YAML Lint
Definition
YAML Lint is a tool used to validate YAML files for syntax errors and adherence to best practices. It helps ensure that YAML files are correctly formatted and free of common mistakes, such as incorrect indentation or invalid characters, which can lead to misconfigurations in applications that rely on YAML for configuration.
Secure Settings Example
# Example of a well-structured YAML configuration for a Kubernetes deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: secure-app
spec:
replicas: 3
selector:
matchLabels:
app: secure-app
template:
metadata:
labels:
app: secure-app
spec:
containers:
- name: secure-app-container
image: secure-app-image:latest
ports:
- containerPort: 80
securityContext:
runAsNonRoot: true
readOnlyRootFilesystem: true
Insecure Settings Example
# Example of a poorly structured YAML configuration with potential security issues
apiVersion: apps/v1
kind: Deployment
metadata:
name: insecure-app
spec:
replicas: 3
selector:
matchLabels:
app: insecure-app
template:
metadata:
labels:
app: insecure-app
spec:
containers:
- name: insecure-app-container
image: insecure-app-image:latest
ports:
- containerPort: 80
securityContext:
runAsNonRoot: false # Allows running as root, which is insecure
readOnlyRootFilesystem: false # Filesystem is writable, increasing risk