CRDs-catalog icon indicating copy to clipboard operation
CRDs-catalog copied to clipboard
verified publisher icon datreeio

Fix ACK schemas

Open gecube opened this issue 10 months ago • 1 comments

Good day!

I am trying to use datree for ACK controllers https://aws-controllers-k8s.github.io/community/docs/community/overview/

Unfortunately, I found that schema validation is not passing:

$ /kubeconform -ignore-filename-pattern 'kustomization.yaml' -schema-location default -schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json' -summary -output json components/
{
  "resources": [
    {
      "filename": "components/infra-management/production/eks/cluster.yaml",
      "kind": "Cluster",
      "name": "production-new",
      "version": "eks.services.k8s.aws/v1alpha1",
      "status": "statusInvalid",
      "msg": "problem validating schema. Check JSON formatting: jsonschema: '/spec' does not validate with https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/eks.services.k8s.aws/cluster_v1alpha1.json#/properties/spec/additionalProperties: additionalProperties 'upgradePolicy', 'accessConfig' not allowed",
      "validationErrors": [
        {
          "path": "/spec",
          "msg": "additionalProperties 'upgradePolicy', 'accessConfig' not allowed"
        }
      ]
    }
  ],
  "summary": {
    "valid": 295,
    "invalid": 1,
    "errors": 0,
    "skipped": 0
  }
}

Cleaning up project directory and file based variables

the source manifest is:

apiVersion: eks.services.k8s.aws/v1alpha1
kind: Cluster
metadata:
  name: production-new
  namespace: infra-production
spec:
  accessConfig:
    authenticationMode: API_AND_CONFIG_MAP
    bootstrapClusterCreatorAdminPermissions: true
  upgradePolicy:
    supportType: 'STANDARD'
  kubernetesNetworkConfig:
    ipFamily: ipv4
    serviceIPv4CIDR: 172.20.0.0/16
  name: production-new
  roleARN: arn:aws:iam::999999999999:role/eks-production-role
  logging:
    clusterLogging:
      - enabled: true
        types:
          - api
          - audit
          - authenticator
          - controllerManager
          - scheduler
  resourcesVPCConfig:
    endpointPrivateAccess: true
    endpointPublicAccess: false
    publicAccessCIDRs:
    - "0.0.0.0/0"
    subnetIDs:
      - subnet-0eeac56411254cbc6
      - subnet-0f06902b47c880118
      - subnet-0c72af713be937dcc
  tags:
    Name: production-new

According to https://aws-controllers-k8s.github.io/community/reference/eks/v1alpha1/cluster/ these fields are proper ones.

gecube avatar May 02 '25 06:05 gecube

I believe should be resolved via #550

gecube avatar May 02 '25 08:05 gecube