Currently, we have the Kratos Validation middleware in place, but it's not being fully utilized. Most service methods have explicit Validate calls, often multiple (to validate the message and embedded messages.)

This is caused by two problems:

• The Kratos Validation middleware, like other Kratos middleware, doesn't currently support streaming endpoints. That's addressed by this (draft) PR: https://github.com/project-kessel/relations-api/pull/116
• The generated Validate methods from protoc-gen-validate recursively validate embedded sub-messages inconsistently. See: https://github.com/project-kessel/relations-api/blob/main/api/relations/v0/lookup.pb.validate.go#L53
  • This could be addressed either:
    • By upgrading to [protovalidate|https://github.com/bufbuild/protovalidate,] which seems to be the general guidance. It looks like it's in beta, but it says up top that it's recommended for new projects, and it's based on reflection rather than code generation, which shouldn't fall into this kind of issue (though I haven't tested it in our project.)
    • Or by a contribution to protoc-gen-validation (though note: it's in maintenance mode with minimal support.