search

instrumenta / kubeval

Validate your Kubernetes configuration files, supports multiple Kubernetes versions
https://kubeval.com
Other
3.16k stars 229 forks source link

Secret is validated as ok even when it's not base64 #115

Open fpytloun opened 5 years ago

fpytloun commented 5 years ago

Given this invalid secret definition:

apiVersion: v1
kind: Secret
metadata:
  name: mylittlesecret
type: Opaque
data:
  somesecret: dummy

kubectl would fail as data needs to be base64 encrypted while kubeval exits with no error.

garethr commented 5 years ago

Thanks for flagging, I'll take a closer look but I'm guessing this rule isn't encoded in the upstream OpenAPI schemas. I'll confirm and open an upstream issue, and if possible add something to the schema conversion to account for.