feat: make rule filters optional (fixes #4)
This commit is contained in:
parent
8d87332b14
commit
9a7f8829c0
13
README.md
13
README.md
|
|
@ -40,12 +40,23 @@ This project is written in Typescript and requires `node` and `yarn` to build.
|
|||
|
||||
## Usage
|
||||
|
||||
To run with Docker: `docker run ssube/salty-dog:master`
|
||||
To run with Docker (**recommended**): `docker run -v ${HOME}:/root:ro --rm -i ssube/salty-dog:master`
|
||||
|
||||
To run after `yarn global add` or `npm i -g`: `salty-dog`
|
||||
|
||||
To run after building: `node out/bundle.js`
|
||||
|
||||
To run with `make`, apply with `kubectl`, and format logs with `bunyan`:
|
||||
|
||||
```shell
|
||||
> curl https://raw.githubusercontent.com/ssube/k8s-shards/master/roles/apps/gitlab/server/templates/ingress.yml | make run-stream 2> >(./node_modules/.bin/bunyan) > >(kubectl apply --dry-run -f -)
|
||||
|
||||
...
|
||||
[2019-06-16T03:23:56.645Z] INFO: salty-dog/8015 on cerberus: all rules passed
|
||||
ingress.extensions/gitlab created (dry run)
|
||||
|
||||
```
|
||||
|
||||
### Validate
|
||||
|
||||
`salty-dog` can validate JSON and YAML from files and streams, and emit it to a file or stream (with logs going
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ rules:
|
|||
- playbook
|
||||
|
||||
select: '$'
|
||||
filter:
|
||||
type: array
|
||||
|
||||
check:
|
||||
type: array
|
||||
|
|
@ -39,8 +37,6 @@ rules:
|
|||
- role
|
||||
|
||||
select: '$'
|
||||
filter:
|
||||
type: array
|
||||
|
||||
check:
|
||||
type: array
|
||||
|
|
|
|||
12
src/rule.ts
12
src/rule.ts
|
|
@ -18,7 +18,7 @@ export interface Rule {
|
|||
tags: Array<string>;
|
||||
// data
|
||||
check: any;
|
||||
filter: any;
|
||||
filter?: any;
|
||||
select: string;
|
||||
}
|
||||
|
||||
|
|
@ -86,7 +86,7 @@ export async function resolveRules(rules: Array<Rule>, selector: RuleSelector):
|
|||
export function checkRule(rule: Rule, data: any, logger: Logger): boolean {
|
||||
const ajv = new ((Ajv as any).default)()
|
||||
const check = ajv.compile(rule.check);
|
||||
const filter = ajv.compile(rule.filter);
|
||||
const filter = compileFilter(rule, ajv);
|
||||
const scopes = JSONPath({
|
||||
json: data,
|
||||
path: rule.select,
|
||||
|
|
@ -115,4 +115,12 @@ export function checkRule(rule: Rule, data: any, logger: Logger): boolean {
|
|||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
export function compileFilter(rule: Rule, ajv: any): any {
|
||||
if (isNil(rule.filter)) {
|
||||
return () => true;
|
||||
} else {
|
||||
return ajv.compile(rule.filter);
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue