Komodor, in collaboration with Aqua Security and Snyk, has released a new open source tool called Validkube. It is designed to help developers quickly validate, clean, and secure their Kubernetes YAML code all in one central place.
Validkube fuses together the capabilities of three other popular open-source projects dedicated to Kubernetes: kubeval, kubectl-neat, and trivy. The kubeval project was created by Gareth Rushgrove, VP of Product at Snyk, to validate Kubernetes configuration files. The kubectl-neat project was created by Itay Shakury, Director of Open Source at Aqua, to clean up Kubernetes yaml and json output to make it readable. And the trivy project was also created by Aqua to scan for vulnerabilities in container images, file systems, and Git repositories.
Validkube brings these projects together in a single view that provides DevSecOps with a quick way to ensure YAML code hygiene and security with a few clicks.
“Kubernetes is still relatively early in the adoption cycle and a lot of engineers still struggle with the fundamentals and best practices,” said Itiel Shwartz, CTO and Co-Founder of Komodor. “We want to support the Kubernetes community and ecosystem by building tools that will remove friction points and knowledge gaps – and that’s what we hope we’ve done with Validkube.”