docs: add docs around when to use declarative vs hand-Written validation and when to create a new declarative validation tag #8623
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -706,6 +706,50 @@ Users will need to write go unit tests similar to what is done for hand-written | |||||
|
|
||||||
| While the goal is to express as much validation declaratively as possible, some complex or validation rules might still require manual implementation in `validation.go`. | ||||||
|
|
||||||
| #### When to Use Declarative Validation vs Hand-Written Validation | ||||||
|
|
||||||
| **Use Declarative Validation when:** | ||||||
| - The validation rule has an existing stable declarative validation tag which can be used in a straightforward way. See the catalog of stable tags [here](https://kubernetes.io/docs/reference/using-api/declarative-validation/). | ||||||
|
There was a problem hiding this comment. looking at https://kubernetes.io/docs/reference/using-api/declarative-validation/#catalog, am I missing how to tell for each tag what its stability level is? |
||||||
| - You are working on a new API or adding new fields to an existing API that already uses declarative validation. | ||||||
| - The validation rule is simple and linear (e.g., min/max values, string length, format checks). | ||||||
|
|
||||||
| - The validation can be expressed as a property of the data schema. | ||||||
| - The validation pattern is reusable across multiple APIs. | ||||||
|
There was a problem hiding this comment. What does this bit mean in the context of a single field in a single API? this seems more related to deciding whether or not to add a new tag (the section below). The "The validation rule has an existing stable declarative validation tag" item above makes it seem like DV would only be considered for things already deemed common enough to have tags added |
||||||
|
|
||||||
| **Continue Using Hand-Written Validation when:** | ||||||
| - The validation requires complex logic or conditional branching based on multiple fields. | ||||||
| - The validation needs to consider external state beyond the object itself. | ||||||
| - Custom, detailed error messages are required for different failure conditions. | ||||||
| - The validation logic is unique to a specific API and unlikely to be reused. | ||||||
|
There was a problem hiding this comment. same question here... isn't this bit about whether or not to add a new tag? |
||||||
|
|
||||||
|
|
||||||
| **Guidelines for Creating New Declarative Validation Tags:** | ||||||
|
|
||||||
| Before creating a new declarative validation tag, consider these principles: | ||||||
|
|
||||||
| 1) Any tag added should be as simple and intuitive as possible to read. | ||||||
| 2) Any tag added should plausibly be applicable to many APIs. | ||||||
| 3) Any tag added should represent our current understanding of the best way to express an idea. | ||||||
|
There was a problem hiding this comment. I'm not sure I understand what this is getting at ... is this saying we won't create new tags to capture validation patterns we no longer consider a good idea? Is that the same as "Any tag we add should be something we are OK with people using in new APIs"? |
||||||
| 4) Any tag we add should be something we are OK with people using in new APIs. (We may eventually add tags that capture legacy semantics which break this rule). | ||||||
| 5) With rare and clear exceptions, tags should not be interdependent. | ||||||
| 6) Tags should usually represent properties of the data (schema) and the API operation (e.g. update), rather than the act of validation. | ||||||
| 7) Tags are written from the POV of an API client. | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
| 8) Tags should be as orthogonal as possible. | ||||||
|
There was a problem hiding this comment. nit: could probably combine this with the |
||||||
| 9) Tags should be linear and (with rare exceptions) not represent complex logic. | ||||||
|
There was a problem hiding this comment. same question about what linear means |
||||||
| 10) Tags should not need to consider anything other than the object(s) in question and configured options (e.g. feature gates). | ||||||
|
There was a problem hiding this comment. possible suggestion: using the same language above about "external state" might be clearer
|
||||||
|
|
||||||
| A new tag is worth creating when: | ||||||
| - The validation pattern appears in multiple places. | ||||||
| - The tag name and usage would be self-explanatory. | ||||||
| - The validation can be expressed with simple parameters. | ||||||
| - It would reduce code duplication meaningfully. | ||||||
|
|
||||||
| Avoid creating tags for: | ||||||
| - Complex regex patterns (prefer named formats like `+k8s:format=isDNS...`). | ||||||
| - Validation requiring multiple conditional branches. | ||||||
| - Rules that need to generate multiple distinct error messages based on different failure modes. | ||||||
| - One-off validation logic specific to a single API. | ||||||
|
|
||||||
|
|
||||||
| ## Edit version conversions | ||||||
|
|
||||||
| At this point you have both the versioned API changes and the internal | ||||||
|
|
||||||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is this an "all of these must be true" list or "any of these may be true"?