Add scripts/validate-config.sh

Run this from a pre-push hook to validate the configuration files before pushing changes to github. Note that this does not validate vault .hcl policy files; it simply verifies the syntax of any jsonnet, json, or YAML files in the config directory.
OCP-on-NERC · Feb 13, 2024 · b6f0b7e · b6f0b7e
1 parent b9158bc
commit b6f0b7e
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/scripts/validate-config.sh b/scripts/validate-config.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+fakedata=$(mktemp -d fakedataXXXXXX)
+trap 'rm -rf $fakedata' EXIT
+
+set -eu
+
+# This is a bit of hack to locate all the paths required by "importstr"
+# statements and then create corresponding empty files in the
+# fakedata directory.
+find config -type f -print0 |
+	xargs -0 grep importstr |
+	grep -E 'tokens|secrets' |
+	cut -f2 -d'"' |
+	xargs -IPATH sh -c 'mkdir -p "$1/${2%/*}"; touch "$1/$2"' -- "$fakedata" PATH
+
+python apply_vault_config.py -l -d "$fakedata" > /dev/null