<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Flux – Flux Schema</title><link>https://fluxcd.io/flux/cli-plugins/flux-schema/</link><description>Recent content in Flux Schema on Flux</description><generator>Hugo -- gohugo.io</generator><language>en</language><atom:link href="https://fluxcd.io/flux/cli-plugins/flux-schema/index.xml" rel="self" type="application/rss+xml"/><item><title>Flux: Flux Schema Config</title><link>https://fluxcd.io/flux/cli-plugins/flux-schema/config/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://fluxcd.io/flux/cli-plugins/flux-schema/config/</guid><description>
&lt;p>The &lt;code>flux schema validate&lt;/code> command can load default flag values from a YAML
configuration file. The file shape is versioned and documented by the JSON
Schema in
&lt;a href="https://github.com/fluxcd/flux-schema/blob/v0.6.0/docs/config-v1beta1.json" target="_blank">&lt;code>config-v1beta1.json&lt;/code>&lt;/a>.&lt;/p>
&lt;h2 id="example">Example&lt;/h2>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-yaml" data-lang="yaml">&lt;span style="display:flex;">&lt;span>&lt;span style="color:#062873;font-weight:bold">apiVersion&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>schema.plugin.fluxcd.io/v1beta1&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb">&lt;/span>&lt;span style="color:#062873;font-weight:bold">kind&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>Config&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb">&lt;/span>&lt;span style="color:#062873;font-weight:bold">validate&lt;/span>:&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">schemaLocation&lt;/span>:&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>- default&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>- https://raw.githubusercontent.com/datreeio/CRDs-catalog/main&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">skipKind&lt;/span>:&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>- source.toolkit.fluxcd.io/v1/ExternalArtifact&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">skipJSONPath&lt;/span>:&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>- Secret:/sops&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">skipFile&lt;/span>:&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>- &lt;span style="color:#4070a0">&amp;#39;.*&amp;#39;&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>- kustomization.yaml&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">skipCELRules&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#007020;font-weight:bold">false&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">skipMissingSchemas&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#007020;font-weight:bold">false&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">verbose&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#007020;font-weight:bold">true&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">failFast&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#007020;font-weight:bold">false&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">concurrent&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#40a070">8&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">insecureSkipTLSVerify&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#007020;font-weight:bold">false&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">output&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>text&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Usage:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema validate ./manifests --config .fluxschema.yml
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>When &lt;code>--config&lt;/code> is not set, the &lt;code>FLUX_SCHEMA_CONFIG&lt;/code> environment variable is
used. When neither is set, Flux Schema looks for a config file at the
executable path plus &lt;code>.config&lt;/code>, for example &lt;code>~/.fluxcd/plugins/flux-schema.config&lt;/code>.&lt;/p>
&lt;h2 id="specification">Specification&lt;/h2>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Field&lt;/th>
&lt;th>Description&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>apiVersion&lt;/code>&lt;/td>
&lt;td>Config API version. Currently &lt;code>schema.plugin.fluxcd.io/v1beta1&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>kind&lt;/code>&lt;/td>
&lt;td>Config API kind. Currently &lt;code>Config&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>validate&lt;/code>&lt;/td>
&lt;td>Defaults for validation options.&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;h3 id="validation">Validation&lt;/h3>
&lt;p>The &lt;code>validate&lt;/code> section configures defaults for the &lt;code>flux schema validate&lt;/code> flags.&lt;/p>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Field&lt;/th>
&lt;th>Description&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>schemaLocation[]&lt;/code>&lt;/td>
&lt;td>Schema URLs, file paths, or templates tried in order.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>skipMissingSchemas&lt;/code>&lt;/td>
&lt;td>Skip documents for which no schema can be found.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>skipKind[]&lt;/code>&lt;/td>
&lt;td>Kind or apiVersion/kind patterns excluded from validation.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>skipJSONPath[]&lt;/code>&lt;/td>
&lt;td>JSON Pointers stripped before validation.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>skipFile[]&lt;/code>&lt;/td>
&lt;td>Basename glob patterns excluded from validation.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>skipCELRules&lt;/code>&lt;/td>
&lt;td>Disable evaluation of &lt;code>x-kubernetes-validations&lt;/code> CEL rules.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>verbose&lt;/code>&lt;/td>
&lt;td>Print a line for every document, including valid and skipped.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>failFast&lt;/code>&lt;/td>
&lt;td>Exit after the first invalid document.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>concurrent&lt;/code>&lt;/td>
&lt;td>Number of concurrent validation workers.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>insecureSkipTLSVerify&lt;/code>&lt;/td>
&lt;td>Disable TLS certificate verification when downloading schemas.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>output&lt;/code>&lt;/td>
&lt;td>Output format: &lt;code>text&lt;/code>, &lt;code>json&lt;/code>, or &lt;code>yaml&lt;/code>.&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;p>When the &lt;code>output&lt;/code> field is set to &lt;code>json&lt;/code> or &lt;code>yaml&lt;/code>, the result has the
&lt;a href="https://fluxcd.io/flux/cli-plugins/flux-schema/report/">Report API&lt;/a> shape.&lt;/p></description></item><item><title>Flux: Kubernetes Manifests Validation with Flux Schema CLI</title><link>https://fluxcd.io/flux/cli-plugins/flux-schema/manifests-validation/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://fluxcd.io/flux/cli-plugins/flux-schema/manifests-validation/</guid><description>
&lt;p>The &lt;code>flux schema validate&lt;/code> command validates Kubernetes YAML manifests from one
or more files or directories against a JSON Schema resolved from each
document&amp;rsquo;s &lt;code>apiVersion&lt;/code> and &lt;code>kind&lt;/code>.&lt;/p>
&lt;p>Examples:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>&lt;span style="color:#60a0b0;font-style:italic"># Validate all YAML files in a directory tree&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>flux schema validate ./manifests --skip-missing-schemas
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#60a0b0;font-style:italic"># Validate a Helm chart by piping the rendered output&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>helm template ./charts/app | flux schema validate --verbose
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>A non-zero exit code is returned when any document is invalid or errored.&lt;/p>
&lt;h2 id="flags">Flags&lt;/h2>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Flag&lt;/th>
&lt;th>Description&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>--schema-location&lt;/code>&lt;/td>
&lt;td>URL or file path for schemas (repeatable, tried in order); &lt;code>default&lt;/code> points at the built-in catalog.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--skip-missing-schemas&lt;/code>&lt;/td>
&lt;td>Skip documents for which no schema can be found.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--skip-kind&lt;/code>&lt;/td>
&lt;td>Skip documents matching &lt;code>kind&lt;/code> or &lt;code>apiVersion/kind&lt;/code> (repeatable).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--skip-json-path&lt;/code>&lt;/td>
&lt;td>Strip a JSON Pointer field before validation, optionally scoped: &lt;code>[apiVersion/kind:]/path&lt;/code> (repeatable).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--skip-file&lt;/code>&lt;/td>
&lt;td>Glob pattern matched against files and dirs; defaults to skipping dotfiles and dot-dirs (repeatable).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--skip-cel-rules&lt;/code>&lt;/td>
&lt;td>Skip evaluation of &lt;code>x-kubernetes-validations&lt;/code> CEL rules.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--fail-fast&lt;/code>&lt;/td>
&lt;td>Exit after the first invalid document.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--concurrent&lt;/code>&lt;/td>
&lt;td>Number of concurrent workers (default 8).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--insecure-skip-tls-verify&lt;/code>&lt;/td>
&lt;td>Disable TLS certificate verification when fetching schemas over HTTPS.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>-v, --verbose&lt;/code>&lt;/td>
&lt;td>Print a line for every document, including valid and skipped ones.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>-o, --output&lt;/code>&lt;/td>
&lt;td>Output format, one of &lt;code>text&lt;/code>, &lt;code>json&lt;/code> or &lt;code>yaml&lt;/code> (default: &lt;code>text&lt;/code>).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--config&lt;/code>&lt;/td>
&lt;td>Path to a YAML file supplying default values for validate flags (env: &lt;code>FLUX_SCHEMA_CONFIG&lt;/code>).&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;h2 id="schema-location">Schema location&lt;/h2>
&lt;p>When no &lt;code>--schema-location&lt;/code> is given, &lt;code>validate&lt;/code> uses the
&lt;a href="https://github.com/fluxcd/flux-schema/blob/v0.6.0/catalog/README.md" target="_blank">Flux Schema catalog&lt;/a>, which covers the latest Kubernetes and OpenShift APIs,
the stable channel of Gateway API, and the Flux ecosystem CRDs:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema validate ./manifests
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>To validate against your own schemas generated by &lt;code>flux schema extract&lt;/code>, pass
the directory as &lt;code>--schema-location&lt;/code>. Bare paths and URLs are auto-expanded to
the catalog layout &lt;code>{{.Group}}/{{.Kind}}_{{.Version}}.json&lt;/code>:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema validate ./manifests --schema-location ./my-schemas
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>For a different layout, pass a full Go template ending in &lt;code>.json&lt;/code>:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema validate ./manifests &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --schema-location &lt;span style="color:#4070a0">&amp;#39;./schemas/{{.Kind}}-{{.GroupPrefix}}-{{.Version}}.json&amp;#39;&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Template variables are &lt;code>.Group&lt;/code>, &lt;code>.GroupPrefix&lt;/code>, &lt;code>.Kind&lt;/code>, and &lt;code>.Version&lt;/code>.&lt;/p>
&lt;p>The &lt;code>--schema-location&lt;/code> flag is repeatable and locations are tried in order
(the first match wins). Pass the literal value &lt;code>default&lt;/code> to include the
Flux Schema catalog alongside your own schemas:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema validate ./manifests &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --schema-location default &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --schema-location https://raw.githubusercontent.com/datreeio/CRDs-catalog/main &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --schema-location &lt;span style="color:#4070a0">&amp;#39;./schemas/{{.Kind}}-{{.GroupPrefix}}-{{.Version}}.json&amp;#39;&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>See
&lt;a href="https://fluxcd.io/flux/cli-plugins/flux-schema/custom-schema-catalog/">custom catalogs&lt;/a> for guidance on building and hosting
your own schema catalog.&lt;/p>
&lt;h2 id="skipping-documents-and-fields">Skipping documents and fields&lt;/h2>
&lt;p>Manifests can be piped in and certain documents skipped with &lt;code>--skip-kind&lt;/code>:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>kustomize build . | flux schema validate &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --skip-kind &lt;span style="color:#4070a0">&amp;#39;Service&amp;#39;&lt;/span> &lt;span style="color:#4070a0;font-weight:bold">\ &lt;/span>&lt;span style="color:#60a0b0;font-style:italic"># matches any Service kind regardless of apiVersion&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> --skip-kind &lt;span style="color:#4070a0">&amp;#39;source.toolkit.fluxcd.io/v1/ExternalArtifact&amp;#39;&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Some manifests carry tooling-injected fields that are stripped at apply time
by Flux (e.g. SOPS-encrypted Secrets). Use &lt;code>--skip-json-path&lt;/code> to remove those
fields from validation so the rest of the document is still checked:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema validate ./manifests &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --skip-json-path &lt;span style="color:#4070a0">&amp;#39;v1/Secret:/sops&amp;#39;&lt;/span> &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --skip-json-path &lt;span style="color:#4070a0">&amp;#39;Deployment:/sops&amp;#39;&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="output">Output&lt;/h2>
&lt;p>Default output (&lt;code>-o text&lt;/code>) prints one line per document with its validation result,
and a summary at the end. To print valid documents and skipped ones alongside
invalid ones, pass &lt;code>--verbose&lt;/code>:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-console" data-lang="console">&lt;span style="display:flex;">&lt;span>&lt;span style="color:#c65d09;font-weight:bold">$&lt;/span> flux schema validate ./manifests --verbose
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="">&lt;/span>&lt;span style="color:#888">manifests/releases.yaml - HelmRelease/apps/frontend is invalid: cel violation
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#888"> - /spec: Invalid value: either &amp;#39;chart&amp;#39; or &amp;#39;chartRef&amp;#39; must be set
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#888">manifests/sources.yaml - Bucket/apps/frontend-config is invalid: schema violation
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#888"> - /spec: missing property &amp;#39;bucketName&amp;#39;
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#888"> - /spec/interval: got number, want string
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#888"> - /spec/secretRef/name: got object, want string
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#888"> - /spec: additional properties &amp;#39;force&amp;#39; not allowed
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#888">manifests/sources.yaml - OCIRepository/apps/frontend is invalid: yaml parse error
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#888"> - line 10: key &amp;#34;app.kubernetes.io/name&amp;#34; already set in map
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#888">manifests/sources.yaml - HelmChart/apps/frontend is valid
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#888">manifests/sources.yaml - Secret/apps/auth-sops is skipped: kind skipped
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#888">Summary: 5 resources found in 2 files - Valid: 1, Invalid: 3, Skipped: 1
&lt;/span>&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>For CI pipelines and tooling, pass &lt;code>-o json&lt;/code> (or &lt;code>-o yaml&lt;/code>) to emit a
machine-readable report instead of plain text:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema validate ./manifests -o json
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Example JSON output:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-json" data-lang="json">&lt;span style="display:flex;">&lt;span>{
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;schema.plugin.fluxcd.io/v1beta1&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;Report&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;$schema&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;https://raw.githubusercontent.com/fluxcd/flux-schema/main/docs/report-v1beta1.json&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;report&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;reporter&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;flux-schema/v0.1.0&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;timestamp&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;2026-05-20T12:00:00Z&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;summary&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;total&amp;#34;&lt;/span>: &lt;span style="color:#40a070">3&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;valid&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;invalid&amp;#34;&lt;/span>: &lt;span style="color:#40a070">2&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;skipped&amp;#34;&lt;/span>: &lt;span style="color:#40a070">0&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;results&amp;#34;&lt;/span>: [
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resource&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;v1&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;Namespace&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;name&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;apps&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;manifests/apps.yaml&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;idx&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;status&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;valid&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resource&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;helm.toolkit.fluxcd.io/v2&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;HelmRelease&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;name&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;frontend&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;namespace&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;apps&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;manifests/apps.yaml&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;idx&amp;#34;&lt;/span>: &lt;span style="color:#40a070">2&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;status&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;invalid&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;reason&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;cel-violation&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;violations&amp;#34;&lt;/span>: [
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;path&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;/spec&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;message&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;Invalid value: either &amp;#39;chart&amp;#39; or &amp;#39;chartRef&amp;#39; must be set&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> ]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resource&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;source.toolkit.fluxcd.io/v1&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;OCIRepository&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;name&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;frontend&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;namespace&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;apps&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;manifests/apps.yaml&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;idx&amp;#34;&lt;/span>: &lt;span style="color:#40a070">3&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;status&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;invalid&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;reason&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;schema-violation&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;violations&amp;#34;&lt;/span>: [
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;path&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;/spec&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;message&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;additional properties &amp;#39;force&amp;#39; not allowed&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;path&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;/spec/interval&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;message&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;got number, want string&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> ]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> ]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>}
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>See the
&lt;a href="https://fluxcd.io/flux/cli-plugins/flux-schema/report/">validation report reference&lt;/a> for the full envelope
shape, the &lt;code>reason&lt;/code> enum, and an example covering every result type. The
report is versioned by a published
&lt;a href="https://github.com/fluxcd/flux-schema/blob/v0.6.0/docs/report-v1beta1.json" target="_blank">JSON Schema&lt;/a>.&lt;/p>
&lt;h2 id="validation-rules">Validation rules&lt;/h2>
&lt;ul>
&lt;li>YAML documents with duplicate keys are rejected matching Flux behavior.&lt;/li>
&lt;li>Documents missing both &lt;code>metadata.name&lt;/code> and &lt;code>metadata.generateName&lt;/code> are
flagged as invalid matching Kubernetes API behavior.&lt;/li>
&lt;li>&lt;code>metadata.name&lt;/code>, &lt;code>generateName&lt;/code>, &lt;code>namespace&lt;/code>, and &lt;code>labels&lt;/code>/&lt;code>annotations&lt;/code>
keys and values are checked against the Kubernetes API server&amp;rsquo;s ObjectMeta
rules (DNS-1123, qualified names).&lt;/li>
&lt;li>Schemas produced by &lt;code>flux schema extract crd&lt;/code> close objects with
&lt;code>additionalProperties: false&lt;/code>, so undocumented fields under &lt;code>spec&lt;/code> fail
validation.&lt;/li>
&lt;li>String formats &lt;code>duration&lt;/code>, &lt;code>date&lt;/code>, &lt;code>datetime&lt;/code>/&lt;code>date-time&lt;/code>, and &lt;code>time&lt;/code> are
validated matching Kubernetes OpenAPI conventions.&lt;/li>
&lt;/ul>
&lt;h2 id="cel-validation-rules">CEL validation rules&lt;/h2>
&lt;p>By default, the validate command extracts the &lt;code>x-kubernetes-validations&lt;/code>
rules from the schemas and evaluates them as CEL expressions using the same
engine as the Kubernetes API.&lt;/p>
&lt;p>CEL evaluation runs only after JSON Schema validation passes, and any rule
violations are reported with the &lt;code>cel-violation&lt;/code> reason. Transition rules
referencing &lt;code>oldSelf&lt;/code> evaluate with no prior state, matching the Kubernetes
API behavior on &lt;code>CREATE&lt;/code>.&lt;/p>
&lt;p>The CEL validation can be disabled with the &lt;code>--skip-cel-rules&lt;/code> flag.&lt;/p>
&lt;h2 id="config-file">Config file&lt;/h2>
&lt;p>Flag values can be pre-set in a YAML config file and referenced with&lt;code>--config&lt;/code>
or with the &lt;code>FLUX_SCHEMA_CONFIG&lt;/code> environment variable. This keeps long invocations
out of CI scripts and makes validation reproducible across environments.&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema validate ./manifests --config .fluxschema.yml
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>The file is wrapped in a &lt;code>Config&lt;/code> API envelope and has a &lt;code>validate&lt;/code> section
for validation defaults. The shape is documented by the
&lt;a href="https://github.com/fluxcd/flux-schema/blob/v0.6.0/docs/config-v1beta1.json" target="_blank">Config JSON Schema&lt;/a>.&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-yaml" data-lang="yaml">&lt;span style="display:flex;">&lt;span>&lt;span style="color:#062873;font-weight:bold">apiVersion&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>schema.plugin.fluxcd.io/v1beta1&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb">&lt;/span>&lt;span style="color:#062873;font-weight:bold">kind&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>Config&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb">&lt;/span>&lt;span style="color:#062873;font-weight:bold">validate&lt;/span>:&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">schemaLocation&lt;/span>:&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>- default&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>- https://raw.githubusercontent.com/datreeio/CRDs-catalog/main&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">skipKind&lt;/span>:&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>- source.toolkit.fluxcd.io/v1/ExternalArtifact&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">skipJSONPath&lt;/span>:&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>- Secret:/sops&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">skipFile&lt;/span>:&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>- &lt;span style="color:#4070a0">&amp;#39;.*&amp;#39;&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>- kustomization.yaml&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">skipCELRules&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#007020;font-weight:bold">false&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">skipMissingSchemas&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#007020;font-weight:bold">false&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">verbose&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#007020;font-weight:bold">true&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">failFast&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#007020;font-weight:bold">false&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">concurrent&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#40a070">8&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">insecureSkipTLSVerify&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#007020;font-weight:bold">false&lt;/span>&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bbb"> &lt;/span>&lt;span style="color:#062873;font-weight:bold">output&lt;/span>:&lt;span style="color:#bbb"> &lt;/span>text&lt;span style="color:#bbb">
&lt;/span>&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Rules:&lt;/p>
&lt;ul>
&lt;li>CLI flags override config values. Setting &lt;code>--verbose=false&lt;/code> wins over
&lt;code>verbose: true&lt;/code> in the file.&lt;/li>
&lt;li>Setting &lt;code>--config&lt;/code> overrides &lt;code>FLUX_SCHEMA_CONFIG&lt;/code>. When both are set, the
flag wins and the env var is ignored.&lt;/li>
&lt;li>Manifest paths stay positional. The config file configures how to validate;
paths are given on the command line.&lt;/li>
&lt;/ul>
&lt;h2 id="running-in-ci">Running in CI&lt;/h2>
&lt;h3 id="github-actions">GitHub Actions&lt;/h3>
&lt;p>See the
&lt;a href="https://github.com/fluxcd/flux-schema/blob/v0.6.0/actions/validate/README.md" target="_blank">validate action&lt;/a> reference.&lt;/p>
&lt;h3 id="docker">Docker&lt;/h3>
&lt;p>The &lt;code>ghcr.io/fluxcd/flux-schema&lt;/code> image bakes the
&lt;a href="https://github.com/fluxcd/flux-schema/blob/v0.6.0/catalog/README.md" target="_blank">default catalog&lt;/a>
into &lt;code>/catalog/latest/&lt;/code>, so manifests can be validated offline without fetching schemas from GitHub.&lt;/p>
&lt;p>Mount the manifests directory and point &lt;code>--schema-location&lt;/code> at the builtin catalog:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-sh" data-lang="sh">&lt;span style="display:flex;">&lt;span>docker run --rm &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> -v &lt;span style="color:#4070a0">&amp;#34;&lt;/span>&lt;span style="color:#bb60d5">$PWD&lt;/span>&lt;span style="color:#4070a0">/manifests:/manifests:ro&amp;#34;&lt;/span> &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> ghcr.io/fluxcd/flux-schema:latest validate /manifests &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --schema-location /catalog/latest
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Or pipe rendered manifests into the container over stdin
(note the &lt;code>-i&lt;/code> flag to keep stdin open):&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-sh" data-lang="sh">&lt;span style="display:flex;">&lt;span>kustomize build ./manifests | docker run --rm -i &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> ghcr.io/fluxcd/flux-schema:latest validate &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --schema-location /catalog/latest &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --skip-missing-schemas
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Notes:&lt;/p>
&lt;ul>
&lt;li>Use &lt;code>--schema-location /catalog/latest&lt;/code> rather than &lt;code>default&lt;/code> for air-gapped environments.&lt;/li>
&lt;li>Pin the image to a release tag e.g. &lt;code>ghcr.io/fluxcd/flux-schema:v0.3.0&lt;/code>.&lt;/li>
&lt;li>Tu use your own schema catalog, repeat &lt;code>--schema-location&lt;/code> with another mounted directory.&lt;/li>
&lt;/ul></description></item><item><title>Flux: GitOps Repository Discovery with Flux Schema CLI</title><link>https://fluxcd.io/flux/cli-plugins/flux-schema/repo-discovery/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://fluxcd.io/flux/cli-plugins/flux-schema/repo-discovery/</guid><description>
&lt;p>The &lt;code>flux schema discover&lt;/code> command catalogs the Kubernetes manifests in a
GitOps repository and emits a structured inventory. The inventory is
designed for AI agents and automation auditing a repository: it maps the
directory structure, lists every Flux resource with its defining file,
and counts plain Kubernetes resources.&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema discover ./my-gitops-repo -o json
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>The scan is purely static: no kustomize builds, no Helm rendering, no
cluster access. Resources are counted once, where they are defined on
disk. To validate the rendered output of kustomize overlays, see the
&lt;a href="https://fluxcd.io/flux/cli-plugins/flux-schema/manifests-validation/">manifest validation guide&lt;/a>.&lt;/p>
&lt;h2 id="why-ai-agents-should-use-this-command">Why AI agents should use this command&lt;/h2>
&lt;p>An agent exploring a GitOps repository with &lt;code>tree&lt;/code>, &lt;code>ls&lt;/code> and &lt;code>grep&lt;/code> sees
file names and string matches, not resources. Flux Schema discovery replaces
the read-and-grep loop that follows with one deterministic pass:&lt;/p>
&lt;ul>
&lt;li>&lt;strong>File names reveal nothing.&lt;/strong> GitOps repos are full of &lt;code>sync.yaml&lt;/code>,
&lt;code>release.yaml&lt;/code> and multi-document files; a file listing cannot reveal
what resources a file holds, which API versions they use, or their
names and namespaces. The inventory extracts all of it in one call
instead of N file reads.&lt;/li>
&lt;li>&lt;strong>String matching miscounts.&lt;/strong> &lt;code>grep -rl &amp;quot;kind: HelmRelease&amp;quot;&lt;/code> matches
kustomize patch files and patch-target references alongside real
resources. The inventory excludes patch files by resolving the
kustomization &lt;code>patches&lt;/code> references, so every resource is counted
exactly once across base and overlays.&lt;/li>
&lt;li>&lt;strong>Every kind carries its API version.&lt;/strong> The &lt;code>resources&lt;/code> census counts
every resource per &lt;code>apiVersion/Kind&lt;/code>, Flux and plain Kubernetes alike,
so outdated API versions of any CRD are visible from the inventory
alone.&lt;/li>
&lt;li>&lt;strong>The output is budgeted for context windows.&lt;/strong> Flux resources — the
usual audit subjects — are enumerated per file; plain Kubernetes
resources appear only as counts (2,000 Deployments cost a few lines,
not thousands); Helm chart and Terraform subtrees are pruned. A typical
repository inventories in a few KB.&lt;/li>
&lt;li>&lt;strong>The shape is a versioned contract.&lt;/strong> The JSON envelope is validated
by a published
&lt;a href="https://fluxcd.io/flux/cli-plugins/flux-schema/inventory/">JSON Schema&lt;/a>, so agents can
parse it programmatically instead of interpreting ad-hoc shell output.&lt;/li>
&lt;/ul>
&lt;p>For very large repositories (hundreds of Flux resources), the inventory
grows with the Flux resource count in every output format. Scope the
scan to the subtree under audit
(&lt;code>flux schema discover ./clusters/production -o json&lt;/code>) or exclude
directories with &lt;code>--skip-file&lt;/code> to keep the output small.&lt;/p>
&lt;p>&lt;code>tree&lt;/code> remains useful for what &lt;code>discover&lt;/code> deliberately ignores: READMEs,
scripts, CI configs, and other non-Kubernetes content.&lt;/p>
&lt;h2 id="flags">Flags&lt;/h2>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Flag&lt;/th>
&lt;th>Default&lt;/th>
&lt;th>Description&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>[path]&lt;/code>&lt;/td>
&lt;td>&lt;code>.&lt;/code>&lt;/td>
&lt;td>Directory (or single file) to scan.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--skip-file&lt;/code>&lt;/td>
&lt;td>&lt;code>.*&lt;/code>&lt;/td>
&lt;td>Glob pattern matched against file and directory basenames, repeatable. The default skips dotfiles and dot-directories such as &lt;code>.git&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>-o, --output&lt;/code>&lt;/td>
&lt;td>&lt;code>text&lt;/code>&lt;/td>
&lt;td>Output format: &lt;code>text&lt;/code>, &lt;code>json&lt;/code> or &lt;code>yaml&lt;/code>.&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;p>The command always exits zero on a successful scan, even when nothing is
found — discovery is informational. Reading from stdin is not supported:
directory classification is path-based and meaningless for a stream.&lt;/p>
&lt;h2 id="classification-rules">Classification rules&lt;/h2>
&lt;p>Both &lt;code>.yaml&lt;/code> and &lt;code>.yml&lt;/code> files are scanned. Per YAML document:&lt;/p>
&lt;ul>
&lt;li>Documents without both &lt;code>apiVersion&lt;/code> and &lt;code>kind&lt;/code> are ignored.&lt;/li>
&lt;li>Documents in the &lt;code>kustomize.config.k8s.io&lt;/code> group mark their directory as
a kustomize overlay and are not counted as resources.&lt;/li>
&lt;li>Every resource is counted per &lt;code>apiVersion/Kind&lt;/code> in the &lt;code>resources&lt;/code>
census.&lt;/li>
&lt;li>Documents whose API group contains &lt;code>fluxcd&lt;/code> are Flux resources,
additionally listed under &lt;code>flux&lt;/code> with their defining file.&lt;/li>
&lt;/ul>
&lt;p>Every directory in the inventory carries one of four types:&lt;/p>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Type&lt;/th>
&lt;th>Meaning&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>kubernetes-manifests&lt;/code>&lt;/td>
&lt;td>Plain Kubernetes YAML manifests.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>kustomize-overlay&lt;/code>&lt;/td>
&lt;td>Contains a kustomize configuration file.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>helm-chart&lt;/code>&lt;/td>
&lt;td>Contains a &lt;code>Chart.yaml&lt;/code>; the directory subtree is not scanned.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>terraform-module&lt;/code>&lt;/td>
&lt;td>Contains &lt;code>.tf&lt;/code> files; the directory subtree is not scanned.&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;p>When a directory holds both a &lt;code>Chart.yaml&lt;/code> and &lt;code>.tf&lt;/code> files, the Helm chart classification wins.&lt;/p>
&lt;h3 id="kustomize-patch-files">Kustomize patch files&lt;/h3>
&lt;p>Files referenced as kustomize patches (&lt;code>patches&lt;/code>, &lt;code>patchesStrategicMerge&lt;/code>,
&lt;code>patchesJson6902&lt;/code>) are excluded from the inventory entirely. Patch files
look like full manifests but only describe modifications to resources
defined elsewhere, so counting them would duplicate resources across base
and overlays. Inline patches need no special handling. An overlay
directory whose only content is the kustomize configuration and patch
files still appears in &lt;code>directories&lt;/code> as &lt;code>kustomize-overlay&lt;/code>.&lt;/p>
&lt;h3 id="path-handling">Path handling&lt;/h3>
&lt;p>All &lt;code>source&lt;/code> and &lt;code>path&lt;/code> values in the inventory are &lt;code>/&lt;/code>-separated and
relative to the scanned root; resources at the root itself land in the
&lt;code>.&lt;/code> directory. Unlike Git-based tooling, &lt;code>discover&lt;/code> does not honor
&lt;code>.gitignore&lt;/code> — use &lt;code>--skip-file&lt;/code> to exclude generated or vendored
directories by basename.&lt;/p>
&lt;p>The scan is confined to the scanned root at the operating-system level,
so a link pointing outside the repository can never leak content into the
inventory or make the scan read arbitrary files. Symbolic links are not
followed even when they stay inside the root: the walk already visits the
real target, so following the link too would list the same resource
twice.&lt;/p>
&lt;h2 id="output">Output&lt;/h2>
&lt;p>The default &lt;code>text&lt;/code> output mirrors the envelope order — directory
classifications, the per-GVK resource census, the Flux resources by
defining file, and summary line:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-text" data-lang="text">&lt;span style="display:flex;">&lt;span>Directories:
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> apps/base: kustomize-overlay
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> apps/overlays/prod: kustomize-overlay
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> charts/podinfo: helm-chart
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> clusters/prod: kubernetes-manifests
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> infra/tf: terraform-module
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> legacy: kubernetes-manifests
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>Resources:
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> apps/v1/Deployment: 1
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> fluxcd.controlplane.io/v1/FluxInstance: 1
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> helm.toolkit.fluxcd.io/v2/HelmRelease: 1
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> kustomize.toolkit.fluxcd.io/v1/Kustomization: 1
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> source.toolkit.fluxcd.io/v1/GitRepository: 1
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> v1/ConfigMap: 1
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> v1/Service: 1
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>Flux:
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> FluxInstance:
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> clusters/prod/instance.yaml: flux-system/flux
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> GitRepository:
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> clusters/prod/flux-system.yaml: flux-system/flux-system
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> HelmRelease:
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> apps/base/podinfo.yaml: podinfo/podinfo
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> Kustomization:
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> clusters/prod/flux-system.yaml: flux-system/apps
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>Summary: 7 resources found in 8 files with 92 lines of YAML
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>With &lt;code>-o json&lt;/code> or &lt;code>-o yaml&lt;/code> the command emits the versioned Inventory
envelope documented in the
&lt;a href="https://fluxcd.io/flux/cli-plugins/flux-schema/inventory/">inventory reference&lt;/a>:
&lt;code>resources&lt;/code> counts everything per &lt;code>apiVersion/Kind&lt;/code>, and &lt;code>flux&lt;/code> maps
each Flux kind to its defining files and the &lt;code>namespace/name&lt;/code> identities
they declare (the API version is already in the census):&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-json" data-lang="json">&lt;span style="display:flex;">&lt;span>{
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;schema.plugin.fluxcd.io/v1beta1&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;Inventory&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;$schema&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;https://raw.githubusercontent.com/fluxcd/flux-schema/main/docs/inventory-v1beta1.json&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;inventory&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;reporter&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;flux-schema/0.3.0&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;timestamp&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;2026-06-11T10:30:00Z&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;summary&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;files&amp;#34;&lt;/span>: &lt;span style="color:#40a070">8&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resources&amp;#34;&lt;/span>: &lt;span style="color:#40a070">7&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;lines-of-yaml&amp;#34;&lt;/span>: &lt;span style="color:#40a070">92&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;directories&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apps/base&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;kustomize-overlay&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apps/overlays/prod&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;kustomize-overlay&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;charts/podinfo&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;helm-chart&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;clusters/prod&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;kubernetes-manifests&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;infra/tf&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;terraform-module&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;legacy&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;kubernetes-manifests&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resources&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apps/v1/Deployment&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;fluxcd.controlplane.io/v1/FluxInstance&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;helm.toolkit.fluxcd.io/v2/HelmRelease&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kustomize.toolkit.fluxcd.io/v1/Kustomization&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source.toolkit.fluxcd.io/v1/GitRepository&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;v1/ConfigMap&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;v1/Service&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;flux&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;FluxInstance&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;clusters/prod/instance.yaml&amp;#34;&lt;/span>: [&lt;span style="color:#4070a0">&amp;#34;flux-system/flux&amp;#34;&lt;/span>]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;GitRepository&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;clusters/prod/flux-system.yaml&amp;#34;&lt;/span>: [&lt;span style="color:#4070a0">&amp;#34;flux-system/flux-system&amp;#34;&lt;/span>]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;HelmRelease&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apps/base/podinfo.yaml&amp;#34;&lt;/span>: [&lt;span style="color:#4070a0">&amp;#34;podinfo/podinfo&amp;#34;&lt;/span>]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;Kustomization&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;clusters/prod/flux-system.yaml&amp;#34;&lt;/span>: [&lt;span style="color:#4070a0">&amp;#34;flux-system/apps&amp;#34;&lt;/span>]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>}
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="reading-the-inventory">Reading the inventory&lt;/h2>
&lt;p>The inventory answers an auditing agent&amp;rsquo;s first questions without any grepping:&lt;/p>
&lt;ul>
&lt;li>&lt;strong>Repository pattern&lt;/strong> — the sorted &lt;code>directories&lt;/code> map reads as a tree.
&lt;code>GitRepository&lt;/code> or &lt;code>OCIRepository&lt;/code> resources defined in the same
directories as Flux &lt;code>Kustomization&lt;/code> resources (typically under
&lt;code>clusters/&lt;/code>) mark cluster sync entrypoints; &lt;code>FluxInstance&lt;/code> resources
indicate a Flux Operator managed cluster.&lt;/li>
&lt;li>&lt;strong>Navigation&lt;/strong> — every Flux kind in &lt;code>flux&lt;/code> is keyed by its defining
files, so an agent can open exactly the files relevant to an audit.&lt;/li>
&lt;li>&lt;strong>API currency&lt;/strong> — the &lt;code>resources&lt;/code> census is keyed by
&lt;code>apiVersion/Kind&lt;/code>, so deprecated API versions of Flux and third-party
CRDs stand out without reading a single manifest.&lt;/li>
&lt;li>&lt;strong>Scope boundaries&lt;/strong> — &lt;code>helm-chart&lt;/code> and &lt;code>terraform-module&lt;/code> directories exist in
the map but contribute no resources, signaling that their contents are
not Kubernetes manifests to lint.&lt;/li>
&lt;/ul></description></item><item><title>Flux: Maintaining Custom Catalogs with Flux Schema CLI</title><link>https://fluxcd.io/flux/cli-plugins/flux-schema/custom-schema-catalog/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://fluxcd.io/flux/cli-plugins/flux-schema/custom-schema-catalog/</guid><description>
&lt;p>A catalog is a directory tree of JSON Schemas laid out so that
&lt;code>flux schema validate&lt;/code> can resolve a schema from a manifest&amp;rsquo;s &lt;code>apiVersion&lt;/code>
and &lt;code>kind&lt;/code>. The built-in
&lt;a href="https://github.com/fluxcd/flux-schema/blob/v0.6.0/catalog/README.md" target="_blank">Flux Schema catalog&lt;/a> ships
schemas for Kubernetes, OpenShift, Gateway API, and the Flux ecosystem;
custom catalogs let you cover internal CRDs, pin specific upstream versions,
or assemble a layout that fits your tooling.&lt;/p>
&lt;h2 id="layout">Layout&lt;/h2>
&lt;p>The default resolution template is:&lt;/p>
&lt;pre tabindex="0">&lt;code>{{ .Group }}/{{ .Kind }}_{{ .Version }}.json
&lt;/code>&lt;/pre>&lt;p>For example, &lt;code>apiVersion: source.toolkit.fluxcd.io/v1&lt;/code>, &lt;code>kind: GitRepository&lt;/code>
resolves to &lt;code>source.toolkit.fluxcd.io/GitRepository_v1.json&lt;/code>.&lt;/p>
&lt;p>All template variables are lowercased at render time, so the file names on
disk are lowercase even though &lt;code>apiVersion&lt;/code>/&lt;code>kind&lt;/code> are mixed case.&lt;/p>
&lt;p>If you need a different layout (for example the kubeconform/kubeval flat
form), pass a full template to &lt;code>--schema-location&lt;/code>:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema validate ./manifests &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --schema-location &lt;span style="color:#4070a0">&amp;#39;./my-catalog/{{.Kind}}-{{.GroupPrefix}}-{{.Version}}.json&amp;#39;&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Supported template variables:&lt;/p>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Variable&lt;/th>
&lt;th>Example&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>.Group&lt;/code>&lt;/td>
&lt;td>&lt;code>source.toolkit.fluxcd.io&lt;/code>&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>.GroupPrefix&lt;/code>&lt;/td>
&lt;td>&lt;code>source&lt;/code>&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>.Kind&lt;/code>&lt;/td>
&lt;td>&lt;code>gitrepository&lt;/code>&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>.Version&lt;/code>&lt;/td>
&lt;td>&lt;code>v1&lt;/code>&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;p>An empty &lt;code>.Group&lt;/code> (Kubernetes core API, e.g. &lt;code>apiVersion: v1&lt;/code>) is normalized
to &lt;code>core&lt;/code>, and &lt;code>.GroupPrefix&lt;/code> is derived from &lt;code>.Group&lt;/code> when unset. So a core
&lt;code>Pod&lt;/code> renders as &lt;code>core/pod_v1.json&lt;/code> with the default template and resolves to
the same path when &lt;code>validate&lt;/code> looks up its schema.&lt;/p>
&lt;p>The &lt;code>extract&lt;/code> commands described below all share the same default template
and &lt;code>-f, --output-format&lt;/code> flag, so a single &lt;code>--schema-location&lt;/code> resolves
everything you generate.&lt;/p>
&lt;h2 id="populating-a-catalog">Populating a catalog&lt;/h2>
&lt;p>The &lt;code>flux schema extract&lt;/code> commands write one JSON Schema file per kind, using
the layout above by default. Mix and match these commands to cover the
Kubernetes core APIs, OpenShift resources, and any CRDs your manifests rely
on.&lt;/p>
&lt;h3 id="kubernetes-crds">Kubernetes CRDs&lt;/h3>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema extract crd &lt;span style="color:#666">[&lt;/span>files...&lt;span style="color:#666">]&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Reads bare CRDs, a &lt;code>List&lt;/code> of CRDs, or a multi-document YAML stream, and
emits one schema file per CRD version.&lt;/p>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Flag&lt;/th>
&lt;th>Description&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>-d, --output-dir&lt;/code>&lt;/td>
&lt;td>Directory to write JSON Schema files to (mutually exclusive with &lt;code>--output-archive&lt;/code>).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>-a, --output-archive&lt;/code>&lt;/td>
&lt;td>Path to write a gzipped tar archive of JSON Schema files to.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>-f, --output-format&lt;/code>&lt;/td>
&lt;td>Go template for output file paths (default: &lt;code>{{ .Group }}/{{ .Kind }}_{{ .Version }}.json&lt;/code>).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--strip-description&lt;/code>&lt;/td>
&lt;td>Drop &lt;code>description&lt;/code> fields from the generated schemas to reduce their size.&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;p>Generate schemas for every CRD installed in a cluster:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>kubectl get crds -o yaml | flux schema extract crd -d ./my-catalog
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Or from a kustomize build of an operator&amp;rsquo;s CRD bundle:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>kustomize build ./config/crd | flux schema extract crd -d ./my-catalog
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;blockquote>
&lt;p>The output is also compatible with &lt;code>kubeconform&lt;/code> and &lt;code>kubeval&lt;/code>, making
&lt;code>extract crd&lt;/code> a drop-in replacement for kubeconform&amp;rsquo;s
&lt;a href="https://github.com/yannh/kubeconform/blob/master/scripts/openapi2jsonschema.py" target="_blank">openapi2jsonschema.py&lt;/a>
script.&lt;/p>
&lt;/blockquote>
&lt;h3 id="kubernetes-apis">Kubernetes APIs&lt;/h3>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema extract k8s &lt;span style="color:#666">[&lt;/span>swagger-file&lt;span style="color:#666">]&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Reads a Kubernetes OpenAPI v2 swagger document and emits one file per kind
listed under &lt;code>x-kubernetes-group-version-kind&lt;/code>. Helper types (e.g. &lt;code>PodSpec&lt;/code>,
&lt;code>ObjectMeta&lt;/code>) are inlined into the kinds that reference them, not written as
standalone files.&lt;/p>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Flag&lt;/th>
&lt;th>Description&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>--version X.Y.Z&lt;/code>&lt;/td>
&lt;td>Fetch the swagger from &lt;code>github.com/kubernetes/kubernetes&lt;/code> for the given release tag (mutually exclusive with a swagger file).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>-d, --output-dir&lt;/code>&lt;/td>
&lt;td>Directory to write JSON Schema files to.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>-f, --output-format&lt;/code>&lt;/td>
&lt;td>Go template for output file paths (default: &lt;code>{{ .Group }}/{{ .Kind }}_{{ .Version }}.json&lt;/code>).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--strip-description&lt;/code>&lt;/td>
&lt;td>Drop &lt;code>description&lt;/code> fields from the generated schemas to reduce their size.&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;p>Pin the catalog to a specific Kubernetes release:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema extract k8s --version 1.35.0 -d ./my-catalog
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Or extract from a live cluster:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>kubectl get --raw /openapi/v2 | flux schema extract k8s -d ./my-catalog
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Core API kinds (&lt;code>apiVersion: v1&lt;/code>) render under the &lt;code>core/&lt;/code> group directory.&lt;/p>
&lt;h3 id="openshift-apis">OpenShift APIs&lt;/h3>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema extract openshift &lt;span style="color:#666">[&lt;/span>swagger-file&lt;span style="color:#666">]&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Reads an &lt;code>openshift/api&lt;/code> OpenAPI v2 swagger document and emits one file per
OpenShift resource. Only definitions in the &lt;code>openshift&lt;/code> namespace are
emitted; embedded upstream Kubernetes types (e.g. &lt;code>Pod&lt;/code>) are inlined.&lt;/p>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Flag&lt;/th>
&lt;th>Description&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>--ref REF&lt;/code>&lt;/td>
&lt;td>Fetch the swagger from &lt;code>github.com/openshift/api&lt;/code> at the given git ref (e.g. &lt;code>release-4.20&lt;/code>); mutually exclusive with a swagger file.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>-d, --output-dir&lt;/code>&lt;/td>
&lt;td>Directory to write JSON Schema files to.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>-f, --output-format&lt;/code>&lt;/td>
&lt;td>Go template for output file paths (default: &lt;code>{{ .Group }}/{{ .Kind }}_{{ .Version }}.json&lt;/code>).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>--strip-description&lt;/code>&lt;/td>
&lt;td>Drop &lt;code>description&lt;/code> fields from the generated schemas to reduce their size.&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;p>Pin to an OpenShift release branch:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema extract openshift --ref release-4.20 -d ./my-catalog
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Or feed in a downloaded swagger:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>curl -sL https://raw.githubusercontent.com/openshift/api/release-4.20/openapi/openapi.json | &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> flux schema extract openshift -d ./my-catalog
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h3 id="a-typical-refresh-script">A typical refresh script&lt;/h3>
&lt;p>A single script can populate a catalog with everything you need — the
default &lt;code>-f&lt;/code> template means the outputs land side by side under the same
root and resolve to one &lt;code>--schema-location&lt;/code>:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>&lt;span style="color:#007020">#!/usr/bin/env bash
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#007020">&lt;/span>&lt;span style="color:#007020">set&lt;/span> -euo pipefail
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#bb60d5">CATALOG&lt;/span>&lt;span style="color:#666">=&lt;/span>./my-catalog
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>mkdir -p &lt;span style="color:#4070a0">&amp;#34;&lt;/span>&lt;span style="color:#bb60d5">$CATALOG&lt;/span>&lt;span style="color:#4070a0">&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#60a0b0;font-style:italic"># Kubernetes core + built-ins&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>flux schema extract k8s --version 1.35.0 --strip-description -d &lt;span style="color:#4070a0">&amp;#34;&lt;/span>&lt;span style="color:#bb60d5">$CATALOG&lt;/span>&lt;span style="color:#4070a0">&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#60a0b0;font-style:italic"># Vendor CRDs at a pinned version&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>kubectl kustomize &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> https://github.com/external-secrets/external-secrets/config/crds/bases?ref&lt;span style="color:#666">=&lt;/span>v2.3.0 | &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> flux schema extract crd --strip-description -d &lt;span style="color:#4070a0">&amp;#34;&lt;/span>&lt;span style="color:#bb60d5">$CATALOG&lt;/span>&lt;span style="color:#4070a0">&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Pass &lt;code>--strip-description&lt;/code> to every generator to keep the catalog small —
the official catalog uses it everywhere and gets about a 54% size
reduction on native Kubernetes schemas.&lt;/p>
&lt;p>The official catalog&amp;rsquo;s generator scripts under
&lt;a href="https://github.com/fluxcd/flux-schema/tree/v0.6.0/scripts" target="_blank">&lt;code>scripts/&lt;/code>&lt;/a> are a working reference: &lt;code>gen-k8s-schemas.sh&lt;/code>,
&lt;code>gen-flux-schemas.sh&lt;/code>, &lt;code>gen-crd-schemas.sh&lt;/code>, and &lt;code>gen-openshift-schemas.sh&lt;/code>.&lt;/p>
&lt;h2 id="schema-output">Schema output&lt;/h2>
&lt;p>All &lt;code>extract&lt;/code> commands emit the standalone-strict JSON Schema variant, so
schemas in the catalog are usable on their own and reproduce the
constraints the Kubernetes API server enforces:&lt;/p>
&lt;ul>
&lt;li>Every &lt;code>$ref&lt;/code> is inlined, so each schema has no cross-file dependencies.&lt;/li>
&lt;li>Objects with &lt;code>properties&lt;/code> are closed with &lt;code>additionalProperties: false&lt;/code>,
except under nodes marked &lt;code>x-kubernetes-preserve-unknown-fields: true&lt;/code>,
which stay open so free-form maps validate correctly.&lt;/li>
&lt;li>Integer-or-string fields are rewritten to
&lt;code>oneOf: [{type: string}, {type: integer}]&lt;/code>. Both the legacy
&lt;code>format: int-or-string&lt;/code> and the structural
&lt;code>x-kubernetes-int-or-string: true&lt;/code> forms are recognized.&lt;/li>
&lt;li>Optional fields are marked nullable (&lt;code>type: [&amp;lt;t&amp;gt;, &amp;quot;null&amp;quot;]&lt;/code>), matching the
API server&amp;rsquo;s behavior of accepting &lt;code>null&lt;/code> for unset optional values.&lt;/li>
&lt;li>&lt;code>apiVersion&lt;/code> and &lt;code>kind&lt;/code> are injected into every kind&amp;rsquo;s properties and
required list.&lt;/li>
&lt;/ul>
&lt;h2 id="hosting">Hosting&lt;/h2>
&lt;p>A catalog is just a tree of files. The validator&amp;rsquo;s loader fetches each
rendered location over &lt;code>http&lt;/code>/&lt;code>https&lt;/code> or from the local filesystem.
Common options:&lt;/p>
&lt;ul>
&lt;li>&lt;strong>Filesystem&lt;/strong>: vendor the catalog into the same repo as your manifests, or
publish it as a release artifact / OCI artifact and unpack it in CI.&lt;/li>
&lt;li>&lt;strong>HTTP(S)&lt;/strong>: serve the catalog from any static host (GitHub raw, S3,
GitHub Pages, etc.) and pass the base URL to &lt;code>--schema-location&lt;/code>. The
loader expands bare URLs with the default template.&lt;/li>
&lt;/ul>
&lt;p>A 404 or &lt;code>ENOENT&lt;/code> for a given &lt;code>apiVersion&lt;/code>/&lt;code>kind&lt;/code> falls through to the next
&lt;code>--schema-location&lt;/code>, so you can layer your catalog on top of the built-in
one:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema validate ./manifests &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --schema-location ./my-catalog &lt;span style="color:#4070a0;font-weight:bold">\
&lt;/span>&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0;font-weight:bold">&lt;/span> --schema-location default
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Order matters — the first match wins, so put your overrides before &lt;code>default&lt;/code>.&lt;/p>
&lt;h2 id="refreshing">Refreshing&lt;/h2>
&lt;p>Custom catalogs go stale as upstream versions move. Schedule the refresh
script in CI (cron workflow, scheduled pipeline, etc.) and commit the result
back, the same way the official catalog is updated by
&lt;a href="https://github.com/fluxcd/flux-schema/blob/v0.6.0/.github/workflows/update-catalog.yaml" target="_blank">&lt;code>.github/workflows/update-catalog.yaml&lt;/code>&lt;/a>.&lt;/p></description></item><item><title>Flux: Flux Schema Inventory</title><link>https://fluxcd.io/flux/cli-plugins/flux-schema/inventory/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://fluxcd.io/flux/cli-plugins/flux-schema/inventory/</guid><description>
&lt;p>The &lt;code>flux schema discover&lt;/code> command can emit a structured inventory of a
GitOps repository by setting &lt;code>--output&lt;/code> to &lt;code>json&lt;/code> or &lt;code>yaml&lt;/code>. The envelope
shape is versioned and documented by the JSON Schema in
&lt;a href="https://github.com/fluxcd/flux-schema/blob/v0.6.0/docs/inventory-v1beta1.json" target="_blank">&lt;code>inventory-v1beta1.json&lt;/code>&lt;/a>.&lt;/p>
&lt;h2 id="usage">Usage&lt;/h2>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema discover ./my-gitops-repo -o json
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>See the
&lt;a href="https://fluxcd.io/flux/cli-plugins/flux-schema/repo-discovery/">repository discovery guide&lt;/a> for the
classification rules behind the inventory data.&lt;/p>
&lt;h2 id="envelope">Envelope&lt;/h2>
&lt;p>Every inventory is wrapped in a top-level envelope:&lt;/p>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Key&lt;/th>
&lt;th>Description&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>apiVersion&lt;/code>&lt;/td>
&lt;td>Inventory API version. Currently &lt;code>schema.plugin.fluxcd.io/v1beta1&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>kind&lt;/code>&lt;/td>
&lt;td>Inventory API kind. Currently &lt;code>Inventory&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>$schema&lt;/code>&lt;/td>
&lt;td>URL of the JSON Schema describing the envelope.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>inventory.reporter&lt;/code>&lt;/td>
&lt;td>Identity of the producer, e.g. &lt;code>flux-schema/0.3.0&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>inventory.timestamp&lt;/code>&lt;/td>
&lt;td>RFC 3339 UTC timestamp of the scan.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>inventory.summary&lt;/code>&lt;/td>
&lt;td>Aggregate counts: &lt;code>files&lt;/code>, &lt;code>resources&lt;/code>, &lt;code>lines-of-yaml&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>inventory.directories&lt;/code>&lt;/td>
&lt;td>Map of directory path to classification.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>inventory.resources&lt;/code>&lt;/td>
&lt;td>Map of &lt;code>apiVersion/Kind&lt;/code> to resource count, for all resources.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>inventory.flux&lt;/code>&lt;/td>
&lt;td>Map of Flux resource kind to defining files and identities.&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;p>All maps serialize with sorted keys, so the output is deterministic and
diff-friendly.&lt;/p>
&lt;h2 id="directories">Directories&lt;/h2>
&lt;p>&lt;code>directories&lt;/code> maps every directory containing scanned manifests, plus
Helm chart and Terraform directories, to one of four classifications:
&lt;code>kubernetes-manifests&lt;/code>, &lt;code>kustomize-overlay&lt;/code>, &lt;code>helm-chart&lt;/code>, or &lt;code>terraform-module&lt;/code>. Paths are
relative to the scanned root and &lt;code>/&lt;/code>-separated; the root itself is &lt;code>.&lt;/code>.&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-json" data-lang="json">&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0">&amp;#34;directories&amp;#34;&lt;/span>&lt;span style="">:&lt;/span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apps/base&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;kustomize-overlay&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;charts/podinfo&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;helm-chart&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>}
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="resources">Resources&lt;/h2>
&lt;p>&lt;code>resources&lt;/code> is the complete census: every resource in the repository,
counted per &lt;code>apiVersion/Kind&lt;/code>. The exact
API version of every kind is visible without opening any file.&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-json" data-lang="json">&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0">&amp;#34;resources&amp;#34;&lt;/span>&lt;span style="">:&lt;/span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apps/v1/Deployment&amp;#34;&lt;/span>: &lt;span style="color:#40a070">12&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;cert-manager.io/v1/ClusterIssuer&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;helm.toolkit.fluxcd.io/v2/HelmRelease&amp;#34;&lt;/span>: &lt;span style="color:#40a070">3&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>}
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;h2 id="flux">Flux&lt;/h2>
&lt;p>&lt;code>flux&lt;/code> locates every Flux custom resource. Keys are bare kinds — their
API versions are already stated in &lt;code>resources&lt;/code>. Each kind maps the
defining file path (relative to the scanned root) to the resource
identities declared in that file:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-json" data-lang="json">&lt;span style="display:flex;">&lt;span>&lt;span style="color:#4070a0">&amp;#34;flux&amp;#34;&lt;/span>&lt;span style="">:&lt;/span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;HelmRelease&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apps/base/podinfo.yaml&amp;#34;&lt;/span>: [&lt;span style="color:#4070a0">&amp;#34;podinfo/podinfo&amp;#34;&lt;/span>]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;Kustomization&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;clusters/production/apps.yaml&amp;#34;&lt;/span>: [&lt;span style="color:#4070a0">&amp;#34;flux-system/apps&amp;#34;&lt;/span>],
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;clusters/staging/apps.yaml&amp;#34;&lt;/span>: [&lt;span style="color:#4070a0">&amp;#34;flux-system/apps&amp;#34;&lt;/span>]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>}
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Identities are &lt;code>namespace/name&lt;/code>; the &lt;code>namespace/&lt;/code> segment is omitted for
resources without a namespace, and the name is &lt;code>-&lt;/code> when the document has
no &lt;code>metadata.name&lt;/code>. Multi-document files list their identities in
document order.&lt;/p>
&lt;p>Plain Kubernetes resources are intentionally not enumerated per item: a
large repository can hold thousands of them, and the census combined
with the directory map locates them precisely enough.&lt;/p>
&lt;p>When the same kind exists in more than one API version — typically
mid-migration — its files merge under the kind key, while
&lt;code>resources&lt;/code> still reports each version separately.&lt;/p>
&lt;h2 id="example">Example&lt;/h2>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-json" data-lang="json">&lt;span style="display:flex;">&lt;span>{
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;schema.plugin.fluxcd.io/v1beta1&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;Inventory&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;$schema&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;https://raw.githubusercontent.com/fluxcd/flux-schema/main/docs/inventory-v1beta1.json&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;inventory&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;reporter&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;flux-schema/0.3.0&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;timestamp&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;2026-06-11T10:30:00Z&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;summary&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;files&amp;#34;&lt;/span>: &lt;span style="color:#40a070">8&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resources&amp;#34;&lt;/span>: &lt;span style="color:#40a070">8&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;lines-of-yaml&amp;#34;&lt;/span>: &lt;span style="color:#40a070">99&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;directories&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apps/base&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;kustomize-overlay&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apps/overlays/prod&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;kustomize-overlay&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;charts/podinfo&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;helm-chart&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;clusters/prod&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;kubernetes-manifests&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;infra/tf&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;terraform-module&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resources&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apps/v1/Deployment&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;fluxcd.controlplane.io/v1/FluxInstance&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;helm.toolkit.fluxcd.io/v2/HelmRelease&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kustomize.toolkit.fluxcd.io/v1/Kustomization&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source.toolkit.fluxcd.io/v1/GitRepository&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source.toolkit.fluxcd.io/v1/OCIRepository&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;v1/ConfigMap&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;v1/Service&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;flux&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;FluxInstance&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;clusters/prod/instance.yaml&amp;#34;&lt;/span>: [&lt;span style="color:#4070a0">&amp;#34;flux-system/flux&amp;#34;&lt;/span>]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;GitRepository&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;clusters/prod/flux-system.yaml&amp;#34;&lt;/span>: [&lt;span style="color:#4070a0">&amp;#34;flux-system/flux-system&amp;#34;&lt;/span>]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;HelmRelease&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apps/base/podinfo.yaml&amp;#34;&lt;/span>: [&lt;span style="color:#4070a0">&amp;#34;podinfo/podinfo&amp;#34;&lt;/span>]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;Kustomization&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;clusters/prod/flux-system.yaml&amp;#34;&lt;/span>: [&lt;span style="color:#4070a0">&amp;#34;flux-system/apps&amp;#34;&lt;/span>]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;OCIRepository&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apps/base/podinfo.yaml&amp;#34;&lt;/span>: [&lt;span style="color:#4070a0">&amp;#34;podinfo/podinfo&amp;#34;&lt;/span>]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>}
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div></description></item><item><title>Flux: Flux Schema Report</title><link>https://fluxcd.io/flux/cli-plugins/flux-schema/report/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://fluxcd.io/flux/cli-plugins/flux-schema/report/</guid><description>
&lt;p>The &lt;code>flux schema validate&lt;/code> command can emit a structured report of the
validation results by setting &lt;code>--output&lt;/code> to &lt;code>json&lt;/code> or &lt;code>yaml&lt;/code>. The envelope
shape is versioned and documented by the JSON Schema in
&lt;a href="https://github.com/fluxcd/flux-schema/blob/v0.6.0/docs/report-v1beta1.json" target="_blank">&lt;code>report-v1beta1.json&lt;/code>&lt;/a>.&lt;/p>
&lt;h2 id="usage">Usage&lt;/h2>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-shell" data-lang="shell">&lt;span style="display:flex;">&lt;span>flux schema validate ./manifests -o json
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>Structured output always emits every result regardless of &lt;code>--verbose&lt;/code>.
Filtering belongs downstream (&lt;code>jq&lt;/code>, &lt;code>yq&lt;/code>). The process exit code still
reflects whether any document was invalid.&lt;/p>
&lt;h2 id="envelope">Envelope&lt;/h2>
&lt;p>Every report is wrapped in a top-level envelope:&lt;/p>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Key&lt;/th>
&lt;th>Description&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>apiVersion&lt;/code>&lt;/td>
&lt;td>Report API version. Currently &lt;code>schema.plugin.fluxcd.io/v1beta1&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>kind&lt;/code>&lt;/td>
&lt;td>Report API kind. Currently &lt;code>Report&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>$schema&lt;/code>&lt;/td>
&lt;td>URL of the JSON Schema describing the envelope.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>report.reporter&lt;/code>&lt;/td>
&lt;td>Identity of the producer, e.g. &lt;code>flux-schema/0.1.0&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>report.timestamp&lt;/code>&lt;/td>
&lt;td>RFC 3339 UTC timestamp of the run.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>report.summary&lt;/code>&lt;/td>
&lt;td>Aggregate counts: &lt;code>total&lt;/code>, &lt;code>valid&lt;/code>, &lt;code>invalid&lt;/code>, &lt;code>skipped&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>report.results[]&lt;/code>&lt;/td>
&lt;td>One entry per validated document, in source order.&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;h2 id="result-fields">Result fields&lt;/h2>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Key&lt;/th>
&lt;th>Description&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>resource&lt;/code>&lt;/td>
&lt;td>&lt;code>{apiVersion, kind, namespace?, name?}&lt;/code> or &lt;code>null&lt;/code> when no Kubernetes identity could be recovered (e.g. a file that fails to open, or stdin that is not YAML).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>source&lt;/code>&lt;/td>
&lt;td>File path or &lt;code>stdin&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>idx&lt;/code>&lt;/td>
&lt;td>1-based position of the document within its source. &lt;code>0&lt;/code> for source-level failures that have no document.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>status&lt;/code>&lt;/td>
&lt;td>&lt;code>&amp;quot;valid&amp;quot;&lt;/code>, &lt;code>&amp;quot;invalid&amp;quot;&lt;/code>, or &lt;code>&amp;quot;skipped&amp;quot;&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>reason&lt;/code>&lt;/td>
&lt;td>Stable kebab-case code (see below). Omitted when &lt;code>status&lt;/code> is &lt;code>&amp;quot;valid&amp;quot;&lt;/code>.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>violations[]&lt;/code>&lt;/td>
&lt;td>Zero or more &lt;code>{path?, message}&lt;/code> entries. &lt;code>path&lt;/code> is a JSON Pointer set by schema violations; for every other reason it is absent and &lt;code>message&lt;/code> carries the raw error text.&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;h2 id="reasons">Reasons&lt;/h2>
&lt;table>
&lt;thead>
&lt;tr>
&lt;th>Reason&lt;/th>
&lt;th>Triggered by&lt;/th>
&lt;/tr>
&lt;/thead>
&lt;tbody>
&lt;tr>
&lt;td>&lt;code>source-load-error&lt;/code>&lt;/td>
&lt;td>Source-level open/read failure.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>yaml-parse-error&lt;/code>&lt;/td>
&lt;td>Strict YAML decode fails (duplicate keys, malformed doc).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>schema-load-error&lt;/code>&lt;/td>
&lt;td>Schema loader failure (HTTP fetch, file read, or JSON Schema compile).&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>schema-not-found&lt;/code>&lt;/td>
&lt;td>No schema applicable — either no schema file matches the GVK, or the document has no GVK to look up.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>schema-violation&lt;/code>&lt;/td>
&lt;td>Document fails one or more schema constraints. &lt;code>violations[]&lt;/code> carries a JSON Pointer &lt;code>path&lt;/code> per entry.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>cel-violation&lt;/code>&lt;/td>
&lt;td>Document fails one or more &lt;code>x-kubernetes-validations&lt;/code> CEL rules, or the schema&amp;rsquo;s CEL evaluator could not be built. JSON Schema constraints all passed.&lt;/td>
&lt;/tr>
&lt;tr>
&lt;td>&lt;code>kind-skipped&lt;/code>&lt;/td>
&lt;td>Matched a &lt;code>--skip-kind&lt;/code> pattern.&lt;/td>
&lt;/tr>
&lt;/tbody>
&lt;/table>
&lt;h2 id="example">Example&lt;/h2>
&lt;div class="highlight">&lt;pre tabindex="0" style="background-color:#f0f0f0;-moz-tab-size:4;-o-tab-size:4;tab-size:4;">&lt;code class="language-json" data-lang="json">&lt;span style="display:flex;">&lt;span>{
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;schema.plugin.fluxcd.io/v1beta1&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;Report&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;$schema&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;https://raw.githubusercontent.com/fluxcd/flux-schema/main/docs/report-v1beta1.json&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;report&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;reporter&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;flux-schema/v0.1.0&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;timestamp&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;2026-06-01T12:00:00Z&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;summary&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;total&amp;#34;&lt;/span>: &lt;span style="color:#40a070">7&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;valid&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;invalid&amp;#34;&lt;/span>: &lt;span style="color:#40a070">5&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;skipped&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;results&amp;#34;&lt;/span>: [
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resource&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;apps/v1&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;Deployment&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;namespace&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;default&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;name&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;web&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;manifests/app.yaml&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;idx&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;status&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;valid&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resource&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;source.toolkit.fluxcd.io/v1&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;Bucket&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;namespace&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;apps&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;name&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;minio&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;manifests/sources.yaml&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;idx&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;status&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;invalid&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;reason&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;schema-violation&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;violations&amp;#34;&lt;/span>: [
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;path&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;/spec&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;message&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;missing property &amp;#39;bucketName&amp;#39;&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;path&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;/spec/interval&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;message&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;got number, want string&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;path&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;/spec&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;message&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;additional properties &amp;#39;force&amp;#39; not allowed&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> ]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resource&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;source.toolkit.fluxcd.io/v1&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;OCIRepository&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;namespace&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;default&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;name&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;podinfo&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;manifests/sources.yaml&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;idx&amp;#34;&lt;/span>: &lt;span style="color:#40a070">2&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;status&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;invalid&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;reason&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;yaml-parse-error&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;violations&amp;#34;&lt;/span>: [
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;message&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;line 18: key \&amp;#34;app.kubernetes.io/name\&amp;#34; already set in map&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> ]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resource&amp;#34;&lt;/span>: &lt;span style="color:#007020;font-weight:bold">null&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;manifests/missing.yaml&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;idx&amp;#34;&lt;/span>: &lt;span style="color:#40a070">0&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;status&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;invalid&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;reason&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;source-load-error&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;violations&amp;#34;&lt;/span>: [
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;message&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;open manifests/missing.yaml: no such file or directory&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> ]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resource&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;example.com/v1&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;Widget&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;namespace&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;default&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;name&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;w1&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;manifests/widgets.yaml&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;idx&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;status&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;invalid&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;reason&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;schema-load-error&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;violations&amp;#34;&lt;/span>: [
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;message&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;Get \&amp;#34;https://schemas.example.com/Widget_v1.json\&amp;#34;: dial tcp: lookup schemas.example.com: no such host&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> ]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resource&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;artifact.toolkit.fluxcd.io/v1&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;ArtifactGenerator&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;namespace&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;apps&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;name&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;podinfo&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;manifests/artifacts.yaml&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;idx&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;status&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;invalid&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;reason&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;schema-not-found&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;violations&amp;#34;&lt;/span>: [
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;message&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;no schema for kind \&amp;#34;ArtifactGenerator\&amp;#34; in version \&amp;#34;artifact.toolkit.fluxcd.io/v1\&amp;#34;&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> ]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;resource&amp;#34;&lt;/span>: {
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;apiVersion&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;v1&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;kind&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;Secret&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;namespace&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;apps&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;name&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;auth-sops&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> },
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;source&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;manifests/secrets.yaml&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;idx&amp;#34;&lt;/span>: &lt;span style="color:#40a070">1&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;status&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;skipped&amp;#34;&lt;/span>,
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> &lt;span style="color:#062873;font-weight:bold">&amp;#34;reason&amp;#34;&lt;/span>: &lt;span style="color:#4070a0">&amp;#34;kind-skipped&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> ]
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span> }
&lt;/span>&lt;/span>&lt;span style="display:flex;">&lt;span>}
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div></description></item></channel></rss>