Update website

.github/workflows/site.yml

@@ -1,6 +1,8 @@
 on:
   workflow_dispatch:
   push:
+    paths:
+      - 'site/**'
     branches:
       - master
 

site/content/docs/crd-support.md

@@ -3,7 +3,7 @@ title: "Custom Resources support"
 date: 2021-07-02T00:00:00Z
 draft: false
 tags: ["Kubeconform", "Usage"]
-weight: 3
+weight: 4
 ---
 
 When the `-schema-location` parameter is not used, or set to "default", kubeconform will default to downloading

site/content/docs/installation.md

@@ -3,7 +3,7 @@ title: "Installation"
 date: 2021-07-02T00:00:00Z
 draft: false
 tags: ["Kubeconform", "Installation"]
-weight: 1
+weight: 2
 ---
 
 ## Linux
@@ -25,8 +25,4 @@ Kubeconform is available to install using [Homebrew](https://brew.sh/):
 
 ## Windows
 
-Download the latest release from our [release page](https://github.com/yannh/kubeconform/releases).
-
-
-
-You can also download the latest version from the [release page](https://github.com/yannh/kubeconform/releases).
+Download the latest release from our [release page](https://github.com/yannh/kubeconform/releases).

site/content/docs/json-schema-conversion.md

@@ -1,8 +1,9 @@
 ---
-title: "Conversion of CRD to JSON Schema"
+title: "OpenAPI to JSON Schema conversion"
 date: 2021-07-02T00:00:00Z
 draft: false
 tags: ["Kubeconform", "Usage"]
+weight: 5
 ---
 
 Kubeconform uses JSON schemas to validate Kubernetes resources. For custom resources, the CustomResourceDefinition

site/content/docs/overview.md

@@ -0,0 +1,48 @@
+---
+title: "Overview"
+date: 2021-07-02T00:00:00Z
+draft: false
+tags: ["Kubeconform", "Overview"]
+weight: 1
+---
+
+Kubeconform is a Kubernetes manifests validation tool. Build it into your CI to validate your Kubernetes
+configuration!
+
+It is inspired by, contains code from and is designed to stay close to
+[Kubeval](https://github.com/instrumenta/kubeval), but with the following improvements:
+* **high performance**: will validate & download manifests over multiple routines, caching
+  downloaded files in memory
+* configurable list of **remote, or local schemas locations**, enabling validating Kubernetes
+  custom resources (CRDs) and offline validation capabilities
+* uses by default a [self-updating fork](https://github.com/yannh/kubernetes-json-schema) of the schemas registry maintained
+  by the [kubernetes-json-schema](https://github.com/instrumenta/kubernetes-json-schema) project - which guarantees
+  up-to-date **schemas for all recent versions of Kubernetes**.
+
+### A small overview of Kubernetes manifest validation
+
+Kubernetes's API is described using the [OpenAPI (formerly swagger) specification](https://www.openapis.org),
+in a [file](https://github.com/kubernetes/kubernetes/blob/master/api/openapi-spec/swagger.json) checked into
+the main Kubernetes repository.
+
+Because of the state of the tooling to perform validation against OpenAPI schemas, projects usually convert
+the OpenAPI schemas to [JSON schemas](https://json-schema.org/) first. Kubeval relies on
+[instrumenta/OpenApi2JsonSchema](https://github.com/instrumenta/openapi2jsonschema) to convert Kubernetes' Swagger file
+and break it down into multiple JSON schemas, stored in github at
+[instrumenta/kubernetes-json-schema](https://github.com/instrumenta/kubernetes-json-schema) and published on
+[kubernetesjsonschema.dev](https://kubernetesjsonschema.dev/).
+
+Kubeconform relies on [a fork of kubernetes-json-schema](https://github.com/yannh/kubernetes-json-schema/)
+that is more aggressively kept up-to-date, and contains schemas for all recent versions of Kubernetes.
+
+### Limits of Kubeconform validation
+
+Kubeconform, similarly to kubeval, only validates manifests using the OpenAPI specifications. In some
+cases, the Kubernetes controllers might perform additional validation - so that manifests passing kubeval
+validation would still error when being deployed. See for example these bugs against kubeval:
+[#253](https://github.com/instrumenta/kubeval/issues/253)
+[#256](https://github.com/instrumenta/kubeval/issues/256)
+[#257](https://github.com/instrumenta/kubeval/issues/257)
+[#259](https://github.com/instrumenta/kubeval/issues/259). The validation logic mentioned in these
+bug reports is not part of Kubernetes' OpenAPI spec, and therefore kubeconform/kubeval will not detect the
+configuration errors.

site/content/docs/usage-as-github-action.md

@@ -3,7 +3,7 @@ title: "Github Action"
 date: 2021-07-02T00:00:00Z
 draft: false
 tags: ["Kubeconform", "Usage"]
-weight: 4
+weight: 6
 ---
 
 Kubeconform is publishes Docker Images to Github's new Container Registry, ghcr.io. These images

site/content/docs/usage.md

@@ -3,7 +3,7 @@ title: "Usage"
 date: 2021-07-02T00:00:00Z
 draft: false
 tags: ["Kubeconform", "Usage"]
-weight: 2
+weight: 3
 ---
 
 {{< prism >}}$ ./bin/kubeconform -h

site/content/docs/using-as-a-go-module.md

@@ -3,7 +3,7 @@ title: "Kubeconform as a Go module"
 date: 2021-07-02T00:00:00Z
 draft: false
 tags: ["Kubeconform", "Usage"]
-weight: 5
+weight: 7
 ---
 
 **Warning**: This is a work-in-progress, the interface is not yet considered stable. Feedback is encouraged.

site/public/css/style.css

@@ -9,13 +9,13 @@ hr { border-color: #ddd; }
 }
 
 /* Font sizes */
-body { font-size: 1.2rem; line-height: 1.7rem; text-size-adjust: 100%; }
-h1   { font-size: 2.3rem; line-height: 3.2rem; font-weight: 400 }
-h2   { font-size: 1.8rem; line-height: 2.3rem; font-weight: 400 }
-h3   { font-size: 1.5rem; line-height: 1.8rem; font-weight: 300 }
+body { font-size: 1.4rem; line-height: 1.9rem; text-size-adjust: 100%; }
+h1   { font-size: 2.7rem; line-height: 3.8rem; font-weight: 400 }
+h2   { font-size: 2rem; line-height: 2.5rem; font-weight: 400 }
+h3   { font-size: 1.7rem; line-height: 2rem; font-weight: 300 }
 
-#header h1 { font-size: 3rem; line-height: 3.3rem; font-weight: 500; margin-top: 0.2em; margin-left: 30px }
-#header h2 { font-size: 1.3rem; line-height: 1.5rem; font-weight: 300; font-style: italic; margin: 0 0 0.5em 30px}
+#header h1 { font-size: 4rem; line-height: 4.5rem; font-weight: 500; margin-top: 0.2em; margin-left: 30px }
+#header h2 { font-size: 1.7rem; line-height: 2.2rem; font-weight: 300; font-style: italic; margin: 0 0 0.5em 30px}
 
 /* We default all margins/paddings to 0 */
 * { margin: 0; padding: 0 }
@@ -131,7 +131,7 @@ pre {
 #motto {
     text-align: center;
     font-style: italic;
-    font-size: 1.1em;
+    font-size: 1.4em;
     margin: 2em auto 2em auto;
 }
 
@@ -155,13 +155,13 @@ pre {
 }
 
 #kc-pros h2 {
-    font-size: 1.2em;
+    font-size: 1.4em;
     line-height: 1.2em;
     padding: 0 5% 0.3em 5%;
 }
 
 #kc-pros p {
-    font-size: 0.9em;
+    font-size: 1.1em;
     padding: 0 5% 2em 5%;
 }
 

site/public/docs/crd-support/index.html

@@ -17,27 +17,29 @@ <h2>A fast Kubernetes manifests validator</h2>
 </div>
 <div id="content"><ul id="menu">
 
+    <li><a href="http://kubeconform.mandragor.org/docs/overview/">Overview</a></li>
+
     <li><a href="http://kubeconform.mandragor.org/docs/installation/">Installation</a></li>
 
     <li><a href="http://kubeconform.mandragor.org/docs/usage/">Usage</a></li>
 
     <li><a href="http://kubeconform.mandragor.org/docs/crd-support/">Custom Resources support</a></li>
 
+    <li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">OpenAPI to JSON Schema conversion</a></li>
+
     <li><a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/">Github Action</a></li>
 
     <li><a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/">Kubeconform as a Go module</a></li>
 
-    <li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">Conversion of CRD to JSON Schema</a></li>
-
 </ul>
 <div id="main">
 
 <div class="navig">
+
+    <a href="http://kubeconform.mandragor.org/docs/usage/" id="prev">&lt; Usage</a>
 
-    <a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/" id="prev">&lt; Github Action</a>
 
-
-    <a href="http://kubeconform.mandragor.org/docs/usage/" id="next">Usage &gt;</a>
+    <a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/" id="next">OpenAPI to JSON Schema conversion &gt;</a>
 
 </div>
 
@@ -84,11 +86,11 @@ <h1>Custom Resources support</h1>
 </div>
 
 <div class="navig">
-
-    <a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/" id="prev">&lt; Github Action</a>
+     
+    <a href="http://kubeconform.mandragor.org/docs/usage/" id="prev">&lt; Usage</a>
 
 
-    <a href="http://kubeconform.mandragor.org/docs/usage/" id="next">Usage &gt;</a>
+    <a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/" id="next">OpenAPI to JSON Schema conversion &gt;</a>
 
 </div>
 

site/public/docs/index.xml

@@ -7,6 +7,17 @@
     <generator>Hugo -- gohugo.io</generator>
     <language>en-us</language>
     <lastBuildDate>Fri, 02 Jul 2021 00:00:00 +0000</lastBuildDate><atom:link href="http://kubeconform.mandragor.org/docs/index.xml" rel="self" type="application/rss+xml" />
+    <item>
+      <title>Overview</title>
+      <link>http://kubeconform.mandragor.org/docs/overview/</link>
+      <pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
+
+      <guid>http://kubeconform.mandragor.org/docs/overview/</guid>
+      <description>Kubeconform is a Kubernetes manifests validation tool. Build it into your CI to validate your Kubernetes configuration!
+It is inspired by, contains code from and is designed to stay close to Kubeval, but with the following improvements:
+ high performance: will validate &amp;amp; download manifests over multiple routines, caching downloaded files in memory configurable list of remote, or local schemas locations, enabling validating Kubernetes custom resources (CRDs) and offline validation capabilities uses by default a self-updating fork of the schemas registry maintained by the kubernetes-json-schema project - which guarantees up-to-date schemas for all recent versions of Kubernetes.</description>
+    </item>
+
     <item>
       <title>Installation</title>
       <link>http://kubeconform.mandragor.org/docs/installation/</link>
@@ -16,8 +27,7 @@
       <description>Linux Download the latest release from our release page.
 For example, for Linux on x86_64 architecture:
 curl -L https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz | tar xvzf - &amp;&amp; \ sudo mv kubeconform /usr/local/bin/  MacOs Kubeconform is available to install using Homebrew: $ brew install kubeconform 
-Windows Download the latest release from our release page.
-You can also download the latest version from the release page.</description>
+Windows Download the latest release from our release page.</description>
     </item>
 
     <item>
@@ -39,6 +49,16 @@ You can also download the latest version from the release page.</description>
  If the -schema-location value does not end with &amp;lsquo;.json&amp;rsquo;, Kubeconform will assume filenames / a file structure identical to that of kubernetesjsonschema.</description>
     </item>
 
+    <item>
+      <title>OpenAPI to JSON Schema conversion</title>
+      <link>http://kubeconform.mandragor.org/docs/json-schema-conversion/</link>
+      <pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
+
+      <guid>http://kubeconform.mandragor.org/docs/json-schema-conversion/</guid>
+      <description>Kubeconform uses JSON schemas to validate Kubernetes resources. For custom resources, the CustomResourceDefinition first needs to be converted to JSON Schema. A script is provided to convert these CustomResourceDefinitions to JSON schema. Here is an example how to use it:
+#!/bin/bash $ ./scripts/openapi2jsonschema.py https://raw.githubusercontent.com/aws/amazon-sagemaker-operator-for-k8s/master/config/crd/bases/sagemaker.aws.amazon.com_trainingjobs.yaml JSON schema written to trainingjob_v1.json  The FILENAME_FORMAT environment variable can be used to change the output file name (Available variables: kind, group, version) (Default: {kind}_{version}).</description>
+    </item>
+
     <item>
       <title>Github Action</title>
       <link>http://kubeconform.mandragor.org/docs/usage-as-github-action/</link>
@@ -60,15 +80,5 @@ Kubeconform contains a package that can be used as a library. An example of usag
 Additional documentation on pkg.go.dev</description>
     </item>
 
-    <item>
-      <title>Conversion of CRD to JSON Schema</title>
-      <link>http://kubeconform.mandragor.org/docs/json-schema-conversion/</link>
-      <pubDate>Fri, 02 Jul 2021 00:00:00 +0000</pubDate>
-
-      <guid>http://kubeconform.mandragor.org/docs/json-schema-conversion/</guid>
-      <description>Kubeconform uses JSON schemas to validate Kubernetes resources. For custom resources, the CustomResourceDefinition first needs to be converted to JSON Schema. A script is provided to convert these CustomResourceDefinitions to JSON schema. Here is an example how to use it:
-#!/bin/bash $ ./scripts/openapi2jsonschema.py https://raw.githubusercontent.com/aws/amazon-sagemaker-operator-for-k8s/master/config/crd/bases/sagemaker.aws.amazon.com_trainingjobs.yaml JSON schema written to trainingjob_v1.json  The FILENAME_FORMAT environment variable can be used to change the output file name (Available variables: kind, group, version) (Default: {kind}_{version}).</description>
-    </item>
-
   </channel>
 </rss>

site/public/docs/installation/index.html

@@ -17,25 +17,29 @@ <h2>A fast Kubernetes manifests validator</h2>
 </div>
 <div id="content"><ul id="menu">
 
+    <li><a href="http://kubeconform.mandragor.org/docs/overview/">Overview</a></li>
+
     <li><a href="http://kubeconform.mandragor.org/docs/installation/">Installation</a></li>
 
     <li><a href="http://kubeconform.mandragor.org/docs/usage/">Usage</a></li>
 
     <li><a href="http://kubeconform.mandragor.org/docs/crd-support/">Custom Resources support</a></li>
 
+    <li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">OpenAPI to JSON Schema conversion</a></li>
+
     <li><a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/">Github Action</a></li>
 
     <li><a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/">Kubeconform as a Go module</a></li>
 
-    <li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">Conversion of CRD to JSON Schema</a></li>
-
 </ul>
 <div id="main">
 
 <div class="navig">
+
+    <a href="http://kubeconform.mandragor.org/docs/overview/" id="prev">&lt; Overview</a>
 
-    <a href="http://kubeconform.mandragor.org/docs/usage/" id="prev">&lt; Usage</a>
 
+    <a href="http://kubeconform.mandragor.org/docs/usage/" id="next">Usage &gt;</a>
 
 </div>
 
@@ -55,14 +59,15 @@ <h2 id="macos">MacOs</h2>
 </code></pre></p>
 <h2 id="windows">Windows</h2>
 <p>Download the latest release from our <a href="https://github.com/yannh/kubeconform/releases">release page</a>.</p>
-<p>You can also download the latest version from the <a href="https://github.com/yannh/kubeconform/releases">release page</a>.</p>
 
 </div>
 
 <div class="navig">
+
+    <a href="http://kubeconform.mandragor.org/docs/overview/" id="prev">&lt; Overview</a>
 
-    <a href="http://kubeconform.mandragor.org/docs/usage/" id="prev">&lt; Usage</a>
 
+    <a href="http://kubeconform.mandragor.org/docs/usage/" id="next">Usage &gt;</a>
 
 </div>
 

site/public/docs/json-schema-conversion/index.html

@@ -3,7 +3,7 @@
     <meta charset="utf-8">
     <meta name="author" content="Yann Hamon">
     <link rel="stylesheet" type="text/css" href="/css/style.css"><link rel="stylesheet" type="text/css" href="/css/prism.css">
-    <title>Kubeconform - Fast Kubernetes manifests validation! | Conversion of CRD to JSON Schema</title>
+    <title>Kubeconform - Fast Kubernetes manifests validation! | OpenAPI to JSON Schema conversion</title>
 </head>
 <body>
     <div id="main-container"><div id="header">
@@ -17,30 +17,34 @@ <h2>A fast Kubernetes manifests validator</h2>
 </div>
 <div id="content"><ul id="menu">
 
+    <li><a href="http://kubeconform.mandragor.org/docs/overview/">Overview</a></li>
+
     <li><a href="http://kubeconform.mandragor.org/docs/installation/">Installation</a></li>
 
     <li><a href="http://kubeconform.mandragor.org/docs/usage/">Usage</a></li>
 
     <li><a href="http://kubeconform.mandragor.org/docs/crd-support/">Custom Resources support</a></li>
 
+    <li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">OpenAPI to JSON Schema conversion</a></li>
+
     <li><a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/">Github Action</a></li>
 
     <li><a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/">Kubeconform as a Go module</a></li>
 
-    <li><a href="http://kubeconform.mandragor.org/docs/json-schema-conversion/">Conversion of CRD to JSON Schema</a></li>
-
 </ul>
 <div id="main">
 
 <div class="navig">
+
+    <a href="http://kubeconform.mandragor.org/docs/crd-support/" id="prev">&lt; Custom Resources support</a>
 
 
-    <a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/" id="next">Kubeconform as a Go module &gt;</a>
+    <a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/" id="next">Github Action &gt;</a>
 
 </div>
 
 <div id="content-text">
-<h1>Conversion of CRD to JSON Schema</h1>
+<h1>OpenAPI to JSON Schema conversion</h1>
 <p>Kubeconform uses JSON schemas to validate Kubernetes resources. For custom resources, the CustomResourceDefinition
 first needs to be converted to JSON Schema. A script is provided to convert these CustomResourceDefinitions
 to JSON schema. Here is an example how to use it:</p>
@@ -60,9 +64,11 @@ <h1>Conversion of CRD to JSON Schema</h1>
 </div>
 
 <div class="navig">
+
+    <a href="http://kubeconform.mandragor.org/docs/crd-support/" id="prev">&lt; Custom Resources support</a>
 
 
-    <a href="http://kubeconform.mandragor.org/docs/using-as-a-go-module/" id="next">Kubeconform as a Go module &gt;</a>
+    <a href="http://kubeconform.mandragor.org/docs/usage-as-github-action/" id="next">Github Action &gt;</a>
 
 </div>