mirror of
https://github.com/yannh/kubeconform.git
synced 2026-02-22 19:27:01 +00:00
WIP
This commit is contained in:
Yann Hamon
parent
c954a22d7d
commit
24266601d8
6 changed files with 43 additions and 22 deletions
4
pkg/cache/cache.go
vendored
4
pkg/cache/cache.go
vendored
|
|
@ -1,6 +1,6 @@
|
||||||
package cache
|
package cache
|
||||||
|
|
||||||
type Cache interface {
|
type Cache interface {
|
||||||
Get(key string) ([]byte, error)
|
Get(key string) (any, error)
|
||||||
Set(key string, schema []byte) error
|
Set(key string, schema any) error
|
||||||
}
|
}
|
||||||
|
|
|
||||||
8
pkg/cache/inmemory.go
vendored
8
pkg/cache/inmemory.go
vendored
|
|
@ -10,18 +10,18 @@ import (
|
||||||
// - This cache caches the parsed Schemas
|
// - This cache caches the parsed Schemas
|
||||||
type inMemory struct {
|
type inMemory struct {
|
||||||
sync.RWMutex
|
sync.RWMutex
|
||||||
schemas map[string][]byte
|
schemas map[string]any
|
||||||
}
|
}
|
||||||
|
|
||||||
// New creates a new cache for downloaded schemas
|
// New creates a new cache for downloaded schemas
|
||||||
func NewInMemoryCache() Cache {
|
func NewInMemoryCache() Cache {
|
||||||
return &inMemory{
|
return &inMemory{
|
||||||
schemas: make(map[string][]byte),
|
schemas: make(map[string]any),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get retrieves the JSON schema given a resource signature
|
// Get retrieves the JSON schema given a resource signature
|
||||||
func (c *inMemory) Get(key string) ([]byte, error) {
|
func (c *inMemory) Get(key string) (any, error) {
|
||||||
c.RLock()
|
c.RLock()
|
||||||
defer c.RUnlock()
|
defer c.RUnlock()
|
||||||
schema, ok := c.schemas[key]
|
schema, ok := c.schemas[key]
|
||||||
|
|
@ -34,7 +34,7 @@ func (c *inMemory) Get(key string) ([]byte, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Set adds a JSON schema to the schema cache
|
// Set adds a JSON schema to the schema cache
|
||||||
func (c *inMemory) Set(key string, schema []byte) error {
|
func (c *inMemory) Set(key string, schema any) error {
|
||||||
c.Lock()
|
c.Lock()
|
||||||
defer c.Unlock()
|
defer c.Unlock()
|
||||||
c.schemas[key] = schema
|
c.schemas[key] = schema
|
||||||
|
|
|
||||||
6
pkg/cache/ondisk.go
vendored
6
pkg/cache/ondisk.go
vendored
|
|
@ -27,7 +27,7 @@ func cachePath(folder, key string) string {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get retrieves the JSON schema given a resource signature
|
// Get retrieves the JSON schema given a resource signature
|
||||||
func (c *onDisk) Get(key string) ([]byte, error) {
|
func (c *onDisk) Get(key string) (any, error) {
|
||||||
c.RLock()
|
c.RLock()
|
||||||
defer c.RUnlock()
|
defer c.RUnlock()
|
||||||
|
|
||||||
|
|
@ -41,12 +41,12 @@ func (c *onDisk) Get(key string) ([]byte, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Set adds a JSON schema to the schema cache
|
// Set adds a JSON schema to the schema cache
|
||||||
func (c *onDisk) Set(key string, schema []byte) error {
|
func (c *onDisk) Set(key string, schema any) error {
|
||||||
c.Lock()
|
c.Lock()
|
||||||
defer c.Unlock()
|
defer c.Unlock()
|
||||||
|
|
||||||
if _, err := os.Stat(cachePath(c.folder, key)); os.IsNotExist(err) {
|
if _, err := os.Stat(cachePath(c.folder, key)); os.IsNotExist(err) {
|
||||||
return os.WriteFile(cachePath(c.folder, key), schema, 0644)
|
return os.WriteFile(cachePath(c.folder, key), schema.([]byte), 0644)
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -26,7 +26,7 @@ func (l FileLoader) Load(url string) (any, error) {
|
||||||
}
|
}
|
||||||
if l.cache != nil {
|
if l.cache != nil {
|
||||||
if cached, err := l.cache.Get(path); err == nil {
|
if cached, err := l.cache.Get(path); err == nil {
|
||||||
return jsonschema.UnmarshalJSON(bytes.NewReader(cached))
|
return jsonschema.UnmarshalJSON(bytes.NewReader(cached.([]byte)))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,7 @@ type HTTPURLLoader struct {
|
||||||
func (l *HTTPURLLoader) Load(url string) (any, error) {
|
func (l *HTTPURLLoader) Load(url string) (any, error) {
|
||||||
if l.cache != nil {
|
if l.cache != nil {
|
||||||
if cached, err := l.cache.Get(url); err == nil {
|
if cached, err := l.cache.Get(url); err == nil {
|
||||||
return jsonschema.UnmarshalJSON(bytes.NewReader(cached))
|
return jsonschema.UnmarshalJSON(bytes.NewReader(cached.([]byte)))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -113,10 +113,10 @@ func New(schemaLocations []string, opts Opts) (Validator, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
return &v{
|
return &v{
|
||||||
opts: opts,
|
opts: opts,
|
||||||
schemaDownload: downloadSchema,
|
schemaDownload: downloadSchema,
|
||||||
schemaCache: cache.NewInMemoryCache(),
|
schemaMemoryCache: cache.NewInMemoryCache(),
|
||||||
regs: registries,
|
regs: registries,
|
||||||
loader: jsonschema.SchemeURLLoader{
|
loader: jsonschema.SchemeURLLoader{
|
||||||
"file": jsonschema.FileLoader{},
|
"file": jsonschema.FileLoader{},
|
||||||
"http": httpLoader,
|
"http": httpLoader,
|
||||||
|
|
@ -126,11 +126,16 @@ func New(schemaLocations []string, opts Opts) (Validator, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
type v struct {
|
type v struct {
|
||||||
opts Opts
|
opts Opts
|
||||||
schemaCache cache.Cache
|
schemaDiskCache cache.Cache
|
||||||
schemaDownload func(registries []registry.Registry, loader jsonschema.SchemeURLLoader, kind, version, k8sVersion string) (*jsonschema.Schema, error)
|
schemaMemoryCache cache.Cache
|
||||||
regs []registry.Registry
|
schemaDownload func(registries []registry.Registry, loader jsonschema.SchemeURLLoader, kind, version, k8sVersion string) (*jsonschema.Schema, error)
|
||||||
loader jsonschema.SchemeURLLoader
|
regs []registry.Registry
|
||||||
|
loader jsonschema.SchemeURLLoader
|
||||||
|
}
|
||||||
|
|
||||||
|
func key(resourceKind, resourceAPIVersion, k8sVersion string) string {
|
||||||
|
return fmt.Sprintf("%s-%s-%s", resourceKind, resourceAPIVersion, k8sVersion)
|
||||||
}
|
}
|
||||||
|
|
||||||
// ValidateResource validates a single resource. This allows to validate
|
// ValidateResource validates a single resource. This allows to validate
|
||||||
|
|
@ -188,9 +193,25 @@ func (val *v) ValidateResource(res resource.Resource) Result {
|
||||||
return Result{Resource: res, Err: fmt.Errorf("prohibited resource kind %s", sig.Kind), Status: Error}
|
return Result{Resource: res, Err: fmt.Errorf("prohibited resource kind %s", sig.Kind), Status: Error}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
cached := false
|
||||||
var schema *jsonschema.Schema
|
var schema *jsonschema.Schema
|
||||||
if schema, err = val.schemaDownload(val.regs, val.loader, sig.Kind, sig.Version, val.opts.KubernetesVersion); err != nil {
|
|
||||||
return Result{Resource: res, Err: err, Status: Error}
|
if val.schemaMemoryCache != nil {
|
||||||
|
s, err := val.schemaMemoryCache.Get(key(sig.Kind, sig.Version, val.opts.KubernetesVersion))
|
||||||
|
if err == nil {
|
||||||
|
cached = true
|
||||||
|
schema = s.(*jsonschema.Schema)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if !cached {
|
||||||
|
if schema, err = val.schemaDownload(val.regs, val.loader, sig.Kind, sig.Version, val.opts.KubernetesVersion); err != nil {
|
||||||
|
return Result{Resource: res, Err: err, Status: Error}
|
||||||
|
}
|
||||||
|
|
||||||
|
if val.schemaMemoryCache != nil {
|
||||||
|
val.schemaMemoryCache.Set(key(sig.Kind, sig.Version, val.opts.KubernetesVersion), schema)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if schema == nil {
|
if schema == nil {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue