kube-linter VS cue

Kustomize: It provides a solution to customize the Kubernetes resource base configuration and differential configuration without template and DSL. It does not solve the constraint problem itself, but needs to cooperate with a large number of additional tools to check constraints, such as Kube-linter, Checkov and kubescape.

Kube linter would be a first citizen for your need https://github.com/stackrox/kube-linter. If you use Helm would be Helm linter as well. Kube score is another interesting tool offering you best practices patterns. I usually develop with vscode and have a Yaml + Kubernetes extension. These could be enough to help you get through. Nevertheless, consider adopting a skaffold with a k3s for a faster feedback on the local dev lifecycle.

Another great tool is KubeLinter which checks for a lot of helpful stuff, including dangling references. This is nice, but it is a command-line tool, so I don't get live feedback in my editor.

It is always a good practice to scan your Kubernetes deployment or Helm chart before deploying. We can use Checkov to scans Kubernetes manifests and identifies security and configuration issues. It also supports Helm chart scanning. We can also use terrascan and kubeLinter to scan the Kubernetes manifest.

Verify it with manifest verification tools (kubeval or kube-linter).

Its worth mentioning about Kube-linter (https://github.com/stackrox/kube-linter) its FOSS and has a very minimal and effective set of commands

If you are in a situation where you have a backend and you want to expose an API and then you would eventually want a client, you would need format specs as the starting point where server and clients are generated from that one source.

At the moment, OpenAPI with YAML is the only way to go but you can't easily split the spec into separate files as you would do any program with packages, modules and what not.

There are third party tools[0] which are archived and the libraries they depend upon are up for adoption.

In that space, either you can use something like cue language 1] or something like TypeSpec which is purpose built for this so yet, this seems like a great tool although I have not tried it yet myself.

[0]. https://github.com/APIDevTools/swagger-cli

[1]. https://cuelang.org/

EDIT: formating

Where `kube.cue` sets reasonable defaults (e.g. image is /). The "cluster" runs on a mini PC in my basement, and I have a small Digital Ocean VM with a static IP acting as an ingress (networking via Tailscale). Backups to cloud storage with restic, alerting/monitoring with Prometheus/Grafana, Caddy/Tailscale for local ingress.

[1] https://www.talos.dev/

[2] https://cuelang.org/

I've been somewhat surprised that CUE bills itself as "tooling friendly" and doesn't yet have a language server- the number one bit of tooling most devs use for a particular language.

I'm assuming it's becaus CUE is still unstable?

Anyway, if others are interested in CUE's LSP work, I think https://github.com/cue-lang/cue/issues/142 is the issue to subscribe to

This is where I usually pitch in with "Have your heard of CUELang, our lord and savior?": https://cuelang.org/

- Not turing complete

CUE: The core problem CUE solves is "type checking", which is mainly used in configuration constraint verification scenarios and simple cloud native configuration scenarios.

If you really want executable configurations please consider a newer language like https://dascript.org or https://cuelang.org which provide better type safety.

1- https://news.ycombinator.com/item?id=38030778

Markdown and XML are nice, but what about more advanced documentation formats like OpenAPI? For one recent project, I set up automatic generation of the OpenAPI docs from (much more compact and flexible) CUE definitions (https://cuelang.org/) - which has the bonus of also being able to test the API against the definitions. JetBrains has a CUE plugin, but it's really barebones (doesn't even support jumping from the usage of a schema to its definition). Of course the possibilities when generating docs are endless (just think of the various syntaxes for doc comments, embedding examples/tests in source code etc.)...

It doesn't include validators for TOML and INI, but if you're doing JSON and YAML, I would take a look at using or building upon CUE (https://cuelang.org/). It is a different take on schema definition (plus more), and is surprising terse and powerful model.