Add markerscope linter

[nayuta723]

Fixes #148

Implements a new markerscope linter that validates markers are applied in the correct scope (field vs type) and to compatible data types, ensuring proper usage of kubebuilder/controller-runtime annotations throughout Kubernetes API definitions.

Key Features:

• Scope Validation: Ensures markers are placed on the correct Go language construct

  • FieldScope: Can only be applied to struct fields (e.g., optional, required, nullable)
  • TypeScope: Can only be applied to type definitions (e.g., kubebuilder:validation:items:ExactlyOneOf)
  • AnyScope: Can be applied to either fields or type definitions (e.g., Minimum, Pattern)
  • Note: CRD-level markers (e.g., kubebuilder:resource, kubebuilder:subresource) and package-level markers (e.g., groupName) are out of scope for this PR

• Type Constraint Validation: Ensures markers are applied to compatible OpenAPI schema types

  • Numeric markers (Minimum, Maximum, MultipleOf) only for integer/number types
  • String markers (Pattern, MinLength, MaxLength) only for string types
  • Array markers (MinItems, MaxItems, UniqueItems) only for array types
  • Object markers (MinProperties, MaxProperties) only for object types (struct/map)
  • Array items markers (items:Minimum, items:Pattern, etc.) apply constraints to array element types

• Strict Type Constraint Mode: strictTypeConstraint flag enforces that markers with AnyScope and type constraints must be declared on type definitions rather than fields when using named types, promoting consistent marker placement

• Automatic Fix Suggestions: When policy: SuggestFix is configured, provides automatic fix suggestions for violations:

  • Move markers from incorrect scope (field ↔ type)
  • Remove markers with incompatible type constraints
  • Relocate markers to type definitions for named types

• Configurable Rules: Supports overriding default rules and adding custom marker validation

  • Override built-in marker rules
  • Define custom markers with scope and type constraints
  • Configure dangerous type handling (float32/float64)

• Comprehensive Default Rules: Includes 100+ built-in rules for:

  • All standard kubebuilder validation markers
  • k8s declarative validation markers
  • Controller-runtime markers

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: nayuta723
Once this PR has been reviewed and has the lgtm label, please assign jpbetz for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[JoelSpeed]

Some of this code appears to be a little over complex for what we were expecting here. Lets try and get this cleaned up and simplified a bit.

Lets focus initially on what the public configuration should look like, and then look at the implementation I think

Out of interest, were any code assistants used to help prepare this PR? (I'm currently comparing different models so good to have context on what models are being used where)

[JoelSpeed]

Does this all need to be exported? Is this part of configuration?

[nayuta723]

This is configured this way because it's necessary for the Configuration settings.

[JoelSpeed]

We normally have a test for the default configuration, what is the default? Is defaulting of the config implemented?

[nayuta723]

The following is the default configuration. I will add a defaultConfig function.

• Policy: Warn
• OverrideMarkers: empty (use built-in defaults)
• CustomMarkers: empty

[JoelSpeed]

I don't understand what this is trying to achieve, can you explain this?

[nayuta723]

When DangerousTypes is enabled, it allows floats configuration. However, since there is a nofloat linter, this is no longer necessary and should be removed.
https://github.com/kubernetes-sigs/kube-api-linter/pull/161/files#r2470349926

The original intention was to produce errors for patterns where SchemaTypeNumber (which includes float32, float64) is used when Float is not allowed (DangerousTypes disabled).

[JoelSpeed]

I don't think this linter should care about that, we have a nofloats linter already

[nayuta723]

Understood. I'm going to turn this setting off.

[nayuta723]

We handled it here.
875b36c

[sivchari]

Let's add override test.

[nayuta723]

I have taken care of the matter below.
6270f45

[sivchari]

Suggested change

	if rule.Scope == FieldScope {
	message = fmt.Sprintf("marker %q can only be applied to fields", marker.Identifier)
	if a.policy == MarkerScopePolicySuggestFix {
	fixes = a.suggestMoveToField(pass, typeSpec, marker, rule)
	}
	} else {
	message = fmt.Sprintf("marker %q cannot be applied to types", marker.Identifier)
	}
	message := fmt.Sprintf("marker %q cannot be applied to types", marker.Identifier)
	if rule.Scope == FieldScope {
	message = fmt.Sprintf("marker %q can only be applied to fields", marker.Identifier)
	if a.policy == MarkerScopePolicySuggestFix {
	fixes = a.suggestMoveToField(pass, typeSpec, marker, rule)
	}

[nayuta723]

I have taken care of the matter below.
9c0a9b6

[nayuta723]

@JoelSpeed @sivchari
Thank you for your review. I have completed the revisions to the relevant sections. Please review them.

Out of interest, were any code assistants used to help prepare this PR? (I'm currently comparing different models so good to have context on what models are being used where)

I'm currently using Claude Sonnet 4.5 to write docstrings and handle minor implementation details.