kubectl --validate --dry-run does not check for kubernetes-syntax
Neither --validate nor --dry-run makes a full syntax check with kubectl apply against the server. So, there is no real dry-run and no real validate
However, kubectl diff does so:
$ cat ${Build}/* | ssh root@${MASTER} kubectl --namespace ${Namespace} diff -f - || true
The Service "myproject" is invalid: spec.type: Unsupported value: "loadBalancer": supported values: "ClusterIP", "ExternalName", "LoadBalancer", "NodePort"
$ cat ${Build}/* | ssh root@${MASTER} kubectl --namespace ${Namespace} apply --dry-run --validate -f -
ingressroute.traefik.containo.us/http configured (dry run)
ingressroute.traefik.containo.us/https configured (dry run)
service/myproject created (dry run)
service/headless-not-used configured (dry run)
statefulset.apps/myproject configured (dry run)
configmap/nginx-conf-d configured (dry run)
expected:
$ cat ${Build}/* | ssh root@${MASTER} kubectl --namespace ${Namespace} apply --dry-run --validate -f -
ingressroute.traefik.containo.us/http configured (dry run)
ingressroute.traefik.containo.us/https configured (dry run)
The Service "myproject" is invalid: spec.type: Unsupported value: "loadBalancer": supported values: "ClusterIP", "ExternalName", "LoadBalancer", "NodePort"
# kubectl version
Client Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.1", GitCommit:"d224476cd0730baca2b6e357d144171ed74192d6", GitTreeState:"clean", BuildDate:"2020-01-14T21:04:32Z", GoVersion:"go1.13.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.1", GitCommit:"d224476cd0730baca2b6e357d144171ed74192d6", GitTreeState:"clean", BuildDate:"2020-01-14T20:56:50Z", GoVersion:"go1.13.5", Compiler:"gc", Platform:"linux/amd64"}
rdxmb
All 8 comments
similar:
$ cat ${Build}/* | ssh root@${MASTER} kubectl --namespace ${Namespace} apply --dry-run -f -
statefulset.apps/app configured (dry run)
service/app-ro configured (dry run)
$ cat ${Build}/* | ssh root@${MASTER} kubectl --namespace ${Namespace} diff -f - || true
The StatefulSet "app" is invalid: spec: Forbidden: updates to statefulset spec for fields other than 'replicas', 'template', and 'updateStrategy' are forbidden
@soltysh does server-side apply address this?
eddiezane
on 23 Jan 2020
I think this could be fixed with https://github.com/kubernetes/enhancements/issues/576 (?)
rdxmb
on 28 Jan 2020
Yeah, you're supposed to use the existing --server-dry-run if you want to validate against a cluster. That feature is being promoted to GA, and so we're changing this flag to --dry-run=server.
apelisse
on 29 Jan 2020
Based on the previous commenting I'm closing this.
/close
soltysh
on 19 Feb 2020
@soltysh: Closing this issue.
In response to this:
Based on the previous commenting I'm closing this.
/close
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
k8s-ci-robot
on 19 Feb 2020
@apelisse Thanks! Already using this in my CI
rdxmb
on 21 Feb 2020
Awesome @rdxmb, let us know if there's anything else we can do to improve it!
apelisse
on 21 Feb 2020
Related issues
willbeason
路
4Comments
fiksn
路
3Comments
pwittrock
路
6Comments
mshahat
路
3Comments
adambro
路
3Comments
Most helpful comment
Yeah, you're supposed to use the existing
--server-dry-runif you want to validate against a cluster. That feature is being promoted to GA, and so we're changing this flag to--dry-run=server.