Introduce validation-gen

Adds code-generator/cmd/validation-gen. This provides the machinery
to discover `//+` tags in types.go files, register plugins to handle
the tags, and generate validation code.

Co-authored-by: Tim Hockin <[email protected]>
Co-authored-by: Aaron Prindle <[email protected]>
Co-authored-by: Yongrui Lin <[email protected]>

Author: 4 people

staging/publishing/import-restrictions.yaml

@@ -61,6 +61,7 @@
   - k8s.io/code-generator
   - k8s.io/kube-openapi
   - k8s.io/klog
+  - k8s.io/utils/ptr
 
 - baseImportPath: "./staging/src/k8s.io/component-base"
   allowedImports:

staging/src/k8s.io/apimachinery/pkg/api/operation/operation.go

@@ -0,0 +1,56 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package operation
+
+import "k8s.io/apimachinery/pkg/util/sets"
+
+// Operation provides contextual information about a validation request and the API
+// operation being validated.
+// This type is intended for use with generate validation code and may be enhanced
+// in the future to include other information needed to validate requests.
+type Operation struct {
+	// Type is the category of operation being validated.  This does not
+	// differentiate between HTTP verbs like PUT and PATCH, but rather merges
+	// those into a single "Update" category.
+	Type Type
+
+	// Options declare the options enabled for validation.
+	//
+	// Options should be set according to a resource validation strategy before validation
+	// is performed, and must be treated as read-only during validation.
+	//
+	// Options are identified by string names. Option string names may match the name of a feature
+	// gate, in which case the presence of the name in the set indicates that the feature is
+	// considered enabled for the resource being validated.  Note that a resource may have a
+	// feature enabled even when the feature gate is disabled. This can happen when feature is
+	// already in-use by a resource, often because the feature gate was enabled when the
+	// resource first began using the feature.
+	//
+	// Unset options are disabled/false.
+	Options sets.Set[string]
+}
+
+// Code is the request operation to be validated.
+type Type uint32
+
+const (
+	// Create indicates the request being validated is for a resource create operation.
+	Create Type = iota
+
+	// Update indicates the request being validated is for a resource update operation.
+	Update
+)

staging/src/k8s.io/apimachinery/pkg/api/safe/safe.go

@@ -0,0 +1,37 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package safe
+
+// Field takes a pointer to any value (which may or may not be nil) and
+// a function that traverses to a target type R (a typical use case is to dereference a field),
+// and returns the result of the traversal, or the zero value of the target type.
+// This is roughly equivalent to "value != nil ? fn(value) : zero-value" in languages that support the ternary operator.
+func Field[V any, R any](value *V, fn func(*V) R) R {
+	if value == nil {
+		var zero R
+		return zero
+	}
+	o := fn(value)
+	return o
+}
+
+// Cast takes any value, attempts to cast it to T, and returns the T value if
+// the cast is successful, or else the zero value of T.
+func Cast[T any](value any) T {
+	result, _ := value.(T)
+	return result
+}

staging/src/k8s.io/apimachinery/pkg/api/validate/common.go

@@ -0,0 +1,28 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package validate
+
+import (
+	"context"
+
+	"k8s.io/apimachinery/pkg/api/operation"
+	"k8s.io/apimachinery/pkg/util/validation/field"
+)
+
+// ValidateFunc is a function that validates a value, possibly considering the
+// old value (if any).
+type ValidateFunc[T any] func(ctx context.Context, op operation.Operation, fldPath *field.Path, newValue, oldValue T) field.ErrorList

staging/src/k8s.io/code-generator/cmd/validation-gen/lint.go

@@ -0,0 +1,160 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package main
+
+import (
+	"fmt"
+	"strings"
+
+	"k8s.io/gengo/v2/types"
+	"k8s.io/klog/v2"
+)
+
+// linter is a struct that holds the state of the linting process.
+// It contains a map of types that have been linted, a list of linting rules,
+// and a list of errors that occurred during the linting process.
+type linter struct {
+	linted map[*types.Type]bool
+	rules  []lintRule
+	// lintErrors is a list of errors that occurred during the linting process.
+	// lintErrors would be in the format:
+	// field <field_name>: <lint broken message>
+	// type <type_name>: <lint broken message>
+	lintErrors []error
+}
+
+var defaultRules = []lintRule{
+	ruleOptionalAndRequired,
+	ruleRequiredAndDefault,
+}
+
+func (l *linter) AddError(field, msg string) {
+	l.lintErrors = append(l.lintErrors, fmt.Errorf("%s: %s", field, msg))
+}
+
+func newLinter(rules ...lintRule) *linter {
+	if len(rules) == 0 {
+		rules = defaultRules
+	}
+	return &linter{
+		linted:     make(map[*types.Type]bool),
+		rules:      rules,
+		lintErrors: []error{},
+	}
+}
+
+func (l *linter) lintType(t *types.Type) error {
+	if _, ok := l.linted[t]; ok {
+		return nil
+	}
+	l.linted[t] = true
+
+	if t.CommentLines != nil {
+		klog.V(5).Infof("linting type %s", t.Name.String())
+		lintErrs, err := l.lintComments(t.CommentLines)
+		if err != nil {
+			return err
+		}
+		for _, lintErr := range lintErrs {
+			l.AddError("type "+t.Name.String(), lintErr)
+		}
+	}
+	switch t.Kind {
+	case types.Alias:
+		// Recursively lint the underlying type of the alias.
+		if err := l.lintType(t.Underlying); err != nil {
+			return err
+		}
+	case types.Struct:
+		// Recursively lint each member of the struct.
+		for _, member := range t.Members {
+			klog.V(5).Infof("linting comments for field %s of type %s", member.String(), t.Name.String())
+			lintErrs, err := l.lintComments(member.CommentLines)
+			if err != nil {
+				return err
+			}
+			for _, lintErr := range lintErrs {
+				l.AddError("type "+t.Name.String(), lintErr)
+			}
+			if err := l.lintType(member.Type); err != nil {
+				return err
+			}
+		}
+	case types.Slice, types.Array, types.Pointer:
+		// Recursively lint the element type of the slice or array.
+		if err := l.lintType(t.Elem); err != nil {
+			return err
+		}
+	case types.Map:
+		// Recursively lint the key and element types of the map.
+		if err := l.lintType(t.Key); err != nil {
+			return err
+		}
+		if err := l.lintType(t.Elem); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// lintRule is a function that validates a slice of comments.
+// It returns a string as an error message if the comments are invalid,
+// and an error there is an error happened during the linting process.
+type lintRule func(comments []string) (string, error)
+
+// lintComments runs all registered rules on a slice of comments.
+func (l *linter) lintComments(comments []string) ([]string, error) {
+	var lintErrs []string
+	for _, rule := range l.rules {
+		if msg, err := rule(comments); err != nil {
+			return nil, err
+		} else if msg != "" {
+			lintErrs = append(lintErrs, msg)
+		}
+	}
+
+	return lintErrs, nil
+}
+
+// conflictingTagsRule checks for conflicting tags in a slice of comments.
+func conflictingTagsRule(comments []string, tags ...string) (string, error) {
+	if len(tags) < 2 {
+		return "", fmt.Errorf("at least two tags must be provided")
+	}
+	tagCount := make(map[string]bool)
+	for _, comment := range comments {
+		for _, tag := range tags {
+			if strings.HasPrefix(comment, tag) {
+				tagCount[tag] = true
+			}
+		}
+	}
+	if len(tagCount) > 1 {
+		return fmt.Sprintf("conflicting tags: {%s}", strings.Join(tags, ", ")), nil
+	}
+	return "", nil
+}
+
+// ruleOptionalAndRequired checks for conflicting tags +k8s:optional and +k8s:required in a slice of comments.
+func ruleOptionalAndRequired(comments []string) (string, error) {
+	return conflictingTagsRule(comments, "+k8s:optional", "+k8s:required")
+}
+
+// ruleRequiredAndDefault checks for conflicting tags +k8s:required and +default in a slice of comments.
+func ruleRequiredAndDefault(comments []string) (string, error) {
+	return conflictingTagsRule(comments, "+k8s:required", "+default")
+}