Scan Kubernetes Manifests
Reliably helps you discover reliability concerns you may want to pay attention to in your Kubernetes manifests.
Scan your code via the
reliably scan kubernetes <directory> command. This
command scans the current directory by default.
This page will assume the following Kubernetes manifest deployment in your current directory:
kind: Deployment apiVersion: apps/v1 metadata: name: myapp spec: template: spec: containers: - image: nginx name: myapp imagePullPolicy: Always ports: - containerPort: 8000 protocol: TCP
reliably scan kubernetes . tests/manifests/deployment.yaml:1:1 [warning] You should specify a number of replicas tests/manifests/deployment.yaml:1:1 [error] Setting a high cpu request may render pod scheduling difficult or starve other pods tests/manifests/deployment.yaml:1:1 [error] Not setting a cpu requests means the pod will be allowed to consume the entire available CPU (unless the cluster has set a global limit) tests/manifests/deployment.yaml:1:1 [info] Image pull policy should usually not be set to 'Always' tests/manifests/deployment.yaml:1:1 [warning] A rollout strategy can reduce the risk of downtime tests/manifests/deployment.yaml:1:1 [warning] Without the 'minReadySeconds' property set, pods are considered available from the first time the readiness probe is valid. Settings this value indicates how long it the pod should be ready for before being considered available. 6 suggestions found
Reliably goes through all resources it recognises and issues a suggestion statement for each potential reliability concern.
In this case, Reliably made six suggestions about this Kubernetes deployment.
The output shows the file which triggered a suggestion and the line of the resource containing the concerning line.
For now, Reliably can only position you at the first line of the owning resource for the property. In this case all locations are at line 1 as the deployment is at the top of the file. If that Kubernetes file had contained another resource, say a service, before this deployment the line number would be different.
The default format is a plain text list of suggestions, the
command supports other formats: yaml, json, sarif, etc.
Learn more about output formats here.