feat: make rule filters optional (fixes #4)
This commit is contained in:
parent
8d87332b14
commit
9a7f8829c0
13
README.md
13
README.md
|
@ -40,12 +40,23 @@ This project is written in Typescript and requires `node` and `yarn` to build.
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
To run with Docker: `docker run ssube/salty-dog:master`
|
To run with Docker (**recommended**): `docker run -v ${HOME}:/root:ro --rm -i ssube/salty-dog:master`
|
||||||
|
|
||||||
To run after `yarn global add` or `npm i -g`: `salty-dog`
|
To run after `yarn global add` or `npm i -g`: `salty-dog`
|
||||||
|
|
||||||
To run after building: `node out/bundle.js`
|
To run after building: `node out/bundle.js`
|
||||||
|
|
||||||
|
To run with `make`, apply with `kubectl`, and format logs with `bunyan`:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
> curl https://raw.githubusercontent.com/ssube/k8s-shards/master/roles/apps/gitlab/server/templates/ingress.yml | make run-stream 2> >(./node_modules/.bin/bunyan) > >(kubectl apply --dry-run -f -)
|
||||||
|
|
||||||
|
...
|
||||||
|
[2019-06-16T03:23:56.645Z] INFO: salty-dog/8015 on cerberus: all rules passed
|
||||||
|
ingress.extensions/gitlab created (dry run)
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
### Validate
|
### Validate
|
||||||
|
|
||||||
`salty-dog` can validate JSON and YAML from files and streams, and emit it to a file or stream (with logs going
|
`salty-dog` can validate JSON and YAML from files and streams, and emit it to a file or stream (with logs going
|
||||||
|
|
|
@ -6,8 +6,6 @@ rules:
|
||||||
- playbook
|
- playbook
|
||||||
|
|
||||||
select: '$'
|
select: '$'
|
||||||
filter:
|
|
||||||
type: array
|
|
||||||
|
|
||||||
check:
|
check:
|
||||||
type: array
|
type: array
|
||||||
|
@ -39,8 +37,6 @@ rules:
|
||||||
- role
|
- role
|
||||||
|
|
||||||
select: '$'
|
select: '$'
|
||||||
filter:
|
|
||||||
type: array
|
|
||||||
|
|
||||||
check:
|
check:
|
||||||
type: array
|
type: array
|
||||||
|
|
12
src/rule.ts
12
src/rule.ts
|
@ -18,7 +18,7 @@ export interface Rule {
|
||||||
tags: Array<string>;
|
tags: Array<string>;
|
||||||
// data
|
// data
|
||||||
check: any;
|
check: any;
|
||||||
filter: any;
|
filter?: any;
|
||||||
select: string;
|
select: string;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -86,7 +86,7 @@ export async function resolveRules(rules: Array<Rule>, selector: RuleSelector):
|
||||||
export function checkRule(rule: Rule, data: any, logger: Logger): boolean {
|
export function checkRule(rule: Rule, data: any, logger: Logger): boolean {
|
||||||
const ajv = new ((Ajv as any).default)()
|
const ajv = new ((Ajv as any).default)()
|
||||||
const check = ajv.compile(rule.check);
|
const check = ajv.compile(rule.check);
|
||||||
const filter = ajv.compile(rule.filter);
|
const filter = compileFilter(rule, ajv);
|
||||||
const scopes = JSONPath({
|
const scopes = JSONPath({
|
||||||
json: data,
|
json: data,
|
||||||
path: rule.select,
|
path: rule.select,
|
||||||
|
@ -115,4 +115,12 @@ export function checkRule(rule: Rule, data: any, logger: Logger): boolean {
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
export function compileFilter(rule: Rule, ajv: any): any {
|
||||||
|
if (isNil(rule.filter)) {
|
||||||
|
return () => true;
|
||||||
|
} else {
|
||||||
|
return ajv.compile(rule.filter);
|
||||||
|
}
|
||||||
}
|
}
|
Loading…
Reference in New Issue