetes configs in a Git repo, either as examples or as
the main artefact, then you should be able to add a simple step in
Travis or anything else to check there validity.
This is the first release so there are undoubtedly some issues. I
intend to clean up the code a bunch when I get a moment but this is
working now and I'd love folks to try it out and let me know what you
think.
Cheers
Gareth
--
Gareth Rushgrove
@garethr
devopsweekly.com
morethanseven.net
garethrushgrove.com
Brian Grant
Jun 29, 2017, 11:49:46 AM6/29/17
to Gareth Rushgrove, kubernetes-sig-apps, K8s API Machinery SIG
+API machinery
--
You received this message because you are subscribed to the Google Groups "kubernetes-sig-apps" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-sig-apps+unsub...@googlegroups.com.
To post to this group, send email to kubernetes-sig-apps@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kubernetes-sig-apps/CAFi_6yJeYBjnar8yOH1ED-b%3DVCQ78yWMQQM%3DOj%2B7OB3e8dK01g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Daniel Smith
Jun 29, 2017, 1:19:58 PM6/29/17
to Brian Grant, Gareth Rushgrove, kubernetes-sig-apps, K8s API Machinery SIG
Awesome! But when is vim integration coming? ;) ;) ;)
+API machinery
To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-sig-apps+unsubscribe...@googlegroups.com.
To post to this group, send email to kubernetes-sig-apps@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kubernetes-sig-apps/CAFi_6yJeYBjnar8yOH1ED-b%3DVCQ78yWMQQM%3DOj%2B7OB3e8dK01g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "K8s API Machinery SIG" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-sig-api-machinery+unsub...@googlegroups.com.
To post to this group, send email to kubernetes-sig-api-machinery@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kubernetes-sig-api-machinery/CAKCBhs4M7%3D%2Bzwz1CthHC20cFLevHNoP_FU5rHaLOzTh2Hedjsg%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages