CRD Validation

These markers modify how the CRD validation schema is produced for the types and fields they modify. Each corresponds roughly to an OpenAPI/JSON schema option.

See Generating CRDs for examples.

Show Detailed Argument Help

// +kubebuilder:default

: any

sets the default value for this field.

A default value will be accepted as any value valid for the field. Formatting for common types include: boolean: true, string: Cluster, numerical: 1.24, array: {1,2}, object: {policy: "delete"}). Defaults should be defined in pruned form, and only best-effort validation will be performed. Full validation of a default requires submission of the containing CRD to an apiserver.

: any

// +kubebuilder:example

: any

sets the example value for this field.

An example value will be accepted as any value valid for the field. Formatting for common types include: boolean: true, string: Cluster, numerical: 1.24, array: {1,2}, object: {policy: "delete"}). Examples should be defined in pruned form, and only best-effort validation will be performed. Full validation of an example requires submission of the containing CRD to an apiserver.

: any

// +kubebuilder:validation:EmbeddedResource

EmbeddedResource marks a fields as an embedded resource with apiVersion, kind and metadata fields.

An embedded resource is a value that has apiVersion, kind and metadata fields. They are validated implicitly according to the semantics of the currently running apiserver. It is not necessary to add any additional schema for these field, yet it is possible. This can be combined with PreserveUnknownFields.

// +kubebuilder:validation:Enum

: any

specifies that this (scalar) field is restricted to the *exact* values specified here.

: any

// +kubebuilder:validation:Enum

: any

specifies that this (scalar) field is restricted to the *exact* values specified here.

: any

// +kubebuilder:validation:ExclusiveMaximum

: bool

indicates that the maximum is "up to" but not including that value.

: bool

// +kubebuilder:validation:ExclusiveMaximum

: bool

indicates that the maximum is "up to" but not including that value.

: bool

// +kubebuilder:validation:ExclusiveMinimum

: bool

indicates that the minimum is "up to" but not including that value.

: bool

// +kubebuilder:validation:ExclusiveMinimum

: bool

indicates that the minimum is "up to" but not including that value.

: bool

// +kubebuilder:validation:Format

: string

specifies additional "complex" formatting for this field.

For example, a date-time field would be marked as "type: string" and "format: date-time".

: string

// +kubebuilder:validation:Format

: string

specifies additional "complex" formatting for this field.

For example, a date-time field would be marked as "type: string" and "format: date-time".

: string

// +kubebuilder:validation:MaxItems

: int

specifies the maximum length for this list.

: int

// +kubebuilder:validation:MaxItems

: int

specifies the maximum length for this list.

: int

// +kubebuilder:validation:MaxLength

: int

specifies the maximum length for this string.

: int

// +kubebuilder:validation:MaxLength

: int

specifies the maximum length for this string.

: int

// +kubebuilder:validation:MaxProperties

: int

restricts the number of keys in an object

: int

// +kubebuilder:validation:MaxProperties

: int

restricts the number of keys in an object

: int

// +kubebuilder:validation:Maximum

specifies the maximum numeric value that this field can have.

// +kubebuilder:validation:Maximum

specifies the maximum numeric value that this field can have.

// +kubebuilder:validation:MinItems

: int

specifies the minimum length for this list.

: int

// +kubebuilder:validation:MinItems

: int

specifies the minimum length for this list.

: int

// +kubebuilder:validation:MinLength

: int

specifies the minimum length for this string.

: int

// +kubebuilder:validation:MinLength

: int

specifies the minimum length for this string.

: int

// +kubebuilder:validation:MinProperties

: int

restricts the number of keys in an object

: int

// +kubebuilder:validation:MinProperties

: int

restricts the number of keys in an object

: int

// +kubebuilder:validation:Minimum

specifies the minimum numeric value that this field can have. Negative numbers are supported.

// +kubebuilder:validation:Minimum

specifies the minimum numeric value that this field can have. Negative numbers are supported.

// +kubebuilder:validation:MultipleOf

specifies that this field must have a numeric value that's a multiple of this one.

// +kubebuilder:validation:MultipleOf

specifies that this field must have a numeric value that's a multiple of this one.

// +kubebuilder:validation:Optional

specifies that this field is optional, if fields are required by default.

// +kubebuilder:validation:Optional

specifies that all fields in this package are optional by default.

// +kubebuilder:validation:Pattern

: string

specifies that this string must match the given regular expression.

: string

// +kubebuilder:validation:Pattern

: string

specifies that this string must match the given regular expression.

: string

// +kubebuilder:validation:Required

specifies that all fields in this package are required by default.

// +kubebuilder:validation:Required

specifies that this field is required, if fields are optional by default.

// +kubebuilder:validation:Schemaless

marks a field as being a schemaless object.

Schemaless objects are not introspected, so you must provide any type and validation information yourself. One use for this tag is for embedding fields that hold JSONSchema typed objects. Because this field disables all type checking, it is recommended to be used only as a last resort.

// +kubebuilder:validation:Type

: string

overrides the type for this field (which defaults to the equivalent of the Go type).

This generally must be paired with custom serialization. For example, the metav1.Time field would be marked as "type: string" and "format: date-time".

: string

// +kubebuilder:validation:Type

: string

overrides the type for this field (which defaults to the equivalent of the Go type).

This generally must be paired with custom serialization. For example, the metav1.Time field would be marked as "type: string" and "format: date-time".

: string

// +kubebuilder:validation:UniqueItems

: bool

specifies that all items in this list must be unique.

: bool

// +kubebuilder:validation:UniqueItems

: bool

specifies that all items in this list must be unique.

: bool

// +kubebuilder:validation:XEmbeddedResource

EmbeddedResource marks a fields as an embedded resource with apiVersion, kind and metadata fields.

// +kubebuilder:validation:XEmbeddedResource

EmbeddedResource marks a fields as an embedded resource with apiVersion, kind and metadata fields.

// +kubebuilder:validation:XIntOrString

IntOrString marks a fields as an IntOrString.

This is required when applying patterns or other validations to an IntOrString field. Knwon information about the type is applied during the collapse phase and as such is not normally available during marker application.

// +kubebuilder:validation:XIntOrString

IntOrString marks a fields as an IntOrString.

// +kubebuilder:validation:XValidation

message: string
rule: string

marks a field as requiring a value for which a given expression evaluates to true.

This marker may be repeated to specify multiple expressions, all of which must evaluate to true.

message: string
rule: string

// +kubebuilder:validation:XValidation

message: string
rule: string

marks a field as requiring a value for which a given expression evaluates to true.

This marker may be repeated to specify multiple expressions, all of which must evaluate to true.

message: string
rule: string

// +nullable

marks this field as allowing the "null" value.

This is often not necessary, but may be helpful with custom serialization.

// +optional

specifies that this field is optional, if fields are required by default.