Validating plugin configuration options with javax.validation
4 views
Skip to first unread message
Chris Kilding
Oct 2, 2020, 9:59:36 AM10/2/20
to jenkin...@googlegroups.com
Hi,
Just today I was looking at adding a new option to a plugin's configuration, and thought that the javax.validation API would be really helpful to apply validation constraints to plugin configuration in a single place.
For example:
@Extension
@Symbol("yourPlugin")
public class PluginConfiguration extends GlobalConfiguration {
// jsr-380 numerical validations like...
@Positive @Max(100)
private int x;
// jsr-380 string validations like...
@Email
private String y;
// jsr-380 also provides @Null/@NotNull; I guess javax.validation is now the standardised API for these annotations, superseding FindBugs annotations etc.
@NotNull
private String z;
}
Without something like javax.validation / JSR-380 I don't think we can specify validation constraints in a single place; at minimum we would end up with duplicated validation logic. If you validate the value in a DataBoundSetter, any code path that bypasses the setter will also bypass validation. If you validate the value at usage time, you can't warn the user when they're on the /configure page (or when Jenkins is reading CasC.yaml). And so on.
I believe this has been talked about before in JEP-205 and JENKINS-11131, and a couple of PRs, but no conclusion was reached.
Could someone familiar with this (perhaps Nicolas) provide more details of how far it got, and what the next step would be? Or indeed what the workarounds are that people use today e.g. for constraining an integer config value to a certain range?
Chris
Just today I was looking at adding a new option to a plugin's configuration, and thought that the javax.validation API would be really helpful to apply validation constraints to plugin configuration in a single place.
For example:
@Extension
@Symbol("yourPlugin")
public class PluginConfiguration extends GlobalConfiguration {
// jsr-380 numerical validations like...
@Positive @Max(100)
private int x;
// jsr-380 string validations like...
private String y;
// jsr-380 also provides @Null/@NotNull; I guess javax.validation is now the standardised API for these annotations, superseding FindBugs annotations etc.
@NotNull
private String z;
}
Without something like javax.validation / JSR-380 I don't think we can specify validation constraints in a single place; at minimum we would end up with duplicated validation logic. If you validate the value in a DataBoundSetter, any code path that bypasses the setter will also bypass validation. If you validate the value at usage time, you can't warn the user when they're on the /configure page (or when Jenkins is reading CasC.yaml). And so on.
I believe this has been talked about before in JEP-205 and JENKINS-11131, and a couple of PRs, but no conclusion was reached.
Could someone familiar with this (perhaps Nicolas) provide more details of how far it got, and what the next step would be? Or indeed what the workarounds are that people use today e.g. for constraining an integer config value to a certain range?
Chris
Jesse Glick
Oct 2, 2020, 10:19:39 AM10/2/20
to Jenkins Dev
On Fri, Oct 2, 2020 at 9:59 AM Chris Kilding
<chris+...@chriskilding.com> wrote:
> Could someone familiar with this (perhaps Nicolas) provide more details
I do not believe Nicolas is active in the project any more.
<chris+...@chriskilding.com> wrote:
> Could someone familiar with this (perhaps Nicolas) provide more details
> what the workarounds are that people use today e.g. for constraining an integer config value to a certain range?
Chris Kilding
Oct 13, 2020, 10:11:13 AM10/13/20
to jenkin...@googlegroups.com
Cheers, I've taken a look, and also filed an issue (https://issues.jenkins-ci.org/browse/JENKINS-63855) to discuss client-side min/max constraints on number fields.
> --
> You received this message because you are subscribed to the Google
> Groups "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to jenkinsci-de...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-dev/CANfRfr11JUG0FcghO0atJwAKbhwrUUvP1C_7UCU6K1avzeuyOw%40mail.gmail.com.
>
> You received this message because you are subscribed to the Google
> Groups "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to jenkinsci-de...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-dev/CANfRfr11JUG0FcghO0atJwAKbhwrUUvP1C_7UCU6K1avzeuyOw%40mail.gmail.com.
>
Reply all
Reply to author
Forward
0 new messages