Validating cluster component configuration manifests

yannh / kubeconform

A FAST Kubernetes manifests validator, with support for Custom Resources!

Apache License 2.0

2.15k stars 121 forks source link

Validating cluster component configuration manifests #187

Closed bmuschko closed 1 year ago

bmuschko commented 1 year ago

I am wondering if there's a way to validate the following manifests for an audit policy and API server configuration. At this time, kubeconform does not find a schema for them.

apiVersion: audit.k8s.io/v1
kind: Policy

apiVersion: apiserver.config.k8s.io/v1
kind: EncryptionConfiguration

apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration

Any guidance would be appreciated.

yannh commented 1 year ago

Hi @bmuschko , Kubeconform currently only supports objects described in Kubernetes' swagger file: https://github.com/kubernetes/kubernetes/blob/master/api/openapi-spec/swagger.json

The following project contains a number of Custom Resources and might be useful: https://github.com/datreeio/CRDs-catalog

For resources not present there either, you might need to follow this documentation: https://github.com/yannh/kubeconform#customresourcedefinition-crd-support

Best, Yann