Ayush758 / datree

Prevent Kubernetes misconfigurations from reaching production (again 😤 )! Datree is a CLI tool to ensure K8s manifests and Helm charts follow best practices as well as your organization’s policies. See our docs: https://hub.datree.io

Home Page:https://datree.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

datree=github

Prevent Kubernetes Misconfigurations

Explore the docs »

🤔 What is Datree?

Datree is a CLI tool that supports Kubernetes admins in their roles by preventing developers from making errors in Kubernetes configurations that can cause clusters to fail in production. Our CLI tool is open source, enabling it to be supported by the Kubernetes community.

It’s far more effective than manual processes, such as sending an email to a slew of developers, begging them to set various limits, which likely falls on deaf ears because developers are already overwhelmed.

⚙️ How it Works

The CLI integration provides a policy enforcement solution for Kubernetes to run automatic checks on every code change for rule violations and misconfigurations. When rule violations are found, Datree produces an alert that guides the developer to fix the issue inside the CI process — or even earlier as a pre-commit hook — while explaining the reason behind the rule.

⏩ Quick-start in two steps

1. Install the latest release on your CLI

Linux & MacOS: curl https://get.datree.io | /bin/bash
Windows: iwr -useb https://get.datree.io/windows_install.ps1 | iex

Other installation options (Homebrew, Docker, etc.) can be found here

2. Pass Datree a Kubernetes manifest file to scan

datree test [k8s-manifest-file]

...and voilà, you just ran your first policy check! 🥳

Datree-cli

Datree-saas

Datree-saas

🔌 Helm plugin

Datree's Helm plugin can be accessed through the helm CLI, to provide a seamless experience to Helm users:

helm plugin install https://github.com/datreeio/helm-datree

🤖 Built-in schema validation & policy check

Every policy check will (also) validate your Kubernetes schema. In addition, there are 30 battle-tested rules for you to select to create your policy.

The policy rules cover a variety of Kubernetes resources and use cases:

  • Workload
  • CronJob
  • Containers
  • Networking
  • Security
  • Deprecation
  • Others

🔧 Custom rules

In addition to our built-in rules, you can write any custom rule you wish, and then run them against your Kubernetes configurations to check for rule violations. The custom rule engine is based on JSON Schema.

🔗 CI/CD integrations

Like any linter or static code analysis tool, Datree's command-line tool can be integrated with all CI/CD platforms to automatically scan every code change and provide feedback as part of the workflow. In the docs, you can find examples of some of the common CI/CD platforms.

If you run into any difficulties with CI/CD integrations, please join our community Slack channel or open an issue, and we'd be happy to guide you through it.

Playground

katacoda-logo
You can also checkout our interactive demo scenario on Katacoda without having to install anything on your machine.

Disclaimer

We do our best to maintain backward compatibility, but there may be breaking changes in the future to the command usage, flags, and configuration file formats. The CLI will output a warning message when a new version with breaking changes is detected. We encourage you to use Datree to test your Kubernetes manifests files and Helm charts, see what breaks, and contribute.

About

Prevent Kubernetes misconfigurations from reaching production (again 😤 )! Datree is a CLI tool to ensure K8s manifests and Helm charts follow best practices as well as your organization’s policies. See our docs: https://hub.datree.io

https://datree.io

License:Apache License 2.0


Languages

Language:Go 90.8%Language:Shell 5.5%Language:PowerShell 1.7%Language:Python 1.0%Language:Makefile 0.6%Language:Dockerfile 0.3%Language:HCL 0.1%