def run(self):
for doc in self.validation_docs:
self.logger.info('Validating: ' + doc.kind)
schema = self.get_base_schema(doc.kind)
schema['specification'] = load_yaml_obj(
types.VALIDATION, self.cluster_model.provider, doc.kind)
if schema["specification"][
'$ref'] == '#/definitions/unvalidated_specification':
self.logger.warn('No specification validation for ' + doc.kind)
validate(instance=objdict_to_dict(doc),
schema=objdict_to_dict(schema))
def add_security_rules_inbound_efs(self, infrastructure, security_group):
ags_allowed_to_efs = select_all(
infrastructure,
lambda item: item.kind == 'infrastructure/virtual-machine' and item
.specification.authorized_to_efs)
for asg in ags_allowed_to_efs:
for subnet_in_asg in asg.specification.subnet_names:
subnet = select_single(
infrastructure,
lambda item: item.kind == 'infrastructure/subnet' and item.
specification.name == subnet_in_asg)
rule_defined = select_first(
security_group.specification.rules, lambda item: item.
source_address_prefix == subnet.specification.cidr_block
and item.destination_port_range == 2049)
if rule_defined is None:
rule = self.get_config_or_default(
self.docs, 'infrastructure/security-group-rule')
rule.specification.name = 'sg-rule-nfs-default-from-' + subnet.specification.name
rule.specification.description = 'NFS inbound for ' + subnet.specification.name
rule.specification.direction = 'ingress'
rule.specification.protocol = 'tcp'
rule.specification.destination_port_range = 2049
rule.specification.source_address_prefix = subnet.specification.cidr_block
rule.specification.destination_address_prefix = '*'
security_group.specification.rules.append(
rule.specification)
rules = []
for rule in security_group.specification.rules:
rules.append(objdict_to_dict(rule))
security_group.specification.rules = rules
def dump_all(docs, stream):
yaml = YAML()
yaml.default_flow_style = False
doc2 = docs
conv_docs = []
for doc in doc2:
conv_docs.append(objdict_to_dict(doc))
yaml.dump_all(conv_docs, stream)
def run(self):
for doc in self.validation_docs:
self.logger.info(f'Validating: {doc.kind}')
schema = self.get_base_schema(doc.kind)
schema['properties']['specification'] = load_yaml_obj(
types.VALIDATION, self.cluster_model.provider, doc.kind)
if hasattr(schema['properties']["specification"], '$ref'):
if schema['properties']["specification"][
'$ref'] == '#/definitions/unvalidated_specification':
self.logger.warn('No specification validation for ' +
doc.kind)
try:
validate(instance=objdict_to_dict(doc),
schema=objdict_to_dict(schema))
except Exception as e:
self.logger.error(f'Failed validating: {doc.kind}')
self.logger.error(e)
raise Exception(
'Schema validation error, see the error above.')
def test_objdict_to_dict():
base = ObjDict({
'field1':
ObjDict({'field2': ObjDict({'field3': ObjDict({'field4': 'val'})})})
})
converted = objdict_to_dict(base)
assert type(converted) is dict
assert type(converted['field1']) is dict
assert type(converted['field1']['field2']) is dict
assert type(converted['field1']['field2']['field3']) is dict
assert type(converted['field1']['field2']['field3']['field4']) is str
assert converted['field1']['field2']['field3']['field4'] == 'val'
def run_for_individual_documents(self):
for doc in self.validation_docs:
# Load document schema
schema = load_yaml_obj(types.VALIDATION,
self.cluster_model.provider, doc.kind)
# Include "definitions"
schema['definitions'] = self.definitions
# Warn the user about the missing validation
if hasattr(schema, '$ref'):
if schema['$ref'] == '#/definitions/unvalidated_specification':
self.logger.warn('No specification validation for ' +
doc.kind)
# Assert the schema
try:
validate(instance=objdict_to_dict(doc),
schema=objdict_to_dict(schema))
except Exception as e:
self.logger.error(f'Failed validating: {doc.kind}')
self.logger.error(e)
raise Exception(
'Schema validation error, see the error above.')
def dump(doc, stream):
yaml.dump(objdict_to_dict(doc), stream, default_flow_style=False)
