Skip to main content
Version: 2.23 (prerelease)

kubeconform

Kubeconform tool (https://github.com/yannh/kubeconform)

Backend: pants.backend.experimental.helm.check.kubeconform

Config section: [kubeconform]

Basic options

output_type

--kubeconform-output-type=<KubeconformOutput>
PANTS_KUBECONFORM_OUTPUT_TYPE
pants.toml
[kubeconform]
output_type = <KubeconformOutput>
one of: text, json, tap, junit
default: text

Output type used by kubeconform.

skip

--[no-]kubeconform-skip
PANTS_KUBECONFORM_SKIP
pants.toml
[kubeconform]
skip = <bool>
default: False

If true, don't use kubeconform when running pants check.

summary

--[no-]kubeconform-summary
PANTS_KUBECONFORM_SUMMARY
pants.toml
[kubeconform]
summary = <bool>
default: False

Set to true to only output check summary.

verbose

--[no-]kubeconform-verbose
PANTS_KUBECONFORM_VERBOSE
pants.toml
[kubeconform]
verbose = <bool>
default: False

Set to true to increase output verbosity.

Advanced options

concurrency

--kubeconform-concurrency=<int>
PANTS_KUBECONFORM_CONCURRENCY
pants.toml
[kubeconform]
concurrency = <int>
default: None

Number of workers used by Kubeconform to validate resources.

known_versions

--kubeconform-known-versions="['<str>', '<str>', ...]"
PANTS_KUBECONFORM_KNOWN_VERSIONS
pants.toml
[kubeconform]
known_versions = [
    '<str>',
    '<str>',
    ...,
]
default: 
[
  "0.6.2|linux_arm64 |41c15ecbb120042bee0aca8a616e479b555084d5d14bc2e095ed96081c1e9404|5335394",
  "0.6.2|linux_x86_64|d2a10db6b78d56de8fe9375b9c351bc573aa218a74da04d114767b505a675090|5739066",
  "0.6.2|macos_arm64 |881e3fe2ecdb1cc41bce80013113f24da80e1bec593876ffe88668333ae69b51|5423607",
  "0.6.2|macos_x86_64|88e53c2562482ed5ab7434188ca5ba03d3482088ac52d53da7499d579923f2e8|5656173"
]

Known versions to verify downloads against.

Each element is a pipe-separated string of version|platform|sha256|length or version|platform|sha256|length|url_override, where:

  • version is the version string
  • platform is one of [linux_arm64,linux_x86_64,macos_arm64,macos_x86_64]
  • sha256 is the 64-character hex representation of the expected sha256 digest of the download file, as emitted by shasum -a 256
  • length is the expected length of the download file in bytes, as emitted by wc -c
  • (Optional) url_override is a specific url to use instead of the normally generated url for this version

E.g., 3.1.2|macos_x86_64|6d0f18cd84b918c7b3edd0203e75569e0c7caecb1367bbbe409b44e28514f5be|42813. and 3.1.2|macos_arm64 |aca5c1da0192e2fd46b7b55ab290a92c5f07309e7b0ebf4e45ba95731ae98291|50926|https://example.mac.org/bin/v3.1.2/mac-aarch64-v3.1.2.tgz.

Values are space-stripped, so pipes can be indented for readability if necessary.

schema_locations

--kubeconform-schema-locations="['<str>', '<str>', ...]"
PANTS_KUBECONFORM_SCHEMA_LOCATIONS
pants.toml
[kubeconform]
schema_locations = [
    '<str>',
    '<str>',
    ...,
]
default: 
[
  "default"
]

List of schema locations to use to validate the resources.

url_platform_mapping

--kubeconform-url-platform-mapping="{'key1': val1, 'key2': val2, ...}"
PANTS_KUBECONFORM_URL_PLATFORM_MAPPING
pants.toml
[kubeconform.url_platform_mapping]
key1 = val1
key2 = val2
...
default: 
{
  "linux_arm64": "linux-arm64",
  "linux_x86_64": "linux-amd64",
  "macos_arm64": "darwin-arm64",
  "macos_x86_64": "darwin-amd64"
}

A dictionary mapping platforms to strings to be used when generating the URL to download the tool.

In --url-template, anytime the {platform} string is used, Pants will determine the current platform, and substitute {platform} with the respective value from your dictionary.

For example, if you define {"macos_x86_64": "apple-darwin", "linux_x86_64": "unknown-linux"}, and run Pants on Linux with an intel architecture, then {platform} will be substituted in the --url-template option with unknown-linux.

url_template

--kubeconform-url-template=<str>
PANTS_KUBECONFORM_URL_TEMPLATE
pants.toml
[kubeconform]
url_template = <str>
default: https://github.com/yannh/kubeconform/releases/download/v{version}/kubeconform-{platform}.tar.gz

URL to download the tool, either as a single binary file or a compressed file (e.g. zip file). You can change this to point to your own hosted file, e.g. to work with proxies or for access via the filesystem through a file:$abspath URL (e.g. file:/this/is/absolute, possibly by templating the buildroot in a config file).

Use {version} to have the value from --version substituted, and {platform} to have a value from --url-platform-mapping substituted in, depending on the current platform. For example, https://github.com/.../protoc-&#123;version&#125;-&#123;platform&#125;.zip.

use_unsupported_version

--kubeconform-use-unsupported-version=<UnsupportedVersionUsage>
PANTS_KUBECONFORM_USE_UNSUPPORTED_VERSION
pants.toml
[kubeconform]
use_unsupported_version = <UnsupportedVersionUsage>
one of: error, warning
default: error

What action to take in case the requested version of kubeconform is not supported.

Supported kubeconform versions: unspecified

version

--kubeconform-version=<str>
PANTS_KUBECONFORM_VERSION
pants.toml
[kubeconform]
version = <str>
default: 0.6.2

Use this version of kubeconform.

Deprecated options

None

None