Introduce a zarf prepare lint command
#2064
Comments
|
It may be worth it to yamllint downstream manifests and values files that are directly provided to Zarf as well https://kubernetes.slack.com/archives/C03B6BJAUJ3/p1697579246332669?thread_ts=1683149646.315369&cid=C03B6BJAUJ3 |
|
I would also like to give the user the line number in the future |
## Description Intent of this PR is to introduce the command zarf prepare lint, with the ability to validate the zarf schema ## Related Issue Relates to #2064 #1667 ## Type of change - [X] New feature (non-breaking change which adds functionality) ## Checklist before merging - [ ] Test, docs, adr added or updated as needed - [ ] [Contributor Guide Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow) followed --------- Co-authored-by: Barry Waldbaum <barry@waldbaum.com> Co-authored-by: Wayne Starr <Racer159@users.noreply.github.com> Co-authored-by: Lucas Rodriguez <lucas.rodriguez9616@gmail.com> Co-authored-by: razzle <harry@razzle.cloud>
|
For checking unpinned repos I'm leaning towards just checking if the repo doesn't contain "@" or "/-/". Could result in some false negatives since repos can have "@" in the name. This should cover github, dev.azure, and gitlab repos. Any source control sites popular among our users that I should take a look at @Racer159? Those would likely have false positives if they urls aren't built like github / gitlab |
|
We may want either run every combination of architecture or pass in architectures from lint |
|
We should warn if variables are not being used anywhere |
|
We can also use variable defaults / set values we can get to make sure that the downstream mainfests / helmcharts are valid yaml |
|
I would like to allow yaml extensions in the schema. They will work currently but give a schema error https://docs.docker.com/compose/compose-file/11-extension/. This was resolved by: #2217 |
…prepare lint` (#2171) ## Description Adding warnings for unpinned images, files and repos ## Related Issue Relates to #2064 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [X] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [ ] Test, docs, adr added or updated as needed --------- Co-authored-by: Barry Waldbaum <barry@waldbaum.com> Co-authored-by: Wayne Starr <Racer159@users.noreply.github.com> Co-authored-by: Lucas Rodriguez <lucas.rodriguez9616@gmail.com> Co-authored-by: razzle <harry@razzle.cloud>
## Description Support yaml extension in lint following these rules https://docs.docker.com/compose/compose-file/11-extension/ ## Related Issue Relates to #2064 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [X] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [ ] Test, docs, adr added or updated as needed - [ ] [Contributor Guide Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow) followed --------- Co-authored-by: Wayne Starr <Racer159@users.noreply.github.com>
|
verify that the zarf-config.yaml / toml / ini / json has at least package.deploy or package.create |
|
Tying this to this since this is the other side of variables linting: #2096 |
|
Command has been introduced. Putting further lints in the other issues. Moving flagged package warning (i.e. from p.warnings / deprecations) will go in #2485 |
Is your feature request related to a problem? Please describe.
We should introduce a
zarf prepare lintcommand that will look at azarf.yamlfile and then error or warn when azarf.yamlis out of spec with best practices.Describe the solution you'd like
zarf.yamlthat is not following best practiceszarf prepare linton that filereposorimageswithout a tagged reference)fileswithout pinnedshasumsvariables, packages,actionsandcomponentswithoutdescriptionsDescribe alternatives you've considered
We could publish these as docs, but having them coded into a command allows them to be run in CI and updated without people needing to go back and read a docs page.
Additional context
This will help package development scale and push the Zarf community's view of what makes a "good" Zarf package.
The text was updated successfully, but these errors were encountered: