Use Kubeconform to Validate Manifests Locally
kubeconform is a tool that allows us to validate Kubernetes manifests.
Retrieve open API specification from Kubernetes
Use this command to retrieve the open API specifications from Kubernetes.
k get --raw '/openapi/v2' > /tmp/specs.jsonGenerate JSON schema file
Use openapi2jsonschema to generate the JSON schemas.
$ python openapi2jsonschema/command.py -o /tmp/json-schemas/v1.20.11-standalone-strict \
--kubernetes --stand-alone \
--expanded --strict \
/tmp/specs.json
Downloading schema
Parsing schema
Generating shared definitions
Generating individual schemas
Processing alertmanager-monitoring-v1
Generating alertmanager-monitoring-v1.json
Processing alertmanagerlist-monitoring-v1
Generating alertmanagerlist-monitoring-v1.json
Processing prometheus-monitoring-v1
Generating prometheus-monitoring-v1.json
Processing prometheuslist-monitoring-v1
....
Processing networksetlist-crd-v1
Generating networksetlist-crd-v1.json
Generating schema for all typesThe command will report some errors like the one below which is fine since the tool does not support `customresourcedefinition`.
An error occured processing customresourcedefinition: customresourcedefinition not currently supported
An error occured processing customresourcedefinitionlist: customresourcedefinitionlist not currently supportedThe generated files will be stored in the `/tmp/json-schemas/v1.20.11-standalone-strict` folder.
You also could remove `all.json` in that folder if you want to save disk space.
$ rm /tmp/json-schemas/v1.20.11-standalone-strict/all.jsonUse kubeconform command
$ kustomize build | kubeconform \
--kubernetes-version 1.20.11 \
-schema-location /tmp/json-schemas/ \
--strict \
-skip CustomResourceDefinition