ytt lint Concept - phil9909/ytt GitHub Wiki
I see three possible options:
- Validating a template using a given
values.yaml
. - Generating a schema for
values.yaml
based on a template and a schema for the desired output. - Validating only the template trying to infer the data-types.
values.yaml
1. Validating a template using a given IMHO the most boring option.
Example input:
#@ load("@ytt:data", "data")
---
apiVersion: v1
kind: Secret
metadata:
creationTimestamp: null
name: my-secret
namespace: my-namespace
stringData:
username: #! data.values.username
password: #! data.values.password
#@data/values
---
username: root
password: 123456
Example output:
ERROR: Value "password" is of type "number" but used as "stringData.username" which expects type "string"
values.yaml
based on a template and a schema for the desired output.
2. Generating a schema for The resulting schema can then be used to validate a values.yaml
by the consumer of the ytt template.
Example input:
#@ load("@ytt:data", "data")
---
apiVersion: v1
kind: Secret
metadata:
creationTimestamp: null
name: my-secret
namespace: my-namespace
stringData:
username: #! data.values.username
password: #! data.values.password
Example output:
{
"$schema": "http://json-schema.org/draft-07/schema#",
"type": "object",
"required": [
"username",
"password"
],
"properties": {
"username": {
"type": "string",
},
"password": {
"type": "string",
}
}
}
In the example a json-schema is generated. Alternatively, one could generate starlark code which validates the parameters.
3. Validating only the template trying to infer the data-types.
Example input:
#@ load("@ytt:data", "data")
---
apiVersion: v1
kind: Secret
metadata:
creationTimestamp: null
name: my-secret
namespace: my-namespace
stringData:
username: #! data.values.username + "@example.com"
password: #! data.values.password
Example output:
[WARNING] line 11: stringData.password must be of type "string" use "str(data.values.password)" to prevent errors.
Notice: We have detected stringData.username
is generated using the binary operator +
and one of the Parameters is a string so we can infer the result will be a string.
This is implemented as a POC.
Comparison
Validate values.yaml | Generate Schmea | Validate template | |
---|---|---|---|
Complexity | simple | middle | hard |
Problems | Maybe there just isn't enough information to generate good results |