ec validate definition

Validate definition file conformance with the Enterprise Contract

Synopsis

Validate definition file conformance with the Enterprise Contract

Validate Kubernetes definition files conforms to the rego policies defined in the given policy repository.

ec validate definition [flags]

Examples

Validate multiple definition files via comma-separated value:

ec validate definition --file </path/to/file>,</path/to/other/file>

Validate multiple definition files by repeating --file:

ec validate definition --file </path/to/file> --file /path/to/other.file

Specify --file as JSON

ec validate definition --file '{"Kind": "Task"}'

Specify different policy and data sources:

 ec validate definition --file </path/to/pipeline/file> \
--policy git::https://github.com/enterprise-contract/ec-policies//policy/lib \
--policy git::https://github.com/enterprise-contract/ec-policies//policy/pipeline \
--data git::https://github.com/enterprise-contract/ec-policies//example/data

Options

--data: url for policy data, go-getter style. May be used multiple times (Default: [git::https://github.com/enterprise-contract/ec-policies//example/data] )
--f, --file: path to definition YAML/JSON file (required) (Default: [])
--h, --help: help for definition (Default: false)
--namespace: the namespace containing the policy to run. May be used multiple times (Default: [])
--o, --output: write output to a file in a specific format, e.g. yaml=/tmp/output.yaml. Use empty string path for stdout, e.g. yaml. May be used multiple times. Possible formats are json and yaml (Default: [json])
--policy: url for policies, go-getter style. May be used multiple times (Default: [oci::quay.io/enterprise-contract/ec-pipeline-policy:latest])
--s, --strict: return non-zero status on non-successful validation (Default: false)

Options inherited from parent commands

--debug: same as verbose but also show function names and line numbers (Default: false)
--kubeconfig: path to the Kubernetes config file to use
--quiet: less verbose output (Default: false)
--show-successes: (Default: false)
--timeout: max overall execution duration (Default: 5m0s)
--trace: enable trace logging (Default: false)
--verbose: more verbose output (Default: false)

ec validate definition

Synopsis

Examples

Options

Options inherited from parent commands

See also