From 282e93d8c625ed39f1b12085a409435e77ae6dde Mon Sep 17 00:00:00 2001
From: ssube <seansube@gmail.com>
Date: Sat, 15 Jun 2019 17:53:07 -0500
Subject: [PATCH] feat: make node selectors work

---
 config/tsconfig.json                              |  2 +-
 package.json                                      |  1 +
 ....yml => kubernetes-require-resources-fail.yml} |  0
 .../kubernetes-require-resources-pass.yml         | 14 ++++++++++++++
 rules/kubernetes.yml                              |  3 +--
 src/rule.ts                                       | 15 +++++++++++----
 vendor/jsonpath-plus/index.d.ts                   |  8 ++++++++
 yarn.lock                                         |  5 +++++
 8 files changed, 41 insertions(+), 7 deletions(-)
 rename rules/examples/{kubernetes-resource-fail.yml => kubernetes-require-resources-fail.yml} (100%)
 create mode 100644 rules/examples/kubernetes-require-resources-pass.yml
 create mode 100644 vendor/jsonpath-plus/index.d.ts

diff --git a/config/tsconfig.json b/config/tsconfig.json
index be7eed5..02bde56 100755
--- a/config/tsconfig.json
+++ b/config/tsconfig.json
@@ -26,7 +26,7 @@
     "strictPropertyInitialization": true,
     "target": "es2017",
     "types": [
-      "js-yaml"
+      "jsonpath-plus"
     ],
     "typeRoots": [
       "../node_modules/@types",
diff --git a/package.json b/package.json
index 8548bf7..acf6d25 100644
--- a/package.json
+++ b/package.json
@@ -25,6 +25,7 @@
     "@types/js-yaml": "^3.12.1",
     "@types/lodash": "^4.14.134",
     "@types/yargs-parser": "^13.0.0",
+    "jsonpath-plus": "^0.20.1",
     "rollup": "^1.15.5",
     "rollup-plugin-commonjs": "^10.0.0",
     "rollup-plugin-json": "^4.0.0",
diff --git a/rules/examples/kubernetes-resource-fail.yml b/rules/examples/kubernetes-require-resources-fail.yml
similarity index 100%
rename from rules/examples/kubernetes-resource-fail.yml
rename to rules/examples/kubernetes-require-resources-fail.yml
diff --git a/rules/examples/kubernetes-require-resources-pass.yml b/rules/examples/kubernetes-require-resources-pass.yml
new file mode 100644
index 0000000..58f8b4f
--- /dev/null
+++ b/rules/examples/kubernetes-require-resources-pass.yml
@@ -0,0 +1,14 @@
+metadata:
+  name: example
+spec:
+  template:
+    spec:
+      containers:
+        - name: test
+          resources:
+            limits:
+              cpu: 200m
+              memory: 250Mi
+            requests:
+              cpu: 200m
+              memory: 250Mi
\ No newline at end of file
diff --git a/rules/kubernetes.yml b/rules/kubernetes.yml
index 745450b..9df7246 100644
--- a/rules/kubernetes.yml
+++ b/rules/kubernetes.yml
@@ -1,12 +1,11 @@
 rules:
-  - name: require-resources
+  - name: kubernetes-require-resources
     level: info
     tags:
       - cluster-health
       - important
 
     nodes:
-      filter: ''
       select: '$.spec.template.spec.containers[*]'
 
     schema:
diff --git a/src/rule.ts b/src/rule.ts
index cd7a980..6a6f873 100644
--- a/src/rule.ts
+++ b/src/rule.ts
@@ -1,5 +1,6 @@
-import * as ajv from 'ajv';
+import * as Ajv from 'ajv';
 import { readFile } from 'fs';
+import { JSONPath } from 'jsonpath-plus';
 import { intersection } from 'lodash';
 import { LogLevel } from 'noicejs';
 import { promisify } from 'util';
@@ -81,8 +82,14 @@ export async function resolveRules(rules: Array<Rule>, selector: RuleSelector):
 }
 
 export function checkRule(rule: Rule, data: any): boolean {
-  const schema = new ((ajv as any).default)().compile(rule.schema);
-  const valid = schema(data);
-  console.log(data, valid);
+  const ajv = new ((Ajv as any).default)()
+  const schema = ajv.compile(rule.schema);
+  const scopes = JSONPath({
+    json: data,
+    path: rule.nodes.select,
+  });
+  const valid = scopes.every((s: any) => schema(s));
+  console.log(rule.nodes.select, scopes, valid, data, rule.schema);
+  console.log(schema.errors);
   return !!valid;
 }
\ No newline at end of file
diff --git a/vendor/jsonpath-plus/index.d.ts b/vendor/jsonpath-plus/index.d.ts
new file mode 100644
index 0000000..7e6ffea
--- /dev/null
+++ b/vendor/jsonpath-plus/index.d.ts
@@ -0,0 +1,8 @@
+declare module 'jsonpath-plus' {
+  export interface JSONPathOptions {
+    json: any;
+    path: string;
+  }
+
+  export function JSONPath(options: JSONPathOptions): any;
+}
\ No newline at end of file
diff --git a/yarn.lock b/yarn.lock
index 4a36060..94f6bbe 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -538,6 +538,11 @@ jsonfile@^4.0.0:
   optionalDependencies:
     graceful-fs "^4.1.6"
 
+jsonpath-plus@^0.20.1:
+  version "0.20.1"
+  resolved "https://registry.yarnpkg.com/jsonpath-plus/-/jsonpath-plus-0.20.1.tgz#5358b8e8a5df569c541de64908d54bca55550e1c"
+  integrity sha512-8O4tBeXh9XGma2x2aPVwvpo9lXJAd4bx0XA0eRjYs4Cpz7e5PQy7sPttk2YmhvROJhEUu4DNUxmtLueicCqyZg==
+
 kind-of@^3.0.2, kind-of@^3.0.3, kind-of@^3.2.0:
   version "3.2.2"
   resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-3.2.2.tgz#31ea21a734bab9bbb0f32466d893aea51e4a3c64"