Security News
PyPI Now Supports iOS and Android Wheels for Mobile Python Development
PyPI now supports iOS and Android wheels, making it easier for Python developers to distribute mobile packages.
By Sarah Gooding - Feb 12, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@monokle/cli
Advanced tools
Monokle CLI for static Kubernetes analysis
Welcome to Monokle CLI
Monokle CLI is a command-line interface for static analysis of Kubernetes resources.
Use it to prevent misconfigurations within Kustomize, Helm or default Kubernetes resources. The output is available as a SARIF file which you can upload to GitHub CodeScan.
Under the hood it uses @monokle/validation which allows you to configure validation rules extensively.
Table of content
Installation
You can install the CLI as an NPM package or as a executable binary (MacOS only).
Install as NPM package
Monokle CLI should be installed globally using the following method:
npm install --global @monokle/cli
We recommend using the LTS NodeJs version.
Install as executable binary
On MacOS you can simply install it with brew:
brew install @monokle/cli
You can expect a convenient binary for Windows and Linux soon.
Usage
Validate a YAML file
monokle validate bundle.yaml
Validate a directory
This will recursively scan all YAML files and parse them as plain Kubernetes resources.
monokle validate k8s-dir
Validate a templated Helm chart
helm template helm-dir | monokle validate -
Validate a Kustomize build
kustomize build kustomize-dir/overlays/local | monokle validate -
Validate as SARIF analysis
monokle validate --output sarif k8s-dir > results.sarif
Afterwards you could use VSC's SARIF Viewer or other tools to inspect the results.
Configuration
Command-line arguments
You can use --help to access help information directly from the CLI.
@monokle/validation rules
The Monokle Action looks for a Monokle Validation configuration.
The default path is found at ./monokle.validation.yaml. You can change this by using the --config flag.
Learn more about Monokle Validation configuration
Example
plugins:
yaml-syntax: true
kubernetes-schema: true
rules:
yaml-syntax/no-bad-alias: "warn"
yaml-syntax/no-bad-directive: false
open-policy-agent/no-last-image: "err"
open-policy-agent/cpu-limit: "err"
open-policy-agent/memory-limit: "err"
open-policy-agent/memory-request: "err"
settings:
kubernetes-schema:
schemaVersion: v1.24.2
Keywords
FAQs
Monokle validation and more through the CLI
We found that @monokle/cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Package last updated on 21 Oct 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Create React App Officially Deprecated Amid React 19 Compatibility Issues
Create React App is officially deprecated due to React 19 issues and lack of maintenance—developers should switch to Vite or other modern alternatives.
By Sarah Gooding - Feb 11, 2025
Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025