2 # Licensed under the Apache License, Version 2.0 (the "License"); you may
3 # not use this file except in compliance with the License. You may obtain
4 # a copy of the License at
6 # http://www.apache.org/licenses/LICENSE-2.0
8 # Unless required by applicable law or agreed to in writing, software
9 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
10 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
11 # License for the specific language governing permissions and limitations
20 required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords']
22 envs_containing_endpoint_map = ['tls-endpoints-public-dns.yaml',
23 'tls-endpoints-public-ip.yaml',
24 'tls-everywhere-endpoints-dns.yaml']
25 ENDPOINT_MAP_FILE = 'endpoint_map.yaml'
28 print('Usage %s <yaml file or directory>' % sys.argv[0])
32 def get_base_endpoint_map(filename):
34 tpl = yaml.load(open(filename).read())
35 return tpl['parameters']['EndpointMap']['default']
37 print(traceback.format_exc())
41 def get_endpoint_map_from_env(filename):
43 tpl = yaml.load(open(filename).read())
46 'map': tpl['parameter_defaults']['EndpointMap']
49 print(traceback.format_exc())
53 def validate_endpoint_map(base_map, env_map):
54 return sorted(base_map.keys()) == sorted(env_map.keys())
57 def validate_mysql_connection(settings):
58 no_op = lambda *args: False
61 def mysql_protocol(items):
62 return items == ['EndpointMap', 'MysqlInternal', 'protocol']
64 def client_bind_address(item):
65 return 'bind_address' in item
67 def validate_mysql_uri(key, items):
68 # Only consider a connection if it targets mysql
69 if key.endswith('connection') and \
70 search(items, mysql_protocol, no_op):
71 # Assume the "bind_address" option is one of
72 # the token that made up the uri
73 if not search(items, client_bind_address, no_op):
77 def search(item, check_item, check_key):
80 elif isinstance(item, list):
82 if search(i, check_item, check_key):
84 elif isinstance(item, dict):
86 if check_key(k, item[k]):
88 elif search(item[k], check_item, check_key):
92 search(settings, no_op, validate_mysql_uri)
93 return error_status[0]
96 def validate_service(filename, tpl):
97 if 'outputs' in tpl and 'role_data' in tpl['outputs']:
98 if 'value' not in tpl['outputs']['role_data']:
99 print('ERROR: invalid role_data for filename: %s'
102 role_data = tpl['outputs']['role_data']['value']
103 if 'service_name' not in role_data:
104 print('ERROR: service_name is required in role_data for %s.'
107 # service_name must match the filename, but with an underscore
108 if (role_data['service_name'] !=
109 os.path.basename(filename).split('.')[0].replace("-", "_")):
110 print('ERROR: service_name should match file name for service: %s.'
113 # if service connects to mysql, the uri should use option
114 # bind_address to avoid issues with VIP failover
115 if 'config_settings' in role_data and \
116 validate_mysql_connection(role_data['config_settings']):
117 print('ERROR: mysql connection uri should use option bind_address')
119 if 'parameters' in tpl:
120 for param in required_params:
121 if param not in tpl['parameters']:
122 print('ERROR: parameter %s is required for %s.'
128 def validate(filename):
129 print('Validating %s' % filename)
132 tpl = yaml.load(open(filename).read())
134 if (filename.startswith('./puppet/services/') and
135 filename != './puppet/services/services.yaml'):
136 retval = validate_service(filename, tpl)
139 print(traceback.format_exc())
141 # yaml is OK, now walk the parameters and output a warning for unused ones
142 if 'heat_template_version' in tpl:
143 for p in tpl.get('parameters', {}):
144 if p in required_params:
147 in_resources = str_p in str(tpl.get('resources', {}))
148 in_outputs = str_p in str(tpl.get('outputs', {}))
149 if not in_resources and not in_outputs:
150 print('Warning: parameter %s in template %s '
151 'appears to be unused' % (p, filename))
155 if len(sys.argv) < 2:
158 path_args = sys.argv[1:]
161 base_endpoint_map = None
162 env_endpoint_maps = list()
164 for base_path in path_args:
165 if os.path.isdir(base_path):
166 for subdir, dirs, files in os.walk(base_path):
168 if f.endswith('.yaml') and not f.endswith('.j2.yaml'):
169 file_path = os.path.join(subdir, f)
170 failed = validate(file_path)
172 failed_files.append(file_path)
174 if f == ENDPOINT_MAP_FILE:
175 base_endpoint_map = get_base_endpoint_map(file_path)
176 if f in envs_containing_endpoint_map:
177 env_endpoint_map = get_endpoint_map_from_env(file_path)
179 env_endpoint_maps.append(env_endpoint_map)
180 elif os.path.isfile(base_path) and base_path.endswith('.yaml'):
181 failed = validate(base_path)
183 failed_files.append(base_path)
186 print('Unexpected argument %s' % base_path)
189 if base_endpoint_map and \
190 len(env_endpoint_maps) == len(envs_containing_endpoint_map):
191 for env_endpoint_map in env_endpoint_maps:
192 matches = validate_endpoint_map(base_endpoint_map,
193 env_endpoint_map['map'])
195 print("ERROR: %s doesn't match base endpoint map" %
196 env_endpoint_map['file'])
197 failed_files.append(env_endpoint_map['file'])
200 print("%s matches base endpoint map" % env_endpoint_map['file'])
202 print("ERROR: Can't validate endpoint maps since a file is missing. "
203 "If you meant to delete one of these files you should update this "
205 if not base_endpoint_map:
206 failed_files.append(ENDPOINT_MAP_FILE)
207 if len(env_endpoint_maps) != len(envs_containing_endpoint_map):
208 matched_files = set(os.path.basename(matched_env_file['file'])
209 for matched_env_file in env_endpoint_maps)
210 failed_files.extend(set(envs_containing_endpoint_map) - matched_files)
214 print('Validation failed on:')
215 for f in failed_files:
218 print('Validation successful!')