Arbitrary keys and code at base indent level after `resources:` does not throw warning or error

[jamest-pin]

What happened?

I created two new resources in my Pulumi.yaml and pulumi seemed blind to them. pulumi preview showed no sign of them. I was able to introduce arbitrary properties and there is no error.

Example

To Reproduce:

1. Create valid Pulumi.yaml with at least one resource.
2. At the base indent left (far left) add any arbitrary text that is valid yaml syntax.
3. Pulumi will ignore it.

e.g.

# Pulumi.yaml

config: {}
variables: {}
resources:
  myResource:
      [...] # some valid config

whatever:
  youwant:
    - something

Instead pulumi ought to throw an error or a warning.

Output of pulumi about

% pulumi about
CLI          
Version      3.96.2
Go Version   go1.21.4
Go Compiler  gc

Plugins
NAME  VERSION
yaml  unknown

Host     
OS       darwin
Version  13.6.3
Arch     arm64

This project is written in yaml

Additional context

https://pulumi-community.slack.com/archives/C03E69EQRD2/p1702879893055319

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

[Frassle]

Related to https://github.com/pulumi/pulumi/issues/14775.

The CLI used a JSON schema to validate the Pulumi file was of the expected structure, but that had to mark some places as "additionalItems: true" to handle that pulumi-yaml adds it's own keys to the Pulumi.yaml.

If we want Pulumi to be able to validate project configs but also allow language runtimes like yaml to add stuff to the project config we're going to need to come up with a much more complex validation routine that involves both parties.

[jamest-pin]

This is not that big of a deal to me if it's going to be really complex to address.

[Frassle]

This is not that big of a deal to me if it's going to be really complex to address.

Zero validation of the project file would cause a lot of user issues so this definitely needs fixing.