Monokle VSC Extension

Monokle Visual Studio Code extensions let's you validate your Kubernetes resources directly in Visual Studio Code. It is a great complement to Monokle Cloud, Desktop or CLI.

Monokle aims to help you write better Kubernetes deployments no matter your preferred way of working. You can now install our extension to fix your configuration directly while you are coding from the comfort of your Visual Studio Code.

As usual, misconfigurations are highlighted directly within your source code with a recommended remediation to fix them without being a Kubernetes expert. All misconfigurations are also listed as a summary in VSCode's problem pane, or within the SARIF viewer for additional information and filters.

By default, a sensible policy is used, or you can simply add a Monokle validation configuration file to your workspace to customize the rules.

This is Technical Preview release. We are open to any feedback and eager to improve the product together with our users and community. Feel free to drop us any questions, feature proposals and issues.

Features

Validate your resources in a blink of an eye

Monokle extension runs in a background and validates all resources within your workspace in real-time. After installing the extension, default policy is used so you are ready to go!

Policy can be changed using Monokle: Bootstrap configuration command or by connecting to Monokle Cloud to use centralized policy.

Fix your resources with ease

You can fix most of the problems with Autofix quick action! Just open a quick fix panel and apply "Fix..." action.

Easily navigate through all errors and resources

Monokle validation panel allows you to easily see all validation errors grouped by resource or rule id, see rule details and navigate to exact line in each resource where violation was detected.

See violations in Problems tab for opened resources

When navigating through resource files, you can see all violations in VSC build-in Problems tab.

Get instant feedback on fixes

Validation runs in a background every time a file is modified and saved. This way you get instant feedback when applying fixes.

Suppress specific rules for any resource

You can suppress rules for specific resources via "Suppress..." quick fix action. This instructs Monokle extension that the resource is the way you wanted and ignore the rule for this specific resource.

Adjust to your needs

With dedicated Monokle: Bootstrap configuration command, you can customize validation configuration in seconds and adjust to your specific needs.

Enforce policies with Monokle Cloud and Monokle Enterprise

Quickly define and manage polices in Monokle Cloud or self-hosted Monokle Enterprise which will be used for anyone working with the project in VSC.

Configure policies easily with Monokle

Synchronizes automatically and with single command

Manage suppressions globally

When connected to Monokle Cloud or self-hosted Monokle Enterprise you can suppress any misconfiguration directly from VSCode using Suppress... / Request suppression... quick action. These suppressions are synchronized and can be managed globally from Monokle Cloud and Monokle Enterprise.

See Monokle Cloud/Enterprise integration setup section below on how to configure it.

Runs with commands

Use command palette to interact with extension, run validation, see current configuration and more.

• Monokle: Validate - runs validation of Kubernetes resources on demand.
• Monokle: Synchronize - synchronizes remote policy from Monokle Cloud.
• Monokle: Login - logins to Monokle Cloud.
• Monokle: Logout - logouts from Monokle Cloud.
• Monokle: Show validation panel - opens validation panel (this can be also done be clicking on Monokle status bar icon).
• Monokle: Show configuration - opens validation configuration file which is used as validation configuration for given project.
• Monokle: Bootstrap configuration - creates monokle.validation.yaml configuration file. It is a quick way to adjust validation config.

Default Validation Policy

The default configuration used for resource validation enables the following validation plugins:

• Pod Security Standard validation, based on the corresponding standard from the Kubernetes project.
• Kubernetes Schema validation for checking schema and Kubernetes version compliance.
• Resource Links validation to ensure that all references between resources are valid.
• YAML syntax validation.

Read about these plugins and their individual validation rules in the Core Plugins documentation.

To customize default configuration you can run Monokle: Bootstrap validation command to generate local monokle.validation.yaml configuration file in your project folder or connect with remote policy with Monokle Cloud.

Monokle Cloud/Enterprise integration setup

To use remote policy with Monokle extension you will need to create a project and configure policy for it in Monokle Cloud. Start by signing in to Monokle Cloud.

IMPORTANT: The steps are the same for Monokle Enterprise. The main difference is that monokle.origin configuration needs to be changed to point to Enterprise instance (web app URL).

In case of doubts, refer to Getting Started Guide or hit us directly on Discord.

Project setup

After signing up, start by creating a project on Projects page:

Add your repository to your project

After project is created, add a repository (the one you will be working locally with) to a project. This can be done by going to Repositories tab in project view and using Add repository button:

Policy setup

The last step is policy setup. You can use policy wizard by going to Policy tab in project view:

Synchronize

After the setup is done, you can run Monokle: Synchronize command to speed-up initial policy fetching and get the validation going.

Extension Settings

This extension contributes the following settings:

• monokle.run - Run resource validation when typing (onType) or only when file is saved (onSave).
• monokle.automaticallyOpenPanel - Open Violations panel automatically when project is opened (onProjectOpen) or never (never).
• monokle.configurationPath - Set path to external validation configuration file.
• monokle.project - Define remote project from which policy should be used for validation.
• monokle.origin - Overwrite default Monokle Cloud URL (e.g. when running own Monokle Enterprise instance).
• monokle.enabled - Enable/disable this extension.
• monokle.telemetryEnabled - Enable/disable anonymous telemetry.
• monokle.verbose - Log runtime information to VSC Developer Console.

IMPORTANT: Project slug used for monokle.project can be found in Project > Settings tab in a Project slug field.

Dependencies

A core component of Monokle extension and dependency is @monokle/validation library.

Monokle extension depends on Monokle SARIF Viewer extension. It should be installed automatically when installing Monokle extension.

Questions and contributing

Feel free to drop any question related this extension in GitHub Monokle discussions. If you found a bug or would like to request a new feature, report it as GitHub issue.

We are happy to help and assist you in case of any doubts or questions.

For contributing code see CONTRIBUTING.md file.