Getting started

Prevent Kubernetes misconfigurations from reaching production (again 😤 )! The CLI integration provides a policy enforcement solution to run automatic checks for rule violations.

Datree can be used on the command line to run policies against Kubernetes manifests YAML files or Helm charts.

tip

No prerequisites to get started!

We don't need access to your cluster, code or anything whatsoever for you to try it out

---

---

Quickstart

1. Install the Datree CLI

Binary releases can be downloaded from the releases page or can be installed directly

Linux

curl https://get.datree.io | /bin/bash

MacOS

curl https://get.datree.io | /bin/bash

Windows (PowerShell)

iwr -useb https://get.datree.io/windows_install.ps1 | iex

Homebrew

brew tap datreeio/datree
brew install datreeio/datree/datree

Docker

docker pull datree/datree

Using Helm?

Take a look at our Helm plugin

Using Kustomize?

Check out our built-in Kustomize support

2. Test a Kubernetes (demo) manifest

Run Datree to test it against a pre-compiled demo file - k8s-demo.yaml:

Linux

datree test ~/.datree/k8s-demo.yaml

MacOS

datree test ~/.datree/k8s-demo.yaml

Windows (PowerShell)

datree.exe test $env:USERPROFILE\.datree\k8s-demo.yaml

Docker

cat ~/.datree/k8s-demo.yaml | docker run -i datree/datree test -

You will get the following output in your CLI:

3. Customize your policy

Sign up to access your dashboard

Each policy check uses a "default" policy that includes 21 built-in rules. To configure the policy, switch back to your terminal, and sign up by clicking on the link at the bottom of the execution output:

Follow the link in the test summary:

The link from the CLI will lead to a sign-up page. To make it easier for you, so you will not need to create a new user, you can sign up with your private GitHub or Google account.

After sign-up, you'll be automatically redirected to your Centralized policy to set it according to your needs.

Enable/disable built-in rules

[OPTIONAL] Add your custom rules

In addition to the tool's built-in rules, you can also write any rule that you wish and run it against your Kubernetes configurations to check for violations. Read how to set up custom rules at Understanding custom rules.

4. Integrate Datree into your CI

Keep your repositories clean and stable by preventing misconfigurations as early as possible. Check out our integrations and CI/CD EXAMPLES for best practices with the most popular CI/CD platforms.