How to enable validation of Avro default fields in Confluent Cloud Schema Registry?

Ben · 23 May 2023 12:34

I know how to enable validation of Avro defaults in Schema Registry on Confluent Platform.
You just need to set:

SCHEMA_REGISTRY_SCHEMA_PROVIDERS_AVRO_VALIDATE_DEFAULTS: 'true'

in your cp-schema-registry container (or make the equivalent change to its server config if running outside of containers).

But I can’t find a way to enable that in Confluent Cloud’s Schema Registry. Is it possible?

I notice that if one enters a schema via Confluent Cloud Console, the UI provides a “validate” button which will complain if the schema contains invalid default fields (for example, “default: null, type: string”). But if one publishes a message to Confluent Cloud using such a schema (generated offline), Schema Registry allows the schema. (And if you then try to view the messages in the corresponding topic via Confluent Cloud Console’s message viewer, they appear as raw bytes, evidently due to a deserialization error parsing the invalid default in the schema.)

So it appears the Confluent Cloud Console applies “avro validate default”, but Confluent Cloud Schema Registry does not. I would like to find a way to configure Confluent Cloud Schema Registry to validate avro defaults. Has anyone found a way to do this?

mmuehlbeyer · 23 May 2023 13:54

hey @Ben

did you check

Best,
Michael

Ben · 23 May 2023 14:21

That’s something else. “Broker-Side Schema Validation” means that when a producer publishes a message, the broker would check that the message references a schema.

ie. that’s for validating messages (the feature is confusingly named, it’s not validating any schemas, it’s validating messages to be sure they were formatted according to a schema).

I’m asking about validating default fields within Avro schemas.

mmuehlbeyer · 23 May 2023 14:54

sorry misunderstood at first sight

for some testing I’ve used http://avro.tarantool.org/ some time ago
as well as GitHub - leocalm/avro_validator: A pure python avro schema validator

Ben · 23 May 2023 18:49

I’m aware of many ways to validate Avro schemas, including their defaults. But I work at a large company and would like to enable Avro default field validation in Confluent Cloud’s Schema Registry so that no invalid schemas are allowed. That’s safer than relying on all developers always validating their schemas via offline tools before publishing. Stream Governance should include schema quality, and it could, if Confluent Cloud would offer a way to enable “avro.validate.defaults” in its Schema Registry.

p.s. It’s unfortunate that the Avro community gave so much importance to backwards compatibility that they made validating of defaults an opt-in feature. This issue could have been avoided completely if “avro.validate.defaults” were the norm everywhere.