encoding/jsonschema: initial support for Kubernetes CRDs

This CL introduces a new JSON Schema "version" dedicated
to translating CRD schemas. We add all the relevant keywords
but leave most of them as TODOs.

We implement some of the easier checks but leave harder ones
(structural schema checking, for example) for later.

The main short-term TODO is support for `x-kubernetes-embedded-resource`,
as most other things are less strict than needed currently, so can
be punted for now.

Signed-off-by: Roger Peppe <[email protected]>
Change-Id: I2a66ba0007a2401357dcae151dab15bd45f72b24
Reviewed-on: https://review.gerrithub.io/c/cue-lang/cue/+/1211200
TryBot-Result: CUEcueckoo <[email protected]>
Reviewed-by: Daniel Martí <[email protected]>
Unity-Result: CUE porcuepine <[email protected]>

Author: rogpeppe

Diff for: encoding/jsonschema/constraints.go

@@ -71,62 +71,69 @@ var constraints = []*constraint{
 	p0("$schema", constraintSchema, allVersions),
 	px("$vocabulary", constraintTODO, vfrom(VersionDraft2019_09)),
 	p4("additionalItems", constraintAdditionalItems, vto(VersionDraft2019_09)),
-	p4("additionalProperties", constraintAdditionalProperties, allVersions|openAPI),
-	p3("allOf", constraintAllOf, allVersions|openAPI),
-	p3("anyOf", constraintAnyOf, allVersions|openAPI),
+	p4("additionalProperties", constraintAdditionalProperties, allVersions|openAPI|k8sCRD),
+	p3("allOf", constraintAllOf, allVersions|openAPI|k8sCRD),
+	p3("anyOf", constraintAnyOf, allVersions|openAPI|k8sCRD),
 	p2("const", constraintConst, vfrom(VersionDraft6)),
 	p2("contains", constraintContains, vfrom(VersionDraft6)),
 	p2("contentEncoding", constraintContentEncoding, vfrom(VersionDraft7)),
 	p2("contentMediaType", constraintContentMediaType, vfrom(VersionDraft7)),
 	px("contentSchema", constraintTODO, vfrom(VersionDraft2019_09)),
-	p2("default", constraintDefault, allVersions|openAPI),
+	p2("default", constraintDefault, allVersions|openAPI|k8sCRD),
 	p2("definitions", constraintAddDefinitions, allVersions),
 	p2("dependencies", constraintDependencies, allVersions),
 	px("dependentRequired", constraintTODO, vfrom(VersionDraft2019_09)),
 	px("dependentSchemas", constraintTODO, vfrom(VersionDraft2019_09)),
 	p2("deprecated", constraintDeprecated, vfrom(VersionDraft2019_09)|openAPI),
-	p2("description", constraintDescription, allVersions|openAPI),
+	p2("description", constraintDescription, allVersions|openAPI|k8sCRD),
 	px("discriminator", constraintTODO, openAPI),
 	p1("else", constraintElse, vfrom(VersionDraft7)),
-	p2("enum", constraintEnum, allVersions|openAPI),
-	px("example", constraintTODO, openAPI),
+	p2("enum", constraintEnum, allVersions|openAPI|k8sCRD),
+	px("example", constraintTODO, openAPI|k8sCRD),
 	p2("examples", constraintExamples, vfrom(VersionDraft6)),
-	p2("exclusiveMaximum", constraintExclusiveMaximum, allVersions|openAPI),
-	p2("exclusiveMinimum", constraintExclusiveMinimum, allVersions|openAPI),
-	px("externalDocs", constraintTODO, openAPI),
-	p1("format", constraintFormat, allVersions|openAPI),
+	p2("exclusiveMaximum", constraintExclusiveMaximum, allVersions|openAPI|k8sCRD),
+	p2("exclusiveMinimum", constraintExclusiveMinimum, allVersions|openAPI|k8sCRD),
+	px("externalDocs", constraintTODO, openAPI|k8sCRD),
+	p1("format", constraintFormat, allVersions|openAPI|k8sCRD),
 	p1("id", constraintID, vto(VersionDraft4)),
 	p1("if", constraintIf, vfrom(VersionDraft7)),
-	p2("items", constraintItems, allVersions|openAPI),
+	p2("items", constraintItems, allVersions|openAPI|k8sCRD),
 	p1("maxContains", constraintMaxContains, vfrom(VersionDraft2019_09)),
-	p2("maxItems", constraintMaxItems, allVersions|openAPI),
-	p2("maxLength", constraintMaxLength, allVersions|openAPI),
-	p2("maxProperties", constraintMaxProperties, allVersions|openAPI),
-	p3("maximum", constraintMaximum, allVersions|openAPI),
+	p2("maxItems", constraintMaxItems, allVersions|openAPI|k8sCRD),
+	p2("maxLength", constraintMaxLength, allVersions|openAPI|k8sCRD),
+	p2("maxProperties", constraintMaxProperties, allVersions|openAPI|k8sCRD),
+	p3("maximum", constraintMaximum, allVersions|openAPI|k8sCRD),
 	p1("minContains", constraintMinContains, vfrom(VersionDraft2019_09)),
-	p2("minItems", constraintMinItems, allVersions|openAPI),
-	p2("minLength", constraintMinLength, allVersions|openAPI),
-	p1("minProperties", constraintMinProperties, allVersions|openAPI),
-	p3("minimum", constraintMinimum, allVersions|openAPI),
-	p2("multipleOf", constraintMultipleOf, allVersions|openAPI),
-	p3("not", constraintNot, allVersions|openAPI),
-	p2("nullable", constraintNullable, openAPI),
-	p3("oneOf", constraintOneOf, allVersions|openAPI),
-	p2("pattern", constraintPattern, allVersions|openAPI),
+	p2("minItems", constraintMinItems, allVersions|openAPI|k8sCRD),
+	p2("minLength", constraintMinLength, allVersions|openAPI|k8sCRD),
+	p1("minProperties", constraintMinProperties, allVersions|openAPI|k8sCRD),
+	p3("minimum", constraintMinimum, allVersions|openAPI|k8sCRD),
+	p2("multipleOf", constraintMultipleOf, allVersions|openAPI|k8sCRD),
+	p3("not", constraintNot, allVersions|openAPI|k8sCRD),
+	p2("nullable", constraintNullable, openAPI|k8sCRD),
+	p3("oneOf", constraintOneOf, allVersions|openAPI|k8sCRD),
+	p2("pattern", constraintPattern, allVersions|openAPI|k8sCRD),
 	p3("patternProperties", constraintPatternProperties, allVersions),
 	p2("prefixItems", constraintPrefixItems, vfrom(VersionDraft2020_12)),
-	p2("properties", constraintProperties, allVersions|openAPI),
+	p2("properties", constraintProperties, allVersions|openAPI|k8sCRD),
 	p2("propertyNames", constraintPropertyNames, vfrom(VersionDraft6)),
 	px("readOnly", constraintTODO, vfrom(VersionDraft7)|openAPI),
-	p3("required", constraintRequired, allVersions|openAPI),
+	p3("required", constraintRequired, allVersions|openAPI|k8sCRD),
 	p1("then", constraintThen, vfrom(VersionDraft7)),
-	p2("title", constraintTitle, allVersions|openAPI),
-	p2("type", constraintType, allVersions|openAPI),
+	p2("title", constraintTitle, allVersions|openAPI|k8sCRD),
+	p2("type", constraintType, allVersions|openAPI|k8sCRD),
 	px("unevaluatedItems", constraintTODO, vfrom(VersionDraft2019_09)),
 	px("unevaluatedProperties", constraintTODO, vfrom(VersionDraft2019_09)),
-	p2("uniqueItems", constraintUniqueItems, allVersions|openAPI),
+	p2("uniqueItems", constraintUniqueItems, allVersions|openAPI|k8sCRD),
 	px("writeOnly", constraintTODO, vfrom(VersionDraft7)|openAPI),
 	px("xml", constraintTODO, openAPI),
+	px("x-kubernetes-embedded-resource", constraintTODO, k8sCRD),
+	p2("x-kubernetes-int-or-string", constraintIntOrString, k8sCRD),
+	px("x-kubernetes-list-map-keys", constraintTODO, k8sCRD),
+	px("x-kubernetes-list-type", constraintTODO, k8sCRD),
+	px("x-kubernetes-map-type", constraintTODO, k8sCRD),
+	p2("x-kubernetes-preserve-unknown-fields", constraintPreserveUnknownFields, k8sCRD),
+	px("x-kubernetes-validations", constraintTODO, k8sCRD),
 }
 
 // px represents a TODO constraint that we haven't decided on a phase for yet.

Diff for: encoding/jsonschema/constraints_array.go

@@ -106,6 +106,7 @@ func constraintItems(key string, n cue.Value, s *state) {
 		elem := s.schema(n)
 		ast.SetRelPos(elem, token.NoRelPos)
 		s.add(n, arrayType, ast.NewList(&ast.Ellipsis{Type: elem}))
+		s.hasItems = true
 
 	case cue.ListKind:
 		if !vto(VersionDraft2019_09).contains(s.schemaVersion) {
@@ -157,6 +158,10 @@ func constraintMinItems(key string, n cue.Value, s *state) {
 
 func constraintUniqueItems(key string, n cue.Value, s *state) {
 	if s.boolValue(n) {
+		if s.schemaVersion == VersionKubernetesCRD {
+			s.errf(n, "cannot set uniqueItems to true in a CRD schema")
+			return
+		}
 		list := s.addImport(n, "list")
 		s.add(n, arrayType, ast.NewCall(ast.NewSel(list, "UniqueItems")))
 	}

Diff for: encoding/jsonschema/constraints_combinator.go

@@ -33,7 +33,7 @@ func constraintAllOf(key string, n cue.Value, s *state) {
 	}
 	a := make([]ast.Expr, 0, len(items))
 	for _, v := range items {
-		x, sub := s.schemaState(v, s.allowedTypes)
+		x, sub := s.schemaState(v, s.allowedTypes, nil)
 		s.allowedTypes &= sub.allowedTypes
 		if sub.hasConstraints {
 			// This might seem a little odd, since the actual
@@ -79,7 +79,7 @@ func constraintAnyOf(key string, n cue.Value, s *state) {
 	}
 	a := make([]ast.Expr, 0, len(items))
 	for _, v := range items {
-		x, sub := s.schemaState(v, s.allowedTypes)
+		x, sub := s.schemaState(v, s.allowedTypes, nil)
 		if sub.allowedTypes == 0 {
 			// Nothing is allowed; omit.
 			continue
@@ -123,7 +123,7 @@ func constraintOneOf(key string, n cue.Value, s *state) {
 	}
 	a := make([]ast.Expr, 0, len(items))
 	for _, v := range items {
-		x, sub := s.schemaState(v, s.allowedTypes)
+		x, sub := s.schemaState(v, s.allowedTypes, nil)
 		if sub.allowedTypes == 0 {
 			// Nothing is allowed; omit
 			continue
@@ -198,14 +198,14 @@ func constraintIfThenElse(s *state) {
 		return
 	}
 	var ifExpr, thenExpr, elseExpr ast.Expr
-	ifExpr, ifSub := s.schemaState(s.ifConstraint, s.allowedTypes)
+	ifExpr, ifSub := s.schemaState(s.ifConstraint, s.allowedTypes, nil)
 	if hasThen {
 		// The allowed types of the "then" constraint are constrained both
 		// by the current constraints and the "if" constraint.
-		thenExpr, _ = s.schemaState(s.thenConstraint, s.allowedTypes&ifSub.allowedTypes)
+		thenExpr, _ = s.schemaState(s.thenConstraint, s.allowedTypes&ifSub.allowedTypes, nil)
 	}
 	if hasElse {
-		elseExpr, _ = s.schemaState(s.elseConstraint, s.allowedTypes)
+		elseExpr, _ = s.schemaState(s.elseConstraint, s.allowedTypes, nil)
 	}
 	if thenExpr == nil {
 		thenExpr = top()

Diff for: encoding/jsonschema/constraints_format.go

@@ -26,37 +26,55 @@ type formatFuncInfo struct {
 	f        func(n cue.Value, s *state)
 }
 
+// For reference, the Kubernetes-related format strings
+// are defined here:
+// https://github.com/kubernetes/apiextensions-apiserver/blob/aca9073a80bee92a0b77741b9c7ad444c49fe6be/pkg/apis/apiextensions/v1beta1/types_jsonschema.go#L73
+
 var formatFuncs = sync.OnceValue(func() map[string]formatFuncInfo {
 	return map[string]formatFuncInfo{
 		"binary":                {openAPI, formatTODO},
-		"byte":                  {openAPI, formatTODO},
+		"bsonobjectid":          {k8sCRD, formatTODO},
+		"byte|k8sCRD":           {openAPI, formatTODO},
+		"cidr":                  {k8sCRD, formatTODO},
+		"creditcard":            {k8sCRD, formatTODO},
 		"data":                  {openAPI, formatTODO},
-		"date":                  {vfrom(VersionDraft7) | openAPI, formatDate},
+		"date":                  {vfrom(VersionDraft7) | openAPI | k8sCRD, formatDate},
 		"date-time":             {allVersions | openAPI, formatDateTime},
+		"datetime":              {k8sCRD, formatDateTime},
 		"double":                {openAPI, formatTODO},
-		"duration":              {vfrom(VersionDraft2019_09), formatTODO},
-		"email":                 {allVersions | openAPI, formatTODO},
+		"duration":              {vfrom(VersionDraft2019_09) | k8sCRD, formatTODO},
+		"email":                 {allVersions | openAPI | k8sCRD, formatTODO},
 		"float":                 {openAPI, formatTODO},
-		"hostname":              {allVersions | openAPI, formatTODO},
+		"hexcolor":              {k8sCRD, formatTODO},
+		"hostname":              {allVersions | openAPI | k8sCRD, formatTODO},
 		"idn-email":             {vfrom(VersionDraft7), formatTODO},
 		"idn-hostname":          {vfrom(VersionDraft7), formatTODO},
 		"int32":                 {openAPI, formatInt32},
 		"int64":                 {openAPI, formatInt64},
-		"ipv4":                  {allVersions | openAPI, formatTODO},
-		"ipv6":                  {allVersions | openAPI, formatTODO},
+		"ipv4":                  {allVersions | openAPI | k8sCRD, formatTODO},
+		"ipv6":                  {allVersions | openAPI | k8sCRD, formatTODO},
 		"iri":                   {vfrom(VersionDraft7), formatURI},
 		"iri-reference":         {vfrom(VersionDraft7), formatURIReference},
+		"isbn":                  {k8sCRD, formatTODO},
+		"isbn10":                {k8sCRD, formatTODO},
+		"isbn13":                {k8sCRD, formatTODO},
 		"json-pointer":          {vfrom(VersionDraft6), formatTODO},
-		"password":              {openAPI, formatTODO},
+		"mac":                   {k8sCRD, formatTODO},
+		"password":              {openAPI | k8sCRD, formatTODO},
 		"regex":                 {vfrom(VersionDraft7), formatRegex},
 		"relative-json-pointer": {vfrom(VersionDraft7), formatTODO},
+		"rgbcolor":              {k8sCRD, formatTODO},
+		"ssn":                   {k8sCRD, formatTODO},
 		"time":                  {vfrom(VersionDraft7), formatTODO},
 		// TODO we should probably disallow non-ASCII URIs (IRIs) but
 		// this is good enough for now.
-		"uri":           {allVersions | openAPI, formatURI},
+		"uri":           {allVersions | openAPI | k8sCRD, formatURI},
 		"uri-reference": {vfrom(VersionDraft6), formatURIReference},
 		"uri-template":  {vfrom(VersionDraft6), formatTODO},
-		"uuid":          {vfrom(VersionDraft2019_09), formatTODO},
+		"uuid":          {vfrom(VersionDraft2019_09) | k8sCRD, formatTODO},
+		"uuid3":         {k8sCRD, formatTODO},
+		"uuid4":         {k8sCRD, formatTODO},
+		"uuid5":         {k8sCRD, formatTODO},
 	}
 })
 
@@ -77,13 +95,13 @@ func constraintFormat(key string, n cue.Value, s *state) {
 		// we want unknown formats to be ignored even when StrictFeatures
 		// is enabled, and StrictKeywords is closest to what we want.
 		// Perhaps we should have a "lint" mode?
-		if s.cfg.StrictKeywords && s.schemaVersion != VersionOpenAPI {
+		if s.cfg.StrictKeywords && !openAPILike.contains(s.schemaVersion) {
 			s.errf(n, "unknown format %q", formatStr)
 		}
 		return
 	}
 	if !finfo.versions.contains(s.schemaVersion) {
-		if s.cfg.StrictKeywords && s.schemaVersion != VersionOpenAPI {
+		if s.cfg.StrictKeywords && !openAPILike.contains(s.schemaVersion) {
 			s.errf(n, "format %q is not recognized in schema version %v", formatStr, s.schemaVersion)
 		}
 		return

Diff for: encoding/jsonschema/constraints_generic.go

@@ -169,6 +169,15 @@ func constraintTitle(key string, n cue.Value, s *state) {
 	s.title, _ = s.strValue(n)
 }
 
+func constraintIntOrString(key string, n cue.Value, s *state) {
+	// See x-kubernetes-int-or-string in
+	// https://kubernetes.io/docs/reference/kubernetes-api/extend-resources/custom-resource-definition-v1/#JSONSchemaProps.
+	s.setTypeUsed(n, stringType)
+	s.setTypeUsed(n, numType)
+	s.add(n, numType, ast.NewIdent("int"))
+	s.allowedTypes &= cue.StringKind | cue.IntKind
+}
+
 func constraintType(key string, n cue.Value, s *state) {
 	var types cue.Kind
 	set := func(n cue.Value) {
@@ -197,6 +206,9 @@ func constraintType(key string, n cue.Value, s *state) {
 		case "array":
 			types |= cue.ListKind
 			s.setTypeUsed(n, arrayType)
+			// For OpenAPI, specifically keep track of whether type is array
+			// so we can mandate the "items" keyword.
+			s.isArray = true
 		case "object":
 			types |= cue.StructKind
 			s.setTypeUsed(n, objectType)
@@ -210,6 +222,12 @@ func constraintType(key string, n cue.Value, s *state) {
 	case cue.StringKind:
 		set(n)
 	case cue.ListKind:
+		if openAPILike.contains(s.schemaVersion) {
+			// From https://spec.openapis.org/oas/v3.0.3.html#properties:
+			// "Value MUST be a string. Multiple types via an array are not supported."
+			s.errf(n, `value of "type" must be a string in %v`, s.schemaVersion)
+			return
+		}
 		for i, _ := n.List(); i.Next(); {
 			set(i.Value())
 		}

Diff for: encoding/jsonschema/constraints_object.go

@@ -23,9 +23,35 @@ import (
 
 // Object constraints
 
+func constraintPreserveUnknownFields(key string, n cue.Value, s *state) {
+	// x-kubernetes-preserve-unknown-fields stops the API server decoding
+	// step from pruning fields which are not specified in the validation
+	// schema. This affects fields recursively, but switches back to normal
+	// pruning behaviour if nested properties or additionalProperties are
+	// specified in the schema. This can either be true or undefined. False
+	// is forbidden.
+	// Note: by experimentation, "nested properties" means "within a schema
+	// within a nested property" not "within a schema that has the properties keyword".
+	if !s.boolValue(n) {
+		s.errf(n, "x-kubernetes-preserve-unknown-fields value may not be false")
+		return
+	}
+	// TODO check that it's specified on an object type. This requires
+	// either setting a bool (hasPreserveUnknownFields?) and checking
+	// later or making a new phase and placing this after "type" but
+	// before "allOf", because it's important that this value be
+	// passed down recursively to allOf and friends.
+	s.preserveUnknownFields = true
+}
+
 func constraintAdditionalProperties(key string, n cue.Value, s *state) {
 	switch n.Kind() {
 	case cue.BoolKind:
+		closeStruct := !s.boolValue(n)
+		if s.schemaVersion == VersionKubernetesCRD && closeStruct {
+			s.errf(n, "additionalProperties may not be set to false in a CRD schema")
+			return
+		}
 		s.closeStruct = !s.boolValue(n)
 		_ = s.object(n)
 
@@ -41,15 +67,20 @@ func constraintAdditionalProperties(key string, n cue.Value, s *state) {
 		}
 		// [!~(properties|patternProperties)]: schema
 		existing := append(s.patterns, excludeFields(obj.Elts)...)
+		expr, _ := s.schemaState(n, allTypes, func(s *state) {
+			s.preserveUnknownFields = false
+		})
 		f := internal.EmbedStruct(ast.NewStruct(&ast.Field{
 			Label: ast.NewList(ast.NewBinExpr(token.AND, existing...)),
-			Value: s.schema(n),
+			Value: expr,
 		}))
 		obj.Elts = append(obj.Elts, f)
 
 	default:
 		s.errf(n, `value of "additionalProperties" must be an object or boolean`)
+		return
 	}
+	s.hasAdditionalProperties = true
 }
 
 func constraintDependencies(key string, n cue.Value, s *state) {
@@ -118,7 +149,9 @@ func constraintProperties(key string, n cue.Value, s *state) {
 	s.processMap(n, func(key string, n cue.Value) {
 		// property?: value
 		name := ast.NewString(key)
-		expr, state := s.schemaState(n, allTypes)
+		expr, state := s.schemaState(n, allTypes, func(s *state) {
+			s.preserveUnknownFields = false
+		})
 		f := &ast.Field{Label: name, Value: expr}
 		if doc := state.comment(); doc != nil {
 			ast.SetComments(f, []*ast.CommentGroup{doc})
@@ -139,11 +172,12 @@ func constraintProperties(key string, n cue.Value, s *state) {
 		}
 		obj.Elts = append(obj.Elts, f)
 	})
+	s.hasProperties = true
 }
 
 func constraintPropertyNames(key string, n cue.Value, s *state) {
 	// [=~pattern]: _
-	if names, _ := s.schemaState(n, cue.StringKind); !isTop(names) {
+	if names, _ := s.schemaState(n, cue.StringKind, nil); !isTop(names) {
 		x := ast.NewStruct(ast.NewList(names), top())
 		s.add(n, objectType, x)
 	}