docs: add jsonschema for values.yaml

Adding a jsonschema allows user to fail early as the user configuration in the  is validated at installation time already. For that reason, there has been added additional validation that couldn't be performed using jsonschema in the helm helper file. Moreover, as we now have our dear conny in artifacthub we can enhance our artifacthub page by adding a jsonschema as artifacthub parses the file and shows its content in a nice format.

Author: annekebr

.github/PULL_REQUEST_TEMPLATE.md

@@ -14,5 +14,6 @@ Fixes #
 - [ ] PR follows [Contributing Guide](../docs/CONTRIBUTING.md)
 - [ ] Added tests (if necessary)
 - [ ] Extended README/Documentation (if necessary)
+- [ ] Adjusted `helm/values.schema.json` according to new changes if `helm/values.yaml` has been touched
 - [ ] Adjusted versions of image and Helm chart in `values.yaml` and `Chart.yaml` (if necessary)
 

helm/templates/_helpers.tpl

@@ -184,3 +184,71 @@ Extract Kubernetes Minor Version.
   readOnly: true
 {{- end -}}
 {{- end -}}
+{{- define "checkForAlertTemplates" -}}
+  {{ $files := .Files }}
+  {{- if .Values.alerting }}
+    {{- if .Values.alerting.admit_request }}
+      {{- if .Values.alerting.admit_request.templates }}
+        {{- range .Values.alerting.admit_request.templates }}
+          {{- $filename := .template -}}
+          {{- $file := printf "alert_payload_templates/%s.json" $filename | $files.Get }}
+          {{- if $file }}
+          {{- else }}
+            {{- fail (printf "The value of the alert template must be chosen such that <template>.json matches one of the file names in the ./alert_payload_templates directory, but there is no %s.json file in that directory or the file is empty." $filename) }}
+          {{- end }}
+        {{- end }}
+      {{- end }}
+    {{- end }}
+    {{- if .Values.alerting.reject_request }}
+      {{- if .Values.alerting.reject_request.templates }}
+        {{- range .Values.alerting.reject_request.templates }}
+          {{- $filename := .template -}}
+          {{- $file := printf "alert_payload_templates/%s.json" $filename | $files.Get }}
+          {{- if $file }}
+          {{- else }}
+            {{- fail (printf "The value of the alert template must be chosen such that <template>.json matches one of the file names in the ./alert_payload_templates directory, but there is no %s.json file in that directory or the file is empty." $filename) }}
+          {{- end }}
+        {{- end }}
+      {{- end }}
+    {{- end }}
+  {{- end }}
+{{- end -}}
+
+{{- define "validatePolicy" -}}
+  {{- $validatornames := list }}
+  {{ range .Values.validators }}
+    {{- $validator := deepCopy . }}
+    {{ $validatornames = append $validatornames $validator.name }}
+  {{- end }}
+  {{- range .Values.policy }}
+    {{- $policy := deepCopy . -}}
+    {{- if $policy.validator }}
+      {{- if has $policy.validator $validatornames }}
+      {{- else }}
+        {{- fail (printf "Validator %s has not been defined and cannot be used in a policy." $policy.validator)}}
+      {{- end }}
+      {{- $validtrustroots := list }}
+      {{ range $.Values.validators }}
+        {{- $validator := deepCopy .}}
+        {{- if eq $validator.name $policy.validator}}
+          {{range $validator.trust_roots }}
+            {{ $trustroot := deepCopy .}}
+            {{- $validtrustroots = append $validtrustroots $trustroot.name }}
+          {{- end }}
+        {{- end }}
+      {{- end }}
+      {{- if $policy.with }}
+        {{- if has $policy.with.trust_root $validtrustroots }}
+        {{- else if eq $policy.with.trust_root "default" }}
+        {{- else }}
+          {{- fail (printf "Validator %s has no %s trust root defined." $policy.validator $policy.with.trust_root)}}
+        {{- end }}
+      {{- end}}
+    {{- else }}
+      {{- if has "default" $validatornames }}
+      {{- else }}
+        {{- fail (printf "Policy for images matching '%s' has no explicit validator defined such that the validator named 'default' is going to be used, but there is no validator named 'default' defined." $policy.pattern)}}
+      {{- end }}
+    {{- end }}
+  {{- end }}
+{{- end }}

helm/templates/alertconfig.yaml

@@ -1,3 +1,5 @@
+{{ include "checkForAlertTemplates" . }}
+
 apiVersion: v1
 kind: ConfigMap
 metadata:
@@ -28,4 +30,4 @@ stringData:
   {{- if .Values.alerting}}
   alertconfig.json: |
     {{ mustToJson .Values.alerting | nindent 4 }}
-  {{- end }}
+  {{- end }}

helm/templates/config.yaml

@@ -1,3 +1,5 @@
+{{ include "validatePolicy" . }}
+
 apiVersion: v1
 kind: ConfigMap
 metadata: