actions/kubeconform
9
0
Fork 0
mirror of https://github.com/yannh/kubeconform.git synced 2026-02-21 19:07:00 +00:00
Code Issues Projects Releases 1 Packages Wiki Activity Actions

Merge 3b00739e62 into 706cd56e87

Browse source
This commit is contained in:
Victor Hugo Brito Fernandes 2024-07-29 06:05:08 -03:00 committed by GitHub
commit d4a947d77d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 35 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
Readme.md
View file

@ -290,6 +290,13 @@ kubeconform -kubernetes-version 3.8.0 -schema-location 'https://raw.githubuserc
Summary: 1 resource found in 1 file - Valid: 1, Invalid: 0, Errors: 0 Skipped: 0 Summary: 1 resource found in 1 file - Valid: 1, Invalid: 0, Errors: 0 Skipped: 0
``` ```
### Schemas behind private GitHub repos
By setting the environment variable `GITHUB_TOKEN=x` you can use schemas that are behind a private repository.
See [getting a token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) for info on how to get one command line token.
> Tip: if using GitHub CLI, `gh auth token` will give a valid token.
## Integrating Kubeconform in the CI ## Integrating Kubeconform in the CI
`Kubeconform` publishes Docker Images to Github's new Container Registry (ghcr.io). These images `Kubeconform` publishes Docker Images to Github's new Container Registry (ghcr.io). These images

20
pkg/registry/http.go
View file

@ -13,13 +13,13 @@ import (
"github.com/yannh/kubeconform/pkg/cache" "github.com/yannh/kubeconform/pkg/cache"
) )
type httpGetter interface { type httpDoer interface {
Get(url string) (resp *http.Response, err error) Do(*http.Request) (resp *http.Response, err error)
} }
// SchemaRegistry is a file repository (local or remote) that contains JSON schemas for Kubernetes resources // SchemaRegistry is a file repository (local or remote) that contains JSON schemas for Kubernetes resources
type SchemaRegistry struct { type SchemaRegistry struct {
c httpGetter c httpDoer
schemaPathTemplate string schemaPathTemplate string
cache cache.Cache cache cache.Cache
strict bool strict bool
@ -72,8 +72,20 @@ func (r SchemaRegistry) DownloadSchema(resourceKind, resourceAPIVersion, k8sVers
return url, b.([]byte), nil return url, b.([]byte), nil
} }
} }
req, err := http.NewRequest("GET", url, nil)
if err != nil {
msg := fmt.Sprintf("failed to create http request for schemas at %s: %s", url, err)
if r.debug {
log.Println(msg)
}
return url, nil, errors.New(msg)
}
resp, err := r.c.Get(url) if token, exist := os.LookupEnv("KUBECONFORM_AUTH_TOKEN"); exist {
req.Header.Add("Authorization", fmt.Sprintf("token %s", token))
}
resp, err := r.c.Do(req)
if err != nil { if err != nil {
msg := fmt.Sprintf("failed downloading schema at %s: %s", url, err) msg := fmt.Sprintf("failed downloading schema at %s: %s", url, err)
if r.debug { if r.debug {

24
pkg/registry/http_test.go
View file

@ -9,23 +9,23 @@ import (
"testing" "testing"
) )
type mockHTTPGetter struct { type mockHTTPDoer struct {
httpGet func(string) (*http.Response, error) httpDo func(*http.Request) (*http.Response, error)
} }
func newMockHTTPGetter(f func(string) (*http.Response, error)) *mockHTTPGetter { func newMockHTTPDoer(f func(*http.Request) (*http.Response, error)) *mockHTTPDoer {
return &mockHTTPGetter{ return &mockHTTPDoer{
httpGet: f, httpDo: f,
} }
} }
func (m mockHTTPGetter) Get(url string) (resp *http.Response, err error) { func (m mockHTTPDoer) Do(req *http.Request) (resp *http.Response, err error) {
return m.httpGet(url) return m.httpDo(req)
} }
func TestDownloadSchema(t *testing.T) { func TestDownloadSchema(t *testing.T) {
for _, testCase := range []struct { for _, testCase := range []struct {
name string name string
c httpGetter c httpDoer
schemaPathTemplate string schemaPathTemplate string
strict bool strict bool
resourceKind, resourceAPIVersion, k8sversion string resourceKind, resourceAPIVersion, k8sversion string
@ -34,7 +34,7 @@ func TestDownloadSchema(t *testing.T) {
}{ }{
{ {
"error when downloading", "error when downloading",
newMockHTTPGetter(func(url string) (resp *http.Response, err error) { newMockHTTPDoer(func(req *http.Request) (resp *http.Response, err error) {
return nil, fmt.Errorf("failed downloading from registry") return nil, fmt.Errorf("failed downloading from registry")
}), }),
"http://kubernetesjson.dev", "http://kubernetesjson.dev",
@ -47,7 +47,7 @@ func TestDownloadSchema(t *testing.T) {
}, },
{ {
"getting 404", "getting 404",
newMockHTTPGetter(func(url string) (resp *http.Response, err error) { newMockHTTPDoer(func(req *http.Request) (resp *http.Response, err error) {
return &http.Response{ return &http.Response{
StatusCode: http.StatusNotFound, StatusCode: http.StatusNotFound,
Body: io.NopCloser(strings.NewReader("http response mock body")), Body: io.NopCloser(strings.NewReader("http response mock body")),
@ -63,7 +63,7 @@ func TestDownloadSchema(t *testing.T) {
}, },
{ {
"getting 503", "getting 503",
newMockHTTPGetter(func(url string) (resp *http.Response, err error) { newMockHTTPDoer(func(req *http.Request) (resp *http.Response, err error) {
return &http.Response{ return &http.Response{
StatusCode: http.StatusServiceUnavailable, StatusCode: http.StatusServiceUnavailable,
Body: io.NopCloser(strings.NewReader("http response mock body")), Body: io.NopCloser(strings.NewReader("http response mock body")),
@ -79,7 +79,7 @@ func TestDownloadSchema(t *testing.T) {
}, },
{ {
"200", "200",
newMockHTTPGetter(func(url string) (resp *http.Response, err error) { newMockHTTPDoer(func(req *http.Request) (resp *http.Response, err error) {
return &http.Response{ return &http.Response{
StatusCode: http.StatusOK, StatusCode: http.StatusOK,
Body: io.NopCloser(strings.NewReader("http response mock body")), Body: io.NopCloser(strings.NewReader("http response mock body")),