Analysis tools logo

14 Kubernetes Static Analysis Tools

Type:
Any
113

Mega-Linter

  • Type: cli
955

Mega-Linter can handle any type of project thanks to its 70+ embedded Linters, its advanced reporting, runnable on any CI system or locally, with assisted installation and configuration, able to apply formatting and fixes

69

Semgrep

  • Type: cli
  • Type: service
7445

A fast, open-source, static analysis tool for finding bugs and enforcing code standards at editor, commit, and CI time. Its rules look like the code you already write; no abstract syntax trees or regex wrestling. Supports 17+ languages.

5

KubeLinter

  • Type: cli
2128

KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.

3

Datree

  • Type: cli
6044

A CLI tool to prevent Kubernetes misconfigurations by ensuring that manifests and Helm charts follow best practices as well as your organization’s policies

2

kube-score

  • Type: cli
2053

Static code analysis of your Kubernetes object definitions.

1

kics

  • Type: cli
1340

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations in your infrastructure-as-code. Supports Terraform, Kubernetes, Docker, AWS CloudFormation and Ansible

1

kubeconform

  • Type: cli
763

A fast Kubernetes manifests validator with support for custom resources. It is inspired by, contains code from and is designed to stay close to [Kubeval](https://analysis-tools.dev/tool/kubeval), but with the following improvements: * high performance: will validate & download manifests over multiple routines, caching downloaded files in memory * configurable list of remote, or local schemas locations, enabling validating Kubernetes custom resources (CRDs) and offline validation capabilities * uses by default a self-updating fork of the schemas registry maintained by the kubernetes-json-schema project - which guarantees up-to-date schemas for all recent versions of Kubernetes.

0

chart-testing

  • Type: cli
888

ct is the the tool for testing Helm charts. It is meant to be used for linting and testing pull requests. It automatically detects charts changed against the target branch.

0

clusterlint

  • Type: cli
496

Clusterlint queries live Kubernetes clusters for resources, executes common and platform specific checks against these resources and provides actionable feedback to cluster operators. It is a non invasive tool that is run externally. Clusterlint does not alter the resource configurations.

0

klint

  • Type: cli
43

A tool that listens to changes in Kubernetes resources and runs linting rules against them. Identify and debug erroneous objects and nudge objects in line with the policies as both change over time. Klint helps us encode checks and proactively alert teams when they need to take action.

0

kube-hunter

  • Type: cli
4022

Hunt for security weaknesses in Kubernetes clusters.

0

kube-lint

  • Type: cli
157

A linter for Kubernetes resources with a customizable rule set. You define a list of rules that you would like to validate against your resources and kube-lint will evaluate those rules against them.

0

kube-linter

  • Type: cli
2128

KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.

0

kubeval

  • Type: cli
2993

Validates your Kubernetes configuration files and supports multiple Kubernetes versions.

❤️ Sponsor this project

We are currently looking for partners who want to sponsor hosting and development of the project.

Check out our Github Sponsors page here

Missing an entry? Please let us know.