Browse Source

Fix v2 schema support

Fix v2 schema support [0] and add functional test.

[0]: https://review.opendev.org/#/c/666659/

Change-Id: I6a1be7e4f557fe9fd24d02416675df6e757ba4f1
changes/45/676245/1
Sean Eagan 1 month ago
parent
commit
7d2092b100

+ 1
- 1
deckhand/engine/document_validation.py View File

@@ -81,7 +81,7 @@ class BaseValidator(object):
81 81
 
82 82
     __slots__ = ('_schema_map')
83 83
 
84
-    _supported_versions = ('v1',)
84
+    _supported_versions = _SUPPORTED_SCHEMA_VERSIONS
85 85
     _schema_re = re.compile(r'^[a-zA-Z]+\/[a-zA-Z]+\/v\d+$')
86 86
 
87 87
     def __init__(self):

+ 20
- 0
deckhand/tests/functional/gabbits/resources/sample-schema-v2.yaml View File

@@ -0,0 +1,20 @@
1
+---
2
+schema: deckhand/DataSchema/v1
3
+metadata:
4
+  schema: metadata/Control/v1
5
+  name: example/Doc/v2
6
+data:
7
+  $schema: http://json-schema.org/schema#
8
+  type: object
9
+  properties:
10
+    a:
11
+      type: string
12
+    b:
13
+      type: integer
14
+      minimum: 0
15
+      maximum: 100
16
+  required:
17
+    - a
18
+    - b
19
+  additionalProperties: false
20
+...

+ 214
- 0
deckhand/tests/functional/gabbits/schema-validation/schema-validation-success-v2.yaml View File

@@ -0,0 +1,214 @@
1
+# Test success path for rollback with a single bucket.
2
+#
3
+#  1. Purges existing data to ensure test isolation
4
+#  2. Creates a v2 DataSchema
5
+#  3. Checks that schema validation for the DataSchema passes
6
+#  4. Puts a valid document (and LayeringPolicy)
7
+#  5. Checks that the document passes schema pre-validation
8
+#  6. Checks that the document passes schema post-validation
9
+#  7. Puts an invalid document
10
+#  8. Checks that the document fails schema pre-validation
11
+#  9. Checks that the document fails schema post-validation by raising expected
12
+#     exception
13
+# 10. Checks that the document entry details adhere to expected validation
14
+#     format
15
+# 11. Re-puts the same invalid document with substitutions
16
+# 12. Verify that the substitutions were sanitized in the validation output
17
+
18
+defaults:
19
+  request_headers:
20
+    content-type: application/x-yaml
21
+  response_headers:
22
+    content-type: application/x-yaml
23
+  verbose: true
24
+
25
+tests:
26
+  - name: purge
27
+    desc: Begin testing from known state.
28
+    DELETE: /api/v1.0/revisions
29
+    status: 204
30
+    response_headers: null
31
+
32
+  - name: create_schema
33
+    desc: Add example schema
34
+    PUT: /api/v1.0/buckets/mop/documents
35
+    status: 200
36
+    data: <@resources/sample-schema-v2.yaml
37
+
38
+  - name: verify_schema_is_valid
39
+    desc: Check schema validation of the added schema
40
+    GET: /api/v1.0/revisions/$HISTORY['create_schema'].$RESPONSE['$.[0].status.revision']/validations/deckhand-schema-validation
41
+    status: 200
42
+    response_multidoc_jsonpaths:
43
+      $.`len`: 1
44
+      $.[0].count: 1
45
+      $.[0].results[0].id: 0
46
+      $.[0].results[0].status: success
47
+
48
+  - name: verify_schema_validation_in_list_view
49
+    desc: Check schema validation success shows in list view
50
+    GET: /api/v1.0/revisions/$HISTORY['create_schema'].$RESPONSE['$.[0].status.revision']/validations
51
+    status: 200
52
+    response_multidoc_jsonpaths:
53
+      $.`len`: 1
54
+      $.[0].count: 1
55
+      $.[0].results[0].name: deckhand-schema-validation
56
+      $.[0].results[0].status: success
57
+
58
+  - name: add_valid_document
59
+    desc: Add a document that follows the schema
60
+    PUT: /api/v1.0/buckets/good/documents
61
+    status: 200
62
+    data: |-
63
+      ---
64
+      schema: deckhand/LayeringPolicy/v1
65
+      metadata:
66
+        schema: metadata/Control/v1
67
+        name: layering-policy
68
+      data:
69
+        layerOrder:
70
+          - site
71
+      ---
72
+      schema: example/Doc/v2
73
+      metadata:
74
+        schema: metadata/Document/v1
75
+        name: good
76
+        storagePolicy: cleartext
77
+        layeringDefinition:
78
+          abstract: false
79
+          layer: site
80
+      data:
81
+        a: this-one-is-required
82
+        b: 77
83
+
84
+  - name: verify_document_is_valid_pre_validation
85
+    desc: Check schema pre-validation of the added document
86
+    GET: /api/v1.0/revisions/$HISTORY['add_valid_document'].$RESPONSE['$.[0].status.revision']/validations/deckhand-schema-validation
87
+    status: 200
88
+    response_multidoc_jsonpaths:
89
+      $.`len`: 1
90
+      $.[0].count: 2
91
+      $.[0].results[0].id: 0
92
+      $.[0].results[0].status: success
93
+
94
+  - name: verify_document_pre_validation_success_in_list_view
95
+    desc: Check document pre-validation success shows in list view
96
+    GET: /api/v1.0/revisions/$HISTORY['add_valid_document'].$RESPONSE['$.[0].status.revision']/validations
97
+    status: 200
98
+    response_multidoc_jsonpaths:
99
+      $.`len`: 1
100
+      $.[0].count: 1
101
+      $.[0].results[*].name: deckhand-schema-validation
102
+      $.[0].results[*].status: success
103
+
104
+  - name: verify_document_is_valid_post_validation
105
+    desc: Check that the document passes post-validation
106
+    GET: /api/v1.0/revisions/$HISTORY['add_valid_document'].$RESPONSE['$.[0].status.revision']/rendered-documents
107
+    status: 200
108
+
109
+  - name: add_invalid_document
110
+    desc: Add a document that does not follow the schema
111
+    PUT: /api/v1.0/buckets/bad/documents
112
+    status: 200
113
+    data: |-
114
+      schema: example/Doc/v2
115
+      metadata:
116
+        schema: metadata/Document/v1
117
+        name: bad
118
+        storagePolicy: cleartext
119
+        layeringDefinition:
120
+          abstract: false
121
+          layer: site
122
+      data:
123
+        a: this-one-is-required-and-can-be-different
124
+        b: 177
125
+
126
+  - name: verify_invalid_document_is_valid_pre_validation
127
+    desc: Check success of schema pre-validation of the added document
128
+    GET: /api/v1.0/revisions/$HISTORY['add_invalid_document'].$RESPONSE['$.[0].status.revision']/validations/deckhand-schema-validation
129
+    status: 200
130
+    response_multidoc_jsonpaths:
131
+      $.`len`: 1
132
+      $.[0].count: 1
133
+      $.[0].results[*].status: success
134
+
135
+  - name: verify_document_pre_validation_failure_in_list_view
136
+    desc: Check document pre-validation success shows in list view
137
+    GET: /api/v1.0/revisions/$HISTORY['add_invalid_document'].$RESPONSE['$.[0].status.revision']/validations
138
+    status: 200
139
+    response_multidoc_jsonpaths:
140
+      $.`len`: 1
141
+      $.[0].count: 1
142
+      $.[0].results[0].name: deckhand-schema-validation
143
+      $.[0].results[0].status: success
144
+
145
+  - name: verify_document_is_invalid_post_validation
146
+    desc: Check that the document fails post-validation
147
+    GET: /api/v1.0/revisions/$HISTORY['add_invalid_document'].$RESPONSE['$.[0].status.revision']/rendered-documents
148
+    status: 400
149
+    response_multidoc_jsonpaths:
150
+      $.`len`: 1
151
+      $.[0].apiVersion: v1.0
152
+      $.[0].code: 400 Bad Request
153
+      $.[0].details.errorCount: 1
154
+      $.[0].details.errorType: InvalidDocumentFormat
155
+      $.[0].details.messageList[0].documents:
156
+        - layer: site
157
+          name: bad
158
+          schema: example/Doc/v2
159
+      $.[0].details.messageList[0].error: true
160
+      $.[0].details.messageList[0].kind: ValidationMessage
161
+      $.[0].details.messageList[0].level: Error
162
+      $.[0].details.messageList[0].name: D002
163
+      $.[0].kind: Status
164
+      $.[0].message: The provided documents failed schema validation
165
+      $.[0].reason: Validation
166
+      $.[0].status: Failure
167
+
168
+  - name: add_invalid_document_with_substitutions
169
+    desc: Add a document that does not follow the schema
170
+    PUT: /api/v1.0/buckets/bad/documents
171
+    status: 200
172
+    data: |-
173
+      ---
174
+      schema: example/Doc/v2
175
+      metadata:
176
+        schema: metadata/Document/v1
177
+        name: bad
178
+        storagePolicy: cleartext
179
+        layeringDefinition:
180
+          abstract: false
181
+          layer: site
182
+        substitutions:
183
+          - src:
184
+              schema: deckhand/Certificate/v1
185
+              name: test-certificate
186
+              path: .
187
+            dest:
188
+              path: .a
189
+      data:
190
+        a: this-one-is-required-and-can-be-different
191
+        b: 177
192
+      ---
193
+      schema: deckhand/Certificate/v1
194
+      metadata:
195
+        name: test-certificate
196
+        schema: metadata/Document/v1
197
+        storagePolicy: cleartext
198
+        layeringDefinition:
199
+          layer: site
200
+        storagePolicy: cleartext
201
+      data: this-should-definitely-be-sanitized
202
+
203
+  - name: verify_document_post_validation_failure_entry_details_hides_secrets
204
+    desc: Check document validation failure hides secrets
205
+    GET: /api/v1.0/revisions/$HISTORY['add_invalid_document_with_substitutions'].$RESPONSE['$.[0].status.revision']/rendered-documents
206
+    status: 400
207
+    response_multidoc_jsonpaths:
208
+      $.`len`: 1
209
+      $.[0].code: 400 Bad Request
210
+      $.[0].details.errorCount: 1
211
+      $.[0].details.errorType: InvalidDocumentFormat
212
+      $.[0].details.messageList[0].diagnostic.error_section:
213
+        a: 'Sanitized to avoid exposing secret.'
214
+        b: 177

Loading…
Cancel
Save