This is an automated email from the ASF dual-hosted git repository.
shuyangw pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new b17feb5 feat: extend init configuration validation with jsonschema
(#3860)
b17feb5 is described below
commit b17feb59bbb7d22aaf9e584a6e10e5355ceacace
Author: 罗泽轩 <[email protected]>
AuthorDate: Tue Mar 23 21:57:53 2021 +0800
feat: extend init configuration validation with jsonschema (#3860)
Signed-off-by: spacewander <[email protected]>
---
apisix/cli/ops.lua | 126 ++++++++++++++++++++++++++++++++++++++
rockspec/apisix-master-0.rockspec | 2 +-
t/cli/test_validate_config.sh | 2 +-
3 files changed, 128 insertions(+), 2 deletions(-)
diff --git a/apisix/cli/ops.lua b/apisix/cli/ops.lua
index 1e8f4cf..43ae332 100644
--- a/apisix/cli/ops.lua
+++ b/apisix/cli/ops.lua
@@ -23,6 +23,7 @@ local profile = require("apisix.core.profile")
local template = require("resty.template")
local argparse = require("argparse")
local pl_path = require("pl.path")
+local jsonschema = require("jsonschema")
local stderr = io.stderr
local ipairs = ipairs
@@ -144,6 +145,125 @@ local function get_lua_path(conf)
end
+local config_schema = {
+ type = "object",
+ properties = {
+ apisix = {
+ properties = {
+ config_center = {
+ enum = {"etcd", "yaml"},
+ },
+ proxy_protocol = {
+ type = "object",
+ properties = {
+ listen_http_port = {
+ type = "integer",
+ },
+ listen_https_port = {
+ type = "integer",
+ },
+ enable_tcp_pp = {
+ type = "boolean",
+ },
+ enable_tcp_pp_to_upstream = {
+ type = "boolean",
+ },
+ }
+ },
+ port_admin = {
+ type = "integer",
+ },
+ https_admin = {
+ type = "boolean",
+ },
+ stream_proxy = {
+ type = "object",
+ properties = {
+ tcp = {
+ type = "array",
+ minItems = 1,
+ items = {
+ type = "integer",
+ }
+ },
+ udp = {
+ type = "array",
+ minItems = 1,
+ items = {
+ type = "integer",
+ }
+ },
+ }
+ },
+ dns_resolver = {
+ type = "array",
+ minItems = 1,
+ items = {
+ type = "string",
+ }
+ },
+ dns_resolver_valid = {
+ type = "integer",
+ },
+ ssl = {
+ type = "object",
+ properties = {
+ ssl_trusted_certificate = {
+ type = "string",
+ }
+ }
+ },
+ }
+ },
+ nginx_config = {
+ type = "object",
+ properties = {
+ envs = {
+ type = "array",
+ minItems = 1,
+ items = {
+ type = "string",
+ }
+ }
+ },
+ },
+ http = {
+ type = "object",
+ properties = {
+ lua_shared_dicts = {
+ type = "object",
+ }
+ }
+ },
+ etcd = {
+ type = "object",
+ properties = {
+ resync_delay = {
+ type = "integer",
+ },
+ user = {
+ type = "string",
+ },
+ password = {
+ type = "string",
+ },
+ tls = {
+ type = "object",
+ properties = {
+ cert = {
+ type = "string",
+ },
+ key = {
+ type = "string",
+ },
+ }
+ }
+ }
+ }
+ }
+}
+
+
local function init(env)
if env.is_root_path then
print('Warning! Running apisix under /root is only suitable for '
@@ -158,6 +278,12 @@ local function init(env)
util.die("failed to read local yaml config of apisix: ", err, "\n")
end
+ local validator = jsonschema.generate_validator(config_schema)
+ local ok, err = validator(yaml_conf)
+ if not ok then
+ util.die("failed to validate config: ", err, "\n")
+ end
+
-- check the Admin API token
local checked_admin_key = false
if yaml_conf.apisix.enable_admin and yaml_conf.apisix.allow_admin then
diff --git a/rockspec/apisix-master-0.rockspec
b/rockspec/apisix-master-0.rockspec
index 4020c80..52d559c 100644
--- a/rockspec/apisix-master-0.rockspec
+++ b/rockspec/apisix-master-0.rockspec
@@ -50,7 +50,7 @@ dependencies = {
"luafilesystem = 1.7.0-2",
"lua-tinyyaml = 1.0",
"nginx-lua-prometheus = 0.20201218",
- "jsonschema = 0.9.4",
+ "jsonschema = 0.9.5",
"lua-resty-ipmatcher = 0.6",
"lua-resty-kafka = 0.07",
"lua-resty-logger-socket = 2.0-0",
diff --git a/t/cli/test_validate_config.sh b/t/cli/test_validate_config.sh
index 65ce692..0a58e50 100755
--- a/t/cli/test_validate_config.sh
+++ b/t/cli/test_validate_config.sh
@@ -27,7 +27,7 @@ apisix:
' > conf/config.yaml
out=$(make init 2>&1 || true)
-if ! echo "$out" | grep 'dns_resolver_valid should be a number'; then
+if ! echo "$out" | grep 'property "dns_resolver_valid" validation failed:
wrong type: expected integer, got string'; then
echo "failed: dns_resolver_valid should be a number"
exit 1
fi
