validate against crd and strictly

cmd/validateRadixConfig.go

@@ -24,7 +24,9 @@ import (
 	"github.com/equinor/radix-operator/pkg/apis/radixvalidators"
 	"github.com/equinor/radix-operator/pkg/apis/utils"
 	"github.com/pkg/errors"
+	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+	"github.com/yannh/kubeconform/pkg/validator"
 	"sigs.k8s.io/yaml"
 )
 
@@ -47,13 +49,19 @@ var validateRadixConfigCmd = &cobra.Command{
 			return err
 		}
 
+		schema, err := cmd.Flags().GetString(flagnames.Schema)
+		if err != nil {
+			return err
+		}
+
+		fmt.Fprintf(os.Stderr, "Validating %s\n", radixconfig)
 		if _, err := os.Stat(radixconfig); errors.Is(err, os.ErrNotExist) {
-			return fmt.Errorf("RadixConfig file not found: %s", radixconfig)
+			return fmt.Errorf("RadixConfig file not found")
 		}
 
 		ra, err := utils.GetRadixApplicationFromFile(radixconfig)
 		if err != nil {
-			return fmt.Errorf("RadixConfig is invalid: %w", err)
+			return err
 		}
 
 		if printfile {
@@ -63,16 +71,54 @@ var validateRadixConfigCmd = &cobra.Command{
 			}
 		}
 
+		errs, err := validateSchema(radixconfig, schema)
+		if err != nil {
+			return err
+		}
+
 		err = radixvalidators.IsRadixApplicationValid(ra)
 		if err != nil {
-			return fmt.Errorf("RadixConfig is invalid:\n%w", err)
+			errs = append(errs, err)
+		}
+
+		err = strictUnmarshalValidation(radixconfig)
+		if err != nil {
+			errs = append(errs, err)
+		}
+
+		if len(errs) > 0 {
+			for _, err := range errs {
+				fmt.Fprintf(os.Stderr, " - %s\n", err.Error())
+			}
+
+			fmt.Fprintln(os.Stderr, "RadixConfig is invalid ")
+			os.Exit(2)
 		}
 
 		fmt.Fprintln(os.Stderr, "RadixConfig is valid")
 		return nil
 	},
 }
 
+func validateSchema(filename, schema string) ([]error, error) {
+	var errs []error
+	v, err := validator.New([]string{schema}, validator.Opts{Strict: true})
+	if err != nil {
+		return nil, fmt.Errorf("failed initializing validator: %s", err)
+	}
+
+	f, err := os.Open(filename)
+	if err != nil {
+		log.Fatalf("failed opening %s: %s", filename, err)
+	}
+	for _, res := range v.Validate(filename, f) { // A file might contain multiple resources
+		for _, err := range res.ValidationErrors {
+			errs = append(errs, fmt.Errorf("%s: %s", err.Path, err.Msg))
+		}
+	}
+	return errs, nil
+}
+
 func printRA(ra *radixv1.RadixApplication) error {
 	b, err := yaml.Marshal(ra)
 	if err != nil {
@@ -87,6 +133,7 @@ func init() {
 	validateCmd.AddCommand(validateRadixConfigCmd)
 	validateRadixConfigCmd.Flags().StringP(flagnames.ConfigFile, "f", "radixconfig.yaml", "Name of the radixconfig file. Defaults to radixconfig.yaml in current directory")
 	validateRadixConfigCmd.Flags().BoolP(flagnames.Print, "p", false, "Print parsed config file")
+	validateRadixConfigCmd.Flags().StringP(flagnames.Schema, "s", "https://raw.githubusercontent.com/equinor/radix-operator/release/json-schema/radixapplication.json", "Validate against schema")
 
 	// Allow but hide token-env flag so radix-github-actions won't interfere
 	validateRadixConfigCmd.Flags().Bool(flagnames.TokenEnvironment, false, fmt.Sprintf("Take the token from environment variable %s", client.TokenEnvironmentName))
@@ -95,3 +142,20 @@ func init() {
 		panic(err)
 	}
 }
+
+func strictUnmarshalValidation(filename string) error {
+	log.Debug("get radix application yaml from %s", filename)
+	radixApp := &radixv1.RadixApplication{}
+
+	raw, err := os.ReadFile(filename)
+	if err != nil {
+		return fmt.Errorf("failed to read file: %v", err)
+	}
+
+	err = yaml.UnmarshalStrict(raw, radixApp)
+	if err != nil {
+		return fmt.Errorf("strict test failed: %v", err)
+	}
+
+	return nil
+}

go.mod

@@ -1,13 +1,13 @@
 module github.com/equinor/radix-cli
 
-go 1.21
+go 1.22.0
 
-toolchain go1.21.0
+toolchain go1.22.1
 
 require (
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1
-	github.com/equinor/radix-operator v1.51.2
-	github.com/fatih/color v1.15.0
+	github.com/equinor/radix-operator v1.52.2-0.20240527123843-b73bc5820c12
+	github.com/fatih/color v1.16.0
 	github.com/go-openapi/errors v0.20.4
 	github.com/go-openapi/runtime v0.26.2
 	github.com/go-openapi/strfmt v0.21.8
@@ -16,7 +16,8 @@ require (
 	github.com/pkg/errors v0.9.1
 	github.com/sirupsen/logrus v1.9.3
 	github.com/spf13/cobra v1.8.0
-	k8s.io/utils v0.0.0-20240102154912-e7106e64919e
+	github.com/yannh/kubeconform v0.6.6
+	k8s.io/utils v0.0.0-20240310230437-4693a0247e57
 	sigs.k8s.io/yaml v1.4.0
 )
 
@@ -27,8 +28,12 @@ require (
 	github.com/cert-manager/cert-manager v1.14.2 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
-	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
+	github.com/emicklei/go-restful/v3 v3.11.2 // indirect
 	github.com/equinor/radix-common v1.7.1 // indirect
+	github.com/evanphx/json-patch v5.8.1+incompatible // indirect
+	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
+	github.com/expr-lang/expr v1.15.8 // indirect
+	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/go-logr/logr v1.4.1 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/analysis v0.21.4 // indirect
@@ -37,60 +42,64 @@ require (
 	github.com/go-openapi/loads v0.21.2 // indirect
 	github.com/go-openapi/spec v0.20.11 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang-jwt/jwt/v5 v5.0.0 // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.0 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/mock v1.6.0 // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/uuid v1.5.0 // indirect
+	github.com/google/uuid v1.6.0 // indirect
 	github.com/imdario/mergo v0.3.16 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/kedacore/keda/v2 v2.13.1 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.19 // indirect
-	github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
-	github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
+	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
 	github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.70.0 // indirect
 	github.com/prometheus-operator/prometheus-operator/pkg/client v0.70.0 // indirect
-	github.com/prometheus/client_golang v1.18.0 // indirect
-	github.com/prometheus/client_model v0.5.0 // indirect
-	github.com/prometheus/common v0.45.0 // indirect
+	github.com/prometheus/client_golang v1.19.0 // indirect
+	github.com/prometheus/client_model v0.6.1 // indirect
+	github.com/prometheus/common v0.53.0 // indirect
 	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/rs/zerolog v1.32.0 // indirect
+	github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	go.mongodb.org/mongo-driver v1.13.1 // indirect
-	go.opentelemetry.io/otel v1.21.0 // indirect
-	go.opentelemetry.io/otel/metric v1.21.0 // indirect
-	go.opentelemetry.io/otel/trace v1.21.0 // indirect
-	golang.org/x/crypto v0.17.0 // indirect
-	golang.org/x/net v0.19.0 // indirect
-	golang.org/x/oauth2 v0.15.0 // indirect
-	golang.org/x/sys v0.15.0 // indirect
-	golang.org/x/term v0.15.0 // indirect
+	go.opentelemetry.io/otel v1.22.0 // indirect
+	go.opentelemetry.io/otel/metric v1.22.0 // indirect
+	go.opentelemetry.io/otel/trace v1.22.0 // indirect
+	golang.org/x/crypto v0.22.0 // indirect
+	golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3 // indirect
+	golang.org/x/net v0.24.0 // indirect
+	golang.org/x/oauth2 v0.19.0 // indirect
+	golang.org/x/sys v0.19.0 // indirect
+	golang.org/x/term v0.19.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
-	google.golang.org/appengine v1.6.8 // indirect
+	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
 	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/api v0.29.0 // indirect
-	k8s.io/apiextensions-apiserver v0.29.0 // indirect
-	k8s.io/apimachinery v0.29.0 // indirect
-	k8s.io/client-go v0.29.0 // indirect
-	k8s.io/klog/v2 v2.110.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20240103051144-eec4567ac022 // indirect
-	sigs.k8s.io/controller-runtime v0.16.3 // indirect
+	k8s.io/api v0.30.1 // indirect
+	k8s.io/apiextensions-apiserver v0.30.1 // indirect
+	k8s.io/apimachinery v0.30.1 // indirect
+	k8s.io/client-go v0.30.1 // indirect
+	k8s.io/klog/v2 v2.120.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
+	knative.dev/pkg v0.0.0-20240116073220-b488e7be5902 // indirect
+	sigs.k8s.io/controller-runtime v0.18.2 // indirect
 	sigs.k8s.io/gateway-api v1.0.0 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
 	sigs.k8s.io/secrets-store-csi-driver v1.4.0 // indirect