From 48fbebeac3a6c650ee2cdaafd784fa1e21722b14 Mon Sep 17 00:00:00 2001 From: Darcy Cleaver Date: Wed, 8 May 2024 09:04:48 -0600 Subject: [PATCH 1/7] strict bundle validation --- src/pkg/bundle/create.go | 9 ++-- src/pkg/bundle/dev.go | 4 +- src/pkg/bundle/inspect.go | 5 +- src/pkg/bundle/publish.go | 3 +- src/pkg/bundle/remote.go | 2 +- src/pkg/bundle/remove.go | 12 ++--- src/pkg/bundler/fetcher/local.go | 2 +- src/pkg/bundler/fetcher/remote.go | 2 +- src/pkg/sources/remote.go | 2 +- src/pkg/sources/tarball.go | 5 +- src/pkg/utils/utils.go | 13 +++++ .../07-helm-overrides/invalid/uds-bundle.yaml | 53 +++++++++++++++++++ src/test/e2e/bundle_test.go | 8 +++ 13 files changed, 97 insertions(+), 23 deletions(-) create mode 100644 src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml diff --git a/src/pkg/bundle/create.go b/src/pkg/bundle/create.go index b8d64653..033f3e1b 100644 --- a/src/pkg/bundle/create.go +++ b/src/pkg/bundle/create.go @@ -11,10 +11,11 @@ import ( "github.com/AlecAivazis/survey/v2" "github.com/defenseunicorns/uds-cli/src/config" "github.com/defenseunicorns/uds-cli/src/pkg/bundler" + "github.com/defenseunicorns/uds-cli/src/pkg/utils" zarfConfig "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/pkg/interactive" "github.com/defenseunicorns/zarf/src/pkg/message" - "github.com/defenseunicorns/zarf/src/pkg/utils" + zarfUtils "github.com/defenseunicorns/zarf/src/pkg/utils" "github.com/pterm/pterm" ) @@ -55,7 +56,7 @@ func (b *Bundle) Create() error { if b.cfg.CreateOpts.SigningKeyPath != "" { // write the bundle to disk so we can sign it bundlePath := filepath.Join(b.tmp, config.BundleYAML) - if err := utils.WriteYaml(bundlePath, &b.bundle, 0600); err != nil { + if err := zarfUtils.WriteYaml(bundlePath, &b.bundle, 0600); err != nil { return err } @@ -67,7 +68,7 @@ func (b *Bundle) Create() error { } // sign the bundle signaturePath := filepath.Join(b.tmp, config.BundleYAMLSignature) - _, err := utils.CosignSignBlob(bundlePath, signaturePath, b.cfg.CreateOpts.SigningKeyPath, getSigCreatePassword) + _, err := zarfUtils.CosignSignBlob(bundlePath, signaturePath, b.cfg.CreateOpts.SigningKeyPath, getSigCreatePassword) if err != nil { return err } @@ -87,7 +88,7 @@ func (b *Bundle) Create() error { func (b *Bundle) confirmBundleCreation() (confirm bool) { message.HeaderInfof("🎁 BUNDLE DEFINITION") - utils.ColorPrintYAML(b.bundle, nil, false) + zarfUtils.ColorPrintYAML(b.bundle, nil, false) message.HorizontalRule() pterm.Println() diff --git a/src/pkg/bundle/dev.go b/src/pkg/bundle/dev.go index c36aa4dd..cfe8fbb0 100644 --- a/src/pkg/bundle/dev.go +++ b/src/pkg/bundle/dev.go @@ -11,17 +11,17 @@ import ( "regexp" "github.com/defenseunicorns/uds-cli/src/config" + "github.com/defenseunicorns/uds-cli/src/pkg/utils" zarfCLI "github.com/defenseunicorns/zarf/src/cmd" "github.com/defenseunicorns/zarf/src/pkg/message" - zarfUtils "github.com/defenseunicorns/zarf/src/pkg/utils" ) // CreateZarfPkgs creates a zarf package if its missing when in dev mode func (b *Bundle) CreateZarfPkgs() { srcDir := b.cfg.CreateOpts.SourceDirectory bundleYAMLPath := filepath.Join(srcDir, b.cfg.CreateOpts.BundleFile) - if err := zarfUtils.ReadYaml(bundleYAMLPath, &b.bundle); err != nil { + if err := utils.ReadYaml(bundleYAMLPath, &b.bundle); err != nil { message.Fatalf(err, "Failed to read bundle.yaml: %s", err.Error()) } diff --git a/src/pkg/bundle/inspect.go b/src/pkg/bundle/inspect.go index 6ec5c5d4..31781755 100644 --- a/src/pkg/bundle/inspect.go +++ b/src/pkg/bundle/inspect.go @@ -6,7 +6,8 @@ package bundle import ( "github.com/defenseunicorns/uds-cli/src/config" - "github.com/defenseunicorns/zarf/src/pkg/utils" + "github.com/defenseunicorns/uds-cli/src/pkg/utils" + zarfUtils "github.com/defenseunicorns/zarf/src/pkg/utils" ) // Inspect pulls/unpacks a bundle's metadata and shows it @@ -49,7 +50,7 @@ func (b *Bundle) Inspect() error { } // show the bundle's metadata - utils.ColorPrintYAML(b.bundle, nil, false) + zarfUtils.ColorPrintYAML(b.bundle, nil, false) // TODO: showing package metadata? // TODO: could be cool to have an interactive mode that lets you select a package and show its metadata diff --git a/src/pkg/bundle/publish.go b/src/pkg/bundle/publish.go index 217ed2a7..dd7dac79 100644 --- a/src/pkg/bundle/publish.go +++ b/src/pkg/bundle/publish.go @@ -12,7 +12,6 @@ import ( "github.com/defenseunicorns/pkg/oci" "github.com/defenseunicorns/uds-cli/src/config" "github.com/defenseunicorns/uds-cli/src/pkg/utils" - zarfUtils "github.com/defenseunicorns/zarf/src/pkg/utils" "github.com/defenseunicorns/zarf/src/pkg/zoci" av3 "github.com/mholt/archiver/v3" ocispec "github.com/opencontainers/image-spec/specs-go/v1" @@ -32,7 +31,7 @@ func (b *Bundle) Publish() error { if err != nil { return err } - if err := zarfUtils.ReadYaml(loaded[config.BundleYAML], &b.bundle); err != nil { + if err := utils.ReadYaml(loaded[config.BundleYAML], &b.bundle); err != nil { return err } err = os.RemoveAll(filepath.Join(b.tmp, "blobs")) // clear tmp dir diff --git a/src/pkg/bundle/remote.go b/src/pkg/bundle/remote.go index e2ceb927..cfad2c86 100644 --- a/src/pkg/bundle/remote.go +++ b/src/pkg/bundle/remote.go @@ -151,7 +151,7 @@ func (op *ociProvider) LoadBundle(opts types.BundlePullOptions, _ int) (*types.U if err != nil { return nil, nil, err } - if err := zarfUtils.ReadYaml(loaded[config.BundleYAML], &bundle); err != nil { + if err := utils.ReadYaml(loaded[config.BundleYAML], &bundle); err != nil { return nil, nil, err } diff --git a/src/pkg/bundle/remove.go b/src/pkg/bundle/remove.go index 21a152b2..75979276 100644 --- a/src/pkg/bundle/remove.go +++ b/src/pkg/bundle/remove.go @@ -8,15 +8,15 @@ import ( "fmt" "strings" + "github.com/defenseunicorns/uds-cli/src/config" + "github.com/defenseunicorns/uds-cli/src/pkg/sources" + "github.com/defenseunicorns/uds-cli/src/pkg/utils" + "github.com/defenseunicorns/uds-cli/src/types" "github.com/defenseunicorns/zarf/src/pkg/message" "github.com/defenseunicorns/zarf/src/pkg/packager" - "github.com/defenseunicorns/zarf/src/pkg/utils" + zarfUtils "github.com/defenseunicorns/zarf/src/pkg/utils" zarfTypes "github.com/defenseunicorns/zarf/src/types" "golang.org/x/exp/slices" - - "github.com/defenseunicorns/uds-cli/src/config" - "github.com/defenseunicorns/uds-cli/src/pkg/sources" - "github.com/defenseunicorns/uds-cli/src/types" ) // Remove removes packages deployed from a bundle @@ -87,7 +87,7 @@ func removePackages(packagesToRemove []types.Package, b *Bundle) error { pkgCfg := zarfTypes.PackagerConfig{ PkgOpts: opts, } - pkgTmp, err := utils.MakeTempDir(config.CommonOptions.TempDirectory) + pkgTmp, err := zarfUtils.MakeTempDir(config.CommonOptions.TempDirectory) if err != nil { return err } diff --git a/src/pkg/bundler/fetcher/local.go b/src/pkg/bundler/fetcher/local.go index 2067bc25..cd2dd4a6 100644 --- a/src/pkg/bundler/fetcher/local.go +++ b/src/pkg/bundler/fetcher/local.go @@ -103,7 +103,7 @@ func (f *localFetcher) GetPkgMetadata() (zarfTypes.ZarfPackage, error) { } zarfYAML := zarfTypes.ZarfPackage{} zarfYAMLPath := filepath.Join(tmpDir, config.ZarfYAML) - err = zarfUtils.ReadYaml(zarfYAMLPath, &zarfYAML) + err = utils.ReadYaml(zarfYAMLPath, &zarfYAML) if err != nil { return zarfTypes.ZarfPackage{}, err } diff --git a/src/pkg/bundler/fetcher/remote.go b/src/pkg/bundler/fetcher/remote.go index 97febbe8..f15a4ef2 100644 --- a/src/pkg/bundler/fetcher/remote.go +++ b/src/pkg/bundler/fetcher/remote.go @@ -191,7 +191,7 @@ func (f *remoteFetcher) GetPkgMetadata() (zarfTypes.ZarfPackage, error) { } zarfYAML := zarfTypes.ZarfPackage{} zarfYAMLPath := filepath.Join(tmpDir, config.ZarfYAML) - err = zarfUtils.ReadYaml(zarfYAMLPath, &zarfYAML) + err = utils.ReadYaml(zarfYAMLPath, &zarfYAML) if err != nil { return zarfTypes.ZarfPackage{}, err } diff --git a/src/pkg/sources/remote.go b/src/pkg/sources/remote.go index 5c4d8746..dfa56fd7 100644 --- a/src/pkg/sources/remote.go +++ b/src/pkg/sources/remote.go @@ -49,7 +49,7 @@ func (r *RemoteBundle) LoadPackage(dst *layout.PackagePaths, filter filters.Comp } var pkg zarfTypes.ZarfPackage - if err = zarfUtils.ReadYaml(dst.ZarfYAML, &pkg); err != nil { + if err = utils.ReadYaml(dst.ZarfYAML, &pkg); err != nil { return zarfTypes.ZarfPackage{}, nil, err } diff --git a/src/pkg/sources/tarball.go b/src/pkg/sources/tarball.go index 3768050f..595fcf60 100644 --- a/src/pkg/sources/tarball.go +++ b/src/pkg/sources/tarball.go @@ -19,7 +19,6 @@ import ( "github.com/defenseunicorns/zarf/src/pkg/message" "github.com/defenseunicorns/zarf/src/pkg/packager/filters" "github.com/defenseunicorns/zarf/src/pkg/packager/sources" - zarfUtils "github.com/defenseunicorns/zarf/src/pkg/utils" "github.com/defenseunicorns/zarf/src/types" zarfTypes "github.com/defenseunicorns/zarf/src/types" av4 "github.com/mholt/archiver/v4" @@ -55,7 +54,7 @@ func (t *TarballBundle) LoadPackage(dst *layout.PackagePaths, filter filters.Com } var pkg zarfTypes.ZarfPackage - if err = zarfUtils.ReadYaml(dst.ZarfYAML, &pkg); err != nil { + if err = utils.ReadYaml(dst.ZarfYAML, &pkg); err != nil { return zarfTypes.ZarfPackage{}, nil, err } @@ -195,7 +194,7 @@ func (t *TarballBundle) LoadPackageMetadata(dst *layout.PackagePaths, _ bool, _ // deserialize zarf.yaml to grab checksum for validating pkg integrity var pkg zarfTypes.ZarfPackage - err = zarfUtils.ReadYaml(dst.ZarfYAML, &pkg) + err = utils.ReadYaml(dst.ZarfYAML, &pkg) if err != nil { return zarfTypes.ZarfPackage{}, nil, err } diff --git a/src/pkg/utils/utils.go b/src/pkg/utils/utils.go index fbe0badf..2505f669 100644 --- a/src/pkg/utils/utils.go +++ b/src/pkg/utils/utils.go @@ -16,6 +16,8 @@ import ( "strconv" "strings" + goyaml "github.com/goccy/go-yaml" + "github.com/defenseunicorns/pkg/helpers" "github.com/defenseunicorns/uds-cli/src/config" "github.com/defenseunicorns/uds-cli/src/types" @@ -183,3 +185,14 @@ func IsRegistryURL(s string) bool { return false } + +func ReadYaml(path string, destConfig any) error { + message.Debugf("Reading YAML at %s", path) + + file, err := os.ReadFile(path) + if err != nil { + return err + } + + return goyaml.UnmarshalWithOptions(file, destConfig, goyaml.Strict()) +} diff --git a/src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml b/src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml new file mode 100644 index 00000000..36c42331 --- /dev/null +++ b/src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml @@ -0,0 +1,53 @@ +kind: UDSBundle +metadata: + name: helm-overrides + description: testing a bundle with Helm overrides + version: 0.0.1 + +packages: + - name: helm-overrides + path: "../../packages/helm" + ref: 0.0.1 + + overrides: + podinfo-component: + unicorn-podinfo: + values: + - path: "podinfo.replicaCount" + value: 2 + - path: "podinfo.tolerations" + value: + - key: "unicorn" + operator: "Equal" + value: "defense" + effect: "NoSchedule" + - key: "uds" + operator: "Equal" + value: "true" + effect: "NoSchedule" + - path: podinfo.podAnnotations + value: + customAnnotation: "customValue" + - name: log_level + path: "podinfo.logLevel" + description: "Set the log level for podinfo" + default: "debug" # not overwritten! + - name: ui_color + path: "podinfo.ui.color" + description: "Set the color for podinfo's UI" + default: "blue" + - name: UI_MSG + path: "podinfo.ui.message" + description: "Set the message for podinfo's UI" + - name: SECRET_VAL + path: "testSecret" + description: "testing a secret value" + - name: SECURITY_CTX + path: "podinfo.securityContext" + description: "testing an object" + default: + runAsUser: 1000 + runAsGroup: 3000 + - name: HOSTS + path: "podinfo.ingress.hosts" + description: "just testing a a list of objects (doesn't actually do ingress things)" diff --git a/src/test/e2e/bundle_test.go b/src/test/e2e/bundle_test.go index 271ef814..771a4419 100644 --- a/src/test/e2e/bundle_test.go +++ b/src/test/e2e/bundle_test.go @@ -601,3 +601,11 @@ func TestBundleTmpDir(t *testing.T) { err = os.RemoveAll("./customtmp") require.NoError(t, err) } + +func TestInvalidBundle(t *testing.T) { + deployZarfInit(t) + e2e.CreateZarfPkg(t, "src/test/packages/helm", false) + bundleDir := "src/test/bundles/07-helm-overrides/invalid" + stderr := createLocalError(bundleDir, e2e.Arch) + require.Contains(t, stderr, "unknown field") +} From 08e867e93adef565ad4d6fc8fa8cd4a57e7de5b8 Mon Sep 17 00:00:00 2001 From: Darcy Cleaver Date: Wed, 8 May 2024 13:57:35 -0600 Subject: [PATCH 2/7] fix package path --- src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml b/src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml index 36c42331..5f2c8221 100644 --- a/src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml +++ b/src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml @@ -6,7 +6,7 @@ metadata: packages: - name: helm-overrides - path: "../../packages/helm" + path: "../../../packages/helm" ref: 0.0.1 overrides: From 4c42dc1464a7a3f15e879c174a3950d1a027650f Mon Sep 17 00:00:00 2001 From: Darcy Cleaver Date: Wed, 8 May 2024 14:36:37 -0600 Subject: [PATCH 3/7] add helm update for test --- src/test/e2e/bundle_test.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/test/e2e/bundle_test.go b/src/test/e2e/bundle_test.go index 771a4419..06aa297a 100644 --- a/src/test/e2e/bundle_test.go +++ b/src/test/e2e/bundle_test.go @@ -604,7 +604,9 @@ func TestBundleTmpDir(t *testing.T) { func TestInvalidBundle(t *testing.T) { deployZarfInit(t) - e2e.CreateZarfPkg(t, "src/test/packages/helm", false) + zarfPkgPath := "src/test/packages/helm" + e2e.HelmDepUpdate(t, fmt.Sprintf("%s/unicorn-podinfo", zarfPkgPath)) + e2e.CreateZarfPkg(t, zarfPkgPath, false) bundleDir := "src/test/bundles/07-helm-overrides/invalid" stderr := createLocalError(bundleDir, e2e.Arch) require.Contains(t, stderr, "unknown field") From 0e50427b286e6d6b2d472ce9cd142de88c659b90 Mon Sep 17 00:00:00 2001 From: Darcy Cleaver Date: Thu, 16 May 2024 08:39:47 -0600 Subject: [PATCH 4/7] addressing pr comments --- src/pkg/bundle/create.go | 2 +- src/pkg/bundle/dev.go | 2 +- src/pkg/bundle/inspect.go | 2 +- src/pkg/bundle/publish.go | 2 +- src/pkg/bundle/remote.go | 2 +- src/pkg/bundle/remove.go | 2 +- src/pkg/bundler/fetcher/local.go | 2 +- src/pkg/bundler/fetcher/remote.go | 2 +- src/pkg/sources/remote.go | 2 +- src/pkg/sources/tarball.go | 4 +-- src/pkg/utils/utils.go | 2 +- .../07-helm-overrides/invalid/uds-bundle.yaml | 33 +------------------ 12 files changed, 13 insertions(+), 44 deletions(-) diff --git a/src/pkg/bundle/create.go b/src/pkg/bundle/create.go index 033f3e1b..19e3fb0c 100644 --- a/src/pkg/bundle/create.go +++ b/src/pkg/bundle/create.go @@ -23,7 +23,7 @@ import ( func (b *Bundle) Create() error { // read the bundle's metadata into memory - if err := utils.ReadYaml(filepath.Join(b.cfg.CreateOpts.SourceDirectory, b.cfg.CreateOpts.BundleFile), &b.bundle); err != nil { + if err := utils.ReadYAMLStrict(filepath.Join(b.cfg.CreateOpts.SourceDirectory, b.cfg.CreateOpts.BundleFile), &b.bundle); err != nil { return err } diff --git a/src/pkg/bundle/dev.go b/src/pkg/bundle/dev.go index cfe8fbb0..0afd15ff 100644 --- a/src/pkg/bundle/dev.go +++ b/src/pkg/bundle/dev.go @@ -21,7 +21,7 @@ import ( func (b *Bundle) CreateZarfPkgs() { srcDir := b.cfg.CreateOpts.SourceDirectory bundleYAMLPath := filepath.Join(srcDir, b.cfg.CreateOpts.BundleFile) - if err := utils.ReadYaml(bundleYAMLPath, &b.bundle); err != nil { + if err := utils.ReadYAMLStrict(bundleYAMLPath, &b.bundle); err != nil { message.Fatalf(err, "Failed to read bundle.yaml: %s", err.Error()) } diff --git a/src/pkg/bundle/inspect.go b/src/pkg/bundle/inspect.go index 31781755..d60592ce 100644 --- a/src/pkg/bundle/inspect.go +++ b/src/pkg/bundle/inspect.go @@ -45,7 +45,7 @@ func (b *Bundle) Inspect() error { } } // read the bundle's metadata into memory - if err := utils.ReadYaml(loaded[config.BundleYAML], &b.bundle); err != nil { + if err := utils.ReadYAMLStrict(loaded[config.BundleYAML], &b.bundle); err != nil { return err } diff --git a/src/pkg/bundle/publish.go b/src/pkg/bundle/publish.go index dd7dac79..c2f0b1c0 100644 --- a/src/pkg/bundle/publish.go +++ b/src/pkg/bundle/publish.go @@ -31,7 +31,7 @@ func (b *Bundle) Publish() error { if err != nil { return err } - if err := utils.ReadYaml(loaded[config.BundleYAML], &b.bundle); err != nil { + if err := utils.ReadYAMLStrict(loaded[config.BundleYAML], &b.bundle); err != nil { return err } err = os.RemoveAll(filepath.Join(b.tmp, "blobs")) // clear tmp dir diff --git a/src/pkg/bundle/remote.go b/src/pkg/bundle/remote.go index cfad2c86..cf4dd74f 100644 --- a/src/pkg/bundle/remote.go +++ b/src/pkg/bundle/remote.go @@ -151,7 +151,7 @@ func (op *ociProvider) LoadBundle(opts types.BundlePullOptions, _ int) (*types.U if err != nil { return nil, nil, err } - if err := utils.ReadYaml(loaded[config.BundleYAML], &bundle); err != nil { + if err := utils.ReadYAMLStrict(loaded[config.BundleYAML], &bundle); err != nil { return nil, nil, err } diff --git a/src/pkg/bundle/remove.go b/src/pkg/bundle/remove.go index 75979276..581a1332 100644 --- a/src/pkg/bundle/remove.go +++ b/src/pkg/bundle/remove.go @@ -48,7 +48,7 @@ func (b *Bundle) Remove() error { } // read the bundle's metadata into memory - if err := utils.ReadYaml(loaded[config.BundleYAML], &b.bundle); err != nil { + if err := utils.ReadYAMLStrict(loaded[config.BundleYAML], &b.bundle); err != nil { return err } diff --git a/src/pkg/bundler/fetcher/local.go b/src/pkg/bundler/fetcher/local.go index cd2dd4a6..5a3baf6b 100644 --- a/src/pkg/bundler/fetcher/local.go +++ b/src/pkg/bundler/fetcher/local.go @@ -103,7 +103,7 @@ func (f *localFetcher) GetPkgMetadata() (zarfTypes.ZarfPackage, error) { } zarfYAML := zarfTypes.ZarfPackage{} zarfYAMLPath := filepath.Join(tmpDir, config.ZarfYAML) - err = utils.ReadYaml(zarfYAMLPath, &zarfYAML) + err = utils.ReadYAMLStrict(zarfYAMLPath, &zarfYAML) if err != nil { return zarfTypes.ZarfPackage{}, err } diff --git a/src/pkg/bundler/fetcher/remote.go b/src/pkg/bundler/fetcher/remote.go index f15a4ef2..75019ae9 100644 --- a/src/pkg/bundler/fetcher/remote.go +++ b/src/pkg/bundler/fetcher/remote.go @@ -191,7 +191,7 @@ func (f *remoteFetcher) GetPkgMetadata() (zarfTypes.ZarfPackage, error) { } zarfYAML := zarfTypes.ZarfPackage{} zarfYAMLPath := filepath.Join(tmpDir, config.ZarfYAML) - err = utils.ReadYaml(zarfYAMLPath, &zarfYAML) + err = utils.ReadYAMLStrict(zarfYAMLPath, &zarfYAML) if err != nil { return zarfTypes.ZarfPackage{}, err } diff --git a/src/pkg/sources/remote.go b/src/pkg/sources/remote.go index dfa56fd7..ca325199 100644 --- a/src/pkg/sources/remote.go +++ b/src/pkg/sources/remote.go @@ -49,7 +49,7 @@ func (r *RemoteBundle) LoadPackage(dst *layout.PackagePaths, filter filters.Comp } var pkg zarfTypes.ZarfPackage - if err = utils.ReadYaml(dst.ZarfYAML, &pkg); err != nil { + if err = utils.ReadYAMLStrict(dst.ZarfYAML, &pkg); err != nil { return zarfTypes.ZarfPackage{}, nil, err } diff --git a/src/pkg/sources/tarball.go b/src/pkg/sources/tarball.go index 595fcf60..a2f9ec38 100644 --- a/src/pkg/sources/tarball.go +++ b/src/pkg/sources/tarball.go @@ -54,7 +54,7 @@ func (t *TarballBundle) LoadPackage(dst *layout.PackagePaths, filter filters.Com } var pkg zarfTypes.ZarfPackage - if err = utils.ReadYaml(dst.ZarfYAML, &pkg); err != nil { + if err = utils.ReadYAMLStrict(dst.ZarfYAML, &pkg); err != nil { return zarfTypes.ZarfPackage{}, nil, err } @@ -194,7 +194,7 @@ func (t *TarballBundle) LoadPackageMetadata(dst *layout.PackagePaths, _ bool, _ // deserialize zarf.yaml to grab checksum for validating pkg integrity var pkg zarfTypes.ZarfPackage - err = utils.ReadYaml(dst.ZarfYAML, &pkg) + err = utils.ReadYAMLStrict(dst.ZarfYAML, &pkg) if err != nil { return zarfTypes.ZarfPackage{}, nil, err } diff --git a/src/pkg/utils/utils.go b/src/pkg/utils/utils.go index 2505f669..faefc3b7 100644 --- a/src/pkg/utils/utils.go +++ b/src/pkg/utils/utils.go @@ -186,7 +186,7 @@ func IsRegistryURL(s string) bool { return false } -func ReadYaml(path string, destConfig any) error { +func ReadYAMLStrict(path string, destConfig any) error { message.Debugf("Reading YAML at %s", path) file, err := os.ReadFile(path) diff --git a/src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml b/src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml index 5f2c8221..79ccbbd1 100644 --- a/src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml +++ b/src/test/bundles/07-helm-overrides/invalid/uds-bundle.yaml @@ -15,39 +15,8 @@ packages: values: - path: "podinfo.replicaCount" value: 2 - - path: "podinfo.tolerations" - value: - - key: "unicorn" - operator: "Equal" - value: "defense" - effect: "NoSchedule" - - key: "uds" - operator: "Equal" - value: "true" - effect: "NoSchedule" - - path: podinfo.podAnnotations - value: - customAnnotation: "customValue" + # missing `variables:` key here should throw an error - name: log_level path: "podinfo.logLevel" description: "Set the log level for podinfo" default: "debug" # not overwritten! - - name: ui_color - path: "podinfo.ui.color" - description: "Set the color for podinfo's UI" - default: "blue" - - name: UI_MSG - path: "podinfo.ui.message" - description: "Set the message for podinfo's UI" - - name: SECRET_VAL - path: "testSecret" - description: "testing a secret value" - - name: SECURITY_CTX - path: "podinfo.securityContext" - description: "testing an object" - default: - runAsUser: 1000 - runAsGroup: 3000 - - name: HOSTS - path: "podinfo.ingress.hosts" - description: "just testing a a list of objects (doesn't actually do ingress things)" From a69c5d29103db8ac47128b03c67290ea64af103d Mon Sep 17 00:00:00 2001 From: Darcy Cleaver Date: Thu, 16 May 2024 08:40:58 -0600 Subject: [PATCH 5/7] add function comment --- src/pkg/utils/utils.go | 1 + 1 file changed, 1 insertion(+) diff --git a/src/pkg/utils/utils.go b/src/pkg/utils/utils.go index faefc3b7..0c5c03bd 100644 --- a/src/pkg/utils/utils.go +++ b/src/pkg/utils/utils.go @@ -186,6 +186,7 @@ func IsRegistryURL(s string) bool { return false } +// ReadYAMLStrict reads a YAML file into a struct, with strict parsing func ReadYAMLStrict(path string, destConfig any) error { message.Debugf("Reading YAML at %s", path) From 33e54965cc1cee605ed9ae60997d107d5706082f Mon Sep 17 00:00:00 2001 From: decleaver <85503726+decleaver@users.noreply.github.com> Date: Tue, 21 May 2024 09:07:11 -0600 Subject: [PATCH 6/7] Update src/pkg/bundle/dev.go Co-authored-by: UncleGedd <42304551+UncleGedd@users.noreply.github.com> --- src/pkg/bundle/dev.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pkg/bundle/dev.go b/src/pkg/bundle/dev.go index 0afd15ff..12e0e6a9 100644 --- a/src/pkg/bundle/dev.go +++ b/src/pkg/bundle/dev.go @@ -22,7 +22,7 @@ func (b *Bundle) CreateZarfPkgs() { srcDir := b.cfg.CreateOpts.SourceDirectory bundleYAMLPath := filepath.Join(srcDir, b.cfg.CreateOpts.BundleFile) if err := utils.ReadYAMLStrict(bundleYAMLPath, &b.bundle); err != nil { - message.Fatalf(err, "Failed to read bundle.yaml: %s", err.Error()) + message.Fatalf(err, "Failed to read %s, error in YAML: %s", b.cfg.CreateOpts.BundleFile, err.Error()) } zarfPackagePattern := `^zarf-.*\.tar\.zst$` From f0dc6abae9d8779d2f8ac7e202d819e07d7320f5 Mon Sep 17 00:00:00 2001 From: Darcy Cleaver Date: Tue, 21 May 2024 10:43:55 -0600 Subject: [PATCH 7/7] make readYAMLStrict error messaging more better --- src/pkg/utils/utils.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/pkg/utils/utils.go b/src/pkg/utils/utils.go index 0c5c03bd..8cfd845c 100644 --- a/src/pkg/utils/utils.go +++ b/src/pkg/utils/utils.go @@ -192,8 +192,12 @@ func ReadYAMLStrict(path string, destConfig any) error { file, err := os.ReadFile(path) if err != nil { - return err + return fmt.Errorf("failed to read file at %s: %v", path, err) } - return goyaml.UnmarshalWithOptions(file, destConfig, goyaml.Strict()) + err = goyaml.UnmarshalWithOptions(file, destConfig, goyaml.Strict()) + if err != nil { + return fmt.Errorf("failed to unmarshal YAML at %s: %v", path, err) + } + return nil }