github.com/operator-framework/api
Advanced tools
Contains the API definitions used by Operator Lifecycle Manager (OLM) and Marketplace Operator
pkg/validation: Operator Manifest Validationpkg/validation exposes a convenient set of interfaces to validate Kubernetes object manifests, primarily for use in an Operator project.
The Validators are static checks (linters) that can scan the manifests and provide with low-cost valuable results to ensure the quality of the package of distributions (bundle or package formats) which will be distributed via OLM.
The validators implemented in this project aims to provide common validators (which can be useful or required for any solution which will be distributed via Operator Lifecycle Manager). (More info)
Note that Operator-SDK leverage in this project. By using it you can test your bundle against the spec criteria (Default Validators) by running:
$ operator-sdk bundle validate <bundle-path>
Also, Operator-SDK allows you check your bundles against the Optional Validators
provided by using the flag option --select-optional such as the following example:
$ operator-sdk bundle validate ./bundle --select-optional suite=operatorframework --optional-values=k8s-version=<k8s-version>
For further information see the doc.
Note that you can leverage in this project to call and indeed create your own validators. Following an example.
import (
...
apimanifests "github.com/operator-framework/api/pkg/manifests"
apivalidation "github.com/operator-framework/api/pkg/validation"
"github.com/operator-framework/api/pkg/validation/errors"
...
)
// Load the directory (which can be in packagemanifest or bundle format)
bundle, err := apimanifests.GetBundleFromDir(path)
if err != nil {
...
return nil
}
// Call all default validators and the OperatorHubValidator
validators := apivalidation.DefaultBundleValidators
validators = validators.WithValidators(apivalidation.OperatorHubValidator)
objs := bundle.ObjectsToValidate()
results := validators.Validate(objs...)
nonEmptyResults := []errors.ManifestResult{}
for _, result := range results {
if result.HasError() || result.HasWarn() {
nonEmptyResults = append(nonEmptyResults, result)
}
}
// return the results
return nonEmptyResults
Validators may accept pass optional key/values which will be used in the checks made. These values are global and if the key/value pair provided is not used for 1 or more validators called then, it is ignored.
The following example calls AlphaDeprecatedAPIsValidator, which allows us to inform
the K8s version intended to publish the OLM Bundle:
validators := apivalidation.DefaultBundleValidators
validators = validators.WithValidators(apivalidation.OperatorHubValidator)
validators = validators.WithValidators(apivalidation.ObjectValidator)
validators = validators.WithValidators(apivalidation.AlphaDeprecatedAPIsValidator)
validators = validators.WithValidators(apivalidation.GoodPracticesValidator)
objs := auditBundle.Bundle.ObjectsToValidate()
// Pass the --optional-values. e.g. --optional-values="k8s-version=1.22"
// or --optional-values="image-path=bundle.Dockerfile"
var optionalValues = map[string]string{
"k8s-version":"1.22",
}
objs = append(objs, optionalValues)
results := validators.Validate(objs...)
nonEmptyResults := []errors.ManifestResult{}
for _, result := range results {
if result.HasError() || result.HasWarn() {
nonEmptyResults = append(nonEmptyResults, result)
}
}
How the optional key/values are informed via the CLI?
By using Operator-SDK you can pass a list of key/values via the flag --optional-values, for example,
to validate that your manifests can work with a Kubernetes cluster of a particular version using the k8s-version:
$ operator-sdk bundle validate ./bundle --select-optional suite=operatorframework --optional-values=k8s-version=1.22
You can install the operator-verify tool from source using:
$ make install
To verify your ClusterServiceVersion yaml,
$ operator-verify manifests /path/to/filename.yaml
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.