feat(diagnostics): Add kube-linter (#294)

vkhitrin · pre-commit-ci[bot] · web-flow · commit 4e54e67d6886 · 2025-07-25T04:52:44.000+08:00
* feat(diagnostics): Add kube-linter Adding https://github.com/stackrox/kube-linter which supports diagnostics for Helm and Kubernetes YAML files. * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --------- Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
diff --git a/doc/BUILTINS.md b/doc/BUILTINS.md
@@ -473,10 +473,12 @@ local sources = {
 - Checkstyle only offers a jar file as download. It is recommended to put an executable wrapper script in
 your path.
 Example wrapper script:
+
 ```bash
 #!/usr/bin/env bash
 java -jar path/to/checkstyle.jar "$@"
 ```
+
 - Checkstyle needs a mandatory `-c` argument. Use `extra_args` to add yours. `extra_args` can also be a
 function to build more sophisticated logic.
 
@@ -501,14 +503,16 @@ local sources = { null_ls.builtins.diagnostics.clazy }
 
 - `clazy` needs a compilation database (`compile_commands.json`) to work. By default `clazy` will search for a compilation database in all parent folders of the input file.
 - If the compilation database is not in a parent folder, the `-p` option can be used to point to the corresponding folder (e.g. the projects build directory):
+
 ```lua
 local sources = {
     null_ls.builtins.diagnostics.clazy.with({
         extra_args = { "-p=$ROOT/build" },
     }),
 }
 ```
-- Alternatively, `compile_commands.json` can be linked into the project's root directory. For more information see https://clang.llvm.org/docs/HowToSetupToolingForLLVM.html
+
+- Alternatively, `compile_commands.json` can be linked into the project's root directory. For more information see <https://clang.llvm.org/docs/HowToSetupToolingForLLVM.html>
 - `clazy` will be run only when files are saved to disk, so that `compile_commands.json` can be used.
 
 ### [clj_kondo](https://github.com/clj-kondo/clj-kondo)
@@ -1165,10 +1169,12 @@ local sources = {
 - PMD only offers parameterized wrapper scripts as download. It is recommended to put an executable wrapper
 script in your path.
 Example wrapper script:
+
 ```bash
 #!/usr/bin/env bash
 path/to/pmd/bin/run.sh pmd "$@"
 ```
+
 - PMD needs a mandatory `--rulesets`/`-rulesets`/`-R` argument. Use `extra_args` to add yours. `extra_args`
 can also be a function to build more sophisticated logic.
 
@@ -2093,27 +2099,35 @@ local sources = { null_ls.builtins.formatting.blackd }
 ##### `hostname` (string)
 
 Address to bind the server to. Defaults to localhost.
+
 ##### `port` (string)
 
 Port to listen on. Defaults to 45484.
+
 ##### `line_length` (number)
 
 Set how many characters per line to allow. Defaults to 88.
+
 ##### `skip_source_first_line` (boolean)
 
 If set to true, the first line of the source code will be ignored. Defaults to false.
+
 ##### `skip_string_normalization` (boolean)
 
 If set to true, no string normalization will be performed. Defaults to false.
+
 ##### `skip_magic_trailing_comma` (boolean)
 
 If set to true, trailing commas will not be used as a reason to split lines. Defaults to false.
+
 ##### `preview` (boolean)
 
 If set to true, experimental and potentially disruptive style changes will be used. Defaults to false.
+
 ##### `fast` (boolean)
 
 If set to true, Black will not perform an AST safety check after formatting. Defaults to false.
+
 ##### `python_variant` (string)
 
 If set to pyi, Black will format all input files like typing stubs regardless of the file extension. Otherwise, its value must correspond to a Python version or a set of comma-separated Python versions, optionally prefixed with py. (e.g. py3.5,py3.6). Defaults to empty string.
@@ -2964,6 +2978,7 @@ local sources = { null_ls.builtins.formatting.isortd }
 ##### `hostname` (string)
 
 Address that the isortd server listens on. Defaults to localhost.
+
 ##### `port` (string)
 
 Port that the isortd server listens on. Defaults to 47393.
@@ -3002,6 +3017,24 @@ local sources = { null_ls.builtins.formatting.just }
 - Command: `just`
 - Args: `{ "--fmt", "--unstable", "-f", "$FILENAME" }`
 
+### [kube-linter](https://github.com/stackrox/kube-linter)
+
+KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure 
+the applications represented in them adhere to best practices.
+
+#### Usage
+
+```lua
+local sources = { null_ls.builtins.diagnostics.kube_linter }
+```
+
+#### Defaults
+
+- Filetypes: `{ "helm", "yaml" }`
+- Method: `diagnostics`
+- Command: `kube-linter`
+- Args: `{ "lint", "--format", "json" "$ROOT" }`
+
 ### [ktlint](https://ktlint.github.io/)
 
 An anti-bikeshedding Kotlin linter with built-in formatter.
diff --git a/lua/null-ls/builtins/_meta/diagnostics.lua b/lua/null-ls/builtins/_meta/diagnostics.lua
@@ -94,6 +94,9 @@ return {
   haml_lint = {
     filetypes = { "haml" }
   },
+  kube_linter = {
+    filetypes = { "helm", "yaml" }
+  },
   ktlint = {
     filetypes = { "kotlin" }
   },
diff --git a/lua/null-ls/builtins/_meta/filetype_map.lua b/lua/null-ls/builtins/_meta/filetype_map.lua
@@ -208,7 +208,7 @@ return {
     formatting = { "atlas_fmt", "hclfmt", "packer", "terragrunt_fmt" }
   },
   helm = {
-    diagnostics = { "trivy" }
+    diagnostics = { "trivy", "kube_linter" },
   },
   html = {
     diagnostics = { "markuplint", "tidy" },
@@ -497,7 +497,7 @@ return {
     formatting = { "tidy", "xmllint" }
   },
   yaml = {
-    diagnostics = { "actionlint", "cfn_lint", "spectral", "vacuum", "yamllint" },
+    diagnostics = { "actionlint", "cfn_lint", "spectral", "vacuum", "yamllint", "kube_linter" },
     formatting = { "prettier", "prettierd", "yamlfix", "yamlfmt" }
   },
   ["yaml.ansible"] = {
diff --git a/lua/null-ls/builtins/diagnostics/kube_linter.lua b/lua/null-ls/builtins/diagnostics/kube_linter.lua
@@ -0,0 +1,42 @@
+local null_ls = require("null-ls")
+local helpers = require("null-ls.helpers")
+
+return helpers.make_builtin({
+    name = "kube_linter",
+    meta = {
+        url = "https://github.com/stackrox/kube-linter",
+        description = "KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.",
+    },
+    method = null_ls.methods.DIAGNOSTICS,
+    filetypes = { "helm", "yaml" },
+    factory = helpers.generator_factory,
+    generator_opts = {
+        command = "kube-linter",
+        args = {
+            "lint",
+            "--format",
+            "json",
+            "$ROOT",
+        },
+        from_stderr = false,
+        ignore_stderr = true,
+        multiple_files = true,
+        format = "json",
+        check_exit_code = function(c)
+            return c <= 1
+        end,
+        on_output = function(params)
+            local diags = {}
+            for _, diag in ipairs(params.output.Reports) do
+                table.insert(diags, {
+                    source = "kube-linter",
+                    code = diag.Check,
+                    message = diag.Diagnostic.Message .. "\n" .. diag.Remediation,
+                    severity = helpers.diagnostics.severities["error"],
+                    filename = diag.Object.Metadata.FilePath,
+                })
+            end
+            return diags
+        end,
+    },
+})
