Invalid `successThrehold` value in `livenessProbe` not caught

[orrc]

I'm not sure whether this can be fixed, as context is likely not something easily captured in the underlying JSON schemas… but apparently the successThreshold value must be set to 1, if used within a livenessProbe (as opposed to a readinessProbe, for example): https://v1-11.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#probe-v1-core

This isn't currently caught by the latest versions of kubeval and the 1.11 schema:

$ cat unhappy_deployment.yml
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: foo
spec:
  template:
    metadata:
      labels:
        service: foo
    spec:
      containers:
        - name: foo
          image: 'whatever'
          livenessProbe:
            successThreshold: 2
            httpGet:
              path: /health
              port: 80

$ docker run --rm -t -w `pwd` -v `pwd`:`pwd`:ro garethr/kubeval:0.14.0 \
    --strict -v 1.11.9 unhappy_deployment.yml
PASS - unhappy_deployment.yml contains a valid Deployment

$ kubectl apply -f unhappy_deployment.yml
The Deployment "foo" is invalid: spec.template.spec.containers[0].livenessProbe.successThreshold: Invalid value: 2: must be 1

[scovl]

@orrc This deployment file contains an error in the container's livenessProbe specification. The value for the successThreshold field should be 1, but it is set to 2. The health probe will restart the container if the return from the "/health" route on port 80 is not successful in 1 attempt:

livenessProbe:
  successThreshold: 1
  httpGet:
    path: /health
    port: 80

It's not a tool bug. I hope it helped you! @garethr You can close

[orrc]

This deployment file contains an error in the container's livenessProbe specification

Yes, that's the point of this issue: the example shows a Deployment with an error (due to the successThreshold value), but kubeval was not able to detect it.

So it is a bug in the tool — not that it matters, since it's no longer maintained.