feat: validate topicNameTemplate with context variable resolution

kp_pre_commit_hooks/gitops_values_validation.py

@@ -41,10 +41,17 @@
     re.MULTILINE
 )
 
-# Validate topic names follow pattern: (private.)?serviceName.topic(-version)?(.suffix)?
+# Matches standard topic names to extract the serviceName for ownership checks.
+# Format validation (e.g. enforcing -vN over -N) is the chart schema's responsibility;
+# this regexp only needs to match what the schema accepts so the service name check fires correctly.
 TOPIC_NAME_REGEXP = re.compile(
-    r"^(private\.)?(?P<serviceName>[a-z][a-z0-9-]*)\.[a-z][a-z0-9-]*(-[0-9]+)?(\.[a-z0-9]+)?$"
+    r"^(private\.)?(?P<serviceName>[a-z][a-z0-9-]*)\.[a-z][a-z0-9-]*(-v[0-9]+)?(\.[a-z0-9-]+)?$"
 )
+# Kafka Streams internal topics: {applicationId}-{name}-(changelog|repartition)
+KAFKA_STREAMS_INTERNAL_TOPIC_REGEXP = re.compile(r"^[a-z][a-z0-9-]*-(changelog|repartition)$")
+
+# Matches any Go template block {{ ... }}
+TEMPLATE_BLOCK_REGEXP = re.compile(r"\{\{[^}]*\}\}")
 
 TWINGATE_DOC_URL = "https://kpler.atlassian.net/wiki/spaces/KSD/pages/243562083/Install+and+configure+the+Twingate+VPN+client"
 
@@ -547,11 +554,53 @@ def validate_service_keys_match_service_folder(self, value, schema):
                     f" Must be either '{folder_name}' or '{folder_name}-<suffix>'"
                 )
 
+    def _resolve_topic_name_template(self, template: str) -> str:
+        """Replace known context variables with actual values, others with a placeholder.
+
+        This allows validating the structure of a topicNameTemplate as if it were
+        a static topicName, by substituting the context variables the chart would
+        inject at render time.
+        """
+        service_name = self._get_current_service_name()
+        instance = self.service_instance_config.instance
+
+        replacements = {
+            "$.context.serviceInstanceName": f"{service_name}-{instance}",
+            "$.context.serviceName": service_name,
+            "$.context.instanceName": instance,
+            "$.context.env": self.service_instance_config.env,
+        }
+
+        result = template
+        for var, val in replacements.items():
+            result = result.replace(f"{{{{ {var} }}}}", val)
+
+        # Replace remaining unknown template blocks with a generic placeholder
+        result = TEMPLATE_BLOCK_REGEXP.sub("x", result)
+        return result
+
     def validate_topic_name_compliance(self, value, schema):
+        current_path = self._get_current_path()
+        is_template = current_path and current_path[-1] == "topicNameTemplate"
+
+        topic_name = self._resolve_topic_name_template(str(value)) if is_template else str(value)
+
+        # Kafka Streams internal topics (changelog, repartition) don't follow the serviceName.dataIdentifier convention
+        # but must start with {serviceName}-{instanceName}- to prevent copy-paste mistakes across instances
+        if KAFKA_STREAMS_INTERNAL_TOPIC_REGEXP.match(topic_name):
+            service_name = self._get_current_service_name()
+            instance = self.service_instance_config.instance
+            expected_prefix = f"{service_name}-{instance}-"
+            if not topic_name.startswith(expected_prefix):
+                yield ValidationError(
+                    f"Internal topic '{topic_name}' is not compliant, "
+                    f"it must start with '{expected_prefix}' (serviceName-instanceName)"
+                )
+            return
         service_name = self._get_current_service_name()
-        match = TOPIC_NAME_REGEXP.match(str(value))
+        match = TOPIC_NAME_REGEXP.match(topic_name)
         if match and match["serviceName"] not in (service_name, self.service_instance_config.service_group):
-            yield ValidationError(f"topicName '{value}' it not compliant, it should contain the service name '{service_name}'")
+            yield ValidationError(f"topicName '{topic_name}' it not compliant, it should contain the service name '{service_name}'")
 
     def validate_max_local_topic_bytes_compliance(self, value, schema):
 

tests/test_data/gitops_data/app1/service1/Chart-dev.yaml

@@ -1,3 +1,3 @@
 dependencies:
   - name: platform-managed-chart
-    version: 0.1.159
+    version: 0.1.225

tests/test_data/gitops_data/app1/service1/Chart.yaml

@@ -3,4 +3,4 @@ name: service1
 version: 0.1.0
 dependencies:
   - name: platform-managed-chart
-    version: 0.1.157-pr195
+    version: 0.1.224

tests/test_data/gitops_data/app1/service1/values-dev-hyphenated-suffix.yaml

@@ -0,0 +1,18 @@
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.225/schema-platform-managed-chart.json
+# Test file: Standard topic with hyphenated suffix (valid per chart schema)
+platform-managed-chart:
+  serviceName: service1
+  teamOwner: team1
+  env: dev
+  workloadType: stream
+
+  stream: {}
+
+  image:
+    repository: dev/my-repo
+    tag: my-tag
+
+  managedResources:
+    mskTopics:
+      output:
+        topicName: service1.testtopic.sub-part

tests/test_data/gitops_data/app1/service1/values-dev-topic_with_authorized_max_local_topic_bytes.yaml

@@ -1,4 +1,4 @@
-# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.157-pr195/schema-platform-managed-chart.json
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.225/schema-platform-managed-chart.json
 # Test file: Whitelisted topic with valid size
 platform-managed-chart:
   serviceName: service1

tests/test_data/gitops_data/app1/service1/values-dev-topic_with_max_local_topic_bytes_above_authorized_value.yaml

@@ -1,4 +1,4 @@
-# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.157-pr195/schema-platform-managed-chart.json
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.225/schema-platform-managed-chart.json
 # Test file: Whitelisted topic exceeding its specific limit
 platform-managed-chart:
   serviceName: service1

tests/test_data/gitops_data/app1/service1/values-dev-topic_with_no_max_local_topic_bytes_set.yaml

@@ -1,4 +1,4 @@
-# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.157-pr195/schema-platform-managed-chart.json
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.225/schema-platform-managed-chart.json
 # Test file: Whitelisted topic with valid size
 platform-managed-chart:
   serviceName: service1

tests/test_data/gitops_data/app1/service1/values-dev-topic_with_unauthorized_max_local_topic_bytes.yaml

@@ -1,4 +1,4 @@
-# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.157-pr195/schema-platform-managed-chart.json
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.225/schema-platform-managed-chart.json
 platform-managed-chart:
   serviceName: service1
   teamOwner: team1

tests/test_data/gitops_data/app1/service1/values-dev-versioned-topic.yaml

@@ -0,0 +1,18 @@
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.225/schema-platform-managed-chart.json
+# Test file: Standard topic with -vN version suffix (valid per chart schema)
+platform-managed-chart:
+  serviceName: service1
+  teamOwner: team1
+  env: dev
+  workloadType: stream
+
+  stream: {}
+
+  image:
+    repository: dev/my-repo
+    tag: my-tag
+
+  managedResources:
+    mskTopics:
+      output:
+        topicName: service1.testtopic-v2

tests/test_data/gitops_data/app1/service1/values-prod-topic_with_authorized_max_local_topic_bytes_not_on_current_env.yaml

@@ -1,4 +1,4 @@
-# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.157-pr195/schema-platform-managed-chart.json
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.224/schema-platform-managed-chart.json
 # Test file: Whitelisted topic with valid size
 platform-managed-chart:
   serviceName: service1

tests/test_data/gitops_data/app1/service2/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: service2
+version: 0.1.0
+dependencies:
+  - name: platform-managed-chart
+    version: 0.1.223-pr313

tests/test_data/gitops_data/app1/service2/values-dev-topic_with_wrong_service_name.yaml

@@ -0,0 +1,18 @@
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.223-pr313/schema-platform-managed-chart.json
+# Test file: Topic with wrong service name
+platform-managed-chart:
+  serviceName: service2
+  teamOwner: team1
+  env: dev
+  workloadType: stream
+
+  stream: {}
+
+  image:
+    repository: dev/my-repo
+    tag: my-tag
+
+  managedResources:
+    mskTopics:
+      output:
+        topicName: other-service.testtopic

tests/test_data/gitops_data/app1/service3/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: service3
+version: 0.1.0
+dependencies:
+  - name: platform-managed-chart
+    version: 0.1.223-pr313

tests/test_data/gitops_data/app1/service3/values-dev-changelog.yaml

@@ -0,0 +1,18 @@
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.223-pr313/schema-platform-managed-chart.json
+# Test file: valid Kafka Streams changelog internal topic (correct serviceName-instanceName prefix)
+platform-managed-chart:
+  serviceName: service3
+  teamOwner: team1
+  env: dev
+  workloadType: stream
+
+  stream: {}
+
+  image:
+    repository: dev/my-repo
+    tag: my-tag
+
+  managedResources:
+    mskTopics:
+      output:
+        topicName: service3-changelog-mystore-changelog

tests/test_data/gitops_data/app1/service3/values-dev-foreign-service.yaml

@@ -0,0 +1,18 @@
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.223-pr313/schema-platform-managed-chart.json
+# Test file: Kafka Streams internal topic from a foreign service (wrong serviceName prefix)
+platform-managed-chart:
+  serviceName: service3
+  teamOwner: team1
+  env: dev
+  workloadType: stream
+
+  stream: {}
+
+  image:
+    repository: dev/my-repo
+    tag: my-tag
+
+  managedResources:
+    mskTopics:
+      output:
+        topicName: otherservice-foreign-service-mystore-changelog

tests/test_data/gitops_data/app1/service3/values-dev-repartition.yaml

@@ -0,0 +1,18 @@
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.223-pr313/schema-platform-managed-chart.json
+# Test file: valid Kafka Streams repartition internal topic (correct serviceName-instanceName prefix)
+platform-managed-chart:
+  serviceName: service3
+  teamOwner: team1
+  env: dev
+  workloadType: stream
+
+  stream: {}
+
+  image:
+    repository: dev/my-repo
+    tag: my-tag
+
+  managedResources:
+    mskTopics:
+      output:
+        topicName: service3-repartition-mystate-repartition

tests/test_data/gitops_data/app1/service3/values-dev-tpl-valid.yaml

@@ -0,0 +1,18 @@
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.223-pr313/schema-platform-managed-chart.json
+# Test file: valid Kafka Streams changelog internal topic using topicNameTemplate
+platform-managed-chart:
+  serviceName: service3
+  teamOwner: team1
+  env: dev
+  workloadType: stream
+
+  stream: {}
+
+  image:
+    repository: dev/my-repo
+    tag: my-tag
+
+  managedResources:
+    mskTopics:
+      output:
+        topicNameTemplate: "{{ $.context.serviceName }}-{{ $.context.instanceName }}-mystore-changelog"

tests/test_data/gitops_data/app1/service3/values-dev-tpl-wrong.yaml

@@ -0,0 +1,18 @@
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.223-pr313/schema-platform-managed-chart.json
+# Test file: invalid Kafka Streams changelog topic template with wrong instance name
+platform-managed-chart:
+  serviceName: service3
+  teamOwner: team1
+  env: dev
+  workloadType: stream
+
+  stream: {}
+
+  image:
+    repository: dev/my-repo
+    tag: my-tag
+
+  managedResources:
+    mskTopics:
+      output:
+        topicNameTemplate: "{{ $.context.serviceName }}-other-instance-mystore-changelog"

tests/test_data/gitops_data/app1/service3/values-dev-wrong-prefix.yaml

@@ -0,0 +1,18 @@
+# yaml-language-server: $schema=https://kp-helmchart-stable-shared-main.s3.eu-west-1.amazonaws.com/schema/platform-managed-chart/v0.1.223-pr313/schema-platform-managed-chart.json
+# Test file: Kafka Streams internal topic with wrong serviceName-instanceName prefix
+platform-managed-chart:
+  serviceName: service3
+  teamOwner: team1
+  env: dev
+  workloadType: stream
+
+  stream: {}
+
+  image:
+    repository: dev/my-repo
+    tag: my-tag
+
+  managedResources:
+    mskTopics:
+      output:
+        topicName: service3-other-instance-store-changelog