-
Notifications
You must be signed in to change notification settings - Fork 361
Using Datree with Kustomize #395
Comments
@exocode thanks, great catch! What do you think about a Kustomize plugin to address this? We are planning to write one and would love your input. In the meantime I believe this workaround should resolve your issue: Please let us know if it did :) |
Hi @hadar-co , I am not that great Kustomize expert, I am an average user. with your hint, I can do something like this:
EDIT: That is a working example:
This will find all my I am sure, I dont have to explain Kustomize :-) I am sure you are more experienced than me :-) But what would be nice is, that
|
I wonder if the user should pass Datree's CLI a path to the chart/dir that contains the Also, Kustomize has different versions, so we need to research if they behave differently. |
@eyarz as an idea to handle the folder structure, Checkov has published it's kustomize support today. They have made a docs page, which explains how they treat that: For the versioning I have too low experience. I am too new to Kustomize to answer that question |
This is helpful, thank :) |
Goal 🥅A new test command that supports kustomize mechanism- first, it builds the configuration files, then the policy check validates the build output (rendered yaml files) User Flows 🏊♀️User runs kustomize test command on a directory with kustomization.yaml file Thumb rule ☝🏻Whenever there is unanswered product flow/question, look at the kustomize tool behavior, and use it (kustomize build) |
in production: |
Is your feature request related to a problem? Please describe.
I try to implement DaTree into my Gitlab-CI. I primarly use Kustomize for my deployments. So my "root"-manifests are sparely written and are completed by "Kustomization" for the different stages like "staging" and "production".
So all my deployments are failing. Base, staging and production. But the "kustomized", rendered ones are definitely fullfil all rules.
Describe the solution you'd like
When I have Kustomize declared, it Datree should recognize it and only check the "rendered" ones. Maybe by specifiying "kustomization.yaml" files itself (filtering by names)
Additional context
DEMO:
base-deployment.yml
That file fails, because it does not apply resources
staging-deployment.yml
How to tell DaTree that it should only check "rendered" Kustomize manifests?
This is my current gitlab-ci.yml file which runs the tests:
The text was updated successfully, but these errors were encountered: