I'm curious about the best practices for validating Custom Resource Definitions (CRDs) before we commit them to our GitOps tooling. It's so easy to accidentally include a faulty YAML file, like adding an incorrect field to a resource and then pushing it out. I know there are tools like kubeconform and using kubectl dry-run to catch these errors. How do you all approach this validation process?
5 Answers
We keep our CRDs stored as OpenAPI Schemas in a Git repo. Whenever there’s a pull request, we use kubeconform to scan all the YAML files for CRD validation. This includes additional checks with tools like kustomize-fix and markdownlint as part of our CI workflow.
I’m building a Dagger module that validates CRDs by creating a kind cluster with the right Kubernetes version. It works within a GitHub workflow, which is pretty cool because I can run my validations automatically. It handles the CRs that should match the CRDs afterward.
For me, I just spin up non-production clusters to test my CRDs. It’s more consistent and I can easily verify everything before it goes into production. Plus, it allows me to do a proper back-and-forth to catch any issues immediately.
I rely on kubeconform and kubectl's dry-run feature before deploying. It’s essential to test on staging clusters since there are limitations on catching errors without actually running them in a cluster.
Having multiple test environments is key for us. It might sound slower to validate individually, but in the long run, it prevents issues that could arise from bad commits.
Related Questions
Sports Team Randomizer
10 Uses For An Old Smartphone
Midjourney Launches An Exciting New Feature for Their Image AI
ShortlyAI Review
Is Copytrack A Scam?
Getting 100 on Pagespeed Insights for Mobile is Impossible