✨ +enum validation marker
#1179
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: MishimaPorte The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
cncf-cla: no
|
Welcome @MishimaPorte! |
k8s-ci-robot
added
the
needs-ok-to-test
|
Hi @MishimaPorte. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
k8s-ci-robot
added
size/L
There was a problem hiding this comment.
There are clearly a lot of types that have enum already that we've ignored up til now. This will impact existing CRDs for users where they've copied core kube types. Are we to assume that where they've copied the built-in type, this is a safe change? The general use case would be to pass through the core kube type to the underlying pod or whatever it is that is being created
Assuming a recent version of K8s, the change should ratchet invalid values anyway 🤔
There was a problem hiding this comment.
I think it is? Probably for core types that have enum tags the values outside of enum-defined set are anyway invalid.
Co-authored-by: Joel Speed <[email protected]>
When both |
Lets add a test case for this one please |
Done |
|
/ok-to-test |
k8s-ci-robot
added
ok-to-test
pkg/crd/markers/validation.go
Outdated
| // apply this enum only if there were no other enum values specified | ||
| // (e.g. via a "+enum" marker) | ||
| if len(schema.Enum) != 0 { | ||
| return nil | ||
| } |
There was a problem hiding this comment.
Are there any other markers that do this kind of thing? Is there precedence?
pkg/crd/markers/validation.go
Outdated
| // apply this enum only if there were no other enum values specified | ||
| // (e.g. via a "+enum" marker) | ||
| if len(schema.Enum) != 0 { | ||
| return nil | ||
| } |
There was a problem hiding this comment.
Are there any other markers that do this kind of thing? Is there precedence?
There was a problem hiding this comment.
I don't think so. But enum markers are kind of the only ones that do the same thing differently so some decision on precedence here is needed in any case.
There was a problem hiding this comment.
CC @alvaroaleman @sbueringer do you have an opinion on this?
At present, when you have the kubebuilder:validation:enum on the field and a type alias, I believe you get a struct like
allOf:
- enum: []
- enum: []
I wonder if, to be consistent, this case should also do the same? It would encourage developers to deduplicate their markers which I think is probably a positive
There was a problem hiding this comment.
It would encourage developers to deduplicate their markers
I believe this is less of a usecase here since both markers (+enum and +kubebuilder:validation:enum) are at the same place - on the type alias declaration, not in distant places (one on the field and the other on the type). So it is close to impossible to have accidental duplicates, like with the aforementioned example. I personally would prefer this to be an error right away, but it can probably harm backward compatibility.
There was a problem hiding this comment.
I wonder if we want to make the preference configurable. The default behaviour though I think needs to be that kubebuilder:validation:enum takes precedence over the naked enum though. That way we won't break existing users. I'm worried that built in types that already have the enum will get broken when this change rolls out
There was a problem hiding this comment.
I think configurable precedence would complicate things too much - we can just make the kubebuilder:validation:enum take precedence over +enum and call it a day.
For known core types it can be made configurable, but, honestly, the now-generated enum block should have always been there in the schema. I can think of zero example where such a change would complicate something - on the contrary, probably additional validation would make the generated crds less error-prone.
There was a problem hiding this comment.
should have always been there in the schema
Yes, but depending on the use case, this is likely a breaking change for the people using the CRDs built by this tooling
we can just make the kubebuilder:validation:enum take precedence over +enum and call it a day.
I would lean towards this for now to be safe
There was a problem hiding this comment.
this is likely a breaking change for the people using the CRDs built by this tooling
so, a configuration flag? but an opt-in or opt-out one is what we need? I personally would argue for the latter since the change seems to be beneficial in most of the cases (at least when something like PodTemplate is used)
As per issue #933, it seems to be beneficial to support upstream
+enumvalidation marker that infers enum members for a type from constant declarations of that type.So, given
every time the
MyEnumTypeis used, anenumblock is rendered in the schema as follows:This mechanism only handles the string-based types and does not handle numerical types.
A testcase for the generator is added as well.