Configuration Validation

Xec provides comprehensive validation capabilities to ensure your configurations are correct, secure, and optimized before deployment. This guide covers validation strategies, tools, and best practices.

Validation Levels

1. Schema Validation

Validates configuration structure and types:

# Validate against schema
xec config validate

# Output
✓ Schema validation passed
✓ Version: 1.0 (supported)
✓ Structure: Valid YAML
✓ Required fields present

2. Semantic Validation

Checks logical consistency:

# Detailed validation
xec config validate --verbose

# Checks:
# - Target references exist
# - Task dependencies are valid
# - Variables are defined
# - Profiles inheritance is correct

3. Runtime Validation

Validates execution environment:

# Test runtime compatibility
xec config validate --runtime

# Checks:
# - Target connectivity
# - Command availability
# - Resource access
# - Secret availability

Configuration Schema

Schema Structure

# Xec follows this schema
$schema: https://xec.sh/schema/v1.0/config.json

version: "1.0"  # Required, must match schema version
name: string    # Optional, project name
description: string  # Optional, project description

vars:           # Optional, variable definitions
  type: object
  additionalProperties: true

targets:        # Optional, target definitions
  type: object
  properties:
    defaults: object
    hosts: object
    containers: object
    pods: object

tasks:          # Optional, task definitions
  type: object
  additionalProperties:
    oneOf:
      - type: string
      - type: object

profiles:       # Optional, profile definitions
  type: object
  additionalProperties: object

Type Validation

# Types are enforced
vars:
  port: 8080        # Must be number
  enabled: true     # Must be boolean
  name: "myapp"     # Must be string
  servers:          # Must be array
    - server1
    - server2
  config:           # Must be object
    key: value

Validation Commands

Basic Validation

# Validate current configuration
xec config validate

# Validate specific file
xec config validate --file custom-config.yaml

# Validate with profile
xec config validate --profile production

Detailed Validation

# Show all validation details
xec config validate --verbose

# Show validation errors only
xec config validate --errors-only

# Output as JSON
xec config validate --json

Selective Validation

# Validate specific sections
xec config validate --targets
xec config validate --tasks
xec config validate --variables

# Validate specific target
xec config validate --target hosts.production

Common Validation Errors

Missing Required Fields

# Error: version is required
name: myapp
tasks:
  deploy: echo "deploy"

# Fix: Add version
version: "1.0"
name: myapp
tasks:
  deploy: echo "deploy"

Invalid References

# Error: Target 'hosts.nonexistent' not found
tasks:
  deploy:
    command: deploy
    target: hosts.nonexistent

# Fix: Use existing target
tasks:
  deploy:
    command: deploy
    target: hosts.production

Circular Dependencies

# Error: Circular dependency detected
profiles:
  a:
    extends: b
  b:
    extends: a

# Fix: Remove circular reference
profiles:
  base:
    vars: {...}
  a:
    extends: base
  b:
    extends: base

Type Mismatches

# Error: Expected number, got string
vars:
  port: "8080"  # String

tasks:
  connect:
    command: connect --port ${port + 100}  # Math operation

# Fix: Use correct type
vars:
  port: 8080  # Number

Variable Validation

Undefined Variables

# Detect undefined variables
vars:
  defined: value

tasks:
  test:
    command: echo ${undefined}  # Error: undefined variable

# Fix: Define or provide default
tasks:
  test:
    command: echo ${undefined:-default}

Variable Resolution

# Test variable resolution
xec config show --vars

# Test specific variable
xec config get vars.database.host

# Test with profile
xec config get vars.database.host --profile production

Circular References

# Detect circular variable references
vars:
  a: ${b}
  b: ${c}
  c: ${a}  # Error: circular reference

# Fix: Remove circular dependency
vars:
  a: value1
  b: ${a}
  c: ${b}

Target Validation

Connectivity Testing

# Test target connectivity
xec test hosts.production

# Test all targets
xec test --all-targets

# Verbose testing
xec test hosts.production --verbose

SSH Target Validation

# Validate SSH configuration
targets:
  hosts:
    server:
      host: example.com
      username: deploy
      privateKey: ~/.ssh/id_rsa

# Validation checks:
# - Host resolves
# - Port is open
# - Key file exists
# - Key has correct permissions

Docker Target Validation

# Validate Docker configuration
targets:
  containers:
    app:
      image: node:18

# Validation checks:
# - Docker daemon accessible
# - Image exists or can be pulled
# - Port bindings available
# - Volume paths exist

Kubernetes Target Validation

# Validate Kubernetes configuration
targets:
  pods:
    web:
      namespace: production
      selector: app=web

# Validation checks:
# - Cluster accessible
# - Namespace exists
# - Pods match selector
# - RBAC permissions

Task Validation

Task Structure

# Validate task definition
tasks:
  valid-task:
    description: "Valid task"
    command: echo "test"
    target: hosts.production
    timeout: 30000

# Validation checks:
# - Command or script defined
# - Target exists if specified
# - Timeout is valid number
# - Parameters have valid types

Step Dependencies

tasks:
  with-deps:
    steps:
      - name: step1
        command: echo "1"
        id: first
      
      - name: step2
        command: echo "2"
        dependsOn: [first]  # Validates dependency exists

Parameter Validation

tasks:
  parameterized:
    params:
      - name: count
        type: number
        required: true
        min: 1
        max: 100
      
      - name: environment
        type: enum
        values: [dev, staging, prod]
        required: true

# Validation enforces:
# - Required parameters provided
# - Type constraints met
# - Value ranges respected

Profile Validation

Inheritance Chain

profiles:
  base:
    vars:
      region: us-east-1
  
  staging:
    extends: base  # Validates base exists
    vars:
      environment: staging
  
  production:
    extends: staging  # Validates chain
    vars:
      environment: production

Profile Merging

# Test profile merging
xec config show --profile production

# Validate merged configuration
xec config validate --profile production

Custom Validation

Validation Scripts

tasks:
  validate-custom:
    script: |
      // Custom validation logic
      const errors = [];
      
      // Check custom requirements
      if (!vars.apiKey || vars.apiKey.length < 32) {
        errors.push('API key must be at least 32 characters');
      }
      
      if (vars.replicas < 2 && profile === 'production') {
        errors.push('Production must have at least 2 replicas');
      }
      
      if (errors.length > 0) {
        throw new Error(errors.join('\n'));
      }

Pre-execution Validation

tasks:
  deploy:
    hooks:
      before:
        - task: validate-environment
        - task: validate-permissions
        - task: validate-resources
    command: deploy-application

Validation Rules

# Define validation rules
vars:
  validation:
    rules:
      - field: database.host
        required: true
        pattern: "^[a-z0-9.-]+$"
      
      - field: database.port
        type: number
        min: 1024
        max: 65535
      
      - field: apiKey
        required: true
        minLength: 32
        maxLength: 64

Environment Validation

Environment Checks

tasks:
  validate-environment:
    script: |
      // Check environment
      const checks = {
        'Node.js': () => process.version,
        'Docker': () => $`docker --version`,
        'kubectl': () => $`kubectl version --client`,
        'SSH': () => $`ssh -V`
      };
      
      for (const [name, check] of Object.entries(checks)) {
        try {
          const version = await check();
          console.log(`✓ ${name}: ${version}`);
        } catch {
          console.error(`✗ ${name}: Not found`);
        }
      }

Resource Validation

tasks:
  validate-resources:
    script: |
      // Check resources
      const required = {
        diskSpace: 10 * 1024 * 1024 * 1024,  // 10GB
        memory: 4 * 1024 * 1024 * 1024,       // 4GB
        cpus: 2
      };
      
      const available = await getSystemResources();
      
      for (const [resource, required] of Object.entries(required)) {
        if (available[resource] < required) {
          throw new Error(`Insufficient ${resource}`);
        }
      }

Continuous Validation

Pre-commit Hooks

#!/bin/bash
# .git/hooks/pre-commit

# Validate configuration before commit
xec config validate || {
  echo "Configuration validation failed"
  exit 1
}

CI/CD Integration

# .github/workflows/validate.yml
name: Validate Configuration
on: [push, pull_request]

jobs:
  validate:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Install Xec
        run: npm install -g @xec/cli
      - name: Validate configuration
        run: xec config validate --strict

Automated Testing

tasks:
  test-configuration:
    steps:
      - name: Schema validation
        command: xec config validate
      
      - name: Target connectivity
        command: xec test --all-targets
      
      - name: Task dry-run
        command: xec run deploy --dry-run
      
      - name: Security scan
        command: xec security scan

Validation Reports

Generate Reports

# Generate validation report
xec config validate --report validation-report.json

# Generate HTML report
xec config validate --report validation-report.html

Report Format

{
  "timestamp": "2024-01-15T10:00:00Z",
  "version": "1.0",
  "status": "passed",
  "checks": {
    "schema": { "status": "passed" },
    "variables": { "status": "passed" },
    "targets": { 
      "status": "warning",
      "warnings": ["hosts.backup: Connection timeout"]
    },
    "tasks": { "status": "passed" }
  }
}

Best Practices

1. Validate Early and Often

# Add to development workflow
alias xec-save='xec config validate && git add .xec/'

2. Use Strict Mode

# Fail on warnings in production
xec config validate --strict --profile production

3. Automate Validation

# Add validation task
tasks:
  ci:
    steps:
      - command: xec config validate --strict
      - command: xec test --all-targets
      - command: xec run test-suite

4. Document Validation Rules

# Document requirements
vars:
  _validation:
    description: |
      Required environment variables:
      - API_KEY: API authentication key
      - DB_PASSWORD: Database password
      
      Required commands:
      - docker: Container management
      - kubectl: Kubernetes management

5. Progressive Validation

# Start lenient, increase strictness
profiles:
  development:
    validation:
      strict: false
      warnOnly: true
  
  production:
    validation:
      strict: true
      failOnWarning: true

Troubleshooting

Validation Failures

# Debug validation issues
xec config validate --debug

# Show configuration after resolution
xec config show --resolved

# Test specific component
xec config validate --tasks --verbose

Common Solutions

Error	Solution
Schema version mismatch	Update version field to "1.0"
Undefined variable	Add variable definition or use default
Target not found	Check target name and definition
Invalid YAML	Validate YAML syntax with linter
Circular dependency	Break circular reference chain
Type mismatch	Ensure correct type in definition

Next Steps

• Troubleshooting - Fixing common issues
• Best Practices - Configuration patterns

See Also

• Configuration Overview - Configuration basics
• Best Practices - Configuration patterns
• CLI Reference - Config commands