Skip to content

joaquinrz/helm-validate-devcontainer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
.devcontainer
.devcontainer
 
 
.github
.github
 
 
samples
samples
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Helm Validate - Devcontainer

This repository contains a development container (devcontainer) to streamline the process of validating and testing Helm charts. The devcontainer is pre-configured with essential tools, such as kube-linter for linting Kubernetes resources and helm unittest for running Helm chart unit tests, and kubeconform for validating Kubernetes resources.

Table of Contents

Prerequisites

To use this devcontainer, you'll need the following tools installed on your local machine. Alternatively, you can use it as a Codespace, as mentioned in the section below:

Getting Started

  1. Clone this repository:
git clone https://github.com/joaquinrz/helm-validate-devcontainer.git
cd helm-chart-validation-devcontainer

  1. Open the repository in Visual Studio Code.

  2. Press F1 and type Dev Containers: Reopen in Container, then press Enter. This will build the Docker container and open the repository inside the container.

  3. Wait for the container to build and start. Once it's ready, you'll be able to use the pre-configured tools for validating and testing Helm charts.

Using the Devcontainer

Linting with Kube Linter

Kube Linter is a static analysis tool that helps ensure your Kubernetes resources follow best practices. By analyzing your Kubernetes manifests, Kube Linter provides suggestions and warnings to help you maintain a secure, efficient, and stable cluster.

To lint your Kubernetes resources using kube-linter, run the following command:

kube-linter lint <path-to-your-helm-chart>

kube-linter will analyze your resources and provide suggestions and warnings based on best practices. This can include detecting potential security risks, identifying deprecated API versions, and suggesting resource limits and requests.

In the samples directory, you will find a Helm chart to validate and a custom configuration for kube-linter. You can run this by executing the following command:

kube-linter lint samples/chart/ngsa --config samples/kube-lint/config.yaml

This command will lint the ngsa Helm chart in the samples/chart directory using the custom configuration file located at samples/kube-lint/config.yaml.

Kube Linter supports advanced configurations, allowing you to customize its behavior to better suit your specific needs. You can configure the tool to ignore certain checks, modify the severity of specific issues, or add custom checks. To learn more about configuring Kube Linter, refer to the documentation.

Running Helm Unit Tests

To run unit tests for your Helm charts using the helm unittest plugin, execute the following command:

helm unittest samples/chart/ngsa/

This command will run all the unit tests defined in the _test.yaml files within your Helm chart's tests directory. For more information how how to write unit tests, please refer to the helm-unittest repo

Validating with Kubeconform

Kubeconform is a tool that validates Kubernetes resources against the Kubernetes OpenAPI specification. It helps ensure your resources are compliant with the Kubernetes API, providing warnings and errors for non-compliant configurations.

To validate your Kubernetes resources using kubeconform, run the following command:

kubeconform -strict <path-to-your-kubernetes-manifests>

Kubeconform is primarily designed to validate raw Kubernetes YAML or JSON files against the Kubernetes OpenAPI specification. However, Helm charts aren't raw Kubernetes resources; they're templates that generate Kubernetes resources.

If you want to validate a Helm chart with Kubeconform, you would first need to render your Helm chart to raw Kubernetes resources. You can do this using the helm template command, which will output the Kubernetes resources as YAML to the console. This output can then be validated using Kubeconform.

You can achieve this with the following command:

helm template samples/chart/ngsa| kubeconform -strict -

It's important to note that you may encounter an error with the previous command regarding a missing schema for ServiceMonitor. This occurs because Custom Resource Definitions (CRDs) are not native Kubernetes objects and, therefore, are not included in the default schema. If your CRDs are present in Datree's CRDs-catalog, you can specify this project as an additional registry for schema lookup.

# Look in the CRDs-catalog for the desired schema/s
helm template samples/chart/ngsa | \
kubeconform \
  -strict \
  -schema-location default \
  -schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json' \
  -

Customizing the Devcontainer

To customize the devcontainer, modify the .devcontainer/Dockerfile and .devcontainer/devcontainer.json files as needed. For example, you can add new tools or change the base image.

After making changes, rebuild the container by pressing F1, typing Remote-Containers: Rebuild Container, and pressing Enter.

Using GitHub Codespaces

This devcontainer is also available as a GitHub Codespace. To use it in a Codespace, simply open the repository in a new Codespace, and GitHub will automatically build and launch the container with all the pre-configured tools for validating and testing Helm charts. For more information on using GitHub Codespaces, please refer to the official documentation.

Contributing

Contributions to this repository are welcome! To contribute, please open a pull request with a description of your changes.

License

This project is licensed under the MIT License.

About

A DevContainer for validating Helm Charts

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages