CLI output
Output structure
YAML validation
Kubernetes schema validation
Policy check
Files status
Policy table
Evaluated files
>> File: %fileName% - scanned file full (path) name
Check body
Every Kubernetes config that is scanned by Datree is also validated before the policy check is preformed. If the config is not valid, the policy check will not be calculated.
[ ] YAML validation
This step verifies that the file is a valid YAML file
[ ] Kubernetes schema validation
This step verifies that the file is a valid Kubernetes file
[ ] Policy check
This step verifies that the file is following your Kubernetes policy
A. Rule name - rules can be disabled from the centralized policy dashboard
B. Number of occurrences - how many times the rule failed on this specific file
C. Detailed failure occurrences - which configuration within your file prompted the failure
D. Message on fail - text can be changed from the centralized policy dashboard
Check summary
A summary of all the validations and policy checks that ran on this execution.
Files status
- Passing YAML validation - the total number of valid YAML files
- Passing Kubernetes (%schemaVersion%) schema validation - the total number of valid Kubernetes files
- Passing policy check - the total number of files that are passing all the rules in your policy
Policy table
- Enabled rules in policy “default” - number of rules enabled in this policy
- Configs tested against policy - number of configurations scanned (one YAML file can contain several Kubernetes configurations)
- Total rules evaluated - number of rules in policy X number of configs tested
- Total rules failed - number of rules failed from the total of rules evaluated
- Total rules passed - number of rules passed from the total of rules evaluated
- See all rules in policy - link to your account Centralized policy dashboard
Exit codes
The CLI will return one of the following exit codes:
| Exit Code | Description |
|---|---|
| 2 | One of the validations (YAML or Kubernetes schema) OR the policy check found at least one violation |
| 1 | The CLI ran into an error, or was used incorrectly (i.e. an unknown argument was passed) |
| 0 | All validations and the policy check passed and found no violations |