search

yannh / kubeconform

A FAST Kubernetes manifests validator, with support for Custom Resources!
Apache License 2.0
2.15k stars 121 forks source link

Unable to use the CRD example schema #211

Closed Wazbat closed 1 year ago

Wazbat commented 1 year ago

I'm trying to validate my kubernetes templates using kubeconform in a github actions workflow, however I get an error in my CI

Here is the step in my build process

- uses: docker://ghcr.io/yannh/kubeconform:master
  with:
    entrypoint: '/kubeconform'
    args: >
      -summary -output text
      -schema-location default
      -schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{ .Group }}/{{ .ResourceKind }}_{{ .ResourceAPIVersion }}.json'
      manifest-${{ matrix.name }}.yaml"

I have copied the url from the README, however I get the following error: failed initialising schema location registry: template: tpl:1:64: executing "tpl" at <.Group>: can't evaluate field Group in type struct { NormalizedKubernetesVersion string; StrictSuffix string; ResourceKind string; ResourceAPIVersion string; KindSuffix string }

It appears that {{.Group}} is not valid as part of the template string? What should I be using there instead?

eyarz commented 1 year ago

try without the spaces before and after each variable. 

-schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json'

it's a weird bug in GH workflow

Wazbat commented 1 year ago

Ah apologies, I modified that line to make it clearer for the issue. In my workflow it's a one liner, with no spaces in the template

args: "-summary -output text -schema-location default -schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json' manifest-${{ matrix.name }}.yaml"

eyarz commented 1 year ago

are you able to reproduce this issue when running kubeconform locally? the error that you're getting is related to an older version of kubeconform but it looks like you're using the latest version 🤷

Wazbat commented 1 year ago

I was really struggling to figure out the syntax locally, however I want to add that after pinning the version in the yaml to the latest release v0.6.2, it seems to work fine

Perhaps master is not the correct tag? I checked with docker inpsect and it seems to be from 2021? Wouldn't the newest one be latest?

yannh commented 1 year ago

Ohhh very nice catch on the incorrect tag, apologies ❤️

yannh commented 1 year ago

Closing, the Readme has been updated :bow: thanks for the report :heart:

CyDickey-msr commented 6 months ago

I ran into a similar issue and the fix for me was dropping the '' around the schema links:

- name: Scan files with kube-conform
  if: inputs.kube_conform_checks == 'true'
  id: kube_conform_scan
  uses: docker://ghcr.io/yannh/kubeconform:v0.6.4
  with:
    entrypoint: '/kubeconform'
    args: >
      -summary 
      -strict
      -kubernetes-version ${{ inputs.kubernetes_version }}
      -schema-location default
      -schema-location https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json
      -schema-location https://json.schemastore.org/kustomization.json
      -output ${{ inputs.kube_conform_format }}
      ${{ inputs.directory }}