crossplane
/
docs
mirror of https://github.com/crossplane/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

validate-command: CLI reference documentation (#708)

This commit is contained in:
Piotr Zaniewski 2024-02-15 15:55:02 +01:00 committed by GitHub
parent 8e7fb4de09
commit 718e21ec70
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 192 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

188
content/master/cli/command-reference.md
View File

@ -320,6 +320,194 @@ flags, options or outputs in future releases.
Crossplane maintainers may promote or remove commands under `beta` in future
releases.
### beta validate
The `crossplane beta validate` command validates [compositions]({{<ref "../concepts/compositions">}}) against provider or XRD schema using the Kubernetes API server's validation library.
The validate command enables the following validation scenarios:
- Validate any Crossplane resource against any schema (provider, XRD).
- Use the output of the render command to validate function-based compositions.
- When validating resources against provider schemas, the command downloads and
caches the providers' CRDs to make future runs much faster.
- Work with Kubernetes CEL validation rules to enable validation of complex business rules expressed in the composition resources definitions (XRDs).
- Pass an entire directory with schema files and validate all the Crossplane.
resources against the schemas.
{{< hint "important" >}}
The `crossplane beta validate` command performs all validation offline without requiring a running cluster.
{{< /hint >}}
#### Flags
{{< table "table table-sm table-striped" >}}
| Short flag | Long flag | Description |
| ------------ | ------------------------ | ----------------------------------------------------- |
| `-h` | `--help` | Show context sensitive help. |
| `-v` | `--version` | Print version and quit. |
| | `--verbose` | Print verbose logging statements. |
| | `--cache-dir=".crossplane/cache"` | Specify the absolute path to the cache directory to store downloaded schemas. |
| | `--clean-cache` | Clean the cache directory before downloading package schemas. |
| | `--skip-success-results` | Skip printing success results. |
{{< /table >}}
#### Validate Common Expression Language rules
XRDs can define [validation rules](https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#validation-rules) expressed in the Common Expression Language, CEL for short.
{{< expand "An example validation rule" >}}
```yaml
x-kubernetes-validations:
- rule: "self.minReplicas <= self.replicas && self.replicas <= self.maxReplicas"
message: "replicas should be in between minReplicas and maxReplicas."
```
{{< /expand >}}
`crossplane beta validate xrd.yaml rong-xr.yaml`
{{< expand "CEL rule violation" >}}
```console
[x] CEL validation error example.crossplane.io/v1beta1, Kind=XR, example : spec: Invalid value: "object": replicas should be in between minReplicas and maxReplicas.
Total 1 resources: 0 missing schemas, 0 success cases, 1 failure cases
```
{{< /expand >}}
#### Validate resource against a schema
Validate a provider CRD against an XRD.
`crossplane beta validate schemas.yaml resources.yaml`
{{< expand "Sample validation output" >}}
```console
[✓] example.crossplane.io/v1beta1, Kind=XR, example validated successfully
Total 1 resources: 0 missing schemas, 1 success cases, 0 failure cases
controlplane $ crossplane beta validate schemas.yaml resources.yaml
[✓] example.crossplane.io/v1beta1, Kind=XR, example validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=AccessKey, sample-access-key-0 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=AccessKey, sample-access-key-1 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=User, test-user-0 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=User, test-user-1 validated successfully
Total 5 resources: 0 missing schemas, 5 success cases, 0 failure cases
```
{{< /expand >}}
{{< hint "important" >}}
The command has two categories of output; _errors_ and _warnings_.
If there is a validation error or warning, the command indicates it accordingly.
{{< /hint >}}
`crossplane beta validate missing-schemas.yaml resources.yaml`
{{< expand "Missing schema validation" >}}
```console
[✓] example.crossplane.io/v1beta1, Kind=XR, example validated successfully
[!] could not find CRD/XRD for: iam.aws.upbound.io/v1beta1, Kind=AccessKey
[!] could not find CRD/XRD for: iam.aws.upbound.io/v1beta1, Kind=AccessKey
[✓] iam.aws.upbound.io/v1beta1, Kind=User, test-user-0 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=User, test-user-1 validated successfully
Total 5 resources: 2 missing schemas, 3 success cases, 0 failure cases
```
{{< /expand >}}
#### Validate render command output
Passing the output of the _render_ command to the _validate_ command.
`crossplane beta render xr.yaml composition.yaml func.yaml | crossplane beta validate schemas.yaml -`
{{< expand "Pipe render result to validate command" >}}
```console
[x] schema validation error example.crossplane.io/v1beta1, Kind=XR, example : status.conditions[0].lastTransitionTime: Invalid value: "null": status.conditions[0].lastTransitionTime in body must be of type string: "null"
[x] schema validation error example.crossplane.io/v1beta1, Kind=XR, example : spec: Required value
[✓] iam.aws.upbound.io/v1beta1, Kind=AccessKey, sample-access-key-0 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=AccessKey, sample-access-key-1 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=User, test-user-0 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=User, test-user-1 validated successfully
Total 5 resources: 0 missing schemas, 4 success cases, 1 failure cases
```
{{< /expand >}}
Make sure to include full XR in the render output to avoid the _missing resource_ warning.
`crossplane beta render xr.yaml composition.yaml func.yaml --include-full-xr | crossplane beta validate schemas.yaml -`
{{< expand "Use --include-full-xr flag" >}}
```console
[x] schema validation error example.crossplane.io/v1beta1, Kind=XR, example : status.conditions[0].lastTransitionTime: Invalid value: "null": status.conditions[0].lastTransitionTime in body must be of type string: "null"
[✓] iam.aws.upbound.io/v1beta1, Kind=AccessKey, sample-access-key-0 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=AccessKey, sample-access-key-1 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=User, test-user-0 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=User, test-user-1 validated successfully
Total 5 resources: 0 missing schemas, 4 success cases, 1 failure cases
```
{{< /expand >}}
#### Validate by directory
Pass a directory containing YAML files as an argument to the validate command.
{{< hint "tip" >}}
The command processes only the Crossplane YAML files while ignoring files with
other extensions.
{{< /hint >}}
`crossplane beta render xr.yaml composition.yaml func.yaml --include-full-xr > rendered.yaml`
The _Extensions_ directory contains packages (provider and configuration) to validate against `tree Extensions`
{{< expand "An example directory content" >}}
```console
Extensions
|-- platform-ref-aws.yaml
|-- providers
| |-- a.txt
| `-- provider-aws-iam.yaml
`-- xrds
`-- xrd.yaml
2 directories, 4 files
```
{{< /expand >}}
`crossplane beta validate Extensions rendered.yaml`
{{< expand "Downloading packages and validating directory content" >}}
```console
package schemas does not exist, downloading: xpkg.upbound.io/upbound/configuration-observability-oss:v0.2.0
package schemas does not exist, downloading: xpkg.upbound.io/upbound/configuration-gitops-flux:v0.2.0
package schemas does not exist, downloading: xpkg.upbound.io/upbound/provider-aws-iam:v0.45.0
package schemas does not exist, downloading: xpkg.upbound.io/upbound/platform-ref-aws:v0.9.0
package schemas does not exist, downloading: xpkg.upbound.io/upbound/configuration-aws-network:v0.7.0
package schemas does not exist, downloading: xpkg.upbound.io/upbound/configuration-aws-database:v0.5.0
package schemas does not exist, downloading: xpkg.upbound.io/upbound/configuration-aws-eks:v0.5.0
package schemas does not exist, downloading: xpkg.upbound.io/upbound/configuration-app:v0.2.0
[x] schema validation error example.crossplane.io/v1beta1, Kind=XR, example : status.conditions[0].lastTransitionTime: Invalid value: "null": status.conditions[0].lastTransitionTime in body must be of type string: "null"
[x] CEL validation error example.crossplane.io/v1beta1, Kind=XR, example : spec: Invalid value: "object": no such key: minReplicas evaluating rule: replicas should be greater than or equal to minReplicas.
[✓] iam.aws.upbound.io/v1beta1, Kind=AccessKey, sample-access-key-0 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=AccessKey, sample-access-key-1 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=User, test-user-0 validated successfully
[✓] iam.aws.upbound.io/v1beta1, Kind=User, test-user-1 validated successfully
Total 5 resources: 0 missing schemas, 4 success cases, 1 failure cases
```
{{< /expand >}}
#### Local schemas cache
The validate command downloads missing CRDs into a _.crossplane_ directory.
{{< hint "tip" >}}
Running the same command again doesn't trigger the download because the command
cached all the schemas.
{{< /hint >}}
Use a custom directory as a cache for downloading the schemas.
`crossplane beta validate Extensions rendered.yaml --cache-dir mycache`
Clean the cache directory.
`crossplane beta validate Extensions rendered.yaml --cache-dir mycache --clean-cache`
### beta render
The `crossplane beta render` command previews the output of a

3
utils/vale/styles/Crossplane/allowed-jargon.txt
View File

@ -8,6 +8,7 @@ bool
boolean
booleans
Buf
CEL
CI
CLI
cluster-scoped
@ -74,4 +75,4 @@ tolerations
VM
YAML
NOTES.txt
init.sh
init.sh

3
utils/vale/styles/Crossplane/spelling-exceptions.txt
View File

@ -13,6 +13,7 @@ dry-run
end-points
end-to-end
free-form
function-based
hands-on
how-to
in-depth
@ -40,4 +41,4 @@ untrusted
UpperCamelCase
UpperCamelCased
user-defined
version-specific
version-specific