Skip to content

CRD scaffolds trigger false positives with kube-api-linter for Operator Projects #192

New issue
New issue
Open
Open
CRD scaffolds trigger false positives with kube-api-linter for Operator Projects#192
@camilamacedo86

Description

@camilamacedo86
camilamacedo86
opened on Nov 15, 2025

Problem

Operator Projects scaffolds standard Kubernetes CRD patterns that kube-api-linter incorrectly flags as errors, even with WhenRequired configuration.

What We're Scaffolding

type MyResource struct {
    metav1.TypeMeta   `json:",inline"`
    metav1.ObjectMeta `json:"metadata,omitzero"`
    
    Spec   MyResourceSpec   `json:"spec"`
    Status MyResourceStatus `json:"status,omitzero"`
}

type MyResourceStatus struct {
    Conditions []metav1.Condition `json:"conditions,omitempty"`
}

Error 1:

optionalfields: field Status has a valid zero value ({}), but the validation 
is not complete (e.g. min properties/adding required fields). The field should 
be a pointer to allow the zero value to be set. If the zero value is not a 
valid use case, complete the validation and remove the pointer. (kubeapilinter)

    Status WordpressStatus `json:"status,omitzero"`
  • Status is never a pointer in any Kubernetes API
  • Works correctly with omitzero tag
  • Validation incompleteness is expected - Status is controller-managed, not user-provided

Error 2:

requiredfields: field Spec has a valid zero value ({}), but the validation is 
not complete (e.g. min properties/adding required fields). The field should be 
a pointer to allow the zero value to be set. If the zero value is not a valid 
use case, complete the validation and remove the pointer. (kubeapilinter)

    Spec WordpressSpec `json:"spec"`
  • Spec is never a pointer in Kubernetes APIs
  • Scaffolds are starting points - users add validation when they implement their business logic

Error 3:

conditions: Conditions field in WordpressStatus is missing the following markers: 
patchStrategy=merge, patchMergeKey=type (kubeapilinter)

    Conditions []metav1.Condition `json:"conditions,omitempty"`
  • metav1.Condition already handles patches correctly
  • Adding these markers is redundant for this standard Kubernetes type

What We Need

A way to configure the linter to understand CRD scaffolding patterns. Something like:

lintersConfig:
  optionalfields:
    pointers:
      preference: WhenRequired
      skipCRDStatusFields: true  # Don't require pointers for Status in CRD types
  requiredfields:
    skipCRDSpecFields: true  # Don't require pointers for Spec in CRD types
  conditions:
    skipMetav1Condition: true  # metav1.Condition already has proper tags

Or even simpler - a preset for CRD scaffolds:

lintersConfig:
  preset: "crd-scaffold"  # Use CRD-friendly defaults

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions