search

python-jsonschema / check-jsonschema

A CLI and set of pre-commit hooks for jsonschema validation with built-in support for GitHub Workflows, Renovate, Azure Pipelines, and more!
https://check-jsonschema.readthedocs.io/en/stable
Other
207 stars 41 forks source link

Validation passes for misspelled optional child properties in Google Cloud Build schema #385

Closed jrdnbradford closed 8 months ago

jrdnbradford commented 8 months ago

I am utilizing 0.27.3 with pre-commit to run the check-cloudbuild hook:

repos:
- repo: https://github.com/python-jsonschema/check-jsonschema
  rev: 0.27.3 
  hooks:
    - id: check-cloudbuild
      files: ^cloudbuild/.*\.yaml$
      args: ["--verbose", "--traceback-mode", "full"]

Validation doesn't appear to occur for child property names. For instance, it rightfully catches 2 errors in the following yaml:

timeout: 30

steps:
- id: 'terraform-init-base'
  name: hashicorp/terraform:${_TF_TAG}
  dir: 'modules/base'
  waitFor: ['-']
  args: 'init'
Schema validation errors were encountered.
  cloudbuild/terraform-base-plan.yaml::$.steps[0].args: 'init' is not of type 'array'
  cloudbuild/terraform-base-plan.yaml::$.timeout: 30 is not of type 'string'

It will even catch if the required steps is misspelled:


stps: # Misspelled
- id: 'terraform-init-base'
  name: hashicorp/terraform:${_TF_TAG}
  dir: 'modules/base'
  waitFor: ['-']
  args: [ 'init']
Schema validation errors were encountered.
  cloudbuild/terraform-base-plan.yaml::$: 'steps' is a required property

But it does not catch misspelling of optional child properties under steps:

steps:
- id: 'terraform-init-base'
  nam: hashicorp/terraform:${_TF_TAG} # Misspelled
  dr: 'modules/base' # Misspelled
  watFor: ['-'] # Misspelled
  ags: ['init' ] # Misspelled
Validate Google Cloud Build config.......................................Passed

I had presumed that validation would catch nam (name), dr (dir), watFor (waitFor) and ags (args). These are listed as possible values in the Cloud Build Schema under steps. Is this expected behavior, or am I missing something?

jrdnbradford commented 8 months ago

I see this can be resolved with "additionalProperties": false. I'll close this issue!

sirosen commented 8 months ago

Yep, this is just a matter of what the cloudbuild schema defines. I couldn't tell you what the schema should be, but I see you've taken the initiative to file a PR on schemastore! ( :rocket: )

Releases of check-jsonschema vendor the files from schemastore to allow for offline validation and more consistent behavior. So if your changes get merged, feel from to drop a note here to ask for an update+release. Otherwise, it will roll out eventually as part of the normal update/release cadence.

jrdnbradford commented 8 months ago

Awesome, my PR https://github.com/SchemaStore/schemastore/pull/3561 got merged. No need for an immediate update/release. I suspect I may provide a few other updates to the Cloud Build schema in the future. Just found about this whole schema validation thing this morning and think it's a great testing tool for my Cloud Build deployments.

Thanks for maintaining. 🥇

jrdnbradford commented 8 months ago

I put in a much more significant PR (https://github.com/SchemaStore/schemastore/pull/3563) for the Cloud Build schema. Check it out.

If merged, this and my previously merged PR probably warrant an update+release. 🦖

jrdnbradford commented 8 months ago

@sirosen thanks for the assist on https://github.com/SchemaStore/schemastore/pull/3563! This is going to speed up my work in Google Cloud quite a bit.

sirosen commented 7 months ago

I've just released v0.28.0 (with some other features as well) which includes the latest version of the Cloud Build schema. Let me know if you see any issues using it!

jrdnbradford commented 7 months ago

@sirosen awesome! In addition to schema updates I also threw in some tests over there. Feel free to @ me for upstream Cloud Build issues.