I’m developing a CRD with controller to support stateful workloads. We have a CRD that includes the full embedded pod spec.
I for the life for me can’t figure out how to validate a spec. The fields we have added to the crd are pretty straight forward, but I can’t find an example on how to validate the pod spec itself.
apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: db.example.com spec: group: db.example.com versions: - name: v1alpha1 served: true storage: true names: kind: DatabasePod plural: databasepods singular: databasepod shortNames: - dp scope: Namespaced additionalPrinterColumns: - JSONPath: .status.phase name: Status type: string - JSONPath: .metadata.resourceVersion name: Version type: string - JSONPath: .spec.myvar1 name: Myvar1 type: boolean - JSONPath: .spec.myvar2 name: Myvar2 type: boolean validation: openAPIV3Schema: properties: spec: required: - myvar1 - myvar2 - myvar3 - podSpec properties: myvar1: type: boolean myvar2: type: boolean myvar3: required: - subvar1 - subvar2 properties: subvar1: type: string pattern: ^(this|that)$ subvar2: type: string podSpec: # Here I need to validate a vanilla core v1 podspec (this section needs to support everything that is valid in core v1 Pod) required: apiVersion: type: string <SNIP>
Do I need to essentially add every single field and type like I did above for the custom fields of my CRD? If so, is there an example of how to validate lists and objects and some of the other things in a pod spec?
I’ve dug around the kubernetes code and can’t figure out how it does validate on a normal pod spec.