datree: Missing openshift api-resources

Hey,

I am playing around with datree but fail to get a working validation with specific OpenShift api resources. I exported the resources via the crd extractor tool but datree just throws an error:

helm template ~/work/mychart/ -f ~/work/mychart/values/myproject/values.yaml | datree test - --schema-location '$HOME/.datree/crdSchemas/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json'
>>  File: /tmp/datree_temp_362123854.yaml

[V] YAML validation
[X] Kubernetes schema validation

❌  k8s schema validation error: could not find schema for Group

❌  k8s schema validation error: could not find schema for Group

To troubleshoot: refer to our docs [https://hub.datree.io/troubleshooting#schema-validation-failure]
To ignore this failure: use the CLI flag `--ignore-missing-schemas`

[?] Policy check didn't run for this file


(Summary)

- Passing YAML validation: 1/1

- Passing Kubernetes (1.20.0) schema validation: 0/1

- Passing policy check: 0/1

+-----------------------------------+------------------------------------------------------+
| Enabled rules in policy "Default" | 21                                                   |
| Configs tested against policy     | 0                                                    |
| Total rules evaluated             | 0                                                    |
| Total rules skipped               | 0                                                    |
| Total rules failed                | 0                                                    |
| Total rules passed                | 0                                                    |
| See all rules in policy           | https://app.datree.io/login?t=xxxx |
+-----------------------------------+------------------------------------------------------+

I double checked what the crd extractor extracted and the group json schema is part of it:

{
  "description": "Group represents a referenceable set of Users",
  "type": "object",
  "required": [
    "users"
  ],
  "properties": {
    "apiVersion": {
      "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
      "type": "string"
    },
    "kind": {
      "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
      "type": "string"
    },
    "metadata": {
      "$ref": "_definitions.json#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta"
    },
    "users": {
      "description": "Users is the list of users in this group.",
      "type": "array",
      "items": {
        "type": "string"
      }
    }
  },
  "x-kubernetes-group-version-kind": [
    {
      "group": "user.openshift.io",
      "kind": "Group",
      "version": "v1"
    }
  ],
  "$schema": "http://json-schema.org/schema#"
}

Is there something wrong with the schema?

Thanks

About this issue

Original URL
State: open
Created 2 years ago
Comments: 16 (4 by maintainers)

Most upvoted comments

Try this steps:

mkdir tmp
cd tmp
wget https://github.com/openshift/api/archive/refs/heads/release-4.10.zip
unzip release-4.10.zip
wget https://raw.githubusercontent.com/yannh/kubeconform/master/scripts/openapi2jsonschema.py
mkdir schema
cd schema
# Depending on you ** might not work. In zsh it's working.
python3 ../openapi2jsonschema.py ../api-release-4.10/**/*.crd.yaml
# Output is the file to check
# cp ../../../output.yaml .
datree test --schema-location $PWD/'{{ .ResourceKind }}_{{ .ResourceAPIVersion }}.json' output.yaml

dol on Nov 9, 2022

I’ll give that a shot and report back to you, thanks.

dan-m8t on Nov 8, 2022