Server-side Validation of Kubernetes yaml

I’ve been looking for this myself and did not find a sufficient tooling. However, there are few workarounds:

  • Deploy all objects to a temporary ci-job-id namespace in dev/stage clusters. They should be the same as a prod, but will not impose the security risks you mentioned. This gives an additional benefit – you can check if everything got created, all pods are running. It helps to catch issues like insufficient resource requests, missing images, misconfigured Service selectors, etc. Also it let’s you add a smoke test on top.
  • Spin a small minikube with all the CRDs specifically for CI validations. This approach gives you less coverage, but it is much cheaper to maintain.

CLICK HERE to find out more related problems solutions.

Leave a Comment

Your email address will not be published.

Scroll to Top