Open EsDmitrii opened 11 months ago
Making sure I understand this issue correctly:
--output json
which may be helpful for this use caseHi!
On Fri, 17 Nov 2023 at 01:24, Alex Zielenski @.***> wrote:
Making sure I understand this issue correctly:
- Seems like you have some fields which are post-processed by ArgoCD, you want to skip validation of these fields. Would it render the files locally?
- The tool does have an option --output json https://github.com/kubernetes-sigs/kubectl-validate#json-output which may be helpful for this use case
— Reply to this email directly, view it on GitHub https://github.com/kubernetes-sigs/kubectl-validate/issues/80#issuecomment-1815410772, or unsubscribe https://github.com/notifications/unsubscribe-auth/A5Y24KLVWFEMMCCSHZFLGBTYE2HBLAVCNFSM6AAAAAA7IZ4GKKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMJVGQYTANZXGI . You are receiving this because you authored the thread.Message ID: @.***>
Im hesitant to add support in the tool for this use case without seeing how others are using preprocessors. I'm changing the issue title to better reflect this use case of ignoring certain fields, so otheres can post their usage stories. For now I believe this can be worked around by post processing the errors to remove errors for such fields, (or preprocessing the input with dummy secrets)
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
/remove-lifecycle stale /lifecycle frozen
It should be possible to augment desired schemas to add opaque fields using --overlay-schemas
. Inject a subschema for the field you want to ignore using x-kubernetes-preserve-unknown-fields
Hi! I have started using this great tool and have encountered some problems that need to be solved:
I am using ArgoCD with some plugins, for example the Vault plugin. Argocd before deployment, when it templates manifests, it accesses the vault to get the secrets in the path described in the manifest. When the manifest is checked by the kubectl-validate tool, it triggers the error like this:
Because manifests are not yet rendered by ArgoCD and they contain paths to the Vault secret like in Helm scheme. Is there any way to skip checks with magic comment like in kics or any other ways:) I ask this because now I get a lot invalid errors in CI.
Is there any way to create reports for integrate with CI? For example SAST, xml, etc (I use GitlabCI). This is nice to have to track issues