actions/kubeconform
9
0
Fork 0
mirror of https://github.com/yannh/kubeconform.git synced 2026-02-12 14:39:21 +00:00
Code Issues Projects Releases 1 Packages Wiki Activity Actions
kubeconform/site/public/docs/crd-support/index.html
Yann Hamon d10c9bde67 Update website
2021-12-19 23:46:04 +01:00

106 lines
5.5 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html><head>
<meta charset="utf-8">
<meta name="author" content="Yann Hamon">
<link rel="stylesheet" type="text/css" href="/css/style.css"><link rel="stylesheet" type="text/css" href="/css/prism.css">
<title>Kubeconform - Fast Kubernetes manifests validation! | Custom Resources support</title>
</head>
<body>
<div id="main-container"><div id="header">
<ul id="navigation">
<li><a href="/about">About</a></li>
<li><a href="/docs/installation/">Docs</a></li>
<li><a href="/">Home</a></li>
</ul>
<h1>Kubeconform</h1>
<h2>A fast Kubernetes manifests validator</h2>
</div>
<div id="content"><ul id="menu">
<li><a href="http://kubeconform.mandragor.org/docs/overview/">Overview</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/installation/">Installation</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage/">Usage</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/crd-support/">Custom Resources support</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">OpenAPI to JSON Schema conversion</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/">Github Action</a></li>
<li><a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/">Kubeconform as a Go module</a></li>
</ul>
<div id="main">
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/usage/" id="prev">&lt; Usage</a>
<a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/" id="next">OpenAPI to JSON Schema conversion &gt;</a>
</div>
<div id="content-text">
<h1>Custom Resources support</h1>
<p>When the <code>-schema-location</code> parameter is not used, or set to &ldquo;default&rdquo;, kubeconform will default to downloading
schemas from <code>https://github.com/yannh/kubernetes-json-schema</code>. Kubeconform however supports passing one, or multiple,
schemas locations - HTTP(s) URLs, or local filesystem paths, in which case it will lookup for schema definitions
in each of them, in order, stopping as soon as a matching file is found.</p>
<ul>
<li>If the -schema-location value does not end with &lsquo;.json&rsquo;, Kubeconform will assume filenames / a file
structure identical to that of kubernetesjsonschema.dev or github.com/yannh/kubernetes-json-schema.</li>
<li>if the -schema-location value ends with &lsquo;.json&rsquo; - Kubeconform assumes the value is a Go templated
string that indicates how to search for JSON schemas.</li>
<li>the -schema-location value of &ldquo;default&rdquo; is an alias for <a href="https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/%7B%7B">https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{</a> .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}{{ .KindSuffix }}.json.
Both following command lines are equivalent:</li>
</ul>
<pre><code class="language-bash">$ ./bin/kubeconform fixtures/valid.yaml
$ ./bin/kubeconform -schema-location default fixtures/valid.yaml
$ ./bin/kubeconform -schema-location 'https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}{{ .KindSuffix }}.json' fixtures/valid.yaml
</code></pre>
<p>To support validating CRDs, we need to convert OpenAPI files to JSON schema, storing the JSON schemas
in a local folder - for example schemas. Then we specify this folder as an additional registry to lookup:</p>
<pre><code class="language-bash"># If the resource Kind is not found in kubernetesjsonschema.dev, also lookup in the schemas/ folder for a matching file
$ ./bin/kubeconform -schema-location default -schema-location 'schemas/{{ .ResourceKind }}{{ .KindSuffix }}.json' fixtures/custom-resource.yaml
</code></pre>
<p>You can validate Openshift manifests using a custom schema location. Set the OpenShift version to validate
against using -kubernetes-version.</p>
<pre><code class="language-bash">$ ./bin/kubeconform -kubernetes-version 3.8.0 -schema-location 'https://raw.githubusercontent.com/garethr/openshift-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}.json' -summary fixtures/valid.yaml
Summary: 1 resource found in 1 file - Valid: 1, Invalid: 0, Errors: 0 Skipped: 0
</code></pre>
<p>Here are the variables you can use in -schema-location:</p>
<ul>
<li><em>NormalizedKubernetesVersion</em> - Kubernetes Version, prefixed by v</li>
<li><em>StrictSuffix</em> - &ldquo;-strict&rdquo; or &quot;&quot; depending on whether validation is running in strict mode or not</li>
<li><em>ResourceKind</em> - Kind of the Kubernetes Resource</li>
<li><em>ResourceAPIVersion</em> - Version of API used for the resource - &ldquo;v1&rdquo; in &ldquo;apiVersion: monitoring.coreos.com/v1&rdquo;</li>
<li><em>KindSuffix</em> - suffix computed from apiVersion - for compatibility with Kubeval schema registries</li>
</ul>
</div>
<div class="navig">
<a href="http://kubeconform.mandragor.org/docs/usage/" id="prev">&lt; Usage</a>
<a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/" id="next">OpenAPI to JSON Schema conversion &gt;</a>
</div>
<script defer src="/js/prism.js"></script>
</div>
</div><div id="footer">
Website powered by <a href="https://gohugo.io/">Hugo</a>
</div>
</div>
<script defer src="/js/prism.js"></script>
</body>
</html>
Reference in a new issue View git blame Copy permalink