diff --git a/Makefile b/Makefile index dee7e99e0..d07aba5bc 100644 --- a/Makefile +++ b/Makefile @@ -132,7 +132,7 @@ vet: ## Run go vet against code. go vet ./... .PHONY: test -test: manifests generate fmt vet envtest image-build ## Run tests. +test: manifests generate fmt vet envtest image-build verify-crds ## Run tests. CGO_ENABLED=1 KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test $$(go list ./... | grep -v /e2e | grep -v /conformance) -race -coverprofile cover.out .PHONY: test-unit @@ -163,6 +163,10 @@ ci-lint: golangci-lint verify: vet fmt-verify manifests generate ci-lint verify-all git --no-pager diff --exit-code config api client-go +.PHONY: verify-crds +verify-crds: kubectl-validate + hack/verify-manifests.sh + # Run static analysis. .PHONY: verify-all verify-all: @@ -354,6 +358,7 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest GOLANGCI_LINT = $(LOCALBIN)/golangci-lint HELM = $(PROJECT_DIR)/bin/helm YQ = $(PROJECT_DIR)/bin/yq +KUBECTL_VALIDATE = $(PROJECT_DIR)/bin/kubectl-validate ## Tool Versions KUSTOMIZE_VERSION ?= v5.4.3 @@ -361,6 +366,7 @@ CONTROLLER_TOOLS_VERSION ?= v0.16.1 ENVTEST_VERSION ?= release-0.19 GOLANGCI_LINT_VERSION ?= v1.62.2 HELM_VERSION ?= v3.17.1 +KUBECTL_VALIDATE_VERSION ?= v0.0.4 .PHONY: kustomize kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. @@ -390,6 +396,11 @@ yq: ## Download yq locally if necessary. helm: ## Download helm locally if necessary. GOBIN=$(PROJECT_DIR)/bin GO111MODULE=on go install helm.sh/helm/v3/cmd/helm@$(HELM_VERSION) +.PHONY: kubectl-validate +kubectl-validate: $(KUBECTL_VALIDATE) ## Download kubectl-validate locally if necessary. +$(KUBECTL_VALIDATE): $(LOCALBIN) + $(call go-install-tool,$(KUBECTL_VALIDATE),sigs.k8s.io/kubectl-validate,$(KUBECTL_VALIDATE_VERSION)) + # go-install-tool will 'go install' any package with custom target and name of binary, if it doesn't exist # $1 - target path with name of binary # $2 - package url which can be installed diff --git a/hack/verify-manifests.sh b/hack/verify-manifests.sh new file mode 100755 index 000000000..70d819bc8 --- /dev/null +++ b/hack/verify-manifests.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +# Copyright 2025 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +SCRIPT_ROOT=$(dirname "${BASH_SOURCE}")/.. +GATEWAY_API_VERSION="${GATEWAY_API_VERSION:-v1.3.0}" +GKE_GATEWAY_API_VERSION="${GKE_GATEWAY_API_VERSION:-v1.4.0}" +ISTIO_VERSION="${ISTIO_VERSION:-1.26.2}" +TEMP_DIR=$(mktemp -d) + +cleanup() { + rm -rf "${TEMP_DIR}" || true +} +trap cleanup EXIT + +fetch_crds() { + local url="$1" + curl -sL "${url}" -o "${TEMP_DIR}/$(basename "${url}")" +} + +main() { + cp ${SCRIPT_ROOT}/config/crd/bases/* "${TEMP_DIR}/" + + # Download external CRDs for validation + fetch_crds "https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/refs/tags/${GATEWAY_API_VERSION}/config/crd/standard/gateway.networking.k8s.io_gateways.yaml" + fetch_crds "https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/refs/tags/${GATEWAY_API_VERSION}/config/crd/standard/gateway.networking.k8s.io_httproutes.yaml" + fetch_crds "https://raw.githubusercontent.com/GoogleCloudPlatform/gke-gateway-api/refs/tags/${GKE_GATEWAY_API_VERSION}/config/crd/networking.gke.io_gcpbackendpolicies.yaml" + fetch_crds "https://raw.githubusercontent.com/GoogleCloudPlatform/gke-gateway-api/refs/tags/${GKE_GATEWAY_API_VERSION}/config/crd/networking.gke.io_healthcheckpolicies.yaml" + fetch_crds "https://raw.githubusercontent.com/istio/istio/refs/tags/${ISTIO_VERSION}/manifests/charts/base/files/crd-all.gen.yaml" + + make kubectl-validate + + ${SCRIPT_ROOT}/bin/kubectl-validate "${TEMP_DIR}" + ${SCRIPT_ROOT}/bin/kubectl-validate "${SCRIPT_ROOT}/config/manifests" --local-crds "${TEMP_DIR}" +} + +main