ksail icon indicating copy to clipboard operation
ksail copied to clipboard
verified publisher icon devantler

Shift-left with `ksail validate`

Open devantler opened this issue 1 year ago • 0 comments

Description

ksail lint and ksail validate --client-side should do inspections of the YAML files, to provide warnings and suggestions to secure and improve the stack.

ksail validate --server-side should do inspections on the Kube API, and collect reports from operators.

ksail validate should do both client-side inspections of the YAML files, and server-side inspections on the Kube API.

Tools to consider for client side validation and linting:

  • YamlSyntax
  • Schemas
  • Polaris

Tools to consider for server side validation:

  • Polaris (opt-in as it requires an operator)

The setup should be extensible, and in the future it should allow more advanced opt-in use cases with e.g:

  • Trivy
  • Kyverno
  • Kubescape
  • K8sGPT

devantler avatar Oct 10 '24 07:10 devantler