GithubHelp home page GithubHelp logo

kubectl-datree's Introduction

kubectl-datree

Overview

This kubectl plugin extends the Datree CLI's capabilities to allow scanning resources within your cluster for misconfigurations.

Datree-kubectl


Use cases

  • Reveal unknown configuration issues
  • Get ready for future k8s version upgrade
  • Enforce standards and best practices

Supported Platforms

This plugin supports MacOS and Linux.


Installation

Via Krew

  1. Install krew
  2. Install the datree plugin:
kubectl krew install datree

Manual installation

  1. Download the installation script from this repository.
  2. Open a terminal at the location of the script.
  3. Run /bin/sh manual_install.sh (an administrator password will be required to complete the installation).

Usage

kubectl datree test [datree CLI args] -- [options]

Arguments:

datree CLI args:
  This plugin supports all of the Datree CLI arguments: https://hub.datree.io/cli-arguments

options:
  [-n <namespace>] Test all resources in the cluster belonging to the specified namespace
  [--all] Test all resources in the cluster
      When using '--all', you can specify namespaces to exclude using '--exclude <namespace> --exclude <namespace2>'
  [<resource type> <resource name> <namespace>] Test a single resource in the cluster

  Running 'kubectl datree test' with no arguments is equivalent to 'kubectl datree test -- -n default'

Specification

The plugin supports the following resource types:

  • Pod
  • Service
  • Ingress
  • Daemonset
  • Deployment
  • Replicaset
  • Statefulset
  • Job
  • CronJob
  • CRD (not the custom resource itself, but its definition)

⚠️ When running against a given namespace, only resources of these types will be checked.


Examples

The following command will fetch all resources within the namespace exmpl, and execute a policy check against them:

kubectl datree test -- -n exmpl

The following command will fetch the resource of kind Service named myAwesomeService in namespace mySweetNamespace, and execute a policy check against it using k8s schema version 1.22.0:

kubectl datree test -s "1.22.0" -- service myAwesomeService mySweetNamespace

The following command will fetch all resources from all namespaces in the cluster except for 'default':

kubectl datree test -- --all --exclude default

Example test with no misconfigurations:

kubectl-datree's People

Contributors

hadar-co avatar

Stargazers

Akif Feyzioğlu avatar 9arun9theja9 avatar Koichi Shiraishi avatar Marcello DeSales avatar Bin Chen avatar Bryan A. S. avatar Eugene Svirskiy avatar avatar Claudiu Sonel avatar Likhit Siriarayapan avatar Sakti Dwi Cahyono avatar rob v avatar Goran Haji avatar Evair Marinho avatar Puneeth avatar Kosei IDE avatar avatar Cameron Chapman avatar Bruno Wego avatar Nash Tsai avatar zsh avatar Julien <nedsi> Sudan avatar Sachin Joshi avatar Jan Christoph Ebersbach avatar feder1c0 avatar Martin avatar avatar Anuj Tyagi avatar Chaz avatar Jonathan Poczatek avatar Eugene Starchenko avatar Noaa Barki avatar Savio Mathew avatar Art A. avatar Manuel Zubieta avatar Alap Mistry avatar paulliss avatar Pedro Lobo avatar Peeyush Guleria avatar Yishay Mendelsohn avatar avatar CarlosViniMSouza avatar avatar Fine Dana avatar Carsten Skov avatar Eyar Zilberman avatar Adi Fayer avatar Shimon Tolts avatar Roman Labunsky avatar

Watchers

James Cloos avatar Alex Fedin avatar Eyar Zilberman avatar avatar Adi Fayer avatar avatar

Forkers

aruntheja-52

kubectl-datree's Issues

Getting error while run test on namespace

Hello Team,

I am getting below error while run test on namespace.

E0722 14:54:43.548729 17348 run.go:120] "command failed" err="unknown command "datree" for "kubectl""

Note: I have install on WSL environment.

Tests missing critical schemas due to being namespaced

Hello!

I've started using this plugin to test compatibility of my cluster to 1.22 and noticed that since this is namespaced it's missing CRDs! These are super critical, could there be an option to do a full cluster scan regardless of namespace that goes over ALL my cluster resources?

Could not resolve host: get.datree.io

curl https://get.datree.io | /bin/bash
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0curl: (6) Could not resolve host: get.datree.io

download page is not working

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.