search

yannh / kubeconform

A FAST Kubernetes manifests validator, with support for Custom Resources!
Apache License 2.0
2.27k stars 123 forks source link

Feature request: Support skipping kind/name #255

Open Sonlis opened 10 months ago

Sonlis commented 10 months ago

In our workflow, we first build the kustomization and then validates the built file. This is useful when working with Kustomize patches that modify the end resource. That means however that all resources end up in the same yaml file.

With the current skip skip options, there is only the possibility to skip either a file, a version/kind or a kind. The file cannot be skipped as it is the result of a kustomize build, and the kind cannot be skipped as it would skip all other resources of the same kind in the file.

For example, let's say we want to skip an nginx deployment within the file. It would be helpful to be able to skip v1/Deployment/nginx.

Sonlis commented 10 months ago

After some thoughts, this may not be useful at all as kustomize should catch those errors when building. I'll let this open in case someone comes up with a situation where this would be useful; otherwise feel free to close it.

TimP4w commented 4 months ago

I have a use-case:

With FluxCD it is possible to define patches for specific targets (specified by group, version, kind, label, etc...).

For example, I can patch some default / constant properties that I want certain resource to re-use by default. Assuming I want to get this for all my apps:

apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: my-app
  namespace: flux-system
spec:
  path: <...>
  interval: 60m
  timeout: 5m
  retryInterval: 3m
  force: true
  prune: true
  wait: true
  sourceRef:
    kind: GitRepository
    name: flux-system

I can write a patch like this

apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: apps
  namespace: flux-system
spec:
  ...
  patches:
    - target:
        group: kustomize.toolkit.fluxcd.io
        version: v1
        kind: Kustomization
      patch: |-
        apiVersion: kustomize.toolkit.fluxcd.io/v1
        kind: Kustomization
        metadata:
          name: an-app
        spec:
          interval: 60m
          timeout: 5m
          retryInterval: 3m
          force: true
          prune: true
          wait: true
          sourceRef:
            kind: GitRepository
            name: flux-system

And then I just define 

apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: my-app
  namespace: flux-system
spec:
  path: <...>

The issue is that then Kubeconform will complain about missing required properties:

Kustomization my-app is invalid: problem validating schema. Check JSON formatting: jsonschema: '/spec' does not validate with https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json#/properties/spec/required: missing properties: 'interval', 'prune', 'sourceRef'

And there isn't (to my knowledge yet) a way to run this patch manually.

Setting Kustomizationas a Kind to skip is definitely too much, since it includes all of them. Would be nice to be able to define an annotation instead to make these cases skippable.