Consolidate dev workspace & odo validations

[maysunfaisal]

Following the Devfile discussion, it was decided that the devfile validation would reside in devfile/api since the schema and go structs reside in devfile/api.

This issue tracks the work where we need to consolidate the validations for devfile present in dev workspace and odo repository.

The tools' specific validations will remain in their respective repository and only the validations wrt to the devfile spec will be moved to devfile/api.

[davidfestal]

Maybe a first step here would be to gather in a document all the Devfile Specification validation rules that are not enforced by the Json schema:

• Rules about parent or plugin overriding regarding scoping
• Rules about command groups (only one group can be flagged as default
• Rules about component or command references (referred-to component or command should exist)
• etc...

Until now those rules are mainly described in the various initial (often already-closed) GH issues where we discussed the corresponding Devfile 2.0 feature.

As soon as we have those Devfile Spec rules formally listed in a document, we would be able to implement them
possibly in a validation folder of the devfile/api repo ?

[mmulholla]

One problem I have noticed is with the protocol setting for endpoints, for example components.container.endpoints.protocol . By the spec the protocol value should be one of http, https, ws, wss, or tcp. However the schema does not appear to invalidate a setting which is not one of these values, unlike it does for for other one of properties, for example components.container.exposure.

[elsony]

It has been agreed to:

1. support all 6 protocol settings for the endpoints
2. update the description of the secure field settings to clarify that the secure protocols, e.g. https or wss instead of the non-secure ones, if the secure field is set to true
3. In the future, add a warning to the validation if non-secure protocols have been used but the secure field is set to true.

[mmulholla]

See #227