339 lines
7.5 KiB
Go
339 lines
7.5 KiB
Go
|
package lint
|
||
|
|
||
|
import (
|
||
|
"fmt"
|
||
|
"net/http"
|
||
|
"os"
|
||
|
"path"
|
||
|
|
||
|
"coopcloud.tech/abra/pkg/catalogue"
|
||
|
"coopcloud.tech/abra/pkg/config"
|
||
|
"coopcloud.tech/abra/pkg/recipe"
|
||
|
"coopcloud.tech/tagcmp"
|
||
|
"github.com/docker/distribution/reference"
|
||
|
"github.com/sirupsen/logrus"
|
||
|
)
|
||
|
|
||
|
var Warn = "warn"
|
||
|
var Critical = "critical"
|
||
|
|
||
|
type LintFunction func(recipe.Recipe) (bool, error)
|
||
|
|
||
|
type LintRule struct {
|
||
|
Ref string
|
||
|
Level string
|
||
|
Description string
|
||
|
HowToResolve string
|
||
|
Function LintFunction
|
||
|
}
|
||
|
|
||
|
var LintRules = map[string][]LintRule{
|
||
|
"warn": []LintRule{
|
||
|
LintRule{
|
||
|
Ref: "R001",
|
||
|
Level: "warn",
|
||
|
Description: "compose config has expected version",
|
||
|
HowToResolve: "ensure 'version: \"3.8\"' in compose configs",
|
||
|
Function: LintComposeVersion,
|
||
|
},
|
||
|
LintRule{
|
||
|
Ref: "R002",
|
||
|
Level: "warn",
|
||
|
Description: "healthcheck enabled for all services",
|
||
|
HowToResolve: "wire up healthchecks",
|
||
|
Function: LintHealthchecks,
|
||
|
},
|
||
|
LintRule{
|
||
|
Ref: "R003",
|
||
|
Level: "warn",
|
||
|
Description: "all images use a tag",
|
||
|
HowToResolve: "use a tag for all images",
|
||
|
Function: LintAllImagesTagged,
|
||
|
},
|
||
|
LintRule{
|
||
|
Ref: "R004",
|
||
|
Level: "warn",
|
||
|
Description: "no unstable tags",
|
||
|
HowToResolve: "tag all images with stable tags",
|
||
|
Function: LintNoUnstableTags,
|
||
|
},
|
||
|
LintRule{
|
||
|
Ref: "R005",
|
||
|
Level: "warn",
|
||
|
Description: "tags use semver-like format",
|
||
|
HowToResolve: "use semver-like tags",
|
||
|
Function: LintSemverLikeTags,
|
||
|
},
|
||
|
LintRule{
|
||
|
Ref: "R006",
|
||
|
Level: "warn",
|
||
|
Description: "has published catalogue version",
|
||
|
HowToResolve: "publish a recipe version to the catalogue",
|
||
|
Function: LintHasPublishedVersion,
|
||
|
},
|
||
|
LintRule{
|
||
|
Ref: "R007",
|
||
|
Level: "warn",
|
||
|
Description: "README.md metadata filled in",
|
||
|
HowToResolve: "fill out all the metadata",
|
||
|
Function: LintMetadataFilledIn,
|
||
|
},
|
||
|
},
|
||
|
"error": []LintRule{
|
||
|
LintRule{
|
||
|
Ref: "R008",
|
||
|
Level: "error",
|
||
|
Description: ".env.sample provided",
|
||
|
HowToResolve: "create an example .env.sample",
|
||
|
Function: LintEnvConfigPresent,
|
||
|
},
|
||
|
LintRule{
|
||
|
Ref: "R009",
|
||
|
Level: "error",
|
||
|
Description: "one service named 'app'",
|
||
|
HowToResolve: "name a servce 'app'",
|
||
|
Function: LintAppService,
|
||
|
},
|
||
|
LintRule{
|
||
|
Ref: "R010",
|
||
|
Level: "error",
|
||
|
Description: "traefik routing enabled",
|
||
|
HowToResolve: "include \"traefik.enable=true\" deploy label",
|
||
|
Function: LintTraefikEnabled,
|
||
|
},
|
||
|
LintRule{
|
||
|
Ref: "R011",
|
||
|
Level: "error",
|
||
|
Description: "all services have images",
|
||
|
HowToResolve: "ensure \"image: ...\" set on all services",
|
||
|
Function: LintImagePresent,
|
||
|
},
|
||
|
LintRule{
|
||
|
Ref: "R012",
|
||
|
Level: "error",
|
||
|
Description: "config version are vendored",
|
||
|
HowToResolve: "vendor config versions in an abra.sh",
|
||
|
Function: LintAbraShVendors,
|
||
|
},
|
||
|
LintRule{
|
||
|
Ref: "R013",
|
||
|
Level: "error",
|
||
|
Description: "git.coopcloud.tech repo exists",
|
||
|
HowToResolve: "upload your recipe to git.coopcloud.tech/coop-cloud/...",
|
||
|
Function: LintHasRecipeRepo,
|
||
|
},
|
||
|
},
|
||
|
}
|
||
|
|
||
|
func LintForErrors(recipe recipe.Recipe) error {
|
||
|
logrus.Debugf("linting for critical errors in %s configs", recipe.Name)
|
||
|
|
||
|
for level := range LintRules {
|
||
|
if level != "error" {
|
||
|
continue
|
||
|
}
|
||
|
for _, rule := range LintRules[level] {
|
||
|
ok, err := rule.Function(recipe)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
if !ok {
|
||
|
return fmt.Errorf("lint error in %s configs: \"%s\" failed lint checks (%s)", recipe.Name, rule.Description, rule.Ref)
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
logrus.Debugf("linting successful, %s is well configured", recipe.Name)
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func LintComposeVersion(recipe recipe.Recipe) (bool, error) {
|
||
|
if recipe.Config.Version == "3.8" {
|
||
|
return true, nil
|
||
|
}
|
||
|
|
||
|
return true, nil
|
||
|
}
|
||
|
|
||
|
func LintEnvConfigPresent(recipe recipe.Recipe) (bool, error) {
|
||
|
envSample := fmt.Sprintf("%s/%s/.env.sample", config.RECIPES_DIR, recipe.Name)
|
||
|
if _, err := os.Stat(envSample); !os.IsNotExist(err) {
|
||
|
return true, nil
|
||
|
}
|
||
|
|
||
|
return false, nil
|
||
|
}
|
||
|
|
||
|
func LintAppService(recipe recipe.Recipe) (bool, error) {
|
||
|
for _, service := range recipe.Config.Services {
|
||
|
if service.Name == "app" {
|
||
|
return true, nil
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return false, nil
|
||
|
}
|
||
|
|
||
|
func LintTraefikEnabled(recipe recipe.Recipe) (bool, error) {
|
||
|
for _, service := range recipe.Config.Services {
|
||
|
for label := range service.Deploy.Labels {
|
||
|
if label == "traefik.enable" {
|
||
|
if service.Deploy.Labels[label] == "true" {
|
||
|
return true, nil
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return false, nil
|
||
|
}
|
||
|
|
||
|
func LintHealthchecks(recipe recipe.Recipe) (bool, error) {
|
||
|
for _, service := range recipe.Config.Services {
|
||
|
if service.HealthCheck == nil {
|
||
|
return false, nil
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return true, nil
|
||
|
}
|
||
|
|
||
|
func LintAllImagesTagged(recipe recipe.Recipe) (bool, error) {
|
||
|
for _, service := range recipe.Config.Services {
|
||
|
img, err := reference.ParseNormalizedNamed(service.Image)
|
||
|
if err != nil {
|
||
|
return false, err
|
||
|
}
|
||
|
if reference.IsNameOnly(img) {
|
||
|
return false, nil
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return true, nil
|
||
|
}
|
||
|
|
||
|
func LintNoUnstableTags(recipe recipe.Recipe) (bool, error) {
|
||
|
for _, service := range recipe.Config.Services {
|
||
|
img, err := reference.ParseNormalizedNamed(service.Image)
|
||
|
if err != nil {
|
||
|
return false, err
|
||
|
}
|
||
|
|
||
|
var tag string
|
||
|
switch img.(type) {
|
||
|
case reference.NamedTagged:
|
||
|
tag = img.(reference.NamedTagged).Tag()
|
||
|
case reference.Named:
|
||
|
return false, nil
|
||
|
}
|
||
|
|
||
|
if tag == "latest" {
|
||
|
return false, nil
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return true, nil
|
||
|
}
|
||
|
|
||
|
func LintSemverLikeTags(recipe recipe.Recipe) (bool, error) {
|
||
|
for _, service := range recipe.Config.Services {
|
||
|
img, err := reference.ParseNormalizedNamed(service.Image)
|
||
|
if err != nil {
|
||
|
return false, err
|
||
|
}
|
||
|
|
||
|
var tag string
|
||
|
switch img.(type) {
|
||
|
case reference.NamedTagged:
|
||
|
tag = img.(reference.NamedTagged).Tag()
|
||
|
case reference.Named:
|
||
|
return false, nil
|
||
|
}
|
||
|
|
||
|
if !tagcmp.IsParsable(tag) {
|
||
|
return false, nil
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return true, nil
|
||
|
}
|
||
|
|
||
|
func LintImagePresent(recipe recipe.Recipe) (bool, error) {
|
||
|
for _, service := range recipe.Config.Services {
|
||
|
if service.Image == "" {
|
||
|
return false, nil
|
||
|
}
|
||
|
}
|
||
|
return true, nil
|
||
|
}
|
||
|
|
||
|
func LintHasPublishedVersion(recipe recipe.Recipe) (bool, error) {
|
||
|
catl, err := catalogue.ReadRecipeCatalogue()
|
||
|
if err != nil {
|
||
|
logrus.Fatal(err)
|
||
|
}
|
||
|
|
||
|
versions, err := catalogue.GetRecipeCatalogueVersions(recipe.Name, catl)
|
||
|
if err != nil {
|
||
|
logrus.Fatal(err)
|
||
|
}
|
||
|
|
||
|
if len(versions) == 0 {
|
||
|
return false, nil
|
||
|
}
|
||
|
|
||
|
return true, nil
|
||
|
}
|
||
|
|
||
|
func LintMetadataFilledIn(r recipe.Recipe) (bool, error) {
|
||
|
features, category, err := recipe.GetRecipeFeaturesAndCategory(r.Name)
|
||
|
if err != nil {
|
||
|
return false, err
|
||
|
}
|
||
|
|
||
|
if category == "" {
|
||
|
return false, nil
|
||
|
}
|
||
|
|
||
|
if features.Backups == "" ||
|
||
|
features.Email == "" ||
|
||
|
features.Healthcheck == "" ||
|
||
|
features.Image.Image == "" ||
|
||
|
features.SSO == "" {
|
||
|
return false, nil
|
||
|
}
|
||
|
|
||
|
return true, nil
|
||
|
}
|
||
|
|
||
|
func LintAbraShVendors(recipe recipe.Recipe) (bool, error) {
|
||
|
for _, service := range recipe.Config.Services {
|
||
|
if len(service.Configs) > 0 {
|
||
|
abraSh := path.Join(config.RECIPES_DIR, recipe.Name, "abra.sh")
|
||
|
if _, err := os.Stat(abraSh); err != nil {
|
||
|
if os.IsNotExist(err) {
|
||
|
return false, err
|
||
|
}
|
||
|
return false, err
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
return true, nil
|
||
|
}
|
||
|
|
||
|
func LintHasRecipeRepo(recipe recipe.Recipe) (bool, error) {
|
||
|
url := fmt.Sprintf("%s/%s.git", config.REPOS_BASE_URL, recipe.Name)
|
||
|
|
||
|
res, err := http.Get(url)
|
||
|
if err != nil {
|
||
|
return false, err
|
||
|
}
|
||
|
|
||
|
if res.StatusCode != 200 {
|
||
|
return false, err
|
||
|
}
|
||
|
|
||
|
return true, nil
|
||
|
}
|