New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kind CustomResourceDefinition
is not validated against schema
#100
Comments
I seem to be hitting this exact same issue. Running the latest |
This works with me using the latest
But you're right for Kubernetes 1.20.0 there is no |
@vDMG I don't think this is the issue because |
Hmm I am seeing this even without specifying a version, for example: # kubeconform -v
v0.4.13
# wget https://github.com/fluxcd/source-controller/releases/download/v0.22.5/source-controller.crds.yaml
# kubeconform source-controller.crds.yaml
source-controller.crds.yaml - CustomResourceDefinition helmrepositories.source.toolkit.fluxcd.io failed validation: could not find schema for CustomResourceDefinition
source-controller.crds.yaml - CustomResourceDefinition buckets.source.toolkit.fluxcd.io failed validation: could not find schema for CustomResourceDefinition
source-controller.crds.yaml - CustomResourceDefinition gitrepositories.source.toolkit.fluxcd.io failed validation: could not find schema for CustomResourceDefinition
source-controller.crds.yaml - CustomResourceDefinition helmcharts.source.toolkit.fluxcd.io failed validation: could not find schema for CustomResourceDefinition When I try it with the schema specified from master like @vDMG it works: # kubeconform -schema-location default -schema-location "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/master/customresourcedefinition.json" source-controller.crds.yaml
source-controller.crds.yaml - CustomResourceDefinition gitrepositories.source.toolkit.fluxcd.io is invalid: For field metadata.creationTimestamp: Invalid type. Expected: string, given: null
source-controller.crds.yaml - CustomResourceDefinition buckets.source.toolkit.fluxcd.io is invalid: For field metadata.creationTimestamp: Invalid type. Expected: string, given: null
source-controller.crds.yaml - CustomResourceDefinition helmrepositories.source.toolkit.fluxcd.io is invalid: For field metadata.creationTimestamp: Invalid type. Expected: string, given: null
source-controller.crds.yaml - CustomResourceDefinition helmcharts.source.toolkit.fluxcd.io is invalid: For field metadata.creationTimestamp: Invalid type. Expected: string, given: null |
@wilmardo the version is not related. |
Hi @yannh, I'm currently working on this issue, could you please assign me? I found the reason it's missing - it's because versions with the "-standalone" suffix are missing the definition for Also, I notice that kubeconform always reaches out to the "-standalone" version. |
@royhadad here is the explanation about the diff between I found this bug from digging around and based on your comment, I guess my bug is the same problem... |
@royhadad frankly it's a great question ;) The kubernetes-json-schema repo - I mostly automated what was upstream and kept the same repository format. Maybe we could keep only the standalone folders? The repo is growing pretty fast. Maybe originally that repo was not meant just for kubeval... |
@yannh Assuming that only the "-standalone" and "-standalone-strict" files are used, removing the other types is definitely a possibility. In any case, why is it then that the standalone files are missing customResourceDefinition? Is it a bug in the automated process? How would you go about fixing this issue? |
@royhadad not sure what the benefit would be vs adding the CustomResourceDefinition to the standalone folders. Yes, I am assuming it is a bug in the automated process. I guess I would try to see why https://github.com/yannh/kubernetes-json-schema/blob/a718ad35ec16742bb17e124de1ea40f8b2510ff1/build.sh#L30 doesnt generate the appropriate file :) |
@yannh Basically, openapi2jsonschema (which is used by the So the fix should be, if possible, to add support for those kinds in openapi2jsonschema. |
Update: A workaround for now is to use the
We'll implement this fix on our end for datree, implementing a similar fallback natively in this repo might cause some unexpected behavior, up to you @yannh @eyarz Hope this answers your question! :) |
Hi all, #!/usr/bin/env bash
# Cleaning the Repos
rm -rf input
rm -rf schemas
# Create Input Folder for CRDs
mkdir input
# Download CRDs
while read -r crd
do
echo "Creating CRD: $crd"
ResourceKind=${crd%%.*}
echo "exporting item '${ResourceKind}'"
kubectl get crds ${crd} -o yaml > "./input/${ResourceKind}.yaml" 2>&1
done < <(kubectl get crds 2>&1 | tail -n +2)
# Creating the Appropriate Schemas for CRDs
wget https://raw.githubusercontent.com/yannh/kubeconform/master/scripts/openapi2jsonschema.py
mkdir schemas
cd schemas
python3 ../openapi2jsonschema.py ../input/*.yaml
rm ../openapi2jsonschema.py
kubeconform -summary -output json -ignore-missing-schemas -schema-location default -schema-location './schemas/{{ .ResourceKind }}_{{ .ResourceAPIVersion }}.json' ../input/prometheuses.yaml
OUTPUTThe problem I get is whenever I precise the exact schema location path for the CRD (e.g. : However, when I try to put it dynamically I got a skip. An other problem, is when I have multiple versions for one CRD, I got the same issue when parsing ResourceAPIVersion I tried to look out how parsing is done in code and got nothing. So please If somebody can help here |
I can't see how your problem relates to the original issue. This issue is about the kind customResourceDefinition, while it seems you are having trouble with the custom resource definitions themselves. |
Thanks @royhadad for your reply ! Indeed it has no relation with the original issue, sorry for that |
No @eyarz it's not an extra prefix, in fact this what I should have as a value for
|
@hbouaziz this is why I deleted my answer, and you already replied before I had a chance to fix it 😅 |
Hi @eyarz again, clusterissuer_v1beta1.json
clusterissuer_v1.json
kafkauser_v1alpha1.json
kafkauser_v1beta1.json
... Now the problem when I try to validate using the |
weird. I'm not able to reproduce :/ @hbouaziz, I think it will be better if you will open a new issue with all the relevant details so we will stop "spamming" this issue... |
I took this YAML example for creating a CRD from the official K8s doc:
When validating this YAML with kubeconform I'm getting the following error:
Although the schema exists on the
kubernetes-json-schema
repo:https://github.com/yannh/kubernetes-json-schema/blob/master/v1.18.0/customresourcedefinition-apiextensions-v1.json
Copying the schema from the repo and passing it with the
-schema-location
flag works fine, so I guess the issue is when trying to parse the kind type...The text was updated successfully, but these errors were encountered: