Skip to content

datreeio/CRDs-catalog

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

CRDs Catalog

This repository aggregates over 100 popular Kubernetes CRDs (CustomResourceDefinition) in JSON schema format. These schemas can be used by various tools such as Datree, Kubeconform and Kubeval, as an alternative to kubectl --dry-run, to perform validation on custom (and native) Kuberentes resources.

Running Kubernetes schema validation checks helps apply the "shift-left approach" on machines without giving them access to your cluster (e.g. locally or on CI).

How to use the schemas in the catalog

Datree

datree test [MANIFEST]

Kubeconform

kubeconform -schema-location default -schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json' [MANIFEST]

kubeval

Only supported with the CRD Extractor

👉 If you encounter custom resources that are not part of the catalog, or you want to validate the schemas in an air-gapped environment, use the CRD Extractor.

CRD Extractor

This repository also contains a handy utility that extracts all CRDs from a cluster and converts them to JSON schema.

What does this utility do?

  1. Checks that the prerequisites are installed.
  2. Extracts your CRDs from your cluster using kubectl.
  3. Downloads a script from the kubeconform repo that converts your CRDs from openAPI to JSON schema.
  4. Runs the script, and saves the output to your machine under $HOME/.datree/crdSchemas/

Supported Platforms

This utility supports MacOS and Linux.

Prerequisites

The following programs are required to be installed on the machine running this utility:

Usage

To use the CRD Extractor:

  1. Download the latest release from this repository.
  2. Extract, and run the utility:
./crd-extractor.sh

image

Contributing CRDs to the catalog

If the catalog is missing public custom resources (CRs) that you would like to automatically validate using these tools, you can open an issue or use the CRD Extractor to add the schemas to this repository by creating a pull request.

Resources