Validations
Table of contents
Validation custom resource
Structure of validation resource
apiVersion: krv.sizek.cz/v1
kind: Validation
metadata:
name: <validation name>
spec:
name: "<resource name>"
namespace: "<resource namespace>"
resource: "<resource kind>"
validation:
- jsonPath: "<jsonPath>"
value: "<value>"
Detailed description:
metadata.name- Name of validation resourcespec.name- Name of validated resource (can be defined as regex)spec.namespace- Namespace of validated resourcespec.resource- Kind of validated resourcespec.validations- Array of validationsspec.validations.jsonPath- jsonPath of validated attributespec.validations.value- value of validated attribute
You can use jq tool for finding of corect jsonPath in validated resource.
kubectl get pod -n kube-system etcd-kind-control-plane -ojson | jq '.spec.restartPolicy'
Validation outputs
kubectl
Validations are presented via kubectl command-line tool as list of objects
NAME RESOURCE-NAMESPACE RESOURCE STATE AGE
etcd-pullpolicy kube-system Pod OK 5m24s
Validations are checked in configured interval (default 5 minutes).
States of validations
- OK - attribute(s) with specified value found
- NOK - attribute(s) with specified value not found
- MISSING - resource not found
Examples
Existing resource
apiVersion: krv.sizek.cz/v1
kind: Validation
metadata:
name: etcd-pullpolicy
spec:
name: "etcd-kind-control-plane"
resource: "Pod"
namespace: "kube-system"
validation: []
Resource with attribute
apiVersion: krv.sizek.cz/v1
kind: Validation
metadata:
name: etcd-pullpolicy
spec:
name: "etcd-kind-control-plane"
resource: "Pod"
namespace: "kube-system"
validation:
- jsonPath: "spec.restartPolicy"
value: "Always"
Resource with multiple attributes
apiVersion: krv.sizek.cz/v1
kind: Validation
metadata:
name: etcd-pullpolicy
spec:
name: "etcd-kind-control-plane"
resource: "Pod"
namespace: "kube-system"
validation:
- jsonPath: "spec.restartPolicy"
value: "Always"
- jsonPath: "spec.hostNetwork"
value: "true"