A comprehensive catalog of popular Kubernetes CRDs in JSON schema format enabling schema validation and intellisense for Kubernetes resources.
Popular Kubernetes CRDs (CustomResourceDefinition) in JSON schema format.
This tool is used by Kubernetes developers and DevSecOps teams to validate custom and native Kubernetes resource manifests against official CRD schemas without requiring cluster access, enabling early detection of configuration errors. It supports integration with popular validation tools and IDEs to enhance cloud security and configuration correctness in CI pipelines and local development.
The CRD Extractor requires python3 and kubectl installed and supports MacOS and Linux platforms. Using this catalog enables a shift-left validation approach, allowing schema validation without cluster access, which is ideal for local development and CI pipelines. For YAML intellisense in VS Code, annotate manifests with the $schema property pointing to the relevant JSON schema URL. The included annotate-yaml.py script can automate this annotation process.
Download the latest release of the CRD Extractor from the repository releases page
Extract the downloaded crd-extractor.zip file
Ensure python3 and kubectl are installed on your machine
Run the CRD Extractor utility using ./crd-extractor.shdatree test [MANIFEST]
Run validation on Kubernetes manifests using Datree with CRD schemas
kubeconform -schema-location default -schema-location 'https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json' [MANIFEST]
Validate Kubernetes manifests using Kubeconform with CRD schemas from the catalog
Only supported with the CRD Extractor
kubeval supports CRD validation only when using schemas generated by the CRD Extractor
./crd-extractor.sh
Run the CRD Extractor utility to extract CRDs from a Kubernetes cluster and convert them to JSON schema