Skip to content

Commit

Permalink
fix: json schema fixes (#414)
Browse files Browse the repository at this point in the history
  • Loading branch information
Julien Bouquillon authored Sep 20, 2023
1 parent 065bd4b commit b581f28
Show file tree
Hide file tree
Showing 10 changed files with 118 additions and 77 deletions.
20 changes: 17 additions & 3 deletions .github/workflows/tests-jsonschema.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ on:
- "**"
paths:
- "**/values.schema.json"
- "**/config.schema.json"
- "**/kontinuous.schema.json"
- "**/*.values.schema.json"
- ".github/jsonschema/**"
- ".github/workflows/tests-jsonschema.yml"
Expand All @@ -30,11 +32,23 @@ jobs:
- name: install
run: |
# fetch kube json-schema locally and add $id for schema resolution
curl https://raw.githubusercontent.com/ad-m/kubernetes-json-schema/master/master-standalone-strict/_definitions.json | jq '. + {"$id": "https://raw.githubusercontent.com/ad-m/kubernetes-json-schema/master/master-standalone-strict/_definitions.json"}' > kube.json
sudo apt-get update -y
mkdir external-schemas
curl https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.24.0/_definitions.json | jq '. + {"$id": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.24.0/_definitions.json"}' > external-schemas/kube.json
curl https://raw.githubusercontent.com/socialgouv/helm-charts/v1/charts/cnpg-cluster/values.schema.json > external-schemas/cnpg-cluster.schema.json
curl https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/contrib/charts/app/kontinuous.values.schema.json > external-schemas/app.schema.json
curl https://raw.githubusercontent.com/socialgouv/helm-charts/v1/charts/pgweb/values.schema.json > external-schemas/pgweb.schema.json
curl https://raw.githubusercontent.com/socialgouv/helm-charts/v1/charts/maildev/values.schema.json > external-schemas/maildev.schema.json
curl https://raw.githubusercontent.com/SocialGouv/json-schemas/main/postgres/parameters.json > external-schemas/postgres-parameters.schema.json
curl https://raw.githubusercontent.com/SocialGouv/json-schemas/main/postgres/extensions.json > external-schemas/postgres-extensions.schema.json
curl https://raw.githubusercontent.com/SocialGouv/json-schemas/main/nginx/annotations.schema.json > external-schemas/nginx-annotations.schema.json
- name: test valid schema
run: |
AJV_PARAMS="--spec draft7 --allow-union-types --strict=false --all-errors --errors=json --validate-formats=false -r "plugins/**/*.schema.json" -r kube.json"
AJV_PARAMS='--spec draft7 --allow-union-types --strict=false --all-errors --errors=json --validate-formats=false -r "plugins/**/*.schema.json" -r "./external-schemas/**.json"'
echo "jsonschema-valid.yaml should have no error"
cat .github/jsonschema/jsonschema-valid.yml | yq -o=json > jsonschema-valid.json
RES=$(npx ajv-cli validate -s ./docs/values.schema.json -d jsonschema-valid.json $AJV_PARAMS)
Expand All @@ -47,7 +61,7 @@ jobs:
- name: test invalid schema
run: |
AJV_PARAMS="--spec draft7 --allow-union-types --strict=false --all-errors --errors=json --validate-formats=false -r "plugins/**/*.schema.json" -r kube.json"
AJV_PARAMS='--spec draft7 --allow-union-types --strict=false --all-errors --errors=json --validate-formats=false -r "plugins/**/*.schema.json" -r "./external-schemas/**.json"'
echo "jsonschema-invalid.yaml should have 23 errors"
cat .github/jsonschema/jsonschema-invalid.yml | yq -o=json > jsonschema-invalid.json
npx ajv-cli validate -s ./docs/values.schema.json $AJV_PARAMS -d jsonschema-invalid.json 2>&1 | tail --lines=+2 > invalid-result.json
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/tests-kubeconform.yml
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ jobs:
echo "Validate against kube API 1.24.9"
for f in ./tests_yaml/*.yaml; do
echo "$f"
./kubeconform -summary -kubernetes-version 1.24.9 -strict -skip monitoring.coreos.com/v1/PodMonitor,postgresql.cnpg.io/v1/Pooler,postgresql.cnpg.io/v1/Cluster,bitnami.com/v1alpha1/SealedSecret "$f"
./kubeconform -summary -kubernetes-version 1.24.9 -strict -skip monitoring.coreos.com/v1/PodMonitor,postgresql.cnpg.io/v1/Pooler,postgresql.cnpg.io/v1/Cluster,postgresql.cnpg.io/v1/ScheduledBackup,bitnami.com/v1alpha1/SealedSecret "$f"
done
- name: Run kubeconform on [email protected]
Expand All @@ -58,7 +58,7 @@ jobs:
echo "Validate against kube API 1.25.7"
for f in ./tests_yaml/*.yaml; do
echo "$f"
./kubeconform -summary -kubernetes-version 1.25.7 -skip monitoring.coreos.com/v1/PodMonitor,postgresql.cnpg.io/v1/Pooler,postgresql.cnpg.io/v1/Cluster,bitnami.com/v1alpha1/SealedSecret "$f"
./kubeconform -summary -kubernetes-version 1.25.7 -skip monitoring.coreos.com/v1/PodMonitor,postgresql.cnpg.io/v1/Pooler,postgresql.cnpg.io/v1/Cluster,postgresql.cnpg.io/v1/ScheduledBackup,bitnami.com/v1alpha1/SealedSecret "$f"
done
- name: Run kubeconform on [email protected]
Expand All @@ -67,5 +67,5 @@ jobs:
echo "Validate against kube API 1.26.2"
for f in ./tests_yaml/*.yaml; do
echo "$f"
./kubeconform -summary -kubernetes-version 1.26.2 -skip monitoring.coreos.com/v1/PodMonitor,postgresql.cnpg.io/v1/Pooler,postgresql.cnpg.io/v1/Cluster,bitnami.com/v1alpha1/SealedSecret "$f"
./kubeconform -summary -kubernetes-version 1.26.2 -skip monitoring.coreos.com/v1/PodMonitor,postgresql.cnpg.io/v1/Pooler,postgresql.cnpg.io/v1/Cluster,postgresql.cnpg.io/v1/ScheduledBackup,bitnami.com/v1alpha1/SealedSecret "$f"
done
20 changes: 14 additions & 6 deletions docs/extract-plugin-config-schema.js
Original file line number Diff line number Diff line change
Expand Up @@ -41,10 +41,14 @@ const getPluginSchema = (plugin, dependencies) => {
const folderProperties = getFilesFromPath(folderPath, true).reduce(
(a, file) => ({
...a,
[file.id]: {
[camelCase(file.id)]: {
type: "object",
title: file.id,
markdownDescription: `Configuration of the ${file.id} plugin\n\nSee [plugin source](https://github.com/SocialGouv/kontinuous/blob/master/plugins/${plugin}/${folder}/${file.path})`,
title: camelCase(file.id),
markdownDescription: `Configuration of the ${camelCase(
file.id
)} plugin\n\nSee [plugin source](https://github.com/SocialGouv/kontinuous/blob/master/plugins/${plugin}/${folder}/${
file.path
})`,
properties: {
enabled: {
title: `${file.id}.enabled`,
Expand All @@ -53,7 +57,11 @@ const getPluginSchema = (plugin, dependencies) => {
},
options: {
title: `${file.id}.options`,
markdownDescription: `Options of the ${file.id} plugin\n\nSee [plugin source](https://github.com/SocialGouv/kontinuous/blob/master/plugins/${plugin}/${folder}/${file.path})`,
markdownDescription: `Options of the ${camelCase(
file.id
)} plugin\n\nSee [plugin source](https://github.com/SocialGouv/kontinuous/blob/master/plugins/${plugin}/${folder}/${
file.path
})`,
type: "object",
properties: {},
},
Expand All @@ -64,10 +72,10 @@ const getPluginSchema = (plugin, dependencies) => {
)
return {
...allFolders,
[folder]: {
[camelCase(folder)]: {
type: "object",
title: folder,
markdownDescription: `Options from the ${folder} type.`,
markdownDescription: `Options from the ${camelCase(folder)} type.`,
properties: folderProperties,
},
}
Expand Down
63 changes: 48 additions & 15 deletions docs/values.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,14 @@
"$id": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/docs/values.schema.json",
"title": "schema for .kontinuous/values.yaml",
"type": "object",
"patternProperties": {
"pg-*": {
"$ref": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/fabrique/charts/pg/kontinuous.values.schema.json"
},
"app-*": {
"$ref": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/contrib/charts/app/kontinuous.values.schema.json"
}
},
"additionalProperties": {
"type": "object",
"title": "Additional helm chart",
Expand All @@ -17,7 +25,7 @@
}
},
"then": {
"$ref": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/contrib/charts/app/kontinuous.values.schema.json#"
"$ref": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/contrib/charts/app/kontinuous.values.schema.json"
}
},
{
Expand All @@ -30,7 +38,7 @@
}
},
"then": {
"$ref": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/fabrique/charts/pg/kontinuous.values.schema.json#"
"$ref": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/fabrique/charts/pg/kontinuous.values.schema.json"
}
},
{
Expand All @@ -43,7 +51,7 @@
}
},
"then": {
"$ref": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/contrib/charts/jobs/kontinuous.values.schema.json#"
"$ref": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/contrib/charts/jobs/kontinuous.values.schema.json"
}
},
{
Expand All @@ -56,7 +64,7 @@
}
},
"then": {
"$ref": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/contrib/charts/oauth2-proxy/values.schema.json#"
"$ref": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/contrib/charts/oauth2-proxy/values.schema.json"
}
},
{
Expand Down Expand Up @@ -159,7 +167,7 @@
"project": { "type": "object", "additionalProperties": true },

"jobs": {
"$ref": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/contrib/charts/jobs/kontinuous.values.schema.json#"
"$ref": "https://raw.githubusercontent.com/socialgouv/kontinuous/v1/plugins/contrib/charts/jobs/kontinuous.values.schema.json"
}
},
"required": [],
Expand All @@ -171,19 +179,44 @@
"description": "Kontinuous chart to use",
"type": "string",
"default": "app",
"examples": [
"app",
"pg",
"hasura",
"metabase",
"pgweb",
"maildev",
"oauth2-proxy",
"redis"
"anyOf": [
{
"const": "app",
"markdownDescription": "The [app chart](https://github.com/SocialGouv/kontinuous/blob/master/plugins/contrib/charts/app) provides all the resources to deploy a kubernetes application\n\n💡 You can use the [meta `~tpl~` prefix](https://socialgouv.github.io/kontinuous/#/./advanced/build?id=meta-values-plugin-tpl) to make any property a [go template](https://docs.gofiber.io/template/html/TEMPLATES_CHEATSHEET/#template-variables)"
},
{
"const": "pg",
"markdownDescription": "The [pg chart](https://github.com/SocialGouv/kontinuous/blob/master/plugins/fabrique/charts/pg) is a wrapper around [cnpg-cluster helm chart](https://github.com/SocialGouv/kontinuous/blob/master/plugins/fabrique/charts/pg)"
},
{
"const": "hasura",
"markdownDescription": "The [hasura chart](https://github.com/SocialGouv/kontinuous/blob/master/plugins/contrib/charts/hasura) deploys an [hasura](https://hasura.io) instance"
},
{
"const": "metabase",
"markdownDescription": "The [metabase chart](https://github.com/SocialGouv/kontinuous/blob/master/plugins/contrib/charts/metabase) deploys a [metabase](https://metabase.com) instance"
},
{
"const": "pgweb",
"markdownDescription": "The [pgweb chart](https://github.com/SocialGouv/kontinuous/blob/master/plugins/fabrique/charts/pgweb) deploys a [pgweb](https://github.com/sosedoff/pgweb) instance"
},
{
"const": "maildev",
"markdownDescription": "The [maildev chart](https://github.com/SocialGouv/kontinuous/blob/master/plugins/fabrique/charts/maildev) deploys a [maildev](https://github.com/maildev/maildev) instance"
},
{
"const": "oauth2-proxy",
"markdownDescription": "The [oauth2-proxy chart](https://github.com/SocialGouv/kontinuous/blob/master/plugins/contrib/charts/oauth2-proxy) deploys an [oauth2-proxy](https://oauth2-proxy.github.io/oauth2-proxy/) instance"
},
{
"const": "redis",
"markdownDescription": "The [redis chart](https://github.com/SocialGouv/kontinuous/blob/master/plugins/contrib/charts/redis) deploys an [redis](https://oauth2-proxy.github.io/redis/) instance"
}
]
},
"~needs": {
"markdownDescription": "Job or deployment dependencies.\n\nThe meta-value `~needs`is used to define dependencies tree between charts and jobs.\n\nYou can target using simple charts or jobs name, or be more specific to avoid collision in more complex cases.\n\nsee [~needs documentation](https://socialgouv.github.io/kontinuous/#https://raw.githubusercontent.com/socialgouv/kontinuous/v1/advanced/build?id=meta-values-plugin-needs)",
"markdownDescription": "The meta-value `~needs`is used to define dependencies tree between charts and jobs.\n\nYou can target using simple charts or jobs name, or be more specific to avoid collision in more complex cases.\n\nsee [~needs documentation](https://socialgouv.github.io/kontinuous/#https://raw.githubusercontent.com/socialgouv/kontinuous/v1/advanced/build?id=meta-values-plugin-needs)",
"title": "Job or deployment dependencies",
"type": "array",
"items": {
"type": "string"
Expand Down
37 changes: 14 additions & 23 deletions plugins/contrib/charts/app/kontinuous.values.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -9,22 +9,13 @@
"^\\.": { "type": ["string", "number", "boolean"] }
},
"properties": {
"~chart": {
"type": "string"
},
"~chart": {},
"~forceRestart": {
"description": "Force restart on every deployment. default true",
"type": "boolean",
"default": true
},
"~needs": {
"description": "Job or deployment dependencies",
"type": "array",
"items": {
"type": "string"
},
"examples": ["[build-app]"]
},
"~needs": {},
"image": {
"description": "Full path to docker image",
"examples": ["ghcr.io/socialgouv/docker/nginx:7.0.1"],
Expand Down Expand Up @@ -61,6 +52,7 @@
},
"ingress": {
"type": "object",
"description": "Ingress configuration",
"additionalProperties": false,
"properties": {
"enabled": {
Expand All @@ -79,8 +71,7 @@
},
"annotations": {
"description": "NGINX ingress annotations, see https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/",
"type": "object",
"additionalProperties": true
"$ref": "https://raw.githubusercontent.com/socialgouv/json-schemas/main/nginx/annotations.schema.json"
}
}
},
Expand All @@ -97,38 +88,38 @@
"examples": ["[uploads]"]
},
"env": {
"$ref": "https://raw.githubusercontent.com/ad-m/kubernetes-json-schema/master/master-standalone-strict/_definitions.json#/definitions/io.k8s.api.core.v1.Container/properties/env"
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.24.0/_definitions.json#/definitions/io.k8s.api.core.v1.Container/properties/env"
},
"envFrom": {
"$ref": "https://raw.githubusercontent.com/ad-m/kubernetes-json-schema/master/master-standalone-strict/_definitions.json#/definitions/io.k8s.api.core.v1.Container/properties/envFrom"
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.24.0/_definitions.json#/definitions/io.k8s.api.core.v1.Container/properties/envFrom"
},
"vars": { "type": "object", "additionalProperties": true },
"volumes": {
"$ref": "https://raw.githubusercontent.com/ad-m/kubernetes-json-schema/master/master-standalone-strict/_definitions.json#/definitions/io.k8s.api.core.v1.PodSpec/properties/volumes"
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.24.0/_definitions.json#/definitions/io.k8s.api.core.v1.PodSpec/properties/volumes"
},
"volumeMounts": {
"$ref": "https://raw.githubusercontent.com/ad-m/kubernetes-json-schema/master/master-standalone-strict/_definitions.json#/definitions/io.k8s.api.core.v1.Container/properties/volumeMounts"
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.24.0/_definitions.json#/definitions/io.k8s.api.core.v1.Container/properties/volumeMounts"
},
"replicas": {
"$ref": "https://raw.githubusercontent.com/ad-m/kubernetes-json-schema/master/master-standalone-strict/_definitions.json#/definitions/io.k8s.api.apps.v1.DeploymentSpec/properties/replicas"
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.24.0/_definitions.json#/definitions/io.k8s.api.apps.v1.DeploymentSpec/properties/replicas"
},
"resources": {
"$ref": "https://raw.githubusercontent.com/ad-m/kubernetes-json-schema/master/master-standalone-strict/_definitions.json#/definitions/io.k8s.api.core.v1.ResourceRequirements"
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.24.0/_definitions.json#/definitions/io.k8s.api.core.v1.ResourceRequirements"
},
"livenessProbe": {
"$ref": "https://raw.githubusercontent.com/ad-m/kubernetes-json-schema/master/master-standalone-strict/_definitions.json#/definitions/io.k8s.api.core.v1.Probe",
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.24.0/_definitions.json#/definitions/io.k8s.api.core.v1.Probe",
"description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
},
"readinessProbe": {
"$ref": "https://raw.githubusercontent.com/ad-m/kubernetes-json-schema/master/master-standalone-strict/_definitions.json#/definitions/io.k8s.api.core.v1.Probe",
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.24.0/_definitions.json#/definitions/io.k8s.api.core.v1.Probe",
"description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
},
"startupProbe": {
"$ref": "https://raw.githubusercontent.com/ad-m/kubernetes-json-schema/master/master-standalone-strict/_definitions.json#/definitions/io.k8s.api.core.v1.Probe",
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.24.0/_definitions.json#/definitions/io.k8s.api.core.v1.Probe",
"description": "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes"
},
"securityContext": {
"$ref": "https://raw.githubusercontent.com/ad-m/kubernetes-json-schema/master/master-standalone-strict/_definitions.json#/definitions/io.k8s.api.core.v1.PodSecurityContext",
"$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.24.0/_definitions.json#/definitions/io.k8s.api.core.v1.PodSecurityContext",
"description": "Setup your securityContext to reduce security risks, see https://kubernetes.io/docs/tasks/configure-pod-container/security-context/"
}
}
Expand Down
Loading

0 comments on commit b581f28

Please sign in to comment.