2020-06-08 17:01:56 +05:30
< small > _[documentation ](/README.md#documentation ) / kyverno-cli_</ small >
2020-02-17 10:20:02 +05:30
2020-02-19 18:50:03 -08:00
# Kyverno CLI
2020-02-19 21:47:15 +05:30
The Kyverno Command Line Interface (CLI) is designed to validate policies and test the behavior of applying policies to resources before adding the policy to a cluster. It can be used as a kubectl plugin and as a standalone CLI.
2020-02-17 10:20:02 +05:30
2020-06-06 19:25:20 -07:00
## Install the CLI
The Kyverno CLI binary is distributed with each release. You can install the CLI for your platform from the [releases ](https://github.com/nirmata/kyverno/releases ) site.
2020-02-19 19:13:05 -08:00
## Build the CLI
2020-02-19 18:50:03 -08:00
2020-02-19 19:24:11 -08:00
You can build the CLI binary locally, then move the binary into a directory in your PATH.
2020-02-19 19:13:05 -08:00
```bash
git clone https://github.com/nirmata/kyverno.git
cd github.com/nirmata/kyverno
make cli
2020-02-19 19:24:55 -08:00
mv ./cmd/cli/kubectl-kyverno/kyverno /usr/local/bin/kyverno
2020-02-19 19:13:05 -08:00
```
2020-02-17 10:20:02 +05:30
2020-06-04 11:45:37 -07:00
You can also use curl to install kyverno-cli
```bash
curl -L https://raw.githubusercontent.com/nirmata/kyverno/master/scripts/install-cli.sh | bash
```
2020-03-18 17:18:59 +01:00
## Install via AUR (archlinux)
You can install the kyverno cli via your favourite AUR helper (e.g. [yay ](https://github.com/Jguer/yay ))
```
yay -S kyverno-git
```
2020-02-17 10:20:02 +05:30
## Commands
#### Version
2020-02-19 18:50:03 -08:00
2020-02-17 10:20:02 +05:30
Prints the version of kyverno used by the CLI.
2020-06-08 17:01:56 +05:30
Example:
2020-02-17 10:20:02 +05:30
```
2020-02-19 18:50:03 -08:00
kyverno version
2020-02-17 10:20:02 +05:30
```
#### Validate
2020-06-08 17:01:56 +05:30
Validates a policy, can validate multiple policy resource description files or even an entire folder containing policy resource description
2020-06-09 12:55:42 +05:30
files. Currently supports files with resource description in YAML.
2020-02-17 10:20:02 +05:30
Example:
2020-06-08 17:01:56 +05:30
2020-02-17 10:20:02 +05:30
```
2020-02-19 18:50:03 -08:00
kyverno validate /path/to/policy1.yaml /path/to/policy2.yaml /path/to/folderFullOfPolicies
2020-02-17 10:20:02 +05:30
```
#### Apply
2020-06-08 17:01:56 +05:30
2020-02-19 21:47:15 +05:30
Applies policies on resources, and supports applying multiple policies on multiple resources in a single command.
Also supports applying the given policies to an entire cluster. The current kubectl context will be used to access the cluster.
2020-06-08 17:01:56 +05:30
Will return results to stdout.
2020-02-17 10:20:02 +05:30
Apply to a resource:
2020-06-08 17:01:56 +05:30
```bash
2020-02-19 18:50:03 -08:00
kyverno apply /path/to/policy.yaml --resource /path/to/resource.yaml
2020-02-17 10:20:02 +05:30
```
2020-02-19 18:50:03 -08:00
2020-02-19 21:47:15 +05:30
Apply to all matching resources in a cluster:
2020-06-08 17:01:56 +05:30
```bash
2020-02-19 18:50:03 -08:00
kyverno apply /path/to/policy.yaml --cluster > policy-results.txt
2020-02-17 10:20:02 +05:30
```
2020-02-19 18:50:03 -08:00
Apply multiple policies to multiple resources:
2020-06-08 17:01:56 +05:30
```bash
2020-02-19 18:50:03 -08:00
kyverno apply /path/to/policy1.yaml /path/to/folderFullOfPolicies --resource /path/to/resource1.yaml --resource /path/to/resource2.yaml --cluster
2020-02-17 10:20:02 +05:30
```
2020-02-19 18:50:03 -08:00
2020-06-08 17:01:56 +05:30
##### Exit Codes
2020-06-09 12:55:42 +05:30
The CLI exits with diffenent exit codes:
2020-06-08 17:01:56 +05:30
2020-06-09 12:55:42 +05:30
| Message | Exit Code |
| ------------------------------------- | --------- |
| executes successfully | 0 |
| one or more policy rules are violated | 1 |
2020-06-12 09:47:21 +05:30
| policy validation failed | 2 |
2020-02-19 18:50:03 -08:00
2020-06-08 17:01:56 +05:30
< small > _Read Next >> [Sample Policies ](/samples/README.md )_</ small >
