curl https://get.datree.io | /bin/bash
Let’s use datree to test the following yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
lifecycle:
postStart:
exec:
command:
- sh
- -c
- date "+%Y-%m-%d %H:%M:%S" > /datetmp.txt && sleep 30
ports:
- containerPort: 80
livenessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 30
readinessProbe:
httpGet:
path: /
port: 80
scheme: HTTP
initialDelaySeconds: 30datree test demo.yaml
❌ Ensure Deployment has more than one replica configured [1 occurrences]
💡 Incorrect value for key `replicas` - running 2 or more replicas will increase the availability of the service
❌ Ensure each container image has a pinned (tag) version [1 occurrences]
💡 Incorrect value for key `image` - specify an image version to avoid unpleasant "version surprises" in the future
❌ Ensure each container has a configured CPU limit [1 occurrences]
💡 Missing property object `limits.cpu` - value should be within the accepted boundaries recommended by the organization
❌ Ensure each container has a configured CPU request [1 occurrences]
💡 Missing property object `requests.cpu` - value should be within the accepted boundaries recommended by the organization
❌ Ensure each container has a configured memory request [1 occurrences]
💡 Missing property object `requests.memory` - value should be within the accepted boundaries recommended by the organization
❌ Ensure each container has a configured memory limit [1 occurrences]
💡 Missing property object `limits.memory` - value should be within the accepted boundaries recommended by the organization
If you need to check multiple files at once, you can use folders directly
By default, it has only 21 (?) rule
Each CLI invocation is running a default policy that includes 21 built-in rules.
You can reconfigure it by logging in with cliid
