2 # Licensed under the Apache License, Version 2.0 (the "License"); you may
3 # not use this file except in compliance with the License. You may obtain
4 # a copy of the License at
6 # http://www.apache.org/licenses/LICENSE-2.0
8 # Unless required by applicable law or agreed to in writing, software
9 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
10 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
11 # License for the specific language governing permissions and limitations
20 required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords']
22 envs_containing_endpoint_map = ['tls-endpoints-public-dns.yaml',
23 'tls-endpoints-public-ip.yaml',
24 'tls-everywhere-endpoints-dns.yaml']
25 ENDPOINT_MAP_FILE = 'endpoint_map.yaml'
28 print('Usage %s <yaml file or directory>' % sys.argv[0])
32 def get_base_endpoint_map(filename):
34 tpl = yaml.load(open(filename).read())
35 return tpl['parameters']['EndpointMap']['default']
37 print(traceback.format_exc())
41 def get_endpoint_map_from_env(filename):
43 tpl = yaml.load(open(filename).read())
46 'map': tpl['parameter_defaults']['EndpointMap']
49 print(traceback.format_exc())
53 def validate_endpoint_map(base_map, env_map):
54 return sorted(base_map.keys()) == sorted(env_map.keys())
57 def validate_mysql_connection(settings):
58 no_op = lambda *args: False
61 def mysql_protocol(items):
62 return items == ['EndpointMap', 'MysqlInternal', 'protocol']
64 def client_bind_address(item):
65 return 'bind_address' in item
67 def validate_mysql_uri(key, items):
68 # Only consider a connection if it targets mysql
69 if key.endswith('connection') and \
70 search(items, mysql_protocol, no_op):
71 # Assume the "bind_address" option is one of
72 # the token that made up the uri
73 if not search(items, client_bind_address, no_op):
77 def search(item, check_item, check_key):
80 elif isinstance(item, list):
82 if search(i, check_item, check_key):
84 elif isinstance(item, dict):
86 if check_key(k, item[k]):
88 elif search(item[k], check_item, check_key):
92 search(settings, no_op, validate_mysql_uri)
93 return error_status[0]
96 def validate_service(filename, tpl):
97 if 'outputs' in tpl and 'role_data' in tpl['outputs']:
98 if 'value' not in tpl['outputs']['role_data']:
99 print('ERROR: invalid role_data for filename: %s'
102 role_data = tpl['outputs']['role_data']['value']
103 if 'service_name' not in role_data:
104 print('ERROR: service_name is required in role_data for %s.'
107 # service_name must match the filename, but with an underscore
108 if (role_data['service_name'] !=
109 os.path.basename(filename).split('.')[0].replace("-", "_")):
110 print('ERROR: service_name should match file name for service: %s.'
113 # if service connects to mysql, the uri should use option
114 # bind_address to avoid issues with VIP failover
115 if 'config_settings' in role_data and \
116 validate_mysql_connection(role_data['config_settings']):
117 print('ERROR: mysql connection uri should use option bind_address')
119 if 'parameters' in tpl:
120 for param in required_params:
121 if param not in tpl['parameters']:
122 print('ERROR: parameter %s is required for %s.'
128 def validate(filename):
129 print('Validating %s' % filename)
132 tpl = yaml.load(open(filename).read())
134 # The template alias version should be used instead a date, this validation
135 # will be applied to all templates not just for those in the services folder.
136 if 'heat_template_version' in tpl and not str(tpl['heat_template_version']).isalpha():
137 print('ERROR: heat_template_version needs to be the release alias not a date: %s'
141 if (filename.startswith('./puppet/services/') and
142 filename != './puppet/services/services.yaml'):
143 retval = validate_service(filename, tpl)
146 print(traceback.format_exc())
148 # yaml is OK, now walk the parameters and output a warning for unused ones
149 if 'heat_template_version' in tpl:
150 for p in tpl.get('parameters', {}):
151 if p in required_params:
154 in_resources = str_p in str(tpl.get('resources', {}))
155 in_outputs = str_p in str(tpl.get('outputs', {}))
156 if not in_resources and not in_outputs:
157 print('Warning: parameter %s in template %s '
158 'appears to be unused' % (p, filename))
162 if len(sys.argv) < 2:
165 path_args = sys.argv[1:]
168 base_endpoint_map = None
169 env_endpoint_maps = list()
171 for base_path in path_args:
172 if os.path.isdir(base_path):
173 for subdir, dirs, files in os.walk(base_path):
175 if f.endswith('.yaml') and not f.endswith('.j2.yaml'):
176 file_path = os.path.join(subdir, f)
177 failed = validate(file_path)
179 failed_files.append(file_path)
181 if f == ENDPOINT_MAP_FILE:
182 base_endpoint_map = get_base_endpoint_map(file_path)
183 if f in envs_containing_endpoint_map:
184 env_endpoint_map = get_endpoint_map_from_env(file_path)
186 env_endpoint_maps.append(env_endpoint_map)
187 elif os.path.isfile(base_path) and base_path.endswith('.yaml'):
188 failed = validate(base_path)
190 failed_files.append(base_path)
193 print('Unexpected argument %s' % base_path)
196 if base_endpoint_map and \
197 len(env_endpoint_maps) == len(envs_containing_endpoint_map):
198 for env_endpoint_map in env_endpoint_maps:
199 matches = validate_endpoint_map(base_endpoint_map,
200 env_endpoint_map['map'])
202 print("ERROR: %s needs to be updated to match changes in base "
203 "endpoint map" % env_endpoint_map['file'])
204 failed_files.append(env_endpoint_map['file'])
207 print("%s matches base endpoint map" % env_endpoint_map['file'])
209 print("ERROR: Can't validate endpoint maps since a file is missing. "
210 "If you meant to delete one of these files you should update this "
212 if not base_endpoint_map:
213 failed_files.append(ENDPOINT_MAP_FILE)
214 if len(env_endpoint_maps) != len(envs_containing_endpoint_map):
215 matched_files = set(os.path.basename(matched_env_file['file'])
216 for matched_env_file in env_endpoint_maps)
217 failed_files.extend(set(envs_containing_endpoint_map) - matched_files)
221 print('Validation failed on:')
222 for f in failed_files:
225 print('Validation successful!')