actions/kubeconform
9
0
Fork 0
mirror of https://github.com/yannh/kubeconform.git synced 2026-02-11 05:59:22 +00:00
Code Issues Projects Releases 1 Packages Wiki Activity Actions

Publish site

Browse source
This commit is contained in:
Yann Hamon 2021-12-19 17:06:46 +01:00 committed by Yann
parent 6c1fa513e9
commit 3a3d05b27c
50 changed files with 2310 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
.github/workflows/site.yml vendored Normal file
View file

@ -0,0 +1,27 @@
on:
workflow_dispatch:
push:
branches:
- master
jobs:
deploy:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Setup Hugo
uses: peaceiris/actions-hugo@v2
with:
hugo-version: '0.83.1'
- name: Build
run: hugo --minify
working-directory: site
- name: Deploy
uses: peaceiris/actions-gh-pages@v3
if: github.ref == 'refs/heads/master'
with:
publish_dir: ./site/public
github_token: ${{ secrets.GITHUB_TOKEN }}

6
site/archetypes/default.md Normal file
View file

@ -0,0 +1,6 @@
---
title: "{{ replace .Name "-" " " | title }}"
date: {{ .Date }}
draft: true
---

6
site/config.toml Normal file
View file

@ -0,0 +1,6 @@
baseURL = 'http://kubeconform.mandragor.org/'
languageCode = 'en-us'
title = 'Kubeconform - Fast Kubernetes manifests validation!'
theme = 'kubeconform'
contentDir = "content"
staticDir = ["static"]

19
site/content/about.md Normal file
View file

@ -0,0 +1,19 @@
---
title: "About"
date: 2021-07-02T00:00:00Z
draft: false
tags: ["Kubeconform", "About"]
---
Kubeconform is a Kubernetes manifests validation tool. Build it into your CI to validate your Kubernetes
configuration!
It is inspired by, contains code from and is designed to stay close to
[Kubeval](https://github.com/instrumenta/kubeval), but with the following improvements:
* **high performance**: will validate & download manifests over multiple routines, caching
downloaded files in memory
* configurable list of **remote, or local schemas locations**, enabling validating Kubernetes
custom resources (CRDs) and offline validation capabilities
* uses by default a [self-updating fork](https://github.com/yannh/kubernetes-json-schema) of the schemas registry maintained
by the [kubernetes-json-schema](https://github.com/instrumenta/kubernetes-json-schema) project - which guarantees
up-to-date **schemas for all recent versions of Kubernetes**.

45
site/content/docs/crd-support.md Normal file
View file

@ -0,0 +1,45 @@
---
title: "Custom Resources support"
date: 2021-07-02T00:00:00Z
draft: false
tags: ["Kubeconform", "Usage"]
weight: 3
---
When the `-schema-location` parameter is not used, or set to "default", kubeconform will default to downloading
schemas from `https://github.com/yannh/kubernetes-json-schema`. Kubeconform however supports passing one, or multiple,
schemas locations - HTTP(s) URLs, or local filesystem paths, in which case it will lookup for schema definitions
in each of them, in order, stopping as soon as a matching file is found.
* If the -schema-location value does not end with '.json', Kubeconform will assume filenames / a file
structure identical to that of kubernetesjsonschema.dev or github.com/yannh/kubernetes-json-schema.
* if the -schema-location value ends with '.json' - Kubeconform assumes the value is a Go templated
string that indicates how to search for JSON schemas.
* the -schema-location value of "default" is an alias for https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}{{ .KindSuffix }}.json.
Both following command lines are equivalent:
{{< prism >}}$ ./bin/kubeconform fixtures/valid.yaml
$ ./bin/kubeconform -schema-location default fixtures/valid.yaml
$ ./bin/kubeconform -schema-location 'https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}{{ .KindSuffix }}.json' fixtures/valid.yaml
{{< /prism >}}
To support validating CRDs, we need to convert OpenAPI files to JSON schema, storing the JSON schemas
in a local folder - for example schemas. Then we specify this folder as an additional registry to lookup:
{{< prism >}}# If the resource Kind is not found in kubernetesjsonschema.dev, also lookup in the schemas/ folder for a matching file
$ ./bin/kubeconform -schema-location default -schema-location 'schemas/{{ .ResourceKind }}{{ .KindSuffix }}.json' fixtures/custom-resource.yaml
{{< /prism >}}
You can validate Openshift manifests using a custom schema location. Set the OpenShift version to validate
against using -kubernetes-version.
{{< prism >}}$ ./bin/kubeconform -kubernetes-version 3.8.0 -schema-location 'https://raw.githubusercontent.com/garethr/openshift-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}.json' -summary fixtures/valid.yaml
Summary: 1 resource found in 1 file - Valid: 1, Invalid: 0, Errors: 0 Skipped: 0
{{< /prism >}}
Here are the variables you can use in -schema-location:
* *NormalizedKubernetesVersion* - Kubernetes Version, prefixed by v
* *StrictSuffix* - "-strict" or "" depending on whether validation is running in strict mode or not
* *ResourceKind* - Kind of the Kubernetes Resource
* *ResourceAPIVersion* - Version of API used for the resource - "v1" in "apiVersion: monitoring.coreos.com/v1"
* *KindSuffix* - suffix computed from apiVersion - for compatibility with Kubeval schema registries

32
site/content/docs/installation.md Normal file
View file

@ -0,0 +1,32 @@
---
title: "Installation"
date: 2021-07-02T00:00:00Z
draft: false
tags: ["Kubeconform", "Installation"]
weight: 1
---
## Linux
Download the latest release from our [release page](https://github.com/yannh/kubeconform/releases).
For example, for Linux on x86_64 architecture:
{{< prism >}}curl -L https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xvzf - && \
sudo mv kubeconform /usr/local/bin/
{{< /prism >}}
## MacOs
Kubeconform is available to install using [Homebrew](https://brew.sh/):
{{< prism >}}$ brew install kubeconform
{{< /prism >}}
## Windows
Download the latest release from our [release page](https://github.com/yannh/kubeconform/releases).
You can also download the latest version from the [release page](https://github.com/yannh/kubeconform/releases).

24
site/content/docs/json-schema-conversion.md Normal file
View file

@ -0,0 +1,24 @@
---
title: "Conversion of CRD to JSON Schema"
date: 2021-07-02T00:00:00Z
draft: false
tags: ["Kubeconform", "Usage"]
---
Kubeconform uses JSON schemas to validate Kubernetes resources. For custom resources, the CustomResourceDefinition
first needs to be converted to JSON Schema. A script is provided to convert these CustomResourceDefinitions
to JSON schema. Here is an example how to use it:
{{< prism >}}#!/bin/bash
$ ./scripts/openapi2jsonschema.py https://raw.githubusercontent.com/aws/amazon-sagemaker-operator-for-k8s/master/config/crd/bases/sagemaker.aws.amazon.com_trainingjobs.yaml
JSON schema written to trainingjob_v1.json
{{< /prism >}}
The `FILENAME_FORMAT` environment variable can be used to change the output file name (Available variables: `kind`, `group`, `version`) (Default: `{kind}_{version}`).
{{< prism >}}$ export FILENAME_FORMAT='{kind}-{group}-{version}'
$ ./scripts/openapi2jsonschema.py https://raw.githubusercontent.com/aws/amazon-sagemaker-operator-for-k8s/master/config/crd/bases/sagemaker.aws.amazon.com_trainingjobs.yaml
JSON schema written to trainingjob-sagemaker-v1.json
{{< /prism >}}
Some CRD schemas do not have explicit validation for fields implicitly validated by the Kubernetes API like `apiVersion`, `kind`, and `metadata`, thus additional properties are allowed at the root of the JSON schema by default, if this is not desired the `DENY_ROOT_ADDITIONAL_PROPERTIES` environment variable can be set to any non-empty value.

31
site/content/docs/usage-as-github-action.md Normal file
View file

@ -0,0 +1,31 @@
---
title: "Github Action"
date: 2021-07-02T00:00:00Z
draft: false
tags: ["Kubeconform", "Usage"]
weight: 4
---
Kubeconform is publishes Docker Images to Github's new Container Registry, ghcr.io. These images
can be used directly in a Github Action, once logged in using a [_Github Token_](https://github.blog/changelog/2021-03-24-packages-container-registry-now-supports-github_token/).
{{< prism >}}name: kubeconform
on: push
jobs:
kubeconform:
runs-on: ubuntu-latest
steps:
- name: login to Github Packages
run: echo "${{ github.token }}" | docker login https://ghcr.io -u ${GITHUB_ACTOR} --password-stdin
- uses: actions/checkout@v2
- uses: docker://ghcr.io/yannh/kubeconform:master
with:
entrypoint: '/kubeconform'
args: "-summary -output json kubeconfigs/"
{{< /prism >}}
_Note on pricing_: Kubeconform relies on Github Container Registry which is currently in Beta. During that period,
[bandwidth is free](https://docs.github.com/en/packages/guides/about-github-container-registry). After that period,
bandwidth costs might be applicable. Since bandwidth from Github Packages within Github Actions is free, I expect
Github Container Registry to also be usable for free within Github Actions in the future. If that were not to be the
case, I might publish the Docker image to a different platform.

86
site/content/docs/usage.md Normal file
View file

@ -0,0 +1,86 @@
---
title: "Usage"
date: 2021-07-02T00:00:00Z
draft: false
tags: ["Kubeconform", "Usage"]
weight: 2
---
{{< prism >}}$ ./bin/kubeconform -h
Usage: ./bin/kubeconform [OPTION]... [FILE OR FOLDER]...
-cache string
cache schemas downloaded via HTTP to this folder
-cpu-prof string
debug - log CPU profiling to file
-exit-on-error
immediately stop execution when the first error is encountered
-h show help information
-ignore-filename-pattern value
regular expression specifying paths to ignore (can be specified multiple times)
-ignore-missing-schemas
skip files with missing schemas instead of failing
-insecure-skip-tls-verify
disable verification of the server's SSL certificate. This will make your HTTPS connections insecure
-kubernetes-version string
version of Kubernetes to validate against, e.g.: 1.18.0 (default "master")
-n int
number of goroutines to run concurrently (default 4)
-output string
output format - json, junit, tap, text (default "text")
-reject string
comma-separated list of kinds to reject
-schema-location value
override schemas location search path (can be specified multiple times)
-skip string
comma-separated list of kinds to ignore
-strict
disallow additional properties not in schema
-summary
print a summary at the end (ignored for junit output)
-v show version information
-verbose
print results for all resources (ignored for tap and junit output)
{{< /prism >}}
### Validating a single, valid file
{{< prism >}}$ ./bin/kubeconform fixtures/valid.yaml
$ echo $?
0
{{< /prism >}}
### Validating a single invalid file, setting output to json, and printing a summary
{{< prism >}}$ ./bin/kubeconform -summary -output json fixtures/invalid.yaml
{
"resources": [
{
"filename": "fixtures/invalid.yaml",
"kind": "ReplicationController",
"version": "v1",
"status": "INVALID",
"msg": "Additional property templates is not allowed - Invalid type. Expected: [integer,null], given: string"
}
],
"summary": {
"valid": 0,
"invalid": 1,
"errors": 0,
"skipped": 0
}
}
$ echo $?
1
{{< /prism >}}
### Passing manifests via Stdin
{{< prism >}}cat fixtures/valid.yaml | ./bin/kubeconform -summary
Summary: 1 resource found parsing stdin - Valid: 1, Invalid: 0, Errors: 0 Skipped: 0
{{< /prism >}}
### Validating a folder, increasing the number of parallel workers
{{< prism >}}$ ./bin/kubeconform -summary -n 16 fixtures
fixtures/crd_schema.yaml - CustomResourceDefinition trainingjobs.sagemaker.aws.amazon.com failed validation: could not find schema for CustomResourceDefinition
fixtures/invalid.yaml - ReplicationController bob is invalid: Invalid type. Expected: [integer,null], given: string
[...]
Summary: 65 resources found in 34 files - Valid: 55, Invalid: 2, Errors: 8 Skipped: 0
{{< /prism >}}

14
site/content/docs/using-as-a-go-module.md Normal file
View file

@ -0,0 +1,14 @@
---
title: "Kubeconform as a Go module"
date: 2021-07-02T00:00:00Z
draft: false
tags: ["Kubeconform", "Usage"]
weight: 5
---
**Warning**: This is a work-in-progress, the interface is not yet considered stable. Feedback is encouraged.
Kubeconform contains a package that can be used as a library.
An example of usage can be found in [examples/main.go](https://github.com/yannh/kubeconform/tree/master/examples/main.go)
Additional documentation on [pkg.go.dev](https://pkg.go.dev/github.com/yannh/kubeconform/pkg/validator)

57
site/public/about/index.html Normal file
View file

@ -0,0 +1,57 @@
<!DOCTYPE html>
<html><head>
<meta charset="utf-8">
<meta name="author" content="Yann Hamon">
<link rel="stylesheet" type="text/css" href="/css/style.css"><link rel="stylesheet" type="text/css" href="/css/prism.css">
<title>Kubeconform - Fast Kubernetes manifests validation! | About</title>
</head>
<body>
<div id="main-container"><div id="header">
<ul id="navigation">
<li><a href="/about">About</a></li>
<li><a href="/docs/installation/">Docs</a></li>
<li><a href="/">Home</a></li>
</ul>
<h1>Kubeconform</h1>
<h2>A fast Kubernetes manifests validator</h2>
</div>
<div id="content"><div id="main">
<div class="navig">
</div>
<div id="content-text">
<h1>About</h1>
<p>Kubeconform is a Kubernetes manifests validation tool. Build it into your CI to validate your Kubernetes
configuration!</p>
<p>It is inspired by, contains code from and is designed to stay close to
<a href="https://github.com/instrumenta/kubeval">Kubeval</a>, but with the following improvements:</p>
<ul>
<li><strong>high performance</strong>: will validate &amp; download manifests over multiple routines, caching
downloaded files in memory</li>
<li>configurable list of <strong>remote, or local schemas locations</strong>, enabling validating Kubernetes
custom resources (CRDs) and offline validation capabilities</li>
<li>uses by default a <a href="https://github.com/yannh/kubernetes-json-schema">self-updating fork</a> of the schemas registry maintained
by the <a href="https://github.com/instrumenta/kubernetes-json-schema">kubernetes-json-schema</a> project - which guarantees
up-to-date <strong>schemas for all recent versions of Kubernetes</strong>.</li>
</ul>
</div>
<div class="navig">
</div>
<script defer src="/js/prism.js"></script>
</div>
</div><div id="footer">
Website powered by <a href="https://gohugo.io/">Hugo</a>
</div>
</div>
<script defer src="/js/prism.js"></script>
</body>
</html>

10
site/public/categories/index.xml Normal file
View file

@ -0,0 +1,10 @@
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Categories on Kubeconform - Fast Kubernetes manifests validation!</title>
<link>http://kubeconform.mandragor.org/categories/</link>
<description>Recent content in Categories on Kubeconform - Fast Kubernetes manifests validation!</description>
<generator>Hugo -- gohugo.io</generator>
<language>en-us</language><atom:link href="http://kubeconform.mandragor.org/categories/index.xml" rel="self" type="application/rss+xml" />
</channel>
</rss>

122
site/public/css/prism.css Normal file
View file

@ -0,0 +1,122 @@
/**
* okaidia theme for JavaScript, CSS and HTML
* Loosely based on Monokai textmate theme by http://www.monokai.nl/
* @author ocodia
*/
code[class*="language-"],
pre[class*="language-"] {
color: #f8f8f2;
background: none;
text-shadow: 0 1px rgba(0, 0, 0, 0.3);
font-family: Consolas, Monaco, 'Andale Mono', 'Ubuntu Mono', monospace;
text-align: left;
white-space: pre;
word-spacing: normal;
word-break: normal;
word-wrap: normal;
line-height: 1.5;
-moz-tab-size: 4;
-o-tab-size: 4;
tab-size: 4;
-webkit-hyphens: none;
-moz-hyphens: none;
-ms-hyphens: none;
hyphens: none;
}
/* Code blocks */
pre[class*="language-"] {
padding: 1em;
margin: .5em 0;
overflow: auto;
border-radius: 0.3em;
}
:not(pre) > code[class*="language-"],
pre[class*="language-"] {
background: #272822;
}
/* Inline code */
:not(pre) > code[class*="language-"] {
padding: .1em;
border-radius: .3em;
white-space: normal;
}
.token.comment,
.token.prolog,
.token.doctype,
.token.cdata {
color: slategray;
}
.token.punctuation {
color: #f8f8f2;
}
.namespace {
opacity: .7;
}
.token.property,
.token.tag,
.token.constant,
.token.symbol,
.token.deleted {
color: #f92672;
}
.token.boolean,
.token.number {
color: #ae81ff;
}
.token.selector,
.token.attr-name,
.token.string,
.token.char,
.token.builtin,
.token.inserted {
color: #a6e22e;
}
.token.operator,
.token.entity,
.token.url,
.language-css .token.string,
.style .token.string,
.token.variable {
color: #f8f8f2;
}
.token.atrule,
.token.attr-value,
.token.function,
.token.class-name {
color: #e6db74;
}
.token.keyword {
color: #66d9ef;
}
.token.regex,
.token.important {
color: #fd971f;
}
.token.important,
.token.bold {
font-weight: bold;
}
.token.italic {
font-style: italic;
}
.token.entity {
cursor: help;
}

204
site/public/css/style.css Normal file
View file

@ -0,0 +1,204 @@
/* Colors */
body { background-color: white; }
a { color: black }
hr { border-color: #ddd; }
#header, #footer { background-color: #002036; color: white }
@media (prefers-color-scheme: dark) {
}
/* Font sizes */
body { font-size: 1.2rem; line-height: 1.7rem; text-size-adjust: 100%; }
h1 { font-size: 2.3rem; line-height: 3.2rem; font-weight: 400 }
h2 { font-size: 1.8rem; line-height: 2.3rem; font-weight: 400 }
h3 { font-size: 1.5rem; line-height: 1.8rem; font-weight: 300 }
#header h1 { font-size: 3rem; line-height: 3.3rem; font-weight: 500; margin-top: 0.2em; margin-left: 30px }
#header h2 { font-size: 1.3rem; line-height: 1.5rem; font-weight: 300; font-style: italic; margin: 0 0 0.5em 30px}
/* We default all margins/paddings to 0 */
* { margin: 0; padding: 0 }
a { text-decoration: none }
#content-text a { text-decoration: underline }
#content-text a:hover { text-decoration: none }
p {
font-weight: 400;
margin-bottom: 16px;
}
h2 {
font-weight: 500;
margin: 3rem 0 0.8rem 0;
}
h3 {
font-weight: 500;
margin: 1.5rem 0 1.5rem 0;
}
pre {
margin: 1rem 0 1rem 0
}
#main-container {
padding: 0;
font-family: "Roboto", "Helvetica Neue", Helvetica, Arial, sans-serif;
font-feature-settings: "kern", "liga";
width: 100%;
background-color: white;
}
hr {
height: 1px;
margin: 3rem 0 3rem 0;
clear: both;
}
#header, #footer {
width: 100%;
clear: both;
}
#header {
padding: 0.5em 0 0.5em 0em;
}
#menu {
background-color: #ddd;
padding: 1em
}
#content {
display:flex;
}
#menu {
flex: 15;
min-width: 15%;
padding: 2em
}
#main {
flex: 85;
min-width: 0;
}
#main h1 {
padding-bottom: 1em;
}
pre {
overflow: scroll;
min-width: 0
}
#footer {
padding: 0.5em 0;
text-align: center;
color: white;
font-size: smaller;
}
#footer a {
font-style: italic;
color: white;
text-decoration: underline;
}
#navigation {
float: right;
padding-right: 2em;
}
#navigation li {
display: block;
width: 100px;
float: right;
padding-top: 0.2em;
text-align: center;
font-weight: bold;
font-size: smaller;
}
#navigation li a{
color: white
}
#navigation li a:hover{
text-decoration: underline;
}
#motto {
text-align: center;
font-style: italic;
font-size: 1.1em;
margin: 2em auto 2em auto;
}
#demo{
font-size: smaller;
margin: 2em auto 2em auto;
border-radius: 1em;
display: table;
overflow: scroll;
}
#kc-pros {
display: flex;
flex-flow: row wrap;
margin: 0 auto;
width: 60%;
}
#kc-pros > div {
flex-basis: 50%;
}
#kc-pros h2 {
font-size: 1.2em;
line-height: 1.2em;
padding: 0 5% 0.3em 5%;
}
#kc-pros p {
font-size: 0.9em;
padding: 0 5% 2em 5%;
}
#get {
display: table;
border: 1px solid black;
padding: 0.5em 2em;
border-radius: 0.8em;
clear: both;
margin: 3em auto 5em auto;
background-color: #0594cb;
color: white;
text-align: center;
}
#get:active {
background-color: #002036;
}
.navig {
display: flex;
flex-flow: row wrap;
margin: 0 auto;
}
.navig > a {
flex-basis: 50%;
text-align: center;
background-color: #eee;
padding: 0.4em 0;
font-size: smaller
}
#content-text {
padding: 2em;
}
#main ul {
margin: 1em 0 2em 3em;
}

104
site/public/docs/crd-support/index.html Normal file
View file

@ -0,0 +1,104 @@
<!DOCTYPE html>
<html><head>
<meta charset="utf-8">
<meta name="author" content="Yann Hamon">
<link rel="stylesheet" type="text/css" href="/css/style.css"><link rel="stylesheet" type="text/css" href="/css/prism.css">
<title>Kubeconform - Fast Kubernetes manifests validation! | Custom Resources support</title>
</head>
<body>
<div id="main-container"><div id="header">
<ul id="navigation">
<li><a href="/about">About</a></li>
<li><a href="/docs/installation/">Docs</a></li>
<li><a href="/">Home</a></li>
</ul>
<h1>Kubeconform</h1>
<h2>A fast Kubernetes manifests validator</h2>
</div>
<div id="content"><ul id="menu">
<li><a href="http://kubeconform.mandragor.org/docs/installation/">Installation</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage/">Usage</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/crd-support/">Custom Resources support</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/">Github Action</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/">Kubeconform as a Go module</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">Conversion of CRD to JSON Schema</a></li>
</ul>
<div id="main">
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/" id="prev">&lt; Github Action</a>
<a href="http://kubeconform.mandragor.org/docs/usage/" id="next">Usage &gt;</a>
</div>
<div id="content-text">
<h1>Custom Resources support</h1>
<p>When the <code>-schema-location</code> parameter is not used, or set to &ldquo;default&rdquo;, kubeconform will default to downloading
schemas from <code>https://github.com/yannh/kubernetes-json-schema</code>. Kubeconform however supports passing one, or multiple,
schemas locations - HTTP(s) URLs, or local filesystem paths, in which case it will lookup for schema definitions
in each of them, in order, stopping as soon as a matching file is found.</p>
<ul>
<li>If the -schema-location value does not end with &lsquo;.json&rsquo;, Kubeconform will assume filenames / a file
structure identical to that of kubernetesjsonschema.dev or github.com/yannh/kubernetes-json-schema.</li>
<li>if the -schema-location value ends with &lsquo;.json&rsquo; - Kubeconform assumes the value is a Go templated
string that indicates how to search for JSON schemas.</li>
<li>the -schema-location value of &ldquo;default&rdquo; is an alias for <a href="https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/%7B%7B">https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{</a> .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}{{ .KindSuffix }}.json.
Both following command lines are equivalent:</li>
</ul>
<pre><code class="language-bash">$ ./bin/kubeconform fixtures/valid.yaml
$ ./bin/kubeconform -schema-location default fixtures/valid.yaml
$ ./bin/kubeconform -schema-location 'https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}{{ .KindSuffix }}.json' fixtures/valid.yaml
</code></pre>
<p>To support validating CRDs, we need to convert OpenAPI files to JSON schema, storing the JSON schemas
in a local folder - for example schemas. Then we specify this folder as an additional registry to lookup:</p>
<pre><code class="language-bash"># If the resource Kind is not found in kubernetesjsonschema.dev, also lookup in the schemas/ folder for a matching file
$ ./bin/kubeconform -schema-location default -schema-location 'schemas/{{ .ResourceKind }}{{ .KindSuffix }}.json' fixtures/custom-resource.yaml
</code></pre>
<p>You can validate Openshift manifests using a custom schema location. Set the OpenShift version to validate
against using -kubernetes-version.</p>
<pre><code class="language-bash">$ ./bin/kubeconform -kubernetes-version 3.8.0 -schema-location 'https://raw.githubusercontent.com/garethr/openshift-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}.json' -summary fixtures/valid.yaml
Summary: 1 resource found in 1 file - Valid: 1, Invalid: 0, Errors: 0 Skipped: 0
</code></pre>
<p>Here are the variables you can use in -schema-location:</p>
<ul>
<li><em>NormalizedKubernetesVersion</em> - Kubernetes Version, prefixed by v</li>
<li><em>StrictSuffix</em> - &ldquo;-strict&rdquo; or &quot;&quot; depending on whether validation is running in strict mode or not</li>
<li><em>ResourceKind</em> - Kind of the Kubernetes Resource</li>
<li><em>ResourceAPIVersion</em> - Version of API used for the resource - &ldquo;v1&rdquo; in &ldquo;apiVersion: monitoring.coreos.com/v1&rdquo;</li>
<li><em>KindSuffix</em> - suffix computed from apiVersion - for compatibility with Kubeval schema registries</li>
</ul>
</div>
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/" id="prev">&lt; Github Action</a>
<a href="http://kubeconform.mandragor.org/docs/usage/" id="next">Usage &gt;</a>
</div>
<script defer src="/js/prism.js"></script>
</div>
</div><div id="footer">
Website powered by <a href="https://gohugo.io/">Hugo</a>
</div>
</div>
<script defer src="/js/prism.js"></script>
</body>
</html>

74
site/public/docs/index.xml Normal file
View file

@ -0,0 +1,74 @@
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Docs on Kubeconform - Fast Kubernetes manifests validation!</title>
<link>http://kubeconform.mandragor.org/docs/</link>
<description>Recent content in Docs on Kubeconform - Fast Kubernetes manifests validation!</description>
<generator>Hugo -- gohugo.io</generator>
<language>en-us</language>
<lastBuildDate>Fri, 02 Jul 2021 00:00:00 +0000</lastBuildDate><atom:link href="http://kubeconform.mandragor.org/docs/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>Installation</title>
<link>http://kubeconform.mandragor.org/docs/installation/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/installation/</guid>
<description>Linux Download the latest release from our release page.
For example, for Linux on x86_64 architecture:
curl -L https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xvzf - &amp;&amp; \ sudo mv kubeconform /usr/local/bin/ MacOs Kubeconform is available to install using Homebrew: $ brew install kubeconform
Windows Download the latest release from our release page.
You can also download the latest version from the release page.</description>
</item>
<item>
<title>Usage</title>
<link>http://kubeconform.mandragor.org/docs/usage/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/usage/</guid>
<description>$ ./bin/kubeconform -h Usage: ./bin/kubeconform [OPTION]... [FILE OR FOLDER]... -cache string cache schemas downloaded via HTTP to this folder -cpu-prof string debug - log CPU profiling to file -exit-on-error immediately stop execution when the first error is encountered -h show help information -ignore-filename-pattern value regular expression specifying paths to ignore (can be specified multiple times) -ignore-missing-schemas skip files with missing schemas instead of failing -insecure-skip-tls-verify disable verification of the server&#39;s SSL certificate.</description>
</item>
<item>
<title>Custom Resources support</title>
<link>http://kubeconform.mandragor.org/docs/crd-support/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/crd-support/</guid>
<description>When the -schema-location parameter is not used, or set to &amp;ldquo;default&amp;rdquo;, kubeconform will default to downloading schemas from https://github.com/yannh/kubernetes-json-schema. Kubeconform however supports passing one, or multiple, schemas locations - HTTP(s) URLs, or local filesystem paths, in which case it will lookup for schema definitions in each of them, in order, stopping as soon as a matching file is found.
If the -schema-location value does not end with &amp;lsquo;.json&amp;rsquo;, Kubeconform will assume filenames / a file structure identical to that of kubernetesjsonschema.</description>
</item>
<item>
<title>Github Action</title>
<link>http://kubeconform.mandragor.org/docs/usage-as-github-action/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/usage-as-github-action/</guid>
<description>Kubeconform is publishes Docker Images to Github&amp;rsquo;s new Container Registry, ghcr.io. These images can be used directly in a Github Action, once logged in using a Github Token.
name: kubeconform on: push jobs: kubeconform: runs-on: ubuntu-latest steps: - name: login to Github Packages run: echo &#34;${{ github.token }}&#34; | docker login https://ghcr.io -u ${GITHUB_ACTOR} --password-stdin - uses: actions/checkout@v2 - uses: docker://ghcr.io/yannh/kubeconform:master with: entrypoint: &#39;/kubeconform&#39; args: &#34;-summary -output json kubeconfigs/&#34; Note on pricing: Kubeconform relies on Github Container Registry which is currently in Beta.</description>
</item>
<item>
<title>Kubeconform as a Go module</title>
<link>http://kubeconform.mandragor.org/docs/using-as-a-go-module/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/using-as-a-go-module/</guid>
<description>Warning: This is a work-in-progress, the interface is not yet considered stable. Feedback is encouraged.
Kubeconform contains a package that can be used as a library. An example of usage can be found in examples/main.go
Additional documentation on pkg.go.dev</description>
</item>
<item>
<title>Conversion of CRD to JSON Schema</title>
<link>http://kubeconform.mandragor.org/docs/json-schema-conversion/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/json-schema-conversion/</guid>
<description>Kubeconform uses JSON schemas to validate Kubernetes resources. For custom resources, the CustomResourceDefinition first needs to be converted to JSON Schema. A script is provided to convert these CustomResourceDefinitions to JSON schema. Here is an example how to use it:
#!/bin/bash $ ./scripts/openapi2jsonschema.py https://raw.githubusercontent.com/aws/amazon-sagemaker-operator-for-k8s/master/config/crd/bases/sagemaker.aws.amazon.com_trainingjobs.yaml JSON schema written to trainingjob_v1.json The FILENAME_FORMAT environment variable can be used to change the output file name (Available variables: kind, group, version) (Default: {kind}_{version}).</description>
</item>
</channel>
</rss>

78
site/public/docs/installation/index.html Normal file
View file

@ -0,0 +1,78 @@
<!DOCTYPE html>
<html><head>
<meta charset="utf-8">
<meta name="author" content="Yann Hamon">
<link rel="stylesheet" type="text/css" href="/css/style.css"><link rel="stylesheet" type="text/css" href="/css/prism.css">
<title>Kubeconform - Fast Kubernetes manifests validation! | Installation</title>
</head>
<body>
<div id="main-container"><div id="header">
<ul id="navigation">
<li><a href="/about">About</a></li>
<li><a href="/docs/installation/">Docs</a></li>
<li><a href="/">Home</a></li>
</ul>
<h1>Kubeconform</h1>
<h2>A fast Kubernetes manifests validator</h2>
</div>
<div id="content"><ul id="menu">
<li><a href="http://kubeconform.mandragor.org/docs/installation/">Installation</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage/">Usage</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/crd-support/">Custom Resources support</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/">Github Action</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/">Kubeconform as a Go module</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">Conversion of CRD to JSON Schema</a></li>
</ul>
<div id="main">
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/usage/" id="prev">&lt; Usage</a>
</div>
<div id="content-text">
<h1>Installation</h1>
<h2 id="linux">Linux</h2>
<p>Download the latest release from our <a href="https://github.com/yannh/kubeconform/releases">release page</a>.</p>
<p>For example, for Linux on x86_64 architecture:</p>
<pre><code class="language-bash">curl -L https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xvzf - && \
sudo mv kubeconform /usr/local/bin/
</code></pre>
<h2 id="macos">MacOs</h2>
<p>Kubeconform is available to install using <a href="https://brew.sh/">Homebrew</a>:
<pre><code class="language-bash">$ brew install kubeconform
</code></pre></p>
<h2 id="windows">Windows</h2>
<p>Download the latest release from our <a href="https://github.com/yannh/kubeconform/releases">release page</a>.</p>
<p>You can also download the latest version from the <a href="https://github.com/yannh/kubeconform/releases">release page</a>.</p>
</div>
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/usage/" id="prev">&lt; Usage</a>
</div>
<script defer src="/js/prism.js"></script>
</div>
</div><div id="footer">
Website powered by <a href="https://gohugo.io/">Hugo</a>
</div>
</div>
<script defer src="/js/prism.js"></script>
</body>
</html>

78
site/public/docs/json-schema-conversion/index.html Normal file
View file

@ -0,0 +1,78 @@
<!DOCTYPE html>
<html><head>
<meta charset="utf-8">
<meta name="author" content="Yann Hamon">
<link rel="stylesheet" type="text/css" href="/css/style.css"><link rel="stylesheet" type="text/css" href="/css/prism.css">
<title>Kubeconform - Fast Kubernetes manifests validation! | Conversion of CRD to JSON Schema</title>
</head>
<body>
<div id="main-container"><div id="header">
<ul id="navigation">
<li><a href="/about">About</a></li>
<li><a href="/docs/installation/">Docs</a></li>
<li><a href="/">Home</a></li>
</ul>
<h1>Kubeconform</h1>
<h2>A fast Kubernetes manifests validator</h2>
</div>
<div id="content"><ul id="menu">
<li><a href="http://kubeconform.mandragor.org/docs/installation/">Installation</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage/">Usage</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/crd-support/">Custom Resources support</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/">Github Action</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/">Kubeconform as a Go module</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">Conversion of CRD to JSON Schema</a></li>
</ul>
<div id="main">
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/" id="next">Kubeconform as a Go module &gt;</a>
</div>
<div id="content-text">
<h1>Conversion of CRD to JSON Schema</h1>
<p>Kubeconform uses JSON schemas to validate Kubernetes resources. For custom resources, the CustomResourceDefinition
first needs to be converted to JSON Schema. A script is provided to convert these CustomResourceDefinitions
to JSON schema. Here is an example how to use it:</p>
<pre><code class="language-bash">#!/bin/bash
$ ./scripts/openapi2jsonschema.py https://raw.githubusercontent.com/aws/amazon-sagemaker-operator-for-k8s/master/config/crd/bases/sagemaker.aws.amazon.com_trainingjobs.yaml
JSON schema written to trainingjob_v1.json
</code></pre>
<p>The <code>FILENAME_FORMAT</code> environment variable can be used to change the output file name (Available variables: <code>kind</code>, <code>group</code>, <code>version</code>) (Default: <code>{kind}_{version}</code>).</p>
<pre><code class="language-bash">$ export FILENAME_FORMAT='{kind}-{group}-{version}'
$ ./scripts/openapi2jsonschema.py https://raw.githubusercontent.com/aws/amazon-sagemaker-operator-for-k8s/master/config/crd/bases/sagemaker.aws.amazon.com_trainingjobs.yaml
JSON schema written to trainingjob-sagemaker-v1.json
</code></pre>
<p>Some CRD schemas do not have explicit validation for fields implicitly validated by the Kubernetes API like <code>apiVersion</code>, <code>kind</code>, and <code>metadata</code>, thus additional properties are allowed at the root of the JSON schema by default, if this is not desired the <code>DENY_ROOT_ADDITIONAL_PROPERTIES</code> environment variable can be set to any non-empty value.</p>
</div>
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/" id="next">Kubeconform as a Go module &gt;</a>
</div>
<script defer src="/js/prism.js"></script>
</div>
</div><div id="footer">
Website powered by <a href="https://gohugo.io/">Hugo</a>
</div>
</div>
<script defer src="/js/prism.js"></script>
</body>
</html>

89
site/public/docs/usage-as-github-action/index.html Normal file
View file

@ -0,0 +1,89 @@
<!DOCTYPE html>
<html><head>
<meta charset="utf-8">
<meta name="author" content="Yann Hamon">
<link rel="stylesheet" type="text/css" href="/css/style.css"><link rel="stylesheet" type="text/css" href="/css/prism.css">
<title>Kubeconform - Fast Kubernetes manifests validation! | Github Action</title>
</head>
<body>
<div id="main-container"><div id="header">
<ul id="navigation">
<li><a href="/about">About</a></li>
<li><a href="/docs/installation/">Docs</a></li>
<li><a href="/">Home</a></li>
</ul>
<h1>Kubeconform</h1>
<h2>A fast Kubernetes manifests validator</h2>
</div>
<div id="content"><ul id="menu">
<li><a href="http://kubeconform.mandragor.org/docs/installation/">Installation</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage/">Usage</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/crd-support/">Custom Resources support</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/">Github Action</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/">Kubeconform as a Go module</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">Conversion of CRD to JSON Schema</a></li>
</ul>
<div id="main">
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/" id="prev">&lt; Kubeconform as a Go module</a>
<a href="http://kubeconform.mandragor.org/docs/crd-support/" id="next">Custom Resources support &gt;</a>
</div>
<div id="content-text">
<h1>Github Action</h1>
<p>Kubeconform is publishes Docker Images to Github&rsquo;s new Container Registry, ghcr.io. These images
can be used directly in a Github Action, once logged in using a <a href="https://github.blog/changelog/2021-03-24-packages-container-registry-now-supports-github_token/"><em>Github Token</em></a>.</p>
<pre><code class="language-bash">name: kubeconform
on: push
jobs:
kubeconform:
runs-on: ubuntu-latest
steps:
- name: login to Github Packages
run: echo "${{ github.token }}" | docker login https://ghcr.io -u ${GITHUB_ACTOR} --password-stdin
- uses: actions/checkout@v2
- uses: docker://ghcr.io/yannh/kubeconform:master
with:
entrypoint: '/kubeconform'
args: "-summary -output json kubeconfigs/"
</code></pre>
<p><em>Note on pricing</em>: Kubeconform relies on Github Container Registry which is currently in Beta. During that period,
<a href="https://docs.github.com/en/packages/guides/about-github-container-registry">bandwidth is free</a>. After that period,
bandwidth costs might be applicable. Since bandwidth from Github Packages within Github Actions is free, I expect
Github Container Registry to also be usable for free within Github Actions in the future. If that were not to be the
case, I might publish the Docker image to a different platform.</p>
</div>
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/" id="prev">&lt; Kubeconform as a Go module</a>
<a href="http://kubeconform.mandragor.org/docs/crd-support/" id="next">Custom Resources support &gt;</a>
</div>
<script defer src="/js/prism.js"></script>
</div>
</div><div id="footer">
Website powered by <a href="https://gohugo.io/">Hugo</a>
</div>
</div>
<script defer src="/js/prism.js"></script>
</body>
</html>

145
site/public/docs/usage/index.html Normal file
View file

@ -0,0 +1,145 @@
<!DOCTYPE html>
<html><head>
<meta charset="utf-8">
<meta name="author" content="Yann Hamon">
<link rel="stylesheet" type="text/css" href="/css/style.css"><link rel="stylesheet" type="text/css" href="/css/prism.css">
<title>Kubeconform - Fast Kubernetes manifests validation! | Usage</title>
</head>
<body>
<div id="main-container"><div id="header">
<ul id="navigation">
<li><a href="/about">About</a></li>
<li><a href="/docs/installation/">Docs</a></li>
<li><a href="/">Home</a></li>
</ul>
<h1>Kubeconform</h1>
<h2>A fast Kubernetes manifests validator</h2>
</div>
<div id="content"><ul id="menu">
<li><a href="http://kubeconform.mandragor.org/docs/installation/">Installation</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage/">Usage</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/crd-support/">Custom Resources support</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/">Github Action</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/">Kubeconform as a Go module</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">Conversion of CRD to JSON Schema</a></li>
</ul>
<div id="main">
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/crd-support/" id="prev">&lt; Custom Resources support</a>
<a href="http://kubeconform.mandragor.org/docs/installation/" id="next">Installation &gt;</a>
</div>
<div id="content-text">
<h1>Usage</h1>
<pre><code class="language-bash">$ ./bin/kubeconform -h
Usage: ./bin/kubeconform [OPTION]... [FILE OR FOLDER]...
-cache string
cache schemas downloaded via HTTP to this folder
-cpu-prof string
debug - log CPU profiling to file
-exit-on-error
immediately stop execution when the first error is encountered
-h show help information
-ignore-filename-pattern value
regular expression specifying paths to ignore (can be specified multiple times)
-ignore-missing-schemas
skip files with missing schemas instead of failing
-insecure-skip-tls-verify
disable verification of the server's SSL certificate. This will make your HTTPS connections insecure
-kubernetes-version string
version of Kubernetes to validate against, e.g.: 1.18.0 (default "master")
-n int
number of goroutines to run concurrently (default 4)
-output string
output format - json, junit, tap, text (default "text")
-reject string
comma-separated list of kinds to reject
-schema-location value
override schemas location search path (can be specified multiple times)
-skip string
comma-separated list of kinds to ignore
-strict
disallow additional properties not in schema
-summary
print a summary at the end (ignored for junit output)
-v show version information
-verbose
print results for all resources (ignored for tap and junit output)
</code></pre>
<h3 id="validating-a-single-valid-file">Validating a single, valid file</h3>
<pre><code class="language-bash">$ ./bin/kubeconform fixtures/valid.yaml
$ echo $?
0
</code></pre>
<h3 id="validating-a-single-invalid-file-setting-output-to-json-and-printing-a-summary">Validating a single invalid file, setting output to json, and printing a summary</h3>
<pre><code class="language-bash">$ ./bin/kubeconform -summary -output json fixtures/invalid.yaml
{
"resources": [
{
"filename": "fixtures/invalid.yaml",
"kind": "ReplicationController",
"version": "v1",
"status": "INVALID",
"msg": "Additional property templates is not allowed - Invalid type. Expected: [integer,null], given: string"
}
],
"summary": {
"valid": 0,
"invalid": 1,
"errors": 0,
"skipped": 0
}
}
$ echo $?
1
</code></pre>
<h3 id="passing-manifests-via-stdin">Passing manifests via Stdin</h3>
<pre><code class="language-bash">cat fixtures/valid.yaml | ./bin/kubeconform -summary
Summary: 1 resource found parsing stdin - Valid: 1, Invalid: 0, Errors: 0 Skipped: 0
</code></pre>
<h3 id="validating-a-folder-increasing-the-number-of-parallel-workers">Validating a folder, increasing the number of parallel workers</h3>
<pre><code class="language-bash">$ ./bin/kubeconform -summary -n 16 fixtures
fixtures/crd_schema.yaml - CustomResourceDefinition trainingjobs.sagemaker.aws.amazon.com failed validation: could not find schema for CustomResourceDefinition
fixtures/invalid.yaml - ReplicationController bob is invalid: Invalid type. Expected: [integer,null], given: string
[...]
Summary: 65 resources found in 34 files - Valid: 55, Invalid: 2, Errors: 8 Skipped: 0
</code></pre>
</div>
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/crd-support/" id="prev">&lt; Custom Resources support</a>
<a href="http://kubeconform.mandragor.org/docs/installation/" id="next">Installation &gt;</a>
</div>
<script defer src="/js/prism.js"></script>
</div>
</div><div id="footer">
Website powered by <a href="https://gohugo.io/">Hugo</a>
</div>
</div>
<script defer src="/js/prism.js"></script>
</body>
</html>

71
site/public/docs/using-as-a-go-module/index.html Normal file
View file

@ -0,0 +1,71 @@
<!DOCTYPE html>
<html><head>
<meta charset="utf-8">
<meta name="author" content="Yann Hamon">
<link rel="stylesheet" type="text/css" href="/css/style.css"><link rel="stylesheet" type="text/css" href="/css/prism.css">
<title>Kubeconform - Fast Kubernetes manifests validation! | Kubeconform as a Go module</title>
</head>
<body>
<div id="main-container"><div id="header">
<ul id="navigation">
<li><a href="/about">About</a></li>
<li><a href="/docs/installation/">Docs</a></li>
<li><a href="/">Home</a></li>
</ul>
<h1>Kubeconform</h1>
<h2>A fast Kubernetes manifests validator</h2>
</div>
<div id="content"><ul id="menu">
<li><a href="http://kubeconform.mandragor.org/docs/installation/">Installation</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage/">Usage</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/crd-support/">Custom Resources support</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/">Github Action</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/">Kubeconform as a Go module</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">Conversion of CRD to JSON Schema</a></li>
</ul>
<div id="main">
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/" id="prev">&lt; Conversion of CRD to JSON Schema</a>
<a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/" id="next">Github Action &gt;</a>
</div>
<div id="content-text">
<h1>Kubeconform as a Go module</h1>
<p><strong>Warning</strong>: This is a work-in-progress, the interface is not yet considered stable. Feedback is encouraged.</p>
<p>Kubeconform contains a package that can be used as a library.
An example of usage can be found in <a href="https://github.com/yannh/kubeconform/tree/master/examples/main.go">examples/main.go</a></p>
<p>Additional documentation on <a href="https://pkg.go.dev/github.com/yannh/kubeconform/pkg/validator">pkg.go.dev</a></p>
</div>
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/" id="prev">&lt; Conversion of CRD to JSON Schema</a>
<a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/" id="next">Github Action &gt;</a>
</div>
<script defer src="/js/prism.js"></script>
</div>
</div><div id="footer">
Website powered by <a href="https://gohugo.io/">Hugo</a>
</div>
</div>
<script defer src="/js/prism.js"></script>
</body>
</html>

58
site/public/index.html Normal file
View file

@ -0,0 +1,58 @@
<!DOCTYPE html>
<html><head>
<meta name="generator" content="Hugo 0.91.0" />
<meta charset="utf-8">
<meta name="author" content="Yann Hamon">
<link rel="stylesheet" type="text/css" href="/css/style.css"><link rel="stylesheet" type="text/css" href="/css/prism.css">
<title>Kubeconform - Fast Kubernetes manifests validation!</title>
</head>
<body>
<div id="main-container"><div id="header">
<ul id="navigation">
<li><a href="/about">About</a></li>
<li><a href="/docs/installation/">Docs</a></li>
<li><a href="/">Home</a></li>
</ul>
<h1>Kubeconform</h1>
<h2>A fast Kubernetes manifests validator</h2>
</div>
<div id="content"><div id="main">
<p id="motto">Validate your Kubernetes manifests instead of deploying broken configuration</p>
<pre id="demo"><code class="language-bash">$ kubeconform -summary myapp/deployment.yaml
Summary: 5 resources found in 1 file - Valid: 5, Invalid: 0, Errors: 0, Skipped: 0
</code></pre>
<a href="/docs/installation/" id="get">
Get Started!
</a>
<div id="kc-pros">
<div>
<h2>Easy-to-use</h2>
<p>Single binary, super-easy installation for Windows, Mac & Linux. It takes seconds to get started.</p>
</div>
<div>
<h2>Lightning fast</h2>
<p>Kubeconform makes heavy use of Golang's concurrency capabilities, and will spread its workload across multiple cores.</pa>
</div>
<div>
<h2>Support for Kubernetes CRDs</h2>
<p>Validate ALL your Kubernetes resources with Kubeconform's CRD support</p>
</div>
<div>
<h2>Flexible</h2>
<p>With support for JSON, Junit, TAP output, and leveraging the easy-to-use Docker image, you can run Kubeconform in any CI system.</p>
</div>
</div>
</div>
</div><div id="footer">
Website powered by <a href="https://gohugo.io/">Hugo</a>
</div>
</div>
<script defer src="/js/prism.js"></script>
</body>
</html>

85
site/public/index.xml Normal file
View file

@ -0,0 +1,85 @@
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Kubeconform - Fast Kubernetes manifests validation!</title>
<link>http://kubeconform.mandragor.org/</link>
<description>Recent content on Kubeconform - Fast Kubernetes manifests validation!</description>
<generator>Hugo -- gohugo.io</generator>
<language>en-us</language>
<lastBuildDate>Fri, 02 Jul 2021 00:00:00 +0000</lastBuildDate><atom:link href="http://kubeconform.mandragor.org/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>Installation</title>
<link>http://kubeconform.mandragor.org/docs/installation/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/installation/</guid>
<description>Linux Download the latest release from our release page.
For example, for Linux on x86_64 architecture:
curl -L https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xvzf - &amp;&amp; \ sudo mv kubeconform /usr/local/bin/ MacOs Kubeconform is available to install using Homebrew: $ brew install kubeconform
Windows Download the latest release from our release page.
You can also download the latest version from the release page.</description>
</item>
<item>
<title>Usage</title>
<link>http://kubeconform.mandragor.org/docs/usage/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/usage/</guid>
<description>$ ./bin/kubeconform -h Usage: ./bin/kubeconform [OPTION]... [FILE OR FOLDER]... -cache string cache schemas downloaded via HTTP to this folder -cpu-prof string debug - log CPU profiling to file -exit-on-error immediately stop execution when the first error is encountered -h show help information -ignore-filename-pattern value regular expression specifying paths to ignore (can be specified multiple times) -ignore-missing-schemas skip files with missing schemas instead of failing -insecure-skip-tls-verify disable verification of the server&#39;s SSL certificate.</description>
</item>
<item>
<title>Custom Resources support</title>
<link>http://kubeconform.mandragor.org/docs/crd-support/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/crd-support/</guid>
<description>When the -schema-location parameter is not used, or set to &amp;ldquo;default&amp;rdquo;, kubeconform will default to downloading schemas from https://github.com/yannh/kubernetes-json-schema. Kubeconform however supports passing one, or multiple, schemas locations - HTTP(s) URLs, or local filesystem paths, in which case it will lookup for schema definitions in each of them, in order, stopping as soon as a matching file is found.
If the -schema-location value does not end with &amp;lsquo;.json&amp;rsquo;, Kubeconform will assume filenames / a file structure identical to that of kubernetesjsonschema.</description>
</item>
<item>
<title>Github Action</title>
<link>http://kubeconform.mandragor.org/docs/usage-as-github-action/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/usage-as-github-action/</guid>
<description>Kubeconform is publishes Docker Images to Github&amp;rsquo;s new Container Registry, ghcr.io. These images can be used directly in a Github Action, once logged in using a Github Token.
name: kubeconform on: push jobs: kubeconform: runs-on: ubuntu-latest steps: - name: login to Github Packages run: echo &#34;${{ github.token }}&#34; | docker login https://ghcr.io -u ${GITHUB_ACTOR} --password-stdin - uses: actions/checkout@v2 - uses: docker://ghcr.io/yannh/kubeconform:master with: entrypoint: &#39;/kubeconform&#39; args: &#34;-summary -output json kubeconfigs/&#34; Note on pricing: Kubeconform relies on Github Container Registry which is currently in Beta.</description>
</item>
<item>
<title>Kubeconform as a Go module</title>
<link>http://kubeconform.mandragor.org/docs/using-as-a-go-module/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/using-as-a-go-module/</guid>
<description>Warning: This is a work-in-progress, the interface is not yet considered stable. Feedback is encouraged.
Kubeconform contains a package that can be used as a library. An example of usage can be found in examples/main.go
Additional documentation on pkg.go.dev</description>
</item>
<item>
<title>About</title>
<link>http://kubeconform.mandragor.org/about/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/about/</guid>
<description>Kubeconform is a Kubernetes manifests validation tool. Build it into your CI to validate your Kubernetes configuration!
It is inspired by, contains code from and is designed to stay close to Kubeval, but with the following improvements:
high performance: will validate &amp;amp; download manifests over multiple routines, caching downloaded files in memory configurable list of remote, or local schemas locations, enabling validating Kubernetes custom resources (CRDs) and offline validation capabilities uses by default a self-updating fork of the schemas registry maintained by the kubernetes-json-schema project - which guarantees up-to-date schemas for all recent versions of Kubernetes.</description>
</item>
<item>
<title>Conversion of CRD to JSON Schema</title>
<link>http://kubeconform.mandragor.org/docs/json-schema-conversion/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/json-schema-conversion/</guid>
<description>Kubeconform uses JSON schemas to validate Kubernetes resources. For custom resources, the CustomResourceDefinition first needs to be converted to JSON Schema. A script is provided to convert these CustomResourceDefinitions to JSON schema. Here is an example how to use it:
#!/bin/bash $ ./scripts/openapi2jsonschema.py https://raw.githubusercontent.com/aws/amazon-sagemaker-operator-for-k8s/master/config/crd/bases/sagemaker.aws.amazon.com_trainingjobs.yaml JSON schema written to trainingjob_v1.json The FILENAME_FORMAT environment variable can be used to change the output file name (Available variables: kind, group, version) (Default: {kind}_{version}).</description>
</item>
</channel>
</rss>

31
site/public/installation/index.html Normal file
View file

@ -0,0 +1,31 @@
<!DOCTYPE html>
<html><head>
<meta charset="utf-8">
<meta name="author" content="Yann Hamon">
<link rel="stylesheet" type="text/css" href="/css/style.css">
<title>Kubeconform - Fast Kubernetes manifests validation! | The execution model of AWS Lambda@edge with Cloudfront&#39;s two- and three-tiered architecture</title>
</head>
<body><div id="title">
<h1>Kubeconform</h1>
<h2>A FAST Kubernetes manifests validator</h2>
</div>
<div id="main-container">
<div id="post">
<a href="/" id="back">← Back</a>
<h1>The execution model of AWS Lambda@edge with Cloudfront&#39;s two- and three-tiered architecture <div class="date">July 2, 2021</div></h1>
<p>Installation</p>
</div>
</div><div id="footer">
<h3>Github</h3>
</div>
</body>
</html>

4
site/public/js/prism.js Normal file
View file

File diff suppressed because one or more lines are too long

49
site/public/sitemap.xml Normal file
View file

@ -0,0 +1,49 @@
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"
xmlns:xhtml="http://www.w3.org/1999/xhtml">
<url>
<loc>http://kubeconform.mandragor.org/docs/installation/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/docs/usage/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/docs/crd-support/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/docs/usage-as-github-action/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/docs/using-as-a-go-module/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/tags/about/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/about/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/docs/json-schema-conversion/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/docs/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/tags/installation/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/tags/kubeconform/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/tags/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/tags/usage/</loc>
<lastmod>2021-07-02T00:00:00+00:00</lastmod>
</url><url>
<loc>http://kubeconform.mandragor.org/categories/</loc>
</url>
</urlset>

22
site/public/tags/about/index.xml Normal file
View file

@ -0,0 +1,22 @@
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>About on Kubeconform - Fast Kubernetes manifests validation!</title>
<link>http://kubeconform.mandragor.org/tags/about/</link>
<description>Recent content in About on Kubeconform - Fast Kubernetes manifests validation!</description>
<generator>Hugo -- gohugo.io</generator>
<language>en-us</language>
<lastBuildDate>Fri, 02 Jul 2021 00:00:00 +0000</lastBuildDate><atom:link href="http://kubeconform.mandragor.org/tags/about/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>About</title>
<link>http://kubeconform.mandragor.org/about/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/about/</guid>
<description>Kubeconform is a Kubernetes manifests validation tool. Build it into your CI to validate your Kubernetes configuration!
It is inspired by, contains code from and is designed to stay close to Kubeval, but with the following improvements:
high performance: will validate &amp;amp; download manifests over multiple routines, caching downloaded files in memory configurable list of remote, or local schemas locations, enabling validating Kubernetes custom resources (CRDs) and offline validation capabilities uses by default a self-updating fork of the schemas registry maintained by the kubernetes-json-schema project - which guarantees up-to-date schemas for all recent versions of Kubernetes.</description>
</item>
</channel>
</rss>

20
site/public/tags/cloudfront/index.xml Normal file
View file

@ -0,0 +1,20 @@
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Cloudfront on Kubeconform - Fast Kubernetes manifests validation!</title>
<link>http://localhost/tags/cloudfront/</link>
<description>Recent content in Cloudfront on Kubeconform - Fast Kubernetes manifests validation!</description>
<generator>Hugo -- gohugo.io</generator>
<language>en-us</language>
<lastBuildDate>Fri, 02 Jul 2021 00:00:00 +0000</lastBuildDate><atom:link href="http://localhost/tags/cloudfront/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>The execution model of AWS Lambda@edge with Cloudfront&#39;s two- and three-tiered architecture</title>
<link>http://localhost/installation/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://localhost/installation/</guid>
<description>Installation</description>
</item>
</channel>
</rss>

47
site/public/tags/index.xml Normal file
View file

@ -0,0 +1,47 @@
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Tags on Kubeconform - Fast Kubernetes manifests validation!</title>
<link>http://kubeconform.mandragor.org/tags/</link>
<description>Recent content in Tags on Kubeconform - Fast Kubernetes manifests validation!</description>
<generator>Hugo -- gohugo.io</generator>
<language>en-us</language>
<lastBuildDate>Fri, 02 Jul 2021 00:00:00 +0000</lastBuildDate><atom:link href="http://kubeconform.mandragor.org/tags/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>About</title>
<link>http://kubeconform.mandragor.org/tags/about/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/tags/about/</guid>
<description></description>
</item>
<item>
<title>Installation</title>
<link>http://kubeconform.mandragor.org/tags/installation/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/tags/installation/</guid>
<description></description>
</item>
<item>
<title>Kubeconform</title>
<link>http://kubeconform.mandragor.org/tags/kubeconform/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/tags/kubeconform/</guid>
<description></description>
</item>
<item>
<title>Usage</title>
<link>http://kubeconform.mandragor.org/tags/usage/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/tags/usage/</guid>
<description></description>
</item>
</channel>
</rss>

24
site/public/tags/installation/index.xml Normal file
View file

@ -0,0 +1,24 @@
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Installation on Kubeconform - Fast Kubernetes manifests validation!</title>
<link>http://kubeconform.mandragor.org/tags/installation/</link>
<description>Recent content in Installation on Kubeconform - Fast Kubernetes manifests validation!</description>
<generator>Hugo -- gohugo.io</generator>
<language>en-us</language>
<lastBuildDate>Fri, 02 Jul 2021 00:00:00 +0000</lastBuildDate><atom:link href="http://kubeconform.mandragor.org/tags/installation/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>Installation</title>
<link>http://kubeconform.mandragor.org/docs/installation/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/installation/</guid>
<description>Linux Download the latest release from our release page.
For example, for Linux on x86_64 architecture:
curl -L https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xvzf - &amp;&amp; \ sudo mv kubeconform /usr/local/bin/ MacOs Kubeconform is available to install using Homebrew: $ brew install kubeconform
Windows Download the latest release from our release page.
You can also download the latest version from the release page.</description>
</item>
</channel>
</rss>

85
site/public/tags/kubeconform/index.xml Normal file
View file

@ -0,0 +1,85 @@
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Kubeconform on Kubeconform - Fast Kubernetes manifests validation!</title>
<link>http://kubeconform.mandragor.org/tags/kubeconform/</link>
<description>Recent content in Kubeconform on Kubeconform - Fast Kubernetes manifests validation!</description>
<generator>Hugo -- gohugo.io</generator>
<language>en-us</language>
<lastBuildDate>Fri, 02 Jul 2021 00:00:00 +0000</lastBuildDate><atom:link href="http://kubeconform.mandragor.org/tags/kubeconform/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>Installation</title>
<link>http://kubeconform.mandragor.org/docs/installation/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/installation/</guid>
<description>Linux Download the latest release from our release page.
For example, for Linux on x86_64 architecture:
curl -L https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xvzf - &amp;&amp; \ sudo mv kubeconform /usr/local/bin/ MacOs Kubeconform is available to install using Homebrew: $ brew install kubeconform
Windows Download the latest release from our release page.
You can also download the latest version from the release page.</description>
</item>
<item>
<title>Usage</title>
<link>http://kubeconform.mandragor.org/docs/usage/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/usage/</guid>
<description>$ ./bin/kubeconform -h Usage: ./bin/kubeconform [OPTION]... [FILE OR FOLDER]... -cache string cache schemas downloaded via HTTP to this folder -cpu-prof string debug - log CPU profiling to file -exit-on-error immediately stop execution when the first error is encountered -h show help information -ignore-filename-pattern value regular expression specifying paths to ignore (can be specified multiple times) -ignore-missing-schemas skip files with missing schemas instead of failing -insecure-skip-tls-verify disable verification of the server&#39;s SSL certificate.</description>
</item>
<item>
<title>Custom Resources support</title>
<link>http://kubeconform.mandragor.org/docs/crd-support/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/crd-support/</guid>
<description>When the -schema-location parameter is not used, or set to &amp;ldquo;default&amp;rdquo;, kubeconform will default to downloading schemas from https://github.com/yannh/kubernetes-json-schema. Kubeconform however supports passing one, or multiple, schemas locations - HTTP(s) URLs, or local filesystem paths, in which case it will lookup for schema definitions in each of them, in order, stopping as soon as a matching file is found.
If the -schema-location value does not end with &amp;lsquo;.json&amp;rsquo;, Kubeconform will assume filenames / a file structure identical to that of kubernetesjsonschema.</description>
</item>
<item>
<title>Github Action</title>
<link>http://kubeconform.mandragor.org/docs/usage-as-github-action/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/usage-as-github-action/</guid>
<description>Kubeconform is publishes Docker Images to Github&amp;rsquo;s new Container Registry, ghcr.io. These images can be used directly in a Github Action, once logged in using a Github Token.
name: kubeconform on: push jobs: kubeconform: runs-on: ubuntu-latest steps: - name: login to Github Packages run: echo &#34;${{ github.token }}&#34; | docker login https://ghcr.io -u ${GITHUB_ACTOR} --password-stdin - uses: actions/checkout@v2 - uses: docker://ghcr.io/yannh/kubeconform:master with: entrypoint: &#39;/kubeconform&#39; args: &#34;-summary -output json kubeconfigs/&#34; Note on pricing: Kubeconform relies on Github Container Registry which is currently in Beta.</description>
</item>
<item>
<title>Kubeconform as a Go module</title>
<link>http://kubeconform.mandragor.org/docs/using-as-a-go-module/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/using-as-a-go-module/</guid>
<description>Warning: This is a work-in-progress, the interface is not yet considered stable. Feedback is encouraged.
Kubeconform contains a package that can be used as a library. An example of usage can be found in examples/main.go
Additional documentation on pkg.go.dev</description>
</item>
<item>
<title>About</title>
<link>http://kubeconform.mandragor.org/about/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/about/</guid>
<description>Kubeconform is a Kubernetes manifests validation tool. Build it into your CI to validate your Kubernetes configuration!
It is inspired by, contains code from and is designed to stay close to Kubeval, but with the following improvements:
high performance: will validate &amp;amp; download manifests over multiple routines, caching downloaded files in memory configurable list of remote, or local schemas locations, enabling validating Kubernetes custom resources (CRDs) and offline validation capabilities uses by default a self-updating fork of the schemas registry maintained by the kubernetes-json-schema project - which guarantees up-to-date schemas for all recent versions of Kubernetes.</description>
</item>
<item>
<title>Conversion of CRD to JSON Schema</title>
<link>http://kubeconform.mandragor.org/docs/json-schema-conversion/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/json-schema-conversion/</guid>
<description>Kubeconform uses JSON schemas to validate Kubernetes resources. For custom resources, the CustomResourceDefinition first needs to be converted to JSON Schema. A script is provided to convert these CustomResourceDefinitions to JSON schema. Here is an example how to use it:
#!/bin/bash $ ./scripts/openapi2jsonschema.py https://raw.githubusercontent.com/aws/amazon-sagemaker-operator-for-k8s/master/config/crd/bases/sagemaker.aws.amazon.com_trainingjobs.yaml JSON schema written to trainingjob_v1.json The FILENAME_FORMAT environment variable can be used to change the output file name (Available variables: kind, group, version) (Default: {kind}_{version}).</description>
</item>
</channel>
</rss>

20
site/public/tags/lambdaedge/index.xml Normal file
View file

@ -0,0 +1,20 @@
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Lambda@edge on Kubeconform - Fast Kubernetes manifests validation!</title>
<link>http://localhost/tags/lambdaedge/</link>
<description>Recent content in Lambda@edge on Kubeconform - Fast Kubernetes manifests validation!</description>
<generator>Hugo -- gohugo.io</generator>
<language>en-us</language>
<lastBuildDate>Fri, 02 Jul 2021 00:00:00 +0000</lastBuildDate><atom:link href="http://localhost/tags/lambdaedge/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>The execution model of AWS Lambda@edge with Cloudfront&#39;s two- and three-tiered architecture</title>
<link>http://localhost/installation/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://localhost/installation/</guid>
<description>Installation</description>
</item>
</channel>
</rss>

61
site/public/tags/usage/index.xml Normal file
View file

@ -0,0 +1,61 @@
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Usage on Kubeconform - Fast Kubernetes manifests validation!</title>
<link>http://kubeconform.mandragor.org/tags/usage/</link>
<description>Recent content in Usage on Kubeconform - Fast Kubernetes manifests validation!</description>
<generator>Hugo -- gohugo.io</generator>
<language>en-us</language>
<lastBuildDate>Fri, 02 Jul 2021 00:00:00 +0000</lastBuildDate><atom:link href="http://kubeconform.mandragor.org/tags/usage/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>Usage</title>
<link>http://kubeconform.mandragor.org/docs/usage/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/usage/</guid>
<description>$ ./bin/kubeconform -h Usage: ./bin/kubeconform [OPTION]... [FILE OR FOLDER]... -cache string cache schemas downloaded via HTTP to this folder -cpu-prof string debug - log CPU profiling to file -exit-on-error immediately stop execution when the first error is encountered -h show help information -ignore-filename-pattern value regular expression specifying paths to ignore (can be specified multiple times) -ignore-missing-schemas skip files with missing schemas instead of failing -insecure-skip-tls-verify disable verification of the server&#39;s SSL certificate.</description>
</item>
<item>
<title>Custom Resources support</title>
<link>http://kubeconform.mandragor.org/docs/crd-support/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/crd-support/</guid>
<description>When the -schema-location parameter is not used, or set to &amp;ldquo;default&amp;rdquo;, kubeconform will default to downloading schemas from https://github.com/yannh/kubernetes-json-schema. Kubeconform however supports passing one, or multiple, schemas locations - HTTP(s) URLs, or local filesystem paths, in which case it will lookup for schema definitions in each of them, in order, stopping as soon as a matching file is found.
If the -schema-location value does not end with &amp;lsquo;.json&amp;rsquo;, Kubeconform will assume filenames / a file structure identical to that of kubernetesjsonschema.</description>
</item>
<item>
<title>Github Action</title>
<link>http://kubeconform.mandragor.org/docs/usage-as-github-action/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/usage-as-github-action/</guid>
<description>Kubeconform is publishes Docker Images to Github&amp;rsquo;s new Container Registry, ghcr.io. These images can be used directly in a Github Action, once logged in using a Github Token.
name: kubeconform on: push jobs: kubeconform: runs-on: ubuntu-latest steps: - name: login to Github Packages run: echo &#34;${{ github.token }}&#34; | docker login https://ghcr.io -u ${GITHUB_ACTOR} --password-stdin - uses: actions/checkout@v2 - uses: docker://ghcr.io/yannh/kubeconform:master with: entrypoint: &#39;/kubeconform&#39; args: &#34;-summary -output json kubeconfigs/&#34; Note on pricing: Kubeconform relies on Github Container Registry which is currently in Beta.</description>
</item>
<item>
<title>Kubeconform as a Go module</title>
<link>http://kubeconform.mandragor.org/docs/using-as-a-go-module/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/using-as-a-go-module/</guid>
<description>Warning: This is a work-in-progress, the interface is not yet considered stable. Feedback is encouraged.
Kubeconform contains a package that can be used as a library. An example of usage can be found in examples/main.go
Additional documentation on pkg.go.dev</description>
</item>
<item>
<title>Conversion of CRD to JSON Schema</title>
<link>http://kubeconform.mandragor.org/docs/json-schema-conversion/</link>
<pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
<guid>http://kubeconform.mandragor.org/docs/json-schema-conversion/</guid>
<description>Kubeconform uses JSON schemas to validate Kubernetes resources. For custom resources, the CustomResourceDefinition first needs to be converted to JSON Schema. A script is provided to convert these CustomResourceDefinitions to JSON schema. Here is an example how to use it:
#!/bin/bash $ ./scripts/openapi2jsonschema.py https://raw.githubusercontent.com/aws/amazon-sagemaker-operator-for-k8s/master/config/crd/bases/sagemaker.aws.amazon.com_trainingjobs.yaml JSON schema written to trainingjob_v1.json The FILENAME_FORMAT environment variable can be used to change the output file name (Available variables: kind, group, version) (Default: {kind}_{version}).</description>
</item>
</channel>
</rss>

20
site/themes/kubeconform/LICENSE Normal file
View file

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2021 Yann Hamon
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

3
site/themes/kubeconform/archetypes/default.md Normal file
View file

@ -0,0 +1,3 @@
+++
+++

0
site/themes/kubeconform/layouts/404.html Normal file
View file

19
site/themes/kubeconform/layouts/_default/baseof.html Normal file
View file

@ -0,0 +1,19 @@
<!DOCTYPE html>
<html>
{{- partial "head.html" . -}}
<body>
<div id="main-container">
{{- partial "header.html" . -}}
<div id="content">
{{- if eq .Section "docs" -}}
{{- partial "menu.html" . -}}
{{- end -}}
<div id="main">
{{- block "main" . }}{{- end }}
</div>
</div>
{{- partial "footer.html" . -}}
</div>
<script defer src="/js/prism.js"></script>
</body>
</html>

0
site/themes/kubeconform/layouts/_default/list.html Normal file
View file

27
site/themes/kubeconform/layouts/_default/single.html Normal file
View file

@ -0,0 +1,27 @@
{{ define "main" }}
<div class="navig">
{{ with .PrevInSection }}
<a href="{{ .Permalink }}" id="prev">&lt; {{ .Title }}</a>
{{ end }}
{{ with .NextInSection }}
<a href="{{ .Permalink }}" id="next">{{ .Title }} &gt;</a>
{{ end }}
</div>
<div id="content-text">
<h1>{{ .Title }}</h1>
{{ .Content }}
</div>
<div class="navig">
{{ with .PrevInSection }}
<a href="{{ .Permalink }}" id="prev">&lt; {{ .Title }}</a>
{{ end }}
{{ with .NextInSection }}
<a href="{{ .Permalink }}" id="next">{{ .Title }} &gt;</a>
{{ end }}
</div>
<script defer src="/js/prism.js"></script>
{{ end }}

32
site/themes/kubeconform/layouts/index.html Normal file
View file

@ -0,0 +1,32 @@
{{ define "main" }}
<p id="motto">Validate your Kubernetes manifests instead of deploying broken configuration</p>
<pre id="demo"><code class="language-bash">$ kubeconform -summary myapp/deployment.yaml
Summary: 5 resources found in 1 file - Valid: 5, Invalid: 0, Errors: 0, Skipped: 0
</code></pre>
<a href="/docs/installation/" id="get">
Get Started!
</a>
<div id="kc-pros">
<div>
<h2>Easy-to-use</h2>
<p>Single binary, super-easy installation for Windows, Mac & Linux. It takes seconds to get started.</p>
</div>
<div>
<h2>Lightning fast</h2>
<p>Kubeconform makes heavy use of Golang's concurrency capabilities, and will spread its workload across multiple cores.</pa>
</div>
<div>
<h2>Support for Kubernetes CRDs</h2>
<p>Validate ALL your Kubernetes resources with Kubeconform's CRD support</p>
</div>
<div>
<h2>Flexible</h2>
<p>With support for JSON, Junit, TAP output, and leveraging the easy-to-use Docker image, you can run Kubeconform in any CI system.</p>
</div>
</div>
{{ end }}

3
site/themes/kubeconform/layouts/partials/footer.html Normal file
View file

@ -0,0 +1,3 @@
<div id="footer">
Website powered by <a href="https://gohugo.io/">Hugo</a>
</div>

9
site/themes/kubeconform/layouts/partials/head.html Normal file
View file

@ -0,0 +1,9 @@
<head>
<meta charset="utf-8">
<meta name="author" content="Yann Hamon">
<link rel="stylesheet" type="text/css" href="/css/style.css">
{{- $title := print .Site.Title " | " .Title -}}
{{- if .IsHome }}{{ $title = .Site.Title }}{{ end -}}
<link rel="stylesheet" type="text/css" href="/css/prism.css">
<title>{{ $title }}</title>
</head>

9
site/themes/kubeconform/layouts/partials/header.html Normal file
View file

@ -0,0 +1,9 @@
<div id="header">
<ul id="navigation">
<li><a href="/about">About</a></li>
<li><a href="/docs/installation/">Docs</a></li>
<li><a href="/">Home</a></li>
</ul>
<h1>Kubeconform</h1>
<h2>A fast Kubernetes manifests validator</h2>
</div>

5
site/themes/kubeconform/layouts/partials/menu.html Normal file
View file

@ -0,0 +1,5 @@
<ul id="menu">
{{ range (where .Site.RegularPages.ByTitle "Section" "docs" ).ByWeight }}
<li><a href="{{.Permalink}}">{{.Title}}</a></li>
{{ end }}
</ul>

2
site/themes/kubeconform/layouts/shortcodes/prism.html Normal file
View file

@ -0,0 +1,2 @@
<!-- Bash code -->
<pre><code class="language-bash">{{.Inner}}</code></pre>

2
site/themes/kubeconform/layouts/shortcodes/rawhtml.html Normal file
View file

@ -0,0 +1,2 @@
<!-- raw html -->
{{.Inner}}

122
site/themes/kubeconform/static/css/prism.css Normal file
View file

@ -0,0 +1,122 @@
/**
* okaidia theme for JavaScript, CSS and HTML
* Loosely based on Monokai textmate theme by http://www.monokai.nl/
* @author ocodia
*/
code[class*="language-"],
pre[class*="language-"] {
color: #f8f8f2;
background: none;
text-shadow: 0 1px rgba(0, 0, 0, 0.3);
font-family: Consolas, Monaco, 'Andale Mono', 'Ubuntu Mono', monospace;
text-align: left;
white-space: pre;
word-spacing: normal;
word-break: normal;
word-wrap: normal;
line-height: 1.5;
-moz-tab-size: 4;
-o-tab-size: 4;
tab-size: 4;
-webkit-hyphens: none;
-moz-hyphens: none;
-ms-hyphens: none;
hyphens: none;
}
/* Code blocks */
pre[class*="language-"] {
padding: 1em;
margin: .5em 0;
overflow: auto;
border-radius: 0.3em;
}
:not(pre) > code[class*="language-"],
pre[class*="language-"] {
background: #272822;
}
/* Inline code */
:not(pre) > code[class*="language-"] {
padding: .1em;
border-radius: .3em;
white-space: normal;
}
.token.comment,
.token.prolog,
.token.doctype,
.token.cdata {
color: slategray;
}
.token.punctuation {
color: #f8f8f2;
}
.namespace {
opacity: .7;
}
.token.property,
.token.tag,
.token.constant,
.token.symbol,
.token.deleted {
color: #f92672;
}
.token.boolean,
.token.number {
color: #ae81ff;
}
.token.selector,
.token.attr-name,
.token.string,
.token.char,
.token.builtin,
.token.inserted {
color: #a6e22e;
}
.token.operator,
.token.entity,
.token.url,
.language-css .token.string,
.style .token.string,
.token.variable {
color: #f8f8f2;
}
.token.atrule,
.token.attr-value,
.token.function,
.token.class-name {
color: #e6db74;
}
.token.keyword {
color: #66d9ef;
}
.token.regex,
.token.important {
color: #fd971f;
}
.token.important,
.token.bold {
font-weight: bold;
}
.token.italic {
font-style: italic;
}
.token.entity {
cursor: help;
}

204
site/themes/kubeconform/static/css/style.css Normal file
View file

@ -0,0 +1,204 @@
/* Colors */
body { background-color: white; }
a { color: black }
hr { border-color: #ddd; }
#header, #footer { background-color: #002036; color: white }
@media (prefers-color-scheme: dark) {
}
/* Font sizes */
body { font-size: 1.2rem; line-height: 1.7rem; text-size-adjust: 100%; }
h1 { font-size: 2.3rem; line-height: 3.2rem; font-weight: 400 }
h2 { font-size: 1.8rem; line-height: 2.3rem; font-weight: 400 }
h3 { font-size: 1.5rem; line-height: 1.8rem; font-weight: 300 }
#header h1 { font-size: 3rem; line-height: 3.3rem; font-weight: 500; margin-top: 0.2em; margin-left: 30px }
#header h2 { font-size: 1.3rem; line-height: 1.5rem; font-weight: 300; font-style: italic; margin: 0 0 0.5em 30px}
/* We default all margins/paddings to 0 */
* { margin: 0; padding: 0 }
a { text-decoration: none }
#content-text a { text-decoration: underline }
#content-text a:hover { text-decoration: none }
p {
font-weight: 400;
margin-bottom: 16px;
}
h2 {
font-weight: 500;
margin: 3rem 0 0.8rem 0;
}
h3 {
font-weight: 500;
margin: 1.5rem 0 1.5rem 0;
}
pre {
margin: 1rem 0 1rem 0
}
#main-container {
padding: 0;
font-family: "Roboto", "Helvetica Neue", Helvetica, Arial, sans-serif;
font-feature-settings: "kern", "liga";
width: 100%;
background-color: white;
}
hr {
height: 1px;
margin: 3rem 0 3rem 0;
clear: both;
}
#header, #footer {
width: 100%;
clear: both;
}
#header {
padding: 0.5em 0 0.5em 0em;
}
#menu {
background-color: #ddd;
padding: 1em
}
#content {
display:flex;
}
#menu {
flex: 15;
min-width: 15%;
padding: 2em
}
#main {
flex: 85;
min-width: 0;
}
#main h1 {
padding-bottom: 1em;
}
pre {
overflow: scroll;
min-width: 0
}
#footer {
padding: 0.5em 0;
text-align: center;
color: white;
font-size: smaller;
}
#footer a {
font-style: italic;
color: white;
text-decoration: underline;
}
#navigation {
float: right;
padding-right: 2em;
}
#navigation li {
display: block;
width: 100px;
float: right;
padding-top: 0.2em;
text-align: center;
font-weight: bold;
font-size: smaller;
}
#navigation li a{
color: white
}
#navigation li a:hover{
text-decoration: underline;
}
#motto {
text-align: center;
font-style: italic;
font-size: 1.1em;
margin: 2em auto 2em auto;
}
#demo{
font-size: smaller;
margin: 2em auto 2em auto;
border-radius: 1em;
display: table;
overflow: scroll;
}
#kc-pros {
display: flex;
flex-flow: row wrap;
margin: 0 auto;
width: 60%;
}
#kc-pros > div {
flex-basis: 50%;
}
#kc-pros h2 {
font-size: 1.2em;
line-height: 1.2em;
padding: 0 5% 0.3em 5%;
}
#kc-pros p {
font-size: 0.9em;
padding: 0 5% 2em 5%;
}
#get {
display: table;
border: 1px solid black;
padding: 0.5em 2em;
border-radius: 0.8em;
clear: both;
margin: 3em auto 5em auto;
background-color: #0594cb;
color: white;
text-align: center;
}
#get:active {
background-color: #002036;
}
.navig {
display: flex;
flex-flow: row wrap;
margin: 0 auto;
}
.navig > a {
flex-basis: 50%;
text-align: center;
background-color: #eee;
padding: 0.4em 0;
font-size: smaller
}
#content-text {
padding: 2em;
}
#main ul {
margin: 1em 0 2em 3em;
}

4
site/themes/kubeconform/static/js/prism.js Normal file
View file

File diff suppressed because one or more lines are too long

21
site/themes/kubeconform/theme.toml Normal file
View file

@ -0,0 +1,21 @@
# theme.toml template for a Hugo theme
# See https://github.com/gohugoio/hugoThemes#themetoml for an example
name = "localhost"
license = "MIT"
licenselink = "https://github.com/yannh/kubeconform/themes/kubeconform/LICENSE"
description = "Hugo template for kubeconform"
homepage = "http://github.com/yannh/kubeconform/site/theme/kubeconform/"
tags = []
features = []
min_version = "0.0.1"
[author]
name = ""
homepage = ""
# If porting an existing theme
[original]
name = ""
homepage = ""
repo = ""