Refactor bundle validation code to seperate format and contend validation

1. Seperate bundle format and content validation into 2 seperate functions
2. Remove operator-sdk reference from registry docs. Using `opm` reference
instead.
3. Add bundle object validation to improve content validation

Signed-off-by: Vu Dinh <[email protected]>

Author: dinhxuanvu

cmd/opm/alpha/bundle/validate.go

@@ -3,6 +3,7 @@ package bundle
 import (
 	"io/ioutil"
 	"os"
+	"path/filepath"
 
 	"github.com/operator-framework/operator-registry/pkg/lib/bundle"
 	log "github.com/sirupsen/logrus"
@@ -54,9 +55,14 @@ func validateFunc(cmd *cobra.Command, args []string) error {
 		return err
 	}
 
-	logger.Info("Unpacked image layers, validating bundle image contents")
+	logger.Info("Unpacked image layers, validating bundle image format & contents")
 
-	err = imageValidator.ValidateBundle(dir)
+	err = imageValidator.ValidateBundleFormat(dir)
+	if err != nil {
+		return err
+	}
+
+	err = imageValidator.ValidateBundleFormat(filepath.Join(dir, bundle.ManifestsDir))
 	if err != nil {
 		return err
 	}

docs/design/operator-bundle.md

@@ -91,40 +91,34 @@ $ tree
 
 ## Operator Bundle Commands
 
-Operator SDK CLI is available to generate Bundle annotations and Dockerfile based on provided operator manifests.
+`opm` (Operator Package Manager) is a CLI tool to generate bundle annotations, build bundle manifests image, validate bundle manifests image and other functionalities. Please note that the `generate`, `build` and `validate` features of `opm` CLI are currently in alpha and only meant for development use.
 
-### Operator SDK CLI
+### `opm` (Operator Package Manager)
 
-In order to use Operator SDK CLI, follow the operator-SDK installation instruction:
+In order to use `opm` CLI, follow the `opm` build instruction:
 
-1. Install the [Operator SDK CLI](https://github.com/operator-framework/operator-sdk/blob/master/doc/user/install-operator-sdk.md)
+1. Clone the operator registry repository:
 
-Now, a binary named `operator-sdk` is available in OLM's directory to use.
 ```bash
-$ ./operator-sdk
-An SDK for building operators with ease
-
-Usage:
-  operator-sdk [command]
+$ git clone https://github.com/operator-framework/operator-registry
+```
 
-Available Commands:
-    bundle      Operator bundle commands
+2. Build `opm` binary using this command:
 
-Flags:
-  -h, --help      help for operator-sdk
-      --verbose   Enable verbose logging
-
-Use "operator-sdk [command] --help" for more information about a command.
+```bash
+$ go build ./cmd/opm/
 ```
 
+Now, a binary named `opm` is now built in current directory and ready to be used.
+
 ### Generate Bundle Annotations and DockerFile
 *Notes:*
 * If there are `annotations.yaml` and `Dockerfile` existing in the directory, they will be overwritten.
 
-Using `operator-sdk` CLI, bundle annotations can be generated from provided operator manifests. The overall `bundle generate` command usage is:
+Using `opm` CLI, bundle annotations can be generated from provided operator manifests. The overall `bundle generate` command usage is:
 ```bash
 Usage:
-  operator-sdk bundle generate [flags]
+  opm alpha bundle generate [flags]
 
 Flags:
   -c, --channels string    The list of channels that bundle image belongs to
@@ -141,7 +135,7 @@ The `--directory/-d`, `--channels/-c`, `--package/-p` are required flags while `
 
 The command for `generate` task is:
 ```bash
-$ ./operator-sdk bundle generate --directory /test --package test-operator \
+$ ./opm alpha bundle generate --directory /test --package test-operator \
 --channels stable,beta --default stable
 ```
 
@@ -173,7 +167,7 @@ $ docker build -f /path/to/Dockerfile -t quay.io/test/test-operator:latest /path
 Operator bundle image can be built from provided operator manifests using `build` command (see *Notes* below). The overall `bundle build` command usage is:
 ```bash
 Usage:
-  operator-SDK bundle build [flags]
+  opm alpha bundle build [flags]
 
 Flags:
   -c, --channels string        The list of channels that bundle image belongs to
@@ -192,15 +186,15 @@ Flags:
 
 The command for `build` task is:
 ```bash
-$ ./operator-sdk bundle build --directory /test --tag quay.io/coreos/test-operator.v0.1.0:latest \
+$ ./opm alpha bundle build --directory /test --tag quay.io/coreos/test-operator.v0.1.0:latest \
 --package test-operator --channels stable,beta --default stable
 ```
 
 The `--directory` or `-d` specifies the directory where the operator manifests for a specific version are located. The `--tag` or `-t` specifies the image tag that you want the operator bundle image to have. By using `build` command, the `annotations.yaml` and `Dockerfile` are automatically generated in the background.
 
 The default image builder is `Docker`. However, ` Buildah` and `Podman` are also supported. An image builder can specified via `--image-builder` or `-b` optional tag in `build` command. For example:
 ```bash
-$ ./operator-sdk bundle build --directory /test/0.1.0/ --tag quay.io/coreos/test-operator.v0.1.0:latest \
+$ ./opm alpha bundle build --directory /test/0.1.0/ --tag quay.io/coreos/test-operator.v0.1.0:latest \
 --image-builder podman --package test-operator --channels stable,beta --default stable
 ```
 
@@ -215,7 +209,7 @@ The `--package` or `-p` is the name of package fo the operator such as `etcd` wh
 Operator bundle image can validate bundle image that is publicly available in an image registry using `validate` command (see *Notes* below). The overall `bundle validate` command usage is:
 ```bash
 Usage:
-  operator-SDK bundle validate [flags]
+  opm alpha bundle validate [flags]
 
 Flags:
   -t, --tag string             The name of the bundle image will be built
@@ -225,7 +219,7 @@ Flags:
 
 The command for `validate` task is:
 ```bash
-$ ./operator-sdk bundle build --tag quay.io/coreos/test-operator.v0.1.0:latest --image-builder docker
+$ ./opm alpha bundle build --tag quay.io/coreos/test-operator.v0.1.0:latest --image-builder docker
 ```
 
 The `validate` command will first extract the contents of the bundle image into a temporary directory after it pulls the image from its image registry. Then, it will validate the format of bundle image to ensure manifests and metadata are located in their appropriate directories (`/manifests/` for bundle manifests files such as CSV and `/metadata/` for metadata files such as `annotations.yaml`). Also, it will validate the information in `annotations.yaml` to confirm that metadata is matching the provided data. For example, the provided media type in annotations.yaml just matches the actual media type is provided in the bundle image.

pkg/lib/bundle/errors.go

@@ -6,27 +6,22 @@ import (
 )
 
 // ValidationError is an imlementation of the Error type
-// that defines a set of errors when validating the bundle
+// that defines a list of errors when validating the bundle
 type ValidationError struct {
-	AnnotationErrors []error
-	FormatErrors     []error
+	Errors []error
 }
 
 func (v ValidationError) Error() string {
 	var errs []string
-	for _, err := range v.AnnotationErrors {
-		errs = append(errs, err.Error())
-	}
-	for _, err := range v.FormatErrors {
+	for _, err := range v.Errors {
 		errs = append(errs, err.Error())
 	}
 	return fmt.Sprintf("Bundle validation errors: %s",
 		strings.Join(errs, ","))
 }
 
-func NewValidationError(annotationErrs, formatErrs []error) ValidationError {
+func NewValidationError(errs []error) ValidationError {
 	return ValidationError{
-		AnnotationErrors: annotationErrs,
-		FormatErrors:     formatErrs,
+		Errors: errs,
 	}
 }

pkg/lib/bundle/interfaces.go

@@ -14,7 +14,10 @@ type BundleImageValidator interface {
 	PullBundleImage(imageTag string, directory string) error
 	// Validate bundle takes a directory containing the contents of a bundle image
 	// and validates that the format is correct
-	ValidateBundle(directory string) error
+	ValidateBundleFormat(directory string) error
+	// Validate bundle takes a directory containing the contents of a bundle image
+	// and validates that the content is correct
+	ValidateBundleContent(directory string) error
 }
 
 // NewImageValidator is a constructor that returns an ImageValidator

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_crd/etcdbackups.etcd.database.coreos.com.crd.yaml

@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: etcdbackups.etcd.database.coreos.com
+spec:
+  group: etcd.database.coreos.com
+  names:
+    kind: EtcdBackup
+    listKind: EtcdBackupList
+    plural: etcdbackups
+    singular: etcdbackup
+  scope: Namespaced
+  version: v1beta2

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_crd/etcdclusters.etcd.database.coreos.com.crd.yaml

@@ -0,0 +1,16 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: etcdclusters.etcd.database.coreos.com
+spec:
+  group: etcd.database.coreos.com
+  names:
+    kind: EtcdCluster
+    listKind: EtcdClusterList
+    plural: etcdclusters
+    shortNames:
+    - etcdclus
+    - etcd
+    singular: etcdcluster
+  scope: Namespaced
+  version: v1beta2

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_crd/etcdoperator.v0.9.4.clusterserviceversion.yaml

@@ -10,4 +10,10 @@ spec:
     plural: etcdrestores
     singular: etcdrestore
   scope: Namespaced
-  versions: v1beta2
+  versions:
+  - name: v1beta2
+    served: true
+    storage: true
+  - name: v1beta2
+    served: true
+    storage: true

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_crd/etcdrestores.etcd.database.coreos.com.crd.yaml

@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: etcdbackups.etcd.database.coreos.com
+spec:
+  group: etcd.database.coreos.com
+  names:
+    kind: EtcdBackup
+    listKind: EtcdBackupList
+    plural: etcdbackups
+    singular: etcdbackup
+  scope: Namespaced
+  version: v1beta2

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_csv/etcdbackups.etcd.database.coreos.com.crd.yaml

@@ -0,0 +1,16 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: etcdclusters.etcd.database.coreos.com
+spec:
+  group: etcd.database.coreos.com
+  names:
+    kind: EtcdCluster
+    listKind: EtcdClusterList
+    plural: etcdclusters
+    shortNames:
+    - etcdclus
+    - etcd
+    singular: etcdcluster
+  scope: Namespaced
+  version: v1beta2

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_csv/etcdclusters.etcd.database.coreos.com.crd.yaml

@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: etcdrestores.etcd.database.coreos.com
+spec:
+  group: etcd.database.coreos.com
+  names:
+    kind: EtcdRestore
+    listKind: EtcdRestoreList
+    plural: etcdrestores
+    singular: etcdrestore
+  scope: Namespaced
+  version: v1beta2

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_csv/etcdrestores.etcd.database.coreos.com.crd.yaml

@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: etcdbackups.etcd.database.coreos.com
+spec:
+  group: etcd.database.coreos.com
+  names:
+    kind: EtcdBackup
+    listKind: EtcdBackupList
+    plural: etcdbackups
+    singular: etcdbackup
+  scope: Namespaced
+  version: v1beta2

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_sa/etcdbackups.etcd.database.coreos.com.crd.yaml

@@ -0,0 +1,16 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: etcdclusters.etcd.database.coreos.com
+spec:
+  group: etcd.database.coreos.com
+  names:
+    kind: EtcdCluster
+    listKind: EtcdClusterList
+    plural: etcdclusters
+    shortNames:
+    - etcdclus
+    - etcd
+    singular: etcdcluster
+  scope: Namespaced
+  version: v1beta2

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_sa/etcdclusters.etcd.database.coreos.com.crd.yaml

@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: etcdrestores.etcd.database.coreos.com
+spec:
+  group: etcd.database.coreos.com
+  names:
+    kind: EtcdRestore
+    listKind: EtcdRestoreList
+    plural: etcdrestores
+    singular: etcdrestore
+  scope: Namespaced
+  version: v1beta2

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_sa/etcdoperator.v0.9.4.clusterserviceversion.yaml

@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: etcdbackups.etcd.database.coreos.com
+spec:
+  group: etcd.database.coreos.com
+  names:
+    kind: EtcdBackup
+    listKind: EtcdBackupList
+    plural: etcdbackups
+    singular: etcdbackup
+  scope: Namespaced
+  version: v1beta2

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_sa/etcdrestores.etcd.database.coreos.com.crd.yaml

@@ -0,0 +1,16 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: etcdclusters.etcd.database.coreos.com
+spec:
+  group: etcd.database.coreos.com
+  names:
+    kind: EtcdCluster
+    listKind: EtcdClusterList
+    plural: etcdclusters
+    shortNames:
+    - etcdclus
+    - etcd
+    singular: etcdcluster
+  scope: Namespaced
+  version: v1beta2

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_type/etcdbackups.etcd.database.coreos.com.crd.yaml

@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: etcdrestores.etcd.database.coreos.com
+spec:
+  group: etcd.database.coreos.com
+  names:
+    kind: EtcdRestore
+    listKind: EtcdRestoreList
+    plural: etcdrestores
+    singular: etcdrestore
+  scope: Namespaced
+  version: v1beta2

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_type/etcdclusters.etcd.database.coreos.com.crd.yaml

@@ -10,8 +10,9 @@ import (
 	v "github.com/operator-framework/api/pkg/validation"
 	v1 "github.com/operator-framework/operator-lifecycle-manager/pkg/api/apis/operators/v1alpha1"
 	"github.com/operator-framework/operator-registry/pkg/containertools"
+	"github.com/operator-framework/operator-registry/pkg/registry"
 
-	"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
+	"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1"
 	apiValidation "k8s.io/apimachinery/pkg/api/validation"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
@@ -20,7 +21,6 @@ import (
 	k8syaml "k8s.io/apimachinery/pkg/util/yaml"
 
 	y "github.com/ghodss/yaml"
-	"github.com/sirupsen/logrus"
 	log "github.com/sirupsen/logrus"
 	"gopkg.in/yaml.v2"
 )
@@ -58,12 +58,20 @@ func (i imageValidator) PullBundleImage(imageTag, directory string) error {
 }
 
 // ValidateBundle takes a directory containing the contents of a bundle and validates
-// the format and contents of that bundle for correctness
-func (i imageValidator) ValidateBundle(directory string) error {
+// the format of that bundle for correctness using these criteria
+// 1. Validate if the directory has two required directories for /manifests and /metadata
+// 2. Expecting bundle manifests files to be in /manifests and metadata files (including
+// annotations.yaml) to be in /metadata
+// 3. Validate the information in annotations to match the bundle contents such as
+// its media type, and channel information.
+// Inputs:
+// directory: the directory which the /manifests and /metadata exist
+// Outputs:
+// error: ValidattionError which contains a list of errors
+func (i imageValidator) ValidateBundleFormat(directory string) error {
 	var manifestsFound, metadataFound bool
 	var annotationsDir, manifestsDir string
-	var annotationErrors []error
-	var formatErrors []error
+	var validationErrors []error
 
 	items, _ := ioutil.ReadDir(directory)
 	for _, item := range items {
@@ -82,38 +90,29 @@ func (i imageValidator) ValidateBundle(directory string) error {
 	}
 
 	if manifestsFound == false {
-		formatErrors = append(formatErrors, fmt.Errorf("Unable to locate manifests directory"))
+		validationErrors = append(validationErrors, fmt.Errorf("Unable to locate manifests directory"))
 	}
 	if metadataFound == false {
-		formatErrors = append(formatErrors, fmt.Errorf("Unable to locate metadata directory"))
+		validationErrors = append(validationErrors, fmt.Errorf("Unable to locate metadata directory"))
 	}
 
 	// Break here if we can't even find the files
-	if len(formatErrors) > 0 {
-		return NewValidationError(annotationErrors, formatErrors)
+	if len(validationErrors) > 0 {
+		return NewValidationError(validationErrors)
 	}
 
 	i.logger.Debug("Getting mediaType info from manifests directory")
 	mediaType, err := GetMediaType(manifestsDir)
 	if err != nil {
-		formatErrors = append(formatErrors, err)
-	}
-
-	// Validate bundle contents (only for registryv1 and plaintype type bundles)
-	i.logger.Debug("Validating bundle contents")
-	validationErrors := validateBundleContents(manifestsDir, mediaType, i.logger)
-	if len(validationErrors) > 0 {
-		for _, err := range validationErrors {
-			formatErrors = append(formatErrors, err)
-		}
+		validationErrors = append(validationErrors, err)
 	}
 
 	// Validate annotations.yaml
 	annotationsFile, err := ioutil.ReadFile(filepath.Join(annotationsDir, AnnotationsFile))
 	if err != nil {
 		fmtErr := fmt.Errorf("Unable to read annotations.yaml file: %s", err.Error())
-		formatErrors = append(formatErrors, fmtErr)
-		return NewValidationError(annotationErrors, formatErrors)
+		validationErrors = append(validationErrors, fmtErr)
+		return NewValidationError(validationErrors)
 	}
 
 	var fileAnnotations AnnotationMetadata
@@ -131,7 +130,7 @@ func (i imageValidator) ValidateBundle(directory string) error {
 
 	err = yaml.Unmarshal(annotationsFile, &fileAnnotations)
 	if err != nil {
-		formatErrors = append(formatErrors, fmt.Errorf("Unable to parse annotations.yaml file"))
+		validationErrors = append(validationErrors, fmt.Errorf("Unable to parse annotations.yaml file"))
 	}
 
 	for label, item := range annotations {
@@ -140,29 +139,29 @@ func (i imageValidator) ValidateBundle(directory string) error {
 			i.logger.Debugf(`Found annotation "%s" with value "%s"`, label, val)
 		} else {
 			aErr := fmt.Errorf("Missing annotation %q", label)
-			annotationErrors = append(annotationErrors, aErr)
+			validationErrors = append(validationErrors, aErr)
 		}
 
 		switch label {
 		case MediatypeLabel:
 			if item != val {
 				aErr := fmt.Errorf("Expecting annotation %q to have value %q instead of %q", label, item, val)
-				annotationErrors = append(annotationErrors, aErr)
+				validationErrors = append(validationErrors, aErr)
 			}
 		case ManifestsLabel:
 			if item != ManifestsDir {
 				aErr := fmt.Errorf("Expecting annotation %q to have value %q instead of %q", label, ManifestsDir, val)
-				annotationErrors = append(annotationErrors, aErr)
+				validationErrors = append(validationErrors, aErr)
 			}
 		case MetadataDir:
 			if item != MetadataLabel {
 				aErr := fmt.Errorf("Expecting annotation %q to have value %q instead of %q", label, MetadataDir, val)
-				annotationErrors = append(annotationErrors, aErr)
+				validationErrors = append(validationErrors, aErr)
 			}
 		case ChannelsLabel, ChannelDefaultLabel:
 			if val == "" {
 				aErr := fmt.Errorf("Expecting annotation %q to have non-empty value", label)
-				annotationErrors = append(annotationErrors, aErr)
+				validationErrors = append(validationErrors, aErr)
 			} else {
 				annotations[label] = val
 			}
@@ -171,25 +170,38 @@ func (i imageValidator) ValidateBundle(directory string) error {
 
 	_, err = ValidateChannelDefault(annotations[ChannelsLabel], annotations[ChannelDefaultLabel])
 	if err != nil {
-		annotationErrors = append(annotationErrors, err)
+		validationErrors = append(validationErrors, err)
 	}
 
-	if len(annotationErrors) > 0 || len(formatErrors) > 0 {
-		return NewValidationError(annotationErrors, formatErrors)
+	if len(validationErrors) > 0 {
+		return NewValidationError(validationErrors)
 	}
 
 	return nil
 }
 
-// validateBundleContents confirms that the CSV and CRD files inside the bundle directory are valid
-// and can be installed in a cluster. Other GVK types are confirmed as valid kube objects but are not
-// explicitly validated currently.
-func validateBundleContents(manifestDir string, mediaType string, logger *logrus.Entry) (errors []error) {
-	var contentsErrors []error
+// ValidateBundleContent confirms that the CSV and CRD files inside the bundle
+// directory are valid and can be installed in a cluster. Other GVK types are
+// also validated to confirm if they are "kubectl-able" to a cluster meaning
+// if they can be applied to a cluster using `kubectl` provided users have all
+// necessary permissions and configurations.
+// Inputs:
+// manifestDir: the directory which all bundle manifests files are located
+// Outputs:
+// error: ValidattionError which contains a list of errors
+func (i imageValidator) ValidateBundleContent(manifestDir string) error {
+	var validationErrors []error
+
+	i.logger.Debug("Validating bundle contents")
+
+	mediaType, err := GetMediaType(manifestDir)
+	if err != nil {
+		validationErrors = append(validationErrors, err)
+	}
 
 	switch mediaType {
 	case HelmType, PlainType:
-		return contentsErrors
+		return nil
 	}
 
 	supportedTypes := map[string]string{
@@ -204,6 +216,8 @@ func validateBundleContents(manifestDir string, mediaType string, logger *logrus
 		roleBindingKind:        "",
 	}
 
+	var csvName string
+	unstObjs := []*unstructured.Unstructured{}
 	csvValidator := v.ClusterServiceVersionValidator
 	crdValidator := v.CustomResourceDefinitionValidator
 
@@ -213,58 +227,76 @@ func validateBundleContents(manifestDir string, mediaType string, logger *logrus
 		fileWithPath := filepath.Join(manifestDir, item.Name())
 		data, err := ioutil.ReadFile(fileWithPath)
 		if err != nil {
-			contentsErrors = append(contentsErrors, fmt.Errorf("Unable to read file %s in supported types", fileWithPath))
+			validationErrors = append(validationErrors, fmt.Errorf("Unable to read file %s in supported types", fileWithPath))
 			continue
 		}
 
 		dec := k8syaml.NewYAMLOrJSONDecoder(strings.NewReader(string(data)), 30)
 		k8sFile := &unstructured.Unstructured{}
 		if err := dec.Decode(k8sFile); err == nil {
+			unstObjs = append(unstObjs, k8sFile)
 			kind := k8sFile.GetObjectKind().GroupVersionKind().Kind
-			logger.Debugf(`Validating file "%s" with type "%s"`, item.Name(), kind)
+			i.logger.Debugf(`Validating file "%s" with type "%s"`, item.Name(), kind)
 			// Verify if the object kind is supported for registryV1 format
 			if _, ok := supportedTypes[kind]; !ok {
-				contentsErrors = append(contentsErrors, fmt.Errorf("%s is not supported type for registryV1 bundle: %s", kind, fileWithPath))
+				validationErrors = append(validationErrors, fmt.Errorf("%s is not supported type for registryV1 bundle: %s", kind, fileWithPath))
 			} else {
 				if kind == csvKind {
 					csv := &v1.ClusterServiceVersion{}
 					err := runtime.DefaultUnstructuredConverter.FromUnstructured(k8sFile.Object, csv)
 					if err != nil {
-						contentsErrors = append(contentsErrors, err)
+						validationErrors = append(validationErrors, err)
 					}
 
+					csvName = csv.GetName()
 					results := csvValidator.Validate(csv)
 					if len(results) > 0 {
 						for _, err := range results[0].Errors {
-							contentsErrors = append(contentsErrors, err)
+							validationErrors = append(validationErrors, err)
 						}
 					}
 				} else if kind == crdKind {
-					crd := &apiextensions.CustomResourceDefinition{}
+					crd := &v1beta1.CustomResourceDefinition{}
 					err := runtime.DefaultUnstructuredConverter.FromUnstructured(k8sFile.Object, crd)
 					if err != nil {
-						contentsErrors = append(contentsErrors, err)
+						validationErrors = append(validationErrors, err)
 					}
 
 					results := crdValidator.Validate(crd)
 					if len(results) > 0 {
 						for _, err := range results[0].Errors {
-							contentsErrors = append(contentsErrors, err)
+							validationErrors = append(validationErrors, err)
 						}
 					}
 				} else {
 					err := validateKubectlable(data)
 					if err != nil {
-						contentsErrors = append(contentsErrors, err)
+						validationErrors = append(validationErrors, err)
 					}
 				}
 			}
 		} else {
-			contentsErrors = append(contentsErrors, err)
+			validationErrors = append(validationErrors, err)
+		}
+	}
+
+	// Validate the bundle object
+	if len(unstObjs) > 0 {
+		bundle := registry.NewBundle(csvName, "", "", unstObjs...)
+		bundleValidator := v.BundleValidator
+		results := bundleValidator.Validate(bundle)
+		if len(results) > 0 {
+			for _, err := range results[0].Errors {
+				validationErrors = append(validationErrors, err)
+			}
 		}
 	}
 
-	return contentsErrors
+	if len(validationErrors) > 0 {
+		return NewValidationError(validationErrors)
+	}
+
+	return nil
 }
 
 // Validate if the file is kubecle-able

pkg/lib/bundle/testdata/validate/invalid_manifests_bundle/invalid_type/etcdoperator.v0.9.4.clusterserviceversion.yaml

@@ -51,7 +51,7 @@ func TestPullBundle_Error(t *testing.T) {
 	assert.Equal(t, expectedErr, err)
 }
 
-func TestValidateBundle(t *testing.T) {
+func TestValidateBundleFormat(t *testing.T) {
 	dir := "./testdata/validate/valid_bundle/"
 
 	logger := logrus.NewEntry(logrus.New())
@@ -60,7 +60,7 @@ func TestValidateBundle(t *testing.T) {
 		logger: logger,
 	}
 
-	err := validator.ValidateBundle(dir)
+	err := validator.ValidateBundleFormat(dir)
 	require.NoError(t, err)
 }
 
@@ -73,15 +73,21 @@ func TestValidateBundle_InvalidRegistryVersion(t *testing.T) {
 		logger: logger,
 	}
 
-	err := validator.ValidateBundle(dir)
+	err := validator.ValidateBundleFormat(dir)
 	require.Error(t, err)
 	var validationError ValidationError
 	isValidationErr := errors.As(err, &validationError)
 	require.True(t, isValidationErr)
-	require.Equal(t, len(validationError.AnnotationErrors), 1)
+	require.Equal(t, len(validationError.Errors), 1)
 }
 
-func TestValidateBundleContents(t *testing.T) {
+func TestValidateBundleContent(t *testing.T) {
+	logger := logrus.NewEntry(logrus.New())
+
+	validator := imageValidator{
+		logger: logger,
+	}
+
 	var table = []struct {
 		description string
 		mediaType   string
@@ -126,11 +132,14 @@ func TestValidateBundleContents(t *testing.T) {
 	}
 
 	for i, tt := range table {
-		logger := logrus.NewEntry(logrus.New())
-		result := validateBundleContents(tt.directory, tt.mediaType, logger)
-		require.Len(t, result, tt.numErrors, table[i].description)
-		if len(result) > 0 {
-			e := result[0]
+		fmt.Println(tt.directory)
+		err := validator.ValidateBundleContent(tt.directory)
+		var validationError ValidationError
+		isValidationErr := errors.As(err, &validationError)
+		require.True(t, isValidationErr)
+		require.Len(t, validationError.Errors, tt.numErrors, table[i].description)
+		if len(validationError.Errors) > 0 {
+			e := validationError.Errors[0]
 			require.Contains(t, e.Error(), tt.errString)
 		}
 	}