assertion

package

v1.6.0 Latest Latest Go to latest Published: Jun 25, 2020 License: MIT Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/stelligent/config-lint

Links

Open Source Insights

Documentation ¶

Index ¶

func DebugJSON(title string, object interface{})
func Debugf(format string, args ...interface{})
func ExcludeResource(rule Rule, resource Resource) bool
func JSONStringify(data interface{}) (string, error)
func ResolveRule(rule Rule, valueSource ValueSource) (Rule, []Violation)
func ResolveRules(rules []Rule, valueSource ValueSource) ([]Rule, []Violation)
func SearchData(expression string, data interface{}) (interface{}, error)
func SetDebug(b bool)
func ShouldIncludeFile(patterns []string, filename string) (bool, error)
func SliceContains(list []string, value string) bool
type CollectionExpression
type ColumnConfig
type Expression
type ExternalRuleInvoker
type InvokeResponse
type InvokeRuleAPI
type InvokeViolation
type MatchResult
type Resource
- func ExcludeResourceTypes(resources []Resource, resourceTypes []string, resourceCategory string) []Resource
- func FilterResourceExceptions(rule Rule, resources []Resource) []Resource
- func FilterResourcesByType(resources []Resource, resourceType string, resourceCategory string) []Resource
- func FilterResourcesByTypes(resources []Resource, resourceTypes []string, resourceCategory string) []Resource
- func FilterResourcesForRule(resources []Resource, rule Rule) []Resource
type ResourceConfig
type Result
- func CheckExpression(rule Rule, expression Expression, resource Resource) (Result, error)
type Rule
- func FilterRulesByID(rules []Rule, ruleIDs []string, ignoreRuleIDs []string) []Rule
- func FilterRulesByTag(rules []Rule, tags []string) []Rule
- func FilterRulesByTagAndID(rules []Rule, tags []string, ruleIds []string, ignoreRuleIds []string) []Rule
type RuleSet
- func JoinRuleSets(firstSet RuleSet, secondSet RuleSet) (RuleSet, error)
- func ParseRules(rules string) (RuleSet, error)
type ScannedResource
type StandardExternalRuleInvoker
- func (e StandardExternalRuleInvoker) Invoke(rule Rule, resource Resource) (string, []Violation, error)
type StandardValueSource
- func (v StandardValueSource) GetValue(expression Expression) (string, error)
- func (v StandardValueSource) GetValueFromHTTP(url string) (string, error)
- func (v StandardValueSource) GetValueFromS3(bucket string, key string) (string, error)
type ValidationReport
type ValueFrom
type ValueSource
type Violation
- func CheckRule(rule Rule, resource Resource, e ExternalRuleInvoker) (string, []Violation, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DebugJSON ¶ added in v0.0.18

func DebugJSON(title string, object interface{})

func Debugf ¶

func Debugf(format string, args ...interface{})

Debugf prints a formatted string when verbose logging is turned on

func ExcludeResource ¶

func ExcludeResource(rule Rule, resource Resource) bool

ExcludeResource when resource.ID included in list of exceptions

func JSONStringify ¶

func JSONStringify(data interface{}) (string, error)

JSONStringify converts a JSON object into an indented string suitable for printing

func ResolveRule ¶

func ResolveRule(rule Rule, valueSource ValueSource) (Rule, []Violation)

ResolveRule loads any dynamic values for a single Rule

func ResolveRules ¶

func ResolveRules(rules []Rule, valueSource ValueSource) ([]Rule, []Violation)

ResolveRules loads any dynamic values for a collection or rules

func SearchData ¶

func SearchData(expression string, data interface{}) (interface{}, error)

SearchData applies a JMESPath to a JSON object

func SetDebug ¶ added in v0.0.3

func SetDebug(b bool)

SetDebug turns verbose logging on or off

func ShouldIncludeFile ¶

func ShouldIncludeFile(patterns []string, filename string) (bool, error)

ShouldIncludeFile return true if a filename matches one of a list of patterns

func SliceContains ¶ added in v0.0.11

func SliceContains(list []string, value string) bool

Types ¶

type CollectionExpression ¶

type CollectionExpression struct {
	Key         string
	Expressions []Expression
}

CollectionExpression assertion for every element of a collection

type ColumnConfig ¶ added in v0.0.19

type ColumnConfig struct {
	Name string
}

ColumnConfig describes how to discover resources in a CSV file

type Expression ¶

type Expression struct {
	Key        string
	Op         string
	Value      string
	ValueType  string    `json:"value_type"`
	ValueFrom  ValueFrom `json:"value_from"`
	Or         []Expression
	Xor        []Expression
	And        []Expression
	Not        []Expression
	Every      CollectionExpression
	Some       CollectionExpression
	None       CollectionExpression
	ExactlyOne CollectionExpression `json:"exactly-one"`
}

Expression expression for a Rule

type ExternalRuleInvoker ¶

type ExternalRuleInvoker interface {
	Invoke(Rule, Resource) (string, []Violation, error)
}

ExternalRuleInvoker defines an interface for invoking an external API

type InvokeResponse ¶

type InvokeResponse struct {
	Violations []InvokeViolation
}

InvokeResponse contains a collection of validation errors

type InvokeRuleAPI ¶

type InvokeRuleAPI struct {
	URL     string
	Payload string
}

InvokeRuleAPI describes an external API for linting a resource

type InvokeViolation ¶

type InvokeViolation struct {
	Message string
}

InvokeViolation has message describing a single validation error

type MatchResult ¶

type MatchResult struct {
	Match   bool
	Message string
}

MatchResult has a true/false result, but also includes a message for better reporting

type Resource ¶

type Resource struct {
	ID         string `cty:"aws_instance"`
	Type       string
	Category   string // default is "resource", can be "data", "provider" for Terraform
	Properties interface{}
	Filename   string
	LineNumber int
}

Resource describes a resource to be linted

func ExcludeResourceTypes ¶ added in v0.0.28

func ExcludeResourceTypes(resources []Resource, resourceTypes []string, resourceCategory string) []Resource

Exclude resources

func FilterResourceExceptions ¶

func FilterResourceExceptions(rule Rule, resources []Resource) []Resource

FilterResourceExceptions filters out resources that should not be validated

func FilterResourcesByType ¶

func FilterResourcesByType(resources []Resource, resourceType string, resourceCategory string) []Resource

FilterResourcesByType filters a list of resources that match a single resource type

func FilterResourcesByTypes ¶ added in v0.0.11

func FilterResourcesByTypes(resources []Resource, resourceTypes []string, resourceCategory string) []Resource

FilterResourcesByTypes filters a list of resources that match a slice of resource types

func FilterResourcesForRule ¶ added in v0.0.11

func FilterResourcesForRule(resources []Resource, rule Rule) []Resource

FilterResourcesForRule returns resources applicable to the given rule

type ResourceConfig ¶

type ResourceConfig struct {
	ID   string
	Type string
	Key  string
}

ResourceConfig describes how to discover resouces in a YAML file

type Result ¶

type Result struct {
	Status  string
	Message string
}

Result returns a status, along with a message

func CheckExpression ¶

func CheckExpression(rule Rule, expression Expression, resource Resource) (Result, error)

CheckExpression validates a single Resource using a single Expression

type Rule ¶

type Rule struct {
	ID              string
	Message         string
	Severity        string
	Resource        string
	Resources       []string
	ExceptResources []string `json:"except_resources"`
	Category        string   // default is "resource", can be "data", "provider", "module" for Terraform
	Conditions      []Expression
	Assertions      []Expression
	Except          []string
	Tags            []string
	Invoke          InvokeRuleAPI
}

Rule is part of a RuleSet

func FilterRulesByID ¶

func FilterRulesByID(rules []Rule, ruleIDs []string, ignoreRuleIDs []string) []Rule

FilterRulesByID selectes a subset of rules based on ID

func FilterRulesByTag ¶

func FilterRulesByTag(rules []Rule, tags []string) []Rule

FilterRulesByTag selects a subset of rules based on a tag

func FilterRulesByTagAndID ¶

func FilterRulesByTagAndID(rules []Rule, tags []string, ruleIds []string, ignoreRuleIds []string) []Rule

FilterRulesByTagAndID filters by both tag and id

type RuleSet ¶

type RuleSet struct {
	Type        string
	Description string
	Files       []string
	Rules       []Rule
	Version     string
	Resources   []ResourceConfig
	Columns     []ColumnConfig
	Source      string
}

RuleSet describes a collection of rules for a Linter

func JoinRuleSets ¶ added in v1.0.0

func JoinRuleSets(firstSet RuleSet, secondSet RuleSet) (RuleSet, error)

Join two RuleSets together

func ParseRules ¶

func ParseRules(rules string) (RuleSet, error)

ParseRules converts YAML string content to a Result

type ScannedResource ¶

type ScannedResource struct {
	ResourceID   string
	ResourceType string
	RuleID       string
	Status       string
	Filename     string
	LineNumber   int
}

ScannedResource has details for each resource scanned

type StandardExternalRuleInvoker ¶

type StandardExternalRuleInvoker struct {
}

StandardExternalRuleInvoker implements an external HTTP or HTTPS call

func (StandardExternalRuleInvoker) Invoke ¶

func (e StandardExternalRuleInvoker) Invoke(rule Rule, resource Resource) (string, []Violation, error)

Invoke an external API to validate a Resource

type StandardValueSource ¶

type StandardValueSource struct {
	Variables map[string]string
}

StandardValueSource can fetch values from external sources

func (StandardValueSource) GetValue ¶

func (v StandardValueSource) GetValue(expression Expression) (string, error)

GetValue looks up external values when an Expression includes a ValueFrom attribute

func (StandardValueSource) GetValueFromHTTP ¶

func (v StandardValueSource) GetValueFromHTTP(url string) (string, error)

GetValueFromHTTP looks up external value for an Expression when the HTTP protocol is specified

func (StandardValueSource) GetValueFromS3 ¶

func (v StandardValueSource) GetValueFromS3(bucket string, key string) (string, error)

GetValueFromS3 looks up external values for an Expression when the S3 protocol is specified

type ValidationReport ¶

type ValidationReport struct {
	FilesScanned     []string
	Violations       []Violation
	ResourcesScanned []ScannedResource
}

ValidationReport summarizes validation for resources using rules

type ValueFrom ¶

type ValueFrom struct {
	URL      string
	Variable string
}

ValueFrom describes a external source for values

type ValueSource ¶

type ValueSource interface {
	GetValue(Expression) (string, error)
}

ValueSource interface to fetch dynamic values

type Violation ¶

type Violation struct {
	RuleID           string
	ResourceID       string
	ResourceType     string
	Category         string
	Status           string
	RuleMessage      string
	AssertionMessage string
	Filename         string
	LineNumber       int
	CreatedAt        string
}

Violation has details for a failed assertion

func CheckRule ¶

func CheckRule(rule Rule, resource Resource, e ExternalRuleInvoker) (string, []Violation, error)

CheckRule returns a list of violations for a single Rule applied to a single Resource

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL