ytt lint Concept - phil9909/ytt GitHub Wiki

I see three possible options:

  1. Validating a template using a given values.yaml.
  2. Generating a schema for values.yaml based on a template and a schema for the desired output.
  3. Validating only the template trying to infer the data-types.

1. Validating a template using a given values.yaml

IMHO the most boring option.

Example input:

#@ load("@ytt:data", "data")
---
apiVersion: v1
kind: Secret
metadata:
    creationTimestamp: null
    name: my-secret
    namespace: my-namespace
stringData:
    username: #! data.values.username
    password: #! data.values.password
#@data/values
---
username: root
password: 123456

Example output:

ERROR: Value "password" is of type "number" but used as "stringData.username" which expects type "string"

2. Generating a schema for values.yaml based on a template and a schema for the desired output.

The resulting schema can then be used to validate a values.yaml by the consumer of the ytt template.

Example input:

#@ load("@ytt:data", "data")
---
apiVersion: v1
kind: Secret
metadata:
    creationTimestamp: null
    name: my-secret
    namespace: my-namespace
stringData:
    username: #! data.values.username
    password: #! data.values.password

Example output:

 {
   "$schema": "http://json-schema.org/draft-07/schema#",
   "type": "object",
   "required": [
     "username",
     "password"
   ],
   "properties": {
     "username": {
       "type": "string",
     },
     "password": {
       "type": "string",
     }
   }
 }

In the example a json-schema is generated. Alternatively, one could generate starlark code which validates the parameters.

3. Validating only the template trying to infer the data-types.

Example input:

#@ load("@ytt:data", "data")
---
apiVersion: v1
kind: Secret
metadata:
    creationTimestamp: null
    name: my-secret
    namespace: my-namespace
stringData:
    username: #! data.values.username + "@example.com"
    password: #! data.values.password

Example output:

[WARNING] line 11: stringData.password must be of type "string" use "str(data.values.password)" to prevent errors.

Notice: We have detected stringData.username is generated using the binary operator + and one of the Parameters is a string so we can infer the result will be a string.

This is implemented as a POC.

Comparison

Validate values.yaml Generate Schmea Validate template
Complexity simple middle hard
Problems Maybe there just isn't enough information to generate good results