From 7449092a38a4f418494c461faae11ca38886290b Mon Sep 17 00:00:00 2001 From: paulfantom Date: Fri, 29 Jan 2021 12:17:19 +0100 Subject: [PATCH] *: add resource validation Co-Authored-By: Yann Hamon Co-Authored-By: Kemal Akkoyun Signed-off-by: paulfantom --- .github/workflows/ci.yaml | 2 +- .gitignore | 1 + Makefile | 10 +++++++++- scripts/generate-schemas.sh | 13 +++++++++++++ scripts/go.mod | 1 + scripts/go.sum | 11 +++++++++++ scripts/tools.go | 1 + 7 files changed, 37 insertions(+), 2 deletions(-) create mode 100755 scripts/generate-schemas.sh diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e9edf2a6d4..a98a9ed9ab 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -19,7 +19,7 @@ jobs: - uses: actions/setup-go@v2 with: go-version: ${{ env.golang-version }} - - run: make --always-make generate && git diff --exit-code + - run: make --always-make generate validate && git diff --exit-code lint: runs-on: ubuntu-latest name: Jsonnet linter diff --git a/.gitignore b/.gitignore index f334fb5652..42cf6651c4 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ minikube-manifests/ vendor/ ./auth .swp +crdschemas/ diff --git a/Makefile b/Makefile index 198e17887b..579260901a 100644 --- a/Makefile +++ b/Makefile @@ -8,7 +8,8 @@ GOJSONTOYAML_BIN=$(BIN_DIR)/gojsontoyaml JSONNET_BIN=$(BIN_DIR)/jsonnet JSONNETLINT_BIN=$(BIN_DIR)/jsonnet-lint JSONNETFMT_BIN=$(BIN_DIR)/jsonnetfmt -TOOLING=$(EMBEDMD_BIN) $(JB_BIN) $(GOJSONTOYAML_BIN) $(JSONNET_BIN) $(JSONNETLINT_BIN) $(JSONNETFMT_BIN) +KUBECONFORM_BIN=$(BIN_DIR)/kubeconform +TOOLING=$(EMBEDMD_BIN) $(JB_BIN) $(GOJSONTOYAML_BIN) $(JSONNET_BIN) $(JSONNETLINT_BIN) $(JSONNETFMT_BIN) $(KUBECONFORM_BIN) JSONNETFMT_ARGS=-n 2 --max-blank-lines 2 --string-style s --comment-style s @@ -32,6 +33,13 @@ vendor: $(JB_BIN) jsonnetfile.json jsonnetfile.lock.json rm -rf vendor $(JB_BIN) install +crdschemas: vendor + ./scripts/generate-schemas.sh + +.PHONY: validate +validate: crdschemas manifests $(KUBECONFORM_BIN) + $(KUBECONFORM_BIN) -schema-location 'https://kubernetesjsonschema.dev' -schema-location 'crdschemas/{{ .ResourceKind }}.json' -skip CustomResourceDefinition manifests/ + .PHONY: fmt fmt: $(JSONNETFMT_BIN) find . -name 'vendor' -prune -o -name '*.libsonnet' -print -o -name '*.jsonnet' -print | \ diff --git a/scripts/generate-schemas.sh b/scripts/generate-schemas.sh new file mode 100755 index 0000000000..06b9bbe327 --- /dev/null +++ b/scripts/generate-schemas.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +DIR="crdschemas" + +# Go to git repository root +cd ./$(git rev-parse --show-cdup) + +rm -rf "$DIR" +mkdir "$DIR" + +for crd in vendor/prometheus-operator/*-crd.libsonnet; do + jq '.spec.versions[0].schema.openAPIV3Schema' < "$crd" > "$DIR/$(basename "$crd" | sed 's/-crd.libsonnet/.json/')" +done diff --git a/scripts/go.mod b/scripts/go.mod index 9c6c10c82a..5f3eec9e22 100644 --- a/scripts/go.mod +++ b/scripts/go.mod @@ -7,4 +7,5 @@ require ( github.com/campoy/embedmd v1.0.0 github.com/google/go-jsonnet v0.17.1-0.20210101181740-31d71aaccda6 // 7 commits after 0.17.0. Needed by jsonnet linter github.com/jsonnet-bundler/jsonnet-bundler v0.4.0 + github.com/yannh/kubeconform v0.4.2 // indirect ) diff --git a/scripts/go.sum b/scripts/go.sum index 08d4558791..d98867db9c 100644 --- a/scripts/go.sum +++ b/scripts/go.sum @@ -42,6 +42,14 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f h1:J9EGpcZtP0E/raorCMxlFGSTBrsSlaDGf3jU/qvAE2c= +github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= +github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= +github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= +github.com/yannh/kubeconform v0.4.2 h1:8ve/dz6ns9tT5efR1Qfn8569JkenPFqnWcVWGz3lqPw= +github.com/yannh/kubeconform v0.4.2/go.mod h1:Ysf3RSreh2rX8IJsVt/uT3Um/U3e3ykx6Fcz8nCdskM= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190310054646-10058d7d4faa/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037 h1:YyJpGZS1sBuBCzLAR1VEpK193GlqGZbnPFnPV/5Rsb4= @@ -53,5 +61,8 @@ gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogR gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= +sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/scripts/tools.go b/scripts/tools.go index d5b67e3213..64813348a2 100644 --- a/scripts/tools.go +++ b/scripts/tools.go @@ -10,5 +10,6 @@ import ( _ "github.com/google/go-jsonnet/cmd/jsonnet" _ "github.com/google/go-jsonnet/cmd/jsonnet-lint" _ "github.com/google/go-jsonnet/cmd/jsonnetfmt" + _ "github.com/yannh/kubeconform/cmd/kubeconform" _ "github.com/jsonnet-bundler/jsonnet-bundler/cmd/jb" )