You are browsing unreleased documentation. See the latest documentation here.
deck validate
deck validate
functionality has moved todeck gateway validate
.deck validate
will be removed in a future major version of decK (decK 2.x). We recommend migrating to deck gateway validate.
In the new command:
- Files changed to positional arguments without the
-s/--state
flag- The default write location changed from
kong.yaml
to-
(stdin/stdout)- The
--online
flag is removed, use eitherdeck file
ordeck gateway
The validate command reads the state file and ensures validity. It reads all the specified state files and reports YAML/JSON parsing issues. It also checks for foreign relationships and alerts if there are broken relationships, or missing links present.
No communication takes places between decK and Kong during the execution of this command unless –online flag is used.
Syntax
deck validate [command-specific flags] [global flags]
Flags
-
-h
,--help
- help for validate
--konnect-compatibility
- validate that the state file(s) are ready to be deployed to Konnect (Default:
false
) --online
- perform validations against Kong API. When this flag is used, validation is done
via communication with Kong. This increases the time for validation but catches
significant errors. No resource is created in Kong. (Default:
false
) --parallelism
- Maximum number of concurrent requests to Kong. (Default:
10
) --rbac-resources-only
- indicate that the state file(s) contains RBAC resources only (Kong Gateway Enterprise only). (Default:
false
) -
-s
,--state
- file(s) containing Kong’s configuration.
This flag can be specified multiple times for multiple files.
Use ‘-‘ to read from stdin. (Default:
[kong.yaml]
) -
-w
,--workspace
- validate configuration of a specific workspace (Kong Gateway Enterprise only). This takes precedence over _workspace fields in state files.
Global flags
--analytics
- Share anonymized data to help improve decK.
Use
--analytics=false
to disable this. (Default:true
) --ca-cert
- Custom CA certificate (raw contents) to use to verify Kong’s Admin TLS certificate.
This value can also be set using DECK_CA_CERT environment variable.
This takes precedence over
--ca-cert-file
flag. --ca-cert-file
- Path to a custom CA certificate to use to verify Kong’s Admin TLS certificate. This value can also be set using DECK_CA_CERT_FILE environment variable.
--config
- Config file (default is $HOME/.deck.yaml).
--headers
- HTTP headers (key:value) to inject in all requests to Kong’s Admin API. This flag can be specified multiple times to inject multiple headers.
--kong-addr
- HTTP address of Kong’s Admin API.
This value can also be set using the environment variable DECK_KONG_ADDR
environment variable. (Default:
"http://localhost:8001"
) --kong-cookie-jar-path
- Absolute path to a cookie-jar file in the Netscape cookie format for auth with Admin Server. You may also need to pass in as header the User-Agent that was used to create the cookie-jar.
--konnect-addr
- Address of the Konnect endpoint. (Default:
"https://us.api.konghq.com"
) --konnect-token
- Token associated with your Konnect account. This takes precedence over the
--konnect-token-file
flag. --konnect-token-file
- File containing the token associated with your Konnect account.
--konnect-control-plane-name
- Konnect control plane name.
--no-color
- Disable colorized output (Default:
false
) --skip-workspace-crud
- Skip API calls related to Workspaces (Kong Gateway Enterprise only). (Default:
false
) --timeout
- Set a request timeout for the client to connect with Kong (in seconds). (Default:
10
) --tls-client-cert
- PEM-encoded TLS client certificate to use for authentication with Kong’s Admin API. This value can also be set using DECK_TLS_CLIENT_CERT environment variable. Must be used in conjunction with tls-client-key
--tls-client-cert-file
- Path to the file containing TLS client certificate to use for authentication with Kong’s Admin API. This value can also be set using DECK_TLS_CLIENT_CERT_FILE environment variable. Must be used in conjunction with tls-client-key-file
--tls-client-key
- PEM-encoded private key for the corresponding client certificate . This value can also be set using DECK_TLS_CLIENT_KEY environment variable. Must be used in conjunction with tls-client-cert
--tls-client-key-file
- Path to file containing the private key for the corresponding client certificate. This value can also be set using DECK_TLS_CLIENT_KEY_FILE environment variable. Must be used in conjunction with tls-client-cert-file
--tls-server-name
- Name to use to verify the hostname in Kong’s Admin TLS certificate. This value can also be set using DECK_TLS_SERVER_NAME environment variable.
--tls-skip-verify
- Disable verification of Kong’s Admin TLS certificate.
This value can also be set using DECK_TLS_SKIP_VERIFY environment variable. (Default:
false
) --verbose
- Enable verbose logging levels
Setting this value to 2 outputs all HTTP requests/responses
between decK and Kong. (Default:
0
)
See also
- deck - Administer your Kong clusters declaratively