Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kubeval fails for validation #18

Open
surajnarwade opened this issue Aug 2, 2017 · 8 comments
Open

Kubeval fails for validation #18

surajnarwade opened this issue Aug 2, 2017 · 8 comments
Labels
upstream

Comments

@surajnarwade
Copy link

here is sample service file,

apiVersion: v1
kind: Service
metadata:
  creationTimestamp: null
  labels:
    app: httpd
  name: INVALID-e_f
spec:
  ports:
  - port: 8080
    targetPort: 80
  selector:
    app: httpd
  type: INVALID
status:
  loadBalancer: {}

after running kubeval, it shows valid, but it's not

$ kubeval service.yml 
The document docker-compose.yml contains a valid Service
@surajnarwade surajnarwade mentioned this issue Aug 2, 2017
Closed
@garethr
Copy link
Collaborator

garethr commented Aug 2, 2017
edited

Unfortunately in both these cases the schema doesn't contain the information required to do validation of values, or rather it's included as text in the description field:

For the name: https://github.com/garethr/kubernetes-json-schema/blob/master/master-standalone/service.json#L179

and for type: https://github.com/garethr/kubernetes-json-schema/blob/master/master-standalone/service.json#L135

In the case of type this should include an enum:

 "enum": ["ExternalName", "ClusterIP", "NodePort", "LoadBalancer"]

Name should validate the DNS_RECORD with the regex from the source

"regex": "[a-z0-9]([-a-z0-9]*[a-z0-9])?"

This might be a limitation of OpenAPI 2.0, or of the go-openapi library. I'll open an issue to track upstream.

@devikaturi
Copy link

I am trying to use kubeval library in my project.
calling the validate function:
kubeval.Validate([]byte("v1.7.2"), "D:/Playground/nginx-deployment.yaml")

Throws the following error :

  • Missing a kind key

Whats could be the reason for the failure? am I calling the validate function in the right way?

the deployment file is valid:
apiVersion: apps/v1beta1 # for versions before 1.6.0 use extensions/v1beta1
kind: Deployment
metadata:
name: nginx-deployment
spec:
replicas: 3
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80

@garethr
Copy link
Collaborator

garethr commented Aug 10, 2017

Posted to SIG API Machinery to check my assumptions on this https://groups.google.com/forum/#!topic/kubernetes-sig-api-machinery/Q9tGqhV4ZNA

@surajnarwade
Copy link
Author

nice 👍

@garethr garethr mentioned this issue Aug 17, 2017
Closed
@garethr
Copy link
Collaborator

garethr commented Aug 17, 2017

kubernetes/kubernetes#24562 is the upstream issue for enums and kubernetes/kubernetes#8116 is the relevant issue for regexes. Ideally this will be fixed here and then autogenerating the schemas will do the right thing.

@surajnarwade
Copy link
Author

@garethr , if we add something like additionalkeys: false in jsonschema, it will also restricts any extra key, right ?

@garethr
Copy link
Collaborator

garethr commented Sep 11, 2017

@surajnarwade correct. See the code in #32 and the discussion in #24. I don't think this affects the issue above however.

@surajnarwade
Copy link
Author

@garethr yeah, thanks, this will not affect this issue though

@sco11morgan sco11morgan mentioned this issue Feb 12, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
upstream
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@garethr @devikaturi @surajnarwade