actions/kubeconform
9
0
Fork 0
mirror of https://github.com/yannh/kubeconform.git synced 2026-02-12 14:39:21 +00:00
Code Issues Projects Releases 1 Packages Wiki Activity Actions
kubeconform/docs/crd-support/index.html

18 lines
No EOL
5 KiB
HTML
Raw Blame History

<!doctype html><html><head><meta charset=utf-8><meta name=author content="Yann Hamon"><link rel=stylesheet type=text/css href=/css/style.css><link rel=stylesheet type=text/css href=/css/prism.css><title>Kubeconform - Fast Kubernetes manifests validation! | Custom Resources support</title></head><body><div id=main-container><div id=header><ul id=navigation><li><a href=/about>About</a></li><li><a href=/docs/installation/>Docs</a></li><li><a href=/>Home</a></li></ul><h1>Kubeconform</h1><h2>A fast Kubernetes manifests validator</h2></div><div id=content><ul id=menu><li><a href=http://kubeconform.mandragor.org/docs/installation/>Installation</a></li><li><a href=http://kubeconform.mandragor.org/docs/usage/>Usage</a></li><li><a href=http://kubeconform.mandragor.org/docs/crd-support/>Custom Resources support</a></li><li><a href=http://kubeconform.mandragor.org/docs/usage-as-github-action/>Github Action</a></li><li><a href=http://kubeconform.mandragor.org/docs/using-as-a-go-module/>Kubeconform as a Go module</a></li><li><a href=http://kubeconform.mandragor.org/docs/json-schema-conversion/>Conversion of CRD to JSON Schema</a></li></ul><div id=main><div class=navig><a href=http://kubeconform.mandragor.org/docs/usage-as-github-action/ id=prev>&lt; Github Action</a>
<a href=http://kubeconform.mandragor.org/docs/usage/ id=next>Usage ></a></div><div id=content-text><h1>Custom Resources support</h1><p>When the <code>-schema-location</code> parameter is not used, or set to &ldquo;default&rdquo;, kubeconform will default to downloading
schemas from <code>https://github.com/yannh/kubernetes-json-schema</code>. Kubeconform however supports passing one, or multiple,
schemas locations - HTTP(s) URLs, or local filesystem paths, in which case it will lookup for schema definitions
in each of them, in order, stopping as soon as a matching file is found.</p><ul><li>If the -schema-location value does not end with &lsquo;.json&rsquo;, Kubeconform will assume filenames / a file
structure identical to that of kubernetesjsonschema.dev or github.com/yannh/kubernetes-json-schema.</li><li>if the -schema-location value ends with &lsquo;.json&rsquo; - Kubeconform assumes the value is a Go templated
string that indicates how to search for JSON schemas.</li><li>the -schema-location value of &ldquo;default&rdquo; is an alias for <a href=https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/%7B%7B>https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{</a> .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}{{ .KindSuffix }}.json.
Both following command lines are equivalent:</li></ul><pre><code class=language-bash>$ ./bin/kubeconform fixtures/valid.yaml
$ ./bin/kubeconform -schema-location default fixtures/valid.yaml
$ ./bin/kubeconform -schema-location 'https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}{{ .KindSuffix }}.json' fixtures/valid.yaml
</code></pre><p>To support validating CRDs, we need to convert OpenAPI files to JSON schema, storing the JSON schemas
in a local folder - for example schemas. Then we specify this folder as an additional registry to lookup:</p><pre><code class=language-bash># If the resource Kind is not found in kubernetesjsonschema.dev, also lookup in the schemas/ folder for a matching file
$ ./bin/kubeconform -schema-location default -schema-location 'schemas/{{ .ResourceKind }}{{ .KindSuffix }}.json' fixtures/custom-resource.yaml
</code></pre><p>You can validate Openshift manifests using a custom schema location. Set the OpenShift version to validate
against using -kubernetes-version.</p><pre><code class=language-bash>$ ./bin/kubeconform -kubernetes-version 3.8.0 -schema-location 'https://raw.githubusercontent.com/garethr/openshift-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}.json' -summary fixtures/valid.yaml
Summary: 1 resource found in 1 file - Valid: 1, Invalid: 0, Errors: 0 Skipped: 0
</code></pre><p>Here are the variables you can use in -schema-location:</p><ul><li><em>NormalizedKubernetesVersion</em> - Kubernetes Version, prefixed by v</li><li><em>StrictSuffix</em> - &ldquo;-strict&rdquo; or "" depending on whether validation is running in strict mode or not</li><li><em>ResourceKind</em> - Kind of the Kubernetes Resource</li><li><em>ResourceAPIVersion</em> - Version of API used for the resource - &ldquo;v1&rdquo; in &ldquo;apiVersion: monitoring.coreos.com/v1&rdquo;</li><li><em>KindSuffix</em> - suffix computed from apiVersion - for compatibility with Kubeval schema registries</li></ul></div><div class=navig><a href=http://kubeconform.mandragor.org/docs/usage-as-github-action/ id=prev>&lt; Github Action</a>
<a href=http://kubeconform.mandragor.org/docs/usage/ id=next>Usage ></a></div><script defer src=/js/prism.js></script></div></div><div id=footer>Website powered by <a href=https://gohugo.io/>Hugo</a></div></div><script defer src=/js/prism.js></script></body></html>
Reference in a new issue View git blame Copy permalink