mirror of
https://github.com/yannh/kubeconform.git
synced 2026-02-24 04:07:02 +00:00
adding exception for the strict mode, if the default schema locations are used. As those already ship strict schemas
This commit is contained in:
parent
5b0e9e5c86
commit
6d5b7385f2
1 changed files with 15 additions and 9 deletions
|
|
@ -69,8 +69,10 @@ type Opts struct {
|
||||||
func New(schemaLocations []string, opts Opts) (Validator, error) {
|
func New(schemaLocations []string, opts Opts) (Validator, error) {
|
||||||
// Default to our kubernetes-json-schema fork
|
// Default to our kubernetes-json-schema fork
|
||||||
// raw.githubusercontent.com is frontend by Fastly and very fast
|
// raw.githubusercontent.com is frontend by Fastly and very fast
|
||||||
|
defaultLocationsUsed := false
|
||||||
if len(schemaLocations) == 0 {
|
if len(schemaLocations) == 0 {
|
||||||
schemaLocations = []string{"https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}{{ .KindSuffix }}.json"}
|
schemaLocations = []string{"https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/{{ .NormalizedKubernetesVersion }}-standalone{{ .StrictSuffix }}/{{ .ResourceKind }}{{ .KindSuffix }}.json"}
|
||||||
|
defaultLocationsUsed = true
|
||||||
}
|
}
|
||||||
|
|
||||||
registries := []registry.Registry{}
|
registries := []registry.Registry{}
|
||||||
|
|
@ -96,14 +98,17 @@ func New(schemaLocations []string, opts Opts) (Validator, error) {
|
||||||
opts.StrictExceptions = map[string]struct{}{}
|
opts.StrictExceptions = map[string]struct{}{}
|
||||||
}
|
}
|
||||||
if len(opts.StrictExceptions) == 0 {
|
if len(opts.StrictExceptions) == 0 {
|
||||||
|
// If no strict exceptions are specified, we add the metadata field
|
||||||
|
// as it is mostly not autogenerated in the OpenAPI schemas generated from CRDs
|
||||||
opts.StrictExceptions["metadata"] = struct{}{}
|
opts.StrictExceptions["metadata"] = struct{}{}
|
||||||
}
|
}
|
||||||
|
|
||||||
return &v{
|
return &v{
|
||||||
opts: opts,
|
opts: opts,
|
||||||
schemaDownload: downloadSchema,
|
schemaDownload: downloadSchema,
|
||||||
schemaCache: cache.NewInMemoryCache(),
|
schemaCache: cache.NewInMemoryCache(),
|
||||||
regs: registries,
|
regs: registries,
|
||||||
|
defaultLocationsUsed: defaultLocationsUsed,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -140,10 +145,11 @@ func (val *v) setStrictSchema(schema *jsonschema.Schema, prefixPath string) {
|
||||||
}
|
}
|
||||||
|
|
||||||
type v struct {
|
type v struct {
|
||||||
opts Opts
|
opts Opts
|
||||||
schemaCache cache.Cache
|
schemaCache cache.Cache
|
||||||
schemaDownload func(registries []registry.Registry, kind, version, k8sVersion string) (*jsonschema.Schema, error)
|
schemaDownload func(registries []registry.Registry, kind, version, k8sVersion string) (*jsonschema.Schema, error)
|
||||||
regs []registry.Registry
|
regs []registry.Registry
|
||||||
|
defaultLocationsUsed bool
|
||||||
}
|
}
|
||||||
|
|
||||||
// ValidateResource validates a single resource. This allows to validate
|
// ValidateResource validates a single resource. This allows to validate
|
||||||
|
|
@ -232,7 +238,7 @@ func (val *v) ValidateResource(res resource.Resource) Result {
|
||||||
|
|
||||||
// If strict mode is enabled, we set additionalProperties to false
|
// If strict mode is enabled, we set additionalProperties to false
|
||||||
// if not explicitly set in the schema
|
// if not explicitly set in the schema
|
||||||
if val.opts.Strict {
|
if val.opts.Strict && !val.defaultLocationsUsed {
|
||||||
val.setStrictSchema(schema, "")
|
val.setStrictSchema(schema, "")
|
||||||
}
|
}
|
||||||
err = schema.Validate(r)
|
err = schema.Validate(r)
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue