Skip to main content

Getting started

The Datree CLI is a versatile tool, allowing you to scan your k8s configs during development, as a pre-commit hook, and/or as part of your CI. Use the CLI to ensure no misconfigurations make it into your codebase.


No prerequisites to get started!

1. Install the Datree CLI

Binary releases can be downloaded from the releases page or can be installed directly

curl | /bin/bash


Using Helm?

Take a look at our Helm plugin


Using Kustomize?

Check out our built-in Kustomize support

2. Run a policy check against a Kubernetes manifest

Run the CLI against any Kubernetes YAML file.
You can use our demo file if you wish:

datree test ~/.datree/k8s-demo.yaml

You will get the following output in your CLI:


3. Customize your policy

Connect your CLI to your dashboard

Follow the link in the output summary:


To start using your dashboard, easily sign-up using your private GitHub or Google account, no need to enter any personal information.


Enable/disable built-in rules

After signing up, you'll be automatically redirected to your Centralized policy where you can configure it according to your needs:


[OPTIONAL] Add your custom rules

In addition to the tool's built-in rules, you can also write any rule that you wish and run it against your Kubernetes configurations to check for violations. Read how to set up custom rules at Understanding custom rules.

4. Integrate into your workflow

From develop to runtime, you can use Datree in every step of your Kuberenetes pipeline to help you prevent misconfigurations:
 Develop (code) - run the CLI locally (or as a pre-commit hook) to get instant validation
 Distribute (CI) - integrate with your CI platform to shift-left policy checks
 Deploy (CD) - gate your cluster with the admission webhook
 Runtime (production) - query deployed resources with the kubectl plugin to your know your status