ValidKube looks to help developers clean and secure Kubernetes YAML code

Let the OSS Enterprise newsletter guide your open source journey! Sign up here.

Today, Kubernetes-native troubleshooting platform Komodor and Aqua Security announced the release of a new open source solution called ValidKube, which is designed to enable developers to validate, clean, and secure Kubernetes YAML code with a single centralized solution. 

ValidKube combines the capabilities of kubeval, kubectl-neat, and trivy, which each offering capabilities such as validating Kubernetes configuration files, cleaning Kubernetes YAML, making JSON output readable, and scanning for vulnerabilities in container images, file systems and Git repositories. 

Combining each of these open source tools into a single product enables developers to deploy and manage containers effectively with a holistic view of code, configurations, and third-party app changes throughout the Kubernetes stack.

This means technical decision makers can use ValidKube to better support dev teams in managing Kubernetes containers and write code that’s more secure and performs better.

Simplifying Kubernetes development  

Since Kubernetes release in 2014, complexity has emerged as a consistent barrier for organizations. In the past, even Google has admitted that the solution is “incredibly complex,” with a high volume of configuration options worsened by the fact that the YAML code determines how deployments run. 

ValidKube simplifies YAML development by providing developers with a place to share feedback and improve the performance of the code. 

“The main benefit for ValidKube is providing a central place to get feedback and improve your code. Most developers are already using some open source, but if you have too many tools it can be overwhelming, you have to download and maintain different packages,” said Itiel Schwartz, CTO and cofounder of Komodor, told VentureBeat.

“With ValidKube it runs right in the browser, so there’s no need to download anything and we are trying to centralize the value of as many Kubernetes projects as we can going forward and look forward to see[ing] how the community improves it,” Schwartz said. 

Standing out as the browser-based Kubernetes solution

ValidKube is part of the global Kubernetes solutions market, valued at $1,406.6 million in 2020, and estimated to reach $4645.1 million by 2027. The market includes not only open source tools like kubeval, kubectl-neat, and trivy, but also a range of proprietary solutions from providers including AWS, IBM, Google, and Microsoft. 

One such proprietary solution is Google Cloud Code, which is designed to let developers edit Google Cloud and Kubernetes-related configuration files, create custom schemas and more, playing a role in contributing to the organization’s $5.5 billion revenue last year.  

However, one of the key elements that ValidKube is using to differentiate itself from competing solutions is its browser-based approach. 

“There’s a continuous trend of putting more power and responsibility in developers’ hands, especially in Kubernetes and Cloud Native technologies. Security is one of these responsibilities that is shifting toward developers. This ‘shift left’ approach encourages applying security practices early in the development lifecycle,” said Itay Shakury, director of open source at Aqua Security.