From 6457cfb0ae6d277e8addac70b519d3ecabd48b30 Mon Sep 17 00:00:00 2001 From: hadar-co Date: Tue, 17 May 2022 16:43:47 +0300 Subject: [PATCH] add crd-extractor plugin, update readme --- .krew.yaml | 26 ++++++++++++++++++ README.md | 25 +++++++++++++++++- crd-extractor/kubectl-crd-extractor | 41 +++++++++++++++++++++++++++++ 3 files changed, 91 insertions(+), 1 deletion(-) create mode 100644 .krew.yaml create mode 100755 crd-extractor/kubectl-crd-extractor diff --git a/.krew.yaml b/.krew.yaml new file mode 100644 index 00000000..0d14b2b5 --- /dev/null +++ b/.krew.yaml @@ -0,0 +1,26 @@ +apiVersion: krew.googlecontainertools.github.com/v1alpha2 +kind: Plugin +metadata: + name: crd-extractor +spec: + version: {{ .TagName }} + homepage: https://github.com/datreeio/CRDs-catalog + shortDescription: Extract CRDs from your cluster and convert them to JSON schema + description: | + This plugin extracts CRDs from your cluster and converts them to JSON schema. + platforms: + - selector: + matchExpressions: + - key: os + operator: In + values: + - darwin + - linux + {{addURIAndSha "https://github.com/datreeio/CRDs-catalog/releases/download/{{ .TagName }}/kubectl-crd-extractor.zip" .TagName }} + files: + - from: "kubectl-crd-extractor" + to: "." + - from: LICENSE + to: "." + bin: kubectl-crd-extractor + \ No newline at end of file diff --git a/README.md b/README.md index d25554e1..7ada519c 100644 --- a/README.md +++ b/README.md @@ -1 +1,24 @@ -# CRDs-catalog \ No newline at end of file +# CRDs Catalog + +## Overview + +This repository aggregates popular k8s CRDs in JSON schema format. These schemas can be used by Datree and other tools to validate CRs. + + \ No newline at end of file diff --git a/crd-extractor/kubectl-crd-extractor b/crd-extractor/kubectl-crd-extractor new file mode 100755 index 00000000..ee1ee23b --- /dev/null +++ b/crd-extractor/kubectl-crd-extractor @@ -0,0 +1,41 @@ +#!/bin/bash + +# Check if python3 is installed +if ! command -v python3 &> /dev/null; then + printf "python3 is required for this plugin, and is not installed on your machine" + printf "please visit https://www.python.org/downloads/ and install it" + exit 1 +fi + +# Create temp folder for CRDs +TMP_CRD_DIR=$HOME/.datree/crds +mkdir -p $TMP_CRD_DIR + +# Extract CRDs from cluster +NUM_OF_CRDS=0 +while read -r crd +do + ResourceKind=${crd%%.*} + kubectl get crds ${crd} -o yaml > "$TMP_CRD_DIR/${ResourceKind}.yaml" 2>&1 + let NUM_OF_CRDS++ +done < <(kubectl get crds 2>&1 | tail -n +2) + +# Download converter script +curl https://raw.githubusercontent.com/yannh/kubeconform/master/scripts/openapi2jsonschema.py --output $TMP_CRD_DIR/openapi2jsonschema.py 2>/dev/null + +# Create final schemas directory +SCHEMAS_DIR=$HOME/.datree/crdSchemas +mkdir -p $SCHEMAS_DIR +cd $SCHEMAS_DIR + +# Convert crds to jsonSchema +python3 $TMP_CRD_DIR/openapi2jsonschema.py $TMP_CRD_DIR/*.yaml + +if [ $? == 0 ]; then + printf "Successfully converted $NUM_OF_CRDS CRDs to JSON schema\n" + printf "To execute a Datree policy check against your CRs - run 'datree test --schema-location $HOME/.datree/crdSchemas/{{ .ResourceKind }}_{{ .ResourceAPIVersion }}.json /path/to/file'\n" + printf "\nWould you like your public CRs to be checked automatically in the future? No problem! Add your schemas to our CRD-catalog and help us support popular CRs in future Datree policy checks :)\n" + printf "For more information visit https://www.github.com/datreeio/crds-catalog \n" +fi + +rm -rf $TMP_CRD_DIR \ No newline at end of file