CRD policyendpoints does not pass kubeconform schema validation

[phihos]

What happened:

After rendering resources via aws-vpc-cni helm chart kubeconform checks it against the CustomResourceDefinition schema and fails with

policyendpoints.networking.k8s.aws is invalid: For field metadata.creationTimestamp: Invalid type. Expected: string, given: null

It refers to this line:

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.3
  creationTimestamp: null  <--- this one
  labels:
    app.kubernetes.io/name: amazon-network-policy-controller-k8s
  name: policyendpoints.networking.k8s.aws
spec:

Can this attribute be safely deleted? If not, what is the purpose of setting creationTimestamp: null ?

What you expected to happen:

The CRD should pass kubeconform.

How to reproduce it (as minimally and precisely as possible):

git clone https://github.com/aws/amazon-vpc-cni-k8s.git
cd amazon-vpc-cni-k8s/charts/aws-vpc-cni
cat crds/customresourcedefinition.yaml| kubeconform -schema-location default -schema-location 'https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{.NormalizedKubernetesVersion}}/{{.ResourceKind}}.json'

Output:

stdin - CustomResourceDefinition policyendpoints.networking.k8s.aws is invalid: problem validating schema. Check JSON formatting: jsonschema: '/metadata/creationTimestamp' does not validate with https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/master/customresourcedefinition.json#/properties/metadata/$ref/properties/creationTimestamp/$ref/type: expected string, but got null

[orsenthil]

I think, we just have to remove this line

https://github.com/aws/amazon-vpc-cni-k8s/blob/master/charts/aws-vpc-cni/crds/customresourcedefinition.yaml#L61

And it should be set automatically by Kubernetes when the resource is created.