From aaecabe0b7c5745be85fb23e21c9cc49b1a7d022 Mon Sep 17 00:00:00 2001 From: w7089 <3884662+w7089@users.noreply.github.com> Date: Sun, 26 Feb 2023 13:33:54 +0200 Subject: [PATCH] support disabling ssl validation in openapi2jsonschema.py (#167) * support disabling ssl validation in openapi2jsonschema.py * added acceptance tests for disable ssl feature * speed up bats docker build --- scripts/Dockerfile.bats | 5 +++-- scripts/acceptance.bats | 36 +++++++++++++++++++++++++++++++++++ scripts/openapi2jsonschema.py | 3 +++ 3 files changed, 42 insertions(+), 2 deletions(-) diff --git a/scripts/Dockerfile.bats b/scripts/Dockerfile.bats index 3dfce67c..4b1d186b 100644 --- a/scripts/Dockerfile.bats +++ b/scripts/Dockerfile.bats @@ -1,6 +1,7 @@ FROM python:3.9.7-alpine3.14 RUN apk --no-cache add bats -COPY acceptance.bats openapi2jsonschema.py requirements.txt /code/ +COPY requirements.txt /code/ +RUN pip install -r /code/requirements.txt COPY fixtures /code/fixtures +COPY acceptance.bats openapi2jsonschema.py /code/ WORKDIR /code -RUN pip install -r requirements.txt diff --git a/scripts/acceptance.bats b/scripts/acceptance.bats index cb1586ca..c210d45e 100644 --- a/scripts/acceptance.bats +++ b/scripts/acceptance.bats @@ -5,6 +5,42 @@ setup() { rm -f prometheus-monitoring-v1.json } +@test "Should generate expected prometheus resource while disable ssl env var is set" { + run export DISABLE_SSL_CERT_VALIDATION=true + run ./openapi2jsonschema.py fixtures/prometheus-operator-0prometheusCustomResourceDefinition.yaml + [ "$status" -eq 0 ] + [ "$output" = "JSON schema written to prometheus_v1.json" ] + run diff prometheus_v1.json ./fixtures/prometheus_v1-expected.json + [ "$status" -eq 0 ] +} + +@test "Should generate expected prometheus resource from an HTTPS resource while disable ssl env var is set" { + run export DISABLE_SSL_CERT_VALIDATION=true + run ./openapi2jsonschema.py https://raw.githubusercontent.com/yannh/kubeconform/aebc298047c386116eeeda9b1ada83671a58aedd/scripts/fixtures/prometheus-operator-0prometheusCustomResourceDefinition.yaml + [ "$status" -eq 0 ] + [ "$output" = "JSON schema written to prometheus_v1.json" ] + run diff prometheus_v1.json ./fixtures/prometheus_v1-expected.json + [ "$status" -eq 0 ] +} + +@test "Should output filename in {kind}-{group}-{version} format while disable ssl env var is set" { + run export DISABLE_SSL_CERT_VALIDATION=true + FILENAME_FORMAT='{kind}-{group}-{version}' run ./openapi2jsonschema.py fixtures/prometheus-operator-0prometheusCustomResourceDefinition.yaml + [ "$status" -eq 0 ] + [ "$output" = "JSON schema written to prometheus-monitoring-v1.json" ] + run diff prometheus-monitoring-v1.json ./fixtures/prometheus_v1-expected.json + [ "$status" -eq 0 ] +} + +@test "Should set 'additionalProperties: false' at the root while disable ssl env var is set" { + run export DISABLE_SSL_CERT_VALIDATION=true + DENY_ROOT_ADDITIONAL_PROPERTIES='true' run ./openapi2jsonschema.py fixtures/prometheus-operator-0prometheusCustomResourceDefinition.yaml + [ "$status" -eq 0 ] + [ "$output" = "JSON schema written to prometheus_v1.json" ] + run diff prometheus_v1.json ./fixtures/prometheus_v1-denyRootAdditionalProperties.json + [ "$status" -eq 0 ] +} + @test "Should generate expected prometheus resource" { run ./openapi2jsonschema.py fixtures/prometheus-operator-0prometheusCustomResourceDefinition.yaml [ "$status" -eq 0 ] diff --git a/scripts/openapi2jsonschema.py b/scripts/openapi2jsonschema.py index 38d69a66..f8cf8441 100755 --- a/scripts/openapi2jsonschema.py +++ b/scripts/openapi2jsonschema.py @@ -6,6 +6,9 @@ import sys import os import urllib.request +if 'DISABLE_SSL_CERT_VALIDATION' in os.environ: + import ssl + ssl._create_default_https_context = ssl._create_unverified_context def test_additional_properties(): for test in iter([{