Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validation for metadata.labels #21

Open
gitkent opened this issue May 5, 2023 · 3 comments
Open

Validation for metadata.labels #21

gitkent opened this issue May 5, 2023 · 3 comments

Comments

@gitkent
Copy link

gitkent commented May 5, 2023

Hi all,

We are trying to put some validation in place for our Kubernetes manifests YAML files and we noticed that it is not validating the labels mapping value as per its requirements:

❯ kubernetes-validate  /tmp/test-ns.yaml
INFO /tmp/test-ns.yaml passed for resource namespace/test1 against version 1.26

❯ oc apply -f /tmp/test-ns.yaml --dry-run=server --validate=true
The Namespace "test1" is invalid: metadata.labels: Invalid value: "my value": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue',  or 'my_value',  or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')

❯ cat /tmp/test-ns.yaml | grep "my value"
    mykey: my value

By any chance we can have validation for this?

Kent
@willthames
Copy link
Owner

I'm not sure if this is possible or not, but would love to have this happen. I'll see if I can work it out.

@willthames
Copy link
Owner

I think the problem might be that with your oc apply the validation happens at server-side - there is nothing in the kubernetes swagger file that says what a label must look like, so kubernetes-validate can't know without talking to a server (which is a use-case I don't really want to deal with).

I'll see if there's a better source of truth for label definitions than the swagger file (as there are so many use cases this would be really helpful for)

@gitkent
Copy link
Author

gitkent commented May 5, 2023

Thanks for looking into that @willthames

Agreed. it would be better to not talking to server and leave it as standalone. Keep us posted if you could find any source of truth for the label definition, otherwise maybe can consider do validation using the given regex '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?' which seems to be the permanent requirement. - Just a suggestion) :-)

and yes it would be very useful as we have tonnes of manifests (not just namespace) have metadata.labels defined while many contributors from different teams making changes to our k8s manifests.

Kent

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@willthames @gitkent