deck gateway validate
The validate command reads the state file and ensures validity. It reads all the specified state files and reports YAML/JSON parsing issues. It also checks for foreign relationships and alerts if there are broken relationships, or missing links present.
Validates against the Kong API, via communication with Kong. This increases the
time for validation but catches significant errors. No resource is created in Kong.
For offline validation, see deck file validate
.
deck gateway validate
is the replacement fordeck validate
.
Indeck gateway validate
, the following has changed:
- Files changed to positional arguments without the
-s/--state
flag- The default write location changed from
kong.yaml
to-
(stdin/stdout)- The
--online
flag is removed, use eitherdeck file
ordeck gateway
Syntax
deck gateway validate [filename] [command-specific flags] [global flags]
Flags
-
-h
,--help
- help for validate
--konnect-compatibility
- validate that the state file(s) are ready to be deployed to Konnect (Default:
false
) --online-entities-list
- Specify the list of valid Kong entities (case-sensitive) to be validated online. This indicates which entities in the state file(s) should be checked via online validation.
--parallelism
- Maximum number of concurrent requests to Kong. (Default:
10
) --rbac-resources-only
- indicate that the state file(s) contains RBAC resources only (Kong Gateway Enterprise only). (Default:
false
) -
-w
,--workspace
- validate configuration of a specific workspace (Kong Gateway Enterprise only). This takes precedence over _workspace fields in state files.
Global flags
--analytics
- Share anonymized data to help improve decK.
Use
--analytics=false
to disable this. (Default:true
) --ca-cert
- Custom CA certificate (raw contents) to use to verify Kong’s Admin TLS certificate.
This value can also be set using DECK_CA_CERT environment variable.
This takes precedence over
--ca-cert-file
flag. --ca-cert-file
- Path to a custom CA certificate to use to verify Kong’s Admin TLS certificate. This value can also be set using DECK_CA_CERT_FILE environment variable.
--config
- Config file (default is $HOME/.deck.yaml).
--headers
- HTTP headers (key:value) to inject in all requests to Kong’s Admin API. This flag can be specified multiple times to inject multiple headers.
--kong-addr
- HTTP address of Kong’s Admin API.
This value can also be set using the environment variable DECK_KONG_ADDR
environment variable. (Default:
"http://localhost:8001"
) --kong-cookie-jar-path
- Absolute path to a cookie-jar file in the Netscape cookie format for auth with Admin Server. You may also need to pass in as header the User-Agent that was used to create the cookie-jar.
--konnect-addr
- Address of the Konnect endpoint. (Default:
"https://us.api.konghq.com"
) --konnect-token
- Token associated with your Konnect account. This takes precedence over the
--konnect-token-file
flag. --konnect-token-file
- File containing the token associated with your Konnect account.
--konnect-control-plane-name
- Konnect control plane name.
--no-color
- Disable colorized output (Default:
false
) --skip-workspace-crud
- Skip API calls related to Workspaces (Kong Gateway Enterprise only). (Default:
false
) --timeout
- Set a request timeout for the client to connect with Kong (in seconds). (Default:
10
) --tls-client-cert
- PEM-encoded TLS client certificate to use for authentication with Kong’s Admin API. This value can also be set using DECK_TLS_CLIENT_CERT environment variable. Must be used in conjunction with tls-client-key
--tls-client-cert-file
- Path to the file containing TLS client certificate to use for authentication with Kong’s Admin API. This value can also be set using DECK_TLS_CLIENT_CERT_FILE environment variable. Must be used in conjunction with tls-client-key-file
--tls-client-key
- PEM-encoded private key for the corresponding client certificate . This value can also be set using DECK_TLS_CLIENT_KEY environment variable. Must be used in conjunction with tls-client-cert
--tls-client-key-file
- Path to file containing the private key for the corresponding client certificate. This value can also be set using DECK_TLS_CLIENT_KEY_FILE environment variable. Must be used in conjunction with tls-client-cert-file
--tls-server-name
- Name to use to verify the hostname in Kong’s Admin TLS certificate. This value can also be set using DECK_TLS_SERVER_NAME environment variable.
--tls-skip-verify
- Disable verification of Kong’s Admin TLS certificate.
This value can also be set using DECK_TLS_SKIP_VERIFY environment variable. (Default:
false
) --verbose
- Enable verbose logging levels
Setting this value to 2 outputs all HTTP requests/responses
between decK and Kong. (Default:
0
)
See also
Gateway subcommands:
- deck gateway diff - Performs a diff to determine the differences between the current entities in Kong and the ones on disk.
- deck gateway dump - Export Kong configuration to a file
- deck gateway ping - Verify connectivity with Kong
- deck gateway reset - Deletes all entities in Kong
- deck gateway sync - Sync performs operations to get Kong’s configuration to match the state file
- deck gateway validate - Validate the state file