actions/kubeconform
9
0
Fork 0
mirror of https://github.com/yannh/kubeconform.git synced 2026-02-11 22:19:25 +00:00
Code Issues Projects Releases 1 Packages Wiki Activity Actions
kubeconform/site/public/docs/crd-support/index.html
Yann Hamon 607c90a0a9 Minor css updates
2021-12-20 00:43:36 +01:00

81 lines
No EOL
5.2 KiB
HTML
Raw Blame History

<!doctype html><html><head>
<meta charset=utf-8>
<meta name=author content="Yann Hamon">
<link rel=stylesheet type=text/css href=/css/style.css><link rel=stylesheet type=text/css href=/css/prism.css>
<title>Kubeconform - Fast Kubernetes manifests validation! | Custom Resources support</title>
</head>
<body>
<div id=main-container><div id=header>
<ul id=navigation>
<li><a href=/about>About</a></li>
<li><a href=https://github.com/yannh/kubeconform/>Github</a></li>
<li><a href=/docs/installation/>Docs</a></li>
<li><a href=/>Home</a></li>
</ul>
<h1>Kubeconform</h1>
<h2>A fast Kubernetes manifests validator</h2>
</div>
<div id=content><ul id=menu>
<li><a href=http://kubeconform.mandragor.org/docs/overview/>Overview</a></li>
<li><a href=http://kubeconform.mandragor.org/docs/installation/>Installation</a></li>
<li><a href=http://kubeconform.mandragor.org/docs/usage/>Usage</a></li>
<li><a href=http://kubeconform.mandragor.org/docs/crd-support/>Custom Resources support</a></li>
<li><a href=http://kubeconform.mandragor.org/docs/json-schema-conversion/>OpenAPI to JSON Schema conversion</a></li>
<li><a href=http://kubeconform.mandragor.org/docs/usage-as-github-action/>Github Action</a></li>
<li><a href=http://kubeconform.mandragor.org/docs/using-as-a-go-module/>Kubeconform as a Go module</a></li>
</ul>
<div id=main>
<div class=navig>
<a href=http://kubeconform.mandragor.org/docs/usage/ id=prev>&lt; Usage</a>
<a href=http://kubeconform.mandragor.org/docs/json-schema-conversion/ id=next>OpenAPI to JSON Schema conversion ></a>
</div>
<div id=content-text>
<h1>Custom Resources support</h1>
<p>When the <code>-schema-location</code> parameter is not used, or set to &ldquo;default&rdquo;, kubeconform will default to downloading
schemas from <code>https://github.com/yannh/kubernetes-json-schema</code>. Kubeconform however supports passing one, or multiple,
schemas locations - HTTP(s) URLs, or local filesystem paths, in which case it will lookup for schema definitions
in each of them, in order, stopping as soon as a matching file is found.</p>
<ul>
<li>If the -schema-location value does not end with &lsquo;.json&rsquo;, Kubeconform will assume filenames / a file
structure identical to that of kubernetesjsonschema.dev or github.com/yannh/kubernetes-json-schema.</li>
<li>if the -schema-location value ends with &lsquo;.json&rsquo; - Kubeconform assumes the value is a Go templated
string that indicates how to search for JSON schemas.</li>
<li>the -schema-location value of &ldquo;default&rdquo; is an alias for <a href=https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/%7B%7B>https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{</a> .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}{{ .KindSuffix }}.json.
Both following command lines are equivalent:</li>
</ul>
<pre><code class=language-bash>$ ./bin/kubeconform fixtures/valid.yaml
$ ./bin/kubeconform -schema-location default fixtures/valid.yaml
$ ./bin/kubeconform -schema-location 'https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}{{ .KindSuffix }}.json' fixtures/valid.yaml
</code></pre>
<p>To support validating CRDs, we need to convert OpenAPI files to JSON schema, storing the JSON schemas
in a local folder - for example schemas. Then we specify this folder as an additional registry to lookup:</p>
<pre><code class=language-bash># If the resource Kind is not found in kubernetesjsonschema.dev, also lookup in the schemas/ folder for a matching file
$ ./bin/kubeconform -schema-location default -schema-location 'schemas/{{ .ResourceKind }}{{ .KindSuffix }}.json' fixtures/custom-resource.yaml
</code></pre>
<p>You can validate Openshift manifests using a custom schema location. Set the OpenShift version to validate
against using -kubernetes-version.</p>
<pre><code class=language-bash>$ ./bin/kubeconform -kubernetes-version 3.8.0 -schema-location 'https://raw.githubusercontent.com/garethr/openshift-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}.json' -summary fixtures/valid.yaml
Summary: 1 resource found in 1 file - Valid: 1, Invalid: 0, Errors: 0 Skipped: 0
</code></pre>
<p>Here are the variables you can use in -schema-location:</p>
<ul>
<li><em>NormalizedKubernetesVersion</em> - Kubernetes Version, prefixed by v</li>
<li><em>StrictSuffix</em> - &ldquo;-strict&rdquo; or "" depending on whether validation is running in strict mode or not</li>
<li><em>ResourceKind</em> - Kind of the Kubernetes Resource</li>
<li><em>ResourceAPIVersion</em> - Version of API used for the resource - &ldquo;v1&rdquo; in &ldquo;apiVersion: monitoring.coreos.com/v1&rdquo;</li>
<li><em>KindSuffix</em> - suffix computed from apiVersion - for compatibility with Kubeval schema registries</li>
</ul>
</div>
<div class=navig>
<a href=http://kubeconform.mandragor.org/docs/usage/ id=prev>&lt; Usage</a>
<a href=http://kubeconform.mandragor.org/docs/json-schema-conversion/ id=next>OpenAPI to JSON Schema conversion ></a>
</div>
<script defer src=/js/prism.js></script>
</div>
</div><div id=footer>
Website powered by <a href=https://gohugo.io/>Hugo</a>
</div>
</div>
<script defer src=/js/prism.js></script>
</body>
</html>
Reference in a new issue View git blame Copy permalink