add yaml validation

[chanwit]

This PR adds yaml validation at an early stage before uploading YAML files to the bucket.
It validates yaml files under the targetDir only.

Fixes #2887

Signed-off-by: Chanwit Kaewkasi chanwit@weave.works

[ozamosi]

• Tested "standard podinfo stuff" (create namespace, create flux resources): works ✔️
• Tested incorrect kustomization schema: rejects my change ✔️
• Tested other CRD I'm not installing here: document is ignored ✔️
  • This opened my eyes to why my idea "why don't we just ask the cluster for the CRD" is nonsense - I might be installing the CRD together with the resource 🤦
• Tested a document that was just this: "is not a resource": rejected ✔️
• kustomization.yaml includes are documented as being out of scope, not tested those.

So overall: ✔️

💡 The output is e.g.

► Validating files under test/ ...
test/podinfo.yaml - Kustomization podinfo is invalid: For field spec: prune is required
✗ Error validating: validation failed

I had a second where I read the last line saying "validation failed" and assumed that was the start of the error output so I should be looking for the error after it - there's nothing after it, so I thought "well that's unhelpful". A possible enhancement would be that if the error is "validation failed" specifically, the error line could be changed to imply it's a summary - "Validation failed - review any errors and try again".

❓ This feature is not optional - is there any risk of false positive where we'd get in the user's way instead of helping them? For example, if we're using different schema versions from the cluster.

[chanwit]

This feature is not optional - is there any risk of false positive where we'd get in the user's way instead of helping them? For example, if we're using different schema versions from the cluster.

Good question. We'll have to pin down specific K8s and Flux versions of schemas in the next ticket.

[chanwit]

Next ticket: #2986