Ensure Kubernetes manifests match your .env files.
envcheck k8s-sync [OPTIONS] <MANIFESTS> --env <ENV_FILE>
<MANIFESTS>... - Kubernetes YAML files (supports glob patterns)| Option | Description |
|---|---|
-e, --env <FILE> | Reference .env file (required) |
-f, --format <FORMAT> | Output format: text, json, github |
-q, --quiet | Suppress output, use exit codes |
--ignore-namespaces <NS> | Comma-separated namespaces to ignore |
spec.template.spec.containers[*].envspec.template.spec.containers[*].envspec.template.spec.containers[*].envspec.jobTemplate.spec.template.spec.containers[*].envstringData and data keysdata keys--- separator| Code | Meaning |
|---|---|
| 0 | No mismatches |
| 1 | Missing keys found |
| 2 | Unused keys found (info) |
envcheck k8s-sync k8s/base/*.yaml --env .env.example
Output:
W005: Key in K8s but missing in .env: API_ENDPOINT
W006: Key in .env but unused in K8s: LOCAL_DEV_KEY
envcheck k8s-sync k8s/**/*.yaml --env .env.example
envcheck k8s-sync k8s/base/*.yaml --env .env.example --format=github
Output:
::warning file=k8s/deployment.yaml,line=45,col=1::W005: Key in K8s but missing in .env: DATABASE_URL
envcheck k8s-sync k8s/**/*.yaml --env .env.example --ignore-namespaces=kube-system
| Code | Rule | Severity | Description |
|---|---|---|---|
| W005 | K8s Missing Env | Warning | Environment variable used in K8s but not defined in .env |
| W006 | Unused Env | Info | Key in .env but never referenced in K8s manifests |
The command parses YAML files and extracts:
env: and envFrom:valueFrom.secretKeyRefvalueFrom.configMapKeyRefSecret.stringData and Secret.dataConfigMap.dataThese are then compared against keys in your .env file.
#!/bin/sh
git diff --name-only --cached | grep -E '\.ya?ml$' | \
xargs envcheck k8s-sync --env .env.example
- name: Validate K8s manifests
run: envcheck k8s-sync k8s/**/*.yaml --env .env.example
helm template myapp ./chart > /tmp/rendered.yaml
envcheck k8s-sync /tmp/rendered.yaml --env .env.example
.env files