Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validation for policy configurations #646

Merged
merged 11 commits into from
Mar 7, 2018
Merged

Validation for policy configurations #646

merged 11 commits into from
Mar 7, 2018

Conversation

davidor
Copy link
Contributor

@davidor davidor commented Mar 5, 2018

This PR introduces a way to validate a policy's configuration against the JSON schema defined for its configuration.

This is what I used to detect the problems in our tests fixed in previous PRs: #641 , #644 , #645

We need to define and agree on a few things before this becomes mergeable. That's why I tagged it as WIP:

  • I used rapidjson to perform the validation, and it needs cmake. This means that it should be installed on the base image.
  • rapidjson uses the draft04 version of the JSON schema. I needed to replace the consts in our schemas so it works correctly as const was introduced in newer versions.
  • I needed to instantiate policies using the same name and version used by the policy loaded to find the manifests easily.
  • I think this feature should be opt-in via ENV and always enabled in the tests. (I didn't implement this part yet).

@davidor davidor force-pushed the validate-policy-configs branch from 277976d to 7d4316d Compare March 6, 2018 11:26
@davidor davidor force-pushed the validate-policy-configs branch from 7d4316d to eb3b396 Compare March 7, 2018 13:22
davidor added 2 commits March 7, 2018 14:28
@davidor
policy: replace consts with enums of 1 elem
a14f2ef 
'ljsonschema' uses the draft-04 version of the JSON schema. 'const' was
introduced later and so we can't use them. An enum of 1 element is
mostly equivalent and a valid option for our use case.
@davidor
t/fixtures: add example policy
e972760
@davidor davidor force-pushed the validate-policy-configs branch from eb3b396 to b4d827c Compare March 7, 2018 13:32
@davidor davidor changed the title [WIP] Validation for policy configurations Validation for policy configurations Mar 7, 2018
@davidor
Copy link
Contributor Author

davidor commented Mar 7, 2018

There have been a few changes:

  • Using our fork of ljsonschema instead of rapidjson, because it's a pure lua dependencies and does not require to install additional software in the base image.
  • Found an alternative way to validate schemas in the policy_loader that does not require changing the existing names and versions used when instantiating policies.
  • Added a new ENV to make the feature opt-in. We only use it in tests. Do you think we should document it @mikz ? Or just leave it undocumented for now?

@davidor davidor requested a review from mikz March 7, 2018 13:36
mikz
mikz reviewed Mar 7, 2018
View reviewed changes
t/apicast-policy-invalid-config.t Outdated
--- request
GET /?user_key=value
--- error_code: 200
--- must_die
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The must die signals nginx should quit, right? does it need the --- backend and upstream then? And the error_code ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right. These are leftovers because at first, I was logging an error instead of exiting.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed.

@davidor davidor force-pushed the validate-policy-configs branch from 2305484 to 8c2df39 Compare March 7, 2018 14:36
@davidor davidor merged commit 2affe4e into master Mar 7, 2018
@davidor davidor deleted the validate-policy-configs branch March 7, 2018 15:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mikz mikz mikz approved these changes

Assignees

@davidor davidor

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@davidor @mikz