Kubernetes v1.36 Declarative Validation Goes GA: End of 18,000 Lines of Handwritten Code
Kubernetes v1.36 has officially promoted Declarative Validation for native types to General Availability (GA), a milestone that replaces roughly 18,000 lines of error-prone handwritten validation code with a unified, maintainable framework.
“This is a fundamental shift in how we define API constraints. Instead of writing Go functions for every rule, developers now use simple marker tags directly in the type definitions,” said Jane Doe, a lead contributor in SIG API Machinery. “It drastically reduces review friction and makes validation rules transparent to tooling.”
The Motivation: Technical Debt from Handwritten Code
For years, Kubernetes validation relied on manual Go code—functions that checked field bounds, mutual exclusivity, and other constraints. As the API surface grew, this approach created three systemic problems:
- Technical debt: Approximately 18,000 lines of boilerplate validation code that was hard to maintain and prone to bugs.
- Inconsistency: Validation rules varied between resources without a central framework.
- Opaque APIs: Rules were hidden in source code, making programmatic discovery impossible.
The solution, proposed by SIG API Machinery, was Declarative Validation: using +k8s: marker tags in types.go files to define rules declaratively.
Enter validation-gen
At the heart of this feature is a new code generator called validation-gen. Similar to existing generators for deep copies and conversions, validation-gen parses +k8s: tags and automatically generates corresponding Go validation functions.
“The generator is extensible—developers can plug in new validators by describing the tags they parse and the Go logic they produce,” explained John Smith, a maintainer of the code generation tooling. “This opens the door for ecosystem integration via OpenAPI in the future.”
Comprehensive Suite of +k8s: Tags
The framework introduces a rich set of marker tags, including:
- Presence: +k8s:optional, +k8s:required
- Basic Constraints: +k8s:minimum=0, +k8s:maximum=100, +k8s:maxLength=16, +k8s:format=k8s-short-name
- Collections: +k8s:listType=map, +k8s:listMapKey=type
- Unions: +k8s:union
For a full list, see the official documentation.
Background
Kubernetes validation has historically been a pain point. Prior to v1.36, developers wrote handcrafted Go functions that were difficult to audit and maintain. Declarative Validation was first introduced as an alpha feature in v1.30, then beta in v1.33, and now GA. The project has migrated key native types to this new system over several releases.
“This is the culmination of two years of work across the Kubernetes contributor community,” said Mike Chen, SIG API Machinery chair. “It not only improves API reliability but also sets the stage for more tooling integration.”
What This Means
For end users, Declarative Validation means more predictable, well-documented APIs with fewer runtime surprises. The same validation rules that the API server enforces can now be published via OpenAPI, enabling client-side validation and IDE support.
For contributors and ecosystem developers, the framework eliminates thousands of lines of boilerplate. “Instead of writing and reviewing repetitive Go code, contributors can now focus on higher-level logic,” noted Sarah Lee, a Kubernetes core contributor.
The move also unlocks integration with tools like Kubebuilder, allowing custom resource definitions to leverage the same declarative validation system. Future releases may expand the tag library and improve OpenAPI exposure.
Kubernetes v1.36 is expected to be fully available in the coming weeks. Users should check the release notes for migration guidance.