externalTrafficPolicy/enum must NOT have duplicate items on 1.0.61 #21
Description
Getting curious ..externalTrafficPolicy/enum must NOT have duplicate items (items ## 2 and 3 are identical) errors suddenly. Noticed this with our applications running kubevious in CI/CD and I can replicate this locally as well.
This seems to be somehow related to the latest release 1.0.61 and the --k8s-version parameter.
These seem to happen with pretty much any kind of deployment.yaml. We first ran into these with our own huge manifests, but in this example I just used something simple I copypasted from k8s docs:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80With 1.0.60:
➜ cat deployment.yaml | docker run --rm -i kubevious/cli:1.0.60 guard --stream --k8s-version v1.29 --ignore-unknown --skip-rules container-env-secret-ref container-env-from-secret-ref pod-spec-volume-secret-ref
- Identifying manifest sources...
✔ Sources identified.
- Loading manifests...
✔ Manifests loaded.
- Reading manifests from stdin...
✔ Received manifests from stdin.
- Loading K8s API Schema...
✔ Fetched K8s API schema.
- Linting manifests...
✔ Lint complete.
- Populating local RulesLibrary...
- Loading Libraries...
✔ Libraries loaded.
- Loading ClusterRules...
✔ ClusterRules loaded.
- Loading Rules...
✔ Rules loaded.
- Loading RuleApplicators...
✔ RuleApplicators loaded
✔ RulesLibrary locally populated.
- Validating rules...
✔ Rules validation complete.
⚠️ Could not find requested Kubernetes Version: v1.29
ℹ️ Linting against Kubernetes Version: 1.25.2
-= SOURCES =-
✅ No issues with sources.
-= MANIFESTS =-
✅ No issues with manifests.
-= RULES =-
✅ No issues with rules.
-= SUMMARY =-
📚 Sources: 42
✖️ Sources with Errors: 0
📄 Manifests: 42
✅ Valid Manifests: 42
✖️ Manifests with Errors: 0
❕ Manifests with Warnings: 0
☑️ Manifests Processed for Rules: 0
✖️ Manifests with Rule Errors: 0
❕ Manifests with Rule Warnings: 0
📜 Rules: 33
✅ Rules Passed: 33
✖️ Rules Failed: 0
🔘 Rules with Errors: 0
❕ Rules with Warnings: 0
ℹ️ Run with --detailed to see all sources and manifests
✅ Guard Succeeded.
With 1.0.61:
➜ cat deployment.yaml | docker run --rm -i kubevious/cli:1.0.61 guard --stream --k8s-version v1.29 --ignore-unknown --skip-rules container-env-secret-ref container-env-from-secret-ref pod-spec-volume-secret-ref
- Identifying manifest sources...
✔ Sources identified.
- Loading manifests...
✔ Manifests loaded.
- Reading manifests from stdin...
✔ Received manifests from stdin.
- Loading K8s API Schema...
✔ Fetched K8s API schema.
- Linting manifests...
✔ Lint complete.
- Populating local RulesLibrary...
- Loading Libraries...
✔ Libraries loaded.
- Loading ClusterRules...
✔ ClusterRules loaded.
- Loading Rules...
✔ Rules loaded.
- Loading RuleApplicators...
✔ RuleApplicators loaded
✔ RulesLibrary locally populated.
- Validating rules...
✔ Rules validation complete.
ℹ️ Linting against Kubernetes Version: 1.29.4
-= SOURCES =-
✅ No issues with sources.
-= MANIFESTS =-
❌ API: apiextensions.k8s.io/v1, Kind: CustomResourceDefinition, Name: clusterrules.kubevious.io
📄 FILE: /usr/local/lib/node_modules/kubevious/assets/crds/cluster-rule.yaml
🔴 schema is invalid: data/definitions/io.k8s.api.core.v1.ServiceSpec/properties/externalTrafficPolicy/enum must NOT have duplicate items (items ## 2 and 3 are identical)
🔴 schema is invalid: data/definitions/io.k8s.api.core.v1.ServiceSpec/properties/externalTrafficPolicy/enum must NOT have duplicate items (items ## 2 and 3 are identical)
❌ API: apiextensions.k8s.io/v1, Kind: CustomResourceDefinition, Name: libraries.kubevious.io
📄 FILE: /usr/local/lib/node_modules/kubevious/assets/crds/library.yaml
🔴 schema is invalid: data/definitions/io.k8s.api.core.v1.ServiceSpec/properties/externalTrafficPolicy/enum must NOT have duplicate items (items ## 2 and 3 are identical)
🔴 schema is invalid: data/definitions/io.k8s.api.core.v1.ServiceSpec/properties/externalTrafficPolicy/enum must NOT have duplicate items (items ## 2 and 3 are identical)
❌ API: apiextensions.k8s.io/v1, Kind: CustomResourceDefinition, Name: ruleapplicators.kubevious.io
📄 FILE: /usr/local/lib/node_modules/kubevious/assets/crds/rule-applicator.yaml
🔴 schema is invalid: data/definitions/io.k8s.api.core.v1.ServiceSpec/properties/externalTrafficPolicy/enum must NOT have duplicate items (items ## 2 and 3 are identical)
🔴 schema is invalid: data/definitions/io.k8s.api.core.v1.ServiceSpec/properties/externalTrafficPolicy/enum must NOT have duplicate items (items ## 2 and 3 are identical)
❌ API: apiextensions.k8s.io/v1, Kind: CustomResourceDefinition, Name: rules.kubevious.io
📄 FILE: /usr/local/lib/node_modules/kubevious/assets/crds/rule.yaml
🔴 schema is invalid: data/definitions/io.k8s.api.core.v1.ServiceSpec/properties/externalTrafficPolicy/enum must NOT have duplicate items (items ## 2 and 3 are identical)
🔴 schema is invalid: data/definitions/io.k8s.api.core.v1.ServiceSpec/properties/externalTrafficPolicy/enum must NOT have duplicate items (items ## 2 and 3 are identical)
⚠️ API: kubevious.io/v1alpha1, Kind: Library, Name: library
🌐 WEB: https://raw.githubusercontent.com/kubevious/rules-library/main/index.yaml
⚠️ Unknown API Resource. apiVersion: kubevious.io/v1alpha1, kind: Library.
❌ Namespace: default, API: apps/v1, Kind: Deployment, Name: nginx-deployment
♒ STREAM: stream
🔴 schema is invalid: data/definitions/io.k8s.api.core.v1.ServiceSpec/properties/externalTrafficPolicy/enum must NOT have duplicate items (items ## 2 and 3 are identical)
-= RULES =-
✅ No issues with rules.
-= SUMMARY =-
📚 Sources: 42
✖️ Sources with Errors: 0
📄 Manifests: 42
✅ Valid Manifests: 36
❌ Manifests with Errors: 5
⚠️ Manifests with Warnings: 1
☑️ Manifests Processed for Rules: 0
✖️ Manifests with Rule Errors: 0
❕ Manifests with Rule Warnings: 0
📜 Rules: 33
✅ Rules Passed: 33
✖️ Rules Failed: 0
🔘 Rules with Errors: 0
❕ Rules with Warnings: 0
ℹ️ Run with --detailed to see all sources and manifests
❌ Guard Failed
With 1.0.61 I get success if I leave out --k8s-version:
➜ cat deployment.yaml | docker run --rm -i kubevious/cli:1.0.61 guard --stream --ignore-unknown --skip-rules container-env-secret-ref container-env-from-secret-ref pod-spec-volume-secret-ref
- Identifying manifest sources...
✔ Sources identified.
- Loading manifests...
✔ Manifests loaded.
- Reading manifests from stdin...
✔ Received manifests from stdin.
- Loading K8s API Schema...
✔ Fetched K8s API schema.
- Linting manifests...
✔ Lint complete.
- Populating local RulesLibrary...
- Loading Libraries...
✔ Libraries loaded.
- Loading ClusterRules...
✔ ClusterRules loaded.
- Loading Rules...
✔ Rules loaded.
- Loading RuleApplicators...
✔ RuleApplicators loaded
✔ RulesLibrary locally populated.
- Validating rules...
✔ Rules validation complete.
ℹ️ Linting against Kubernetes Version: 1.30.0
-= SOURCES =-
✅ No issues with sources.
-= MANIFESTS =-
✅ No issues with manifests.
-= RULES =-
✅ No issues with rules.
-= SUMMARY =-
📚 Sources: 42
✖️ Sources with Errors: 0
📄 Manifests: 42
✅ Valid Manifests: 42
✖️ Manifests with Errors: 0
❕ Manifests with Warnings: 0
☑️ Manifests Processed for Rules: 0
✖️ Manifests with Rule Errors: 0
❕ Manifests with Rule Warnings: 0
📜 Rules: 33
✅ Rules Passed: 33
✖️ Rules Failed: 0
🔘 Rules with Errors: 0
❕ Rules with Warnings: 0
ℹ️ Run with --detailed to see all sources and manifests
✅ Guard Succeeded.