add crd-extractor plugin, update readme

datreeio · May 17, 2022 · 6457cfb · 6457cfb
1 parent 20ee6f9
commit 6457cfb
Show file tree

Hide file tree

Showing 3 changed files with 91 additions and 1 deletion.
diff --git a/.krew.yaml b/.krew.yaml
@@ -0,0 +1,26 @@
+apiVersion: krew.googlecontainertools.github.com/v1alpha2
+kind: Plugin
+metadata:
+  name: crd-extractor
+spec:
+  version: {{ .TagName }}
+  homepage: https://github.com/datreeio/CRDs-catalog
+  shortDescription: Extract CRDs from your cluster and convert them to JSON schema
+  description: |
+    This plugin extracts CRDs from your cluster and converts them to JSON schema.
+  platforms:
+  - selector:
+      matchExpressions:
+      - key: os
+        operator: In
+        values:
+        - darwin
+        - linux
+    {{addURIAndSha "https://github.com/datreeio/CRDs-catalog/releases/download/{{ .TagName }}/kubectl-crd-extractor.zip" .TagName }}
+    files:
+    - from: "kubectl-crd-extractor"
+      to: "."
+    - from: LICENSE
+      to: "."
+    bin: kubectl-crd-extractor
+
diff --git a/README.md b/README.md
@@ -1 +1,24 @@
-# CRDs-catalog
+# CRDs Catalog
+
+## Overview
+
+This repository aggregates popular k8s CRDs in JSON schema format. These schemas can be used by Datree and other tools to validate CRs.
+
+<!---
+## kubectl crd-extractor plugin
+
+This repository also contains a [kubectl plugin](https://kubernetes.io/docs/tasks/extend-kubectl/kubectl-plugins/) that extracts all CRDs from a cluster and converts them to JSON schema.
+
+### Supported Platforms
+This plugin supports **MacOS** and **Linux**.
+
+<br/>
+
+### Installation
+Installation is done via [krew](https://krew.sigs.k8s.io/docs/user-guide/setup/install/) - the official kubectl plugin manager.
+1. Install [krew](https://krew.sigs.k8s.io/docs/user-guide/setup/install/)
+2. Install the crd-extractor plugin:
+```
+kubectl krew install crd-extractor
+```
+-->
diff --git a/crd-extractor/kubectl-crd-extractor b/crd-extractor/kubectl-crd-extractor
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+# Check if python3 is installed
+if ! command -v python3 &> /dev/null; then
+    printf "python3 is required for this plugin, and is not installed on your machine"
+    printf "please visit https://www.python.org/downloads/ and install it"
+    exit 1
+fi
+
+# Create temp folder for CRDs
+TMP_CRD_DIR=$HOME/.datree/crds
+mkdir -p $TMP_CRD_DIR
+
+# Extract CRDs from cluster
+NUM_OF_CRDS=0
+while read -r crd 
+do
+    ResourceKind=${crd%%.*}
+    kubectl get crds ${crd} -o yaml > "$TMP_CRD_DIR/${ResourceKind}.yaml" 2>&1 
+    let NUM_OF_CRDS++
+done < <(kubectl get crds 2>&1 | tail -n +2)
+
+# Download converter script
+curl https://raw.githubusercontent.com/yannh/kubeconform/master/scripts/openapi2jsonschema.py --output $TMP_CRD_DIR/openapi2jsonschema.py 2>/dev/null
+
+# Create final schemas directory
+SCHEMAS_DIR=$HOME/.datree/crdSchemas
+mkdir -p $SCHEMAS_DIR
+cd $SCHEMAS_DIR
+
+# Convert crds to jsonSchema
+python3 $TMP_CRD_DIR/openapi2jsonschema.py $TMP_CRD_DIR/*.yaml
+
+if [ $? == 0 ]; then
+    printf "Successfully converted $NUM_OF_CRDS CRDs to JSON schema\n"
+    printf "To execute a Datree policy check against your CRs - run 'datree test --schema-location $HOME/.datree/crdSchemas/{{ .ResourceKind }}_{{ .ResourceAPIVersion }}.json /path/to/file'\n"
+    printf "\nWould you like your public CRs to be checked automatically in the future? No problem! Add your schemas to our CRD-catalog and help us support popular CRs in future Datree policy checks :)\n"
+    printf "For more information visit https://www.github.com/datreeio/crds-catalog \n"
+fi
+
+rm -rf $TMP_CRD_DIR