validator-labs · ahmad-ibra · Sep 9, 2024 · Sep 6, 2024 · Sep 6, 2024 · Sep 6, 2024
@@ -209,11 +209,16 @@ For more information about validator, see: https://github.com/validator-labs/val
 
 	flags := cmd.Flags()
 	flags.StringVarP(&tc.ConfigFile, "config-file", "f", "", "Validator configuration file.")
+	flags.StringVar(&tc.CRPath, "cr", "", "Path to a file or directory containing validator custom resource yaml documents.")
 	flags.BoolVarP(&tc.CreateConfigOnly, "config-only", "o", false, "Update configuration file only. Do not proceed with checks. Default: false.")
 	flags.BoolVarP(&tc.UpdatePasswords, "update-passwords", "p", false, "Update passwords only. Do not proceed with checks. Default: false.")
 	flags.BoolVarP(&tc.Reconfigure, "reconfigure", "r", false, "Re-configure plugin rules prior to running checks. Default: false.")
 
 	cmd.MarkFlagsMutuallyExclusive("update-passwords", "reconfigure")
+	cmd.MarkFlagsMutuallyExclusive("config-file", "cr")
+	cmd.MarkFlagsMutuallyExclusive("config-only", "cr")
+	cmd.MarkFlagsMutuallyExclusive("update-passwords", "cr")
+	cmd.MarkFlagsMutuallyExclusive("reconfigure", "cr")
 
 	return cmd
 }

@@ -17,6 +17,7 @@ require (
 	github.com/spectrocloud-labs/prompts-tui v0.1.2
 	github.com/spf13/cobra v1.8.1
 	github.com/spf13/viper v1.19.0
+	github.com/stretchr/testify v1.9.0
 	github.com/validator-labs/validator v0.1.10
 	github.com/validator-labs/validator-plugin-aws v0.1.7
 	github.com/validator-labs/validator-plugin-azure v0.0.20
@@ -201,6 +202,7 @@ require (
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.2 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/prometheus/client_golang v1.19.1 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.55.0 // indirect

@@ -33,7 +33,6 @@
 	maasapi "github.com/validator-labs/validator-plugin-maas/api/v1alpha1"
 	maasconst "github.com/validator-labs/validator-plugin-maas/pkg/constants"
 	maasval "github.com/validator-labs/validator-plugin-maas/pkg/validate"
-
 	netapi "github.com/validator-labs/validator-plugin-network/api/v1alpha1"
 	netconst "github.com/validator-labs/validator-plugin-network/pkg/constants"
 	netval "github.com/validator-labs/validator-plugin-network/pkg/validate"
@@ -59,6 +58,7 @@
 	"github.com/validator-labs/validatorctl/pkg/utils/embed"
 	"github.com/validator-labs/validatorctl/pkg/utils/exec"
 	exec_utils "github.com/validator-labs/validatorctl/pkg/utils/exec"
+	file_utils "github.com/validator-labs/validatorctl/pkg/utils/file"
 	"github.com/validator-labs/validatorctl/pkg/utils/kind"
 	"github.com/validator-labs/validatorctl/pkg/utils/kube"
 	string_utils "github.com/validator-labs/validatorctl/pkg/utils/string"
@@ -72,6 +72,11 @@
 	return "one or more validation checks failed"
 }
 
+type basePluginSpec struct {
+	Kind string                 `yaml:"kind"`
+	Spec map[string]interface{} `yaml:"spec"`
+}
+
 // InitWorkspace initializes a workspace directory with subdirectories
 func InitWorkspace(c *cfg.Config, workspaceDir string, subdirs []string, timestamped bool) error {
 	if err := c.CreateWorkspace(workspaceDir, subdirs, timestamped); err != nil {
@@ -198,6 +203,20 @@
 	var err error
 	var saveConfig bool
 
+	if tc.CRPath != "" && tc.Direct {
+		pluginSpecs, err := readPluginSpecs(tc.CRPath)
+		if err != nil {
+			return err
+		}
+
+		if len(pluginSpecs) == 0 {
+			log.InfoCLI("No plugin rule CRs found in %s", tc.CRPath)
+			return nil
+		}
+
+		return executePlugins(c, pluginSpecs, nil)
+	}
+
 	if !tc.Reconfigure {
 		// Silent Mode
 		vc, err = components.NewValidatorFromConfig(tc)
@@ -249,7 +268,7 @@
 	}
 
 	if tc.Direct {
-		return executePlugins(c, pluginSpecs(vc), vc.SinkConfig)
+		return executePlugins(c, toPluginSpecs(vc), vc.SinkConfig)
 	}
 
 	// upgrade the validator helm release so that plugin rule secrets
@@ -268,7 +287,103 @@
 	return nil
 }
 
-func pluginSpecs(vc *components.ValidatorConfig) []plugins.PluginSpec {
+func readPluginSpecs(path string) ([]plugins.PluginSpec, error) {
+	fi, err := os.Stat(path)
+	if err != nil {
+		return nil, err
+	}
+
+	files := make([]string, 0)
+	if !fi.IsDir() {
+		files = append(files, path)
+	} else {
+		files, err = file_utils.GetFilesInDir(path)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if len(files) == 0 {
+		return nil, fmt.Errorf("no files found in %s", path)
+	}
+
+	ps := make([]plugins.PluginSpec, 0)
+	for _, f := range files {
+		pSpecs, err := readPluginSpecsInFile(f)
+		if err != nil {
+			return nil, err
+		}
+		ps = append(ps, pSpecs...)
+	}
+
+	return ps, nil
+}
+
+func readPluginSpecsInFile(file string) ([]plugins.PluginSpec, error) {
+	log.InfoCLI("Reading plugin specs from file: %s", file)
+
+	data, err := os.ReadFile(file) // #nosec
+	if err != nil {
+		return nil, err
+	}
+
+	ps := make([]plugins.PluginSpec, 0)
+	parts := bytes.Split(data, []byte("---"))
+	for _, p := range parts {
+		if len(p) == 0 {
+			continue
+		}
+
+		spec, err := unmarshalPluginSpec(p)
+		if err != nil {
+			return nil, errors.Wrap(err, "failed to unmarshal plugin spec")
+		}
+		ps = append(ps, spec)
+	}
+
+	return ps, nil
+}
+
+func unmarshalPluginSpec(data []byte) (plugins.PluginSpec, error) {
+	var bps basePluginSpec
+	if err := yaml.Unmarshal(data, &bps); err != nil {
+		return nil, err
+	}
+
+	specBytes, err := yaml.Marshal(bps.Spec)
+	if err != nil {
+		return nil, err
+	}
+
+	var spec plugins.PluginSpec
+	switch bps.Kind {
+	case cfg.ValidatorPluginAwsKind:
+		spec = &awsapi.AwsValidatorSpec{}
+	case cfg.ValidatorPluginAzureKind:
+		spec = &azureapi.AzureValidatorSpec{}
+	case cfg.ValidatorPluginMaasKind:
+		spec = &maasapi.MaasValidatorSpec{}
+	case cfg.ValidatorPluginNetworkKind:
+		spec = &netapi.NetworkValidatorSpec{}
+	case cfg.ValidatorPluginOciKind:
+		spec = &ociapi.OciValidatorSpec{}
+	case cfg.ValidatorPluginVsphereKind:
+		spec = &vsphereapi.VsphereValidatorSpec{}
+	default:
+		if bps.Kind == "" {
+			return nil, errors.New("plugin kind is not set")
+		}
+		return nil, fmt.Errorf("unknown plugin kind: %s", bps.Kind)
+	}
+
+	if err := yaml.Unmarshal(specBytes, spec); err != nil {
+		return nil, err
+	}
+
+	return spec, nil
+}
+
+func toPluginSpecs(vc *components.ValidatorConfig) []plugins.PluginSpec {
 	pluginSpecs := make([]plugins.PluginSpec, 0)
 	if vc.AWSPlugin != nil && vc.AWSPlugin.Enabled {
 		pluginSpecs = append(pluginSpecs, vc.AWSPlugin.Validator)

@@ -1,12 +1,16 @@
 package validator
 
 import (
+	"errors"
 	"testing"
 
+	"github.com/stretchr/testify/assert"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 
+	netapi "github.com/validator-labs/validator-plugin-network/api/v1alpha1"
 	vapi "github.com/validator-labs/validator/api/v1alpha1"
+	"github.com/validator-labs/validator/pkg/plugins"
 )
 
 func TestBuildValidationResultString(t *testing.T) {
@@ -113,3 +117,70 @@ Failures
 		})
 	}
 }
+
+func TestUnmarshalPluginSpec(t *testing.T) {
+	tests := []struct {
+		name         string
+		input        []byte
+		expectedSpec plugins.PluginSpec
+		expectedErr  error
+	}{
+		{
+			name: "Valid NetworkValidator spec",
+			input: []byte(
+				`apiVersion: validation.spectrocloud.labs/v1alpha1
+kind: NetworkValidator
+metadata:
+  name: network-validator-combined-network-rules
+spec:
+  dnsRules:
+  - name: Resolve Google
+    host: google.com
+`),
+			expectedSpec: &netapi.NetworkValidatorSpec{
+				DNSRules: []netapi.DNSRule{
+					{RuleName: "Resolve Google", Host: "google.com"},
+				},
+			},
+			expectedErr: nil,
+		},
+		{
+			name:         "Unknown plugin kind",
+			input:        []byte(`kind: SomeRandomKind`),
+			expectedSpec: nil,
+			expectedErr:  errors.New("unknown plugin kind"),
+		},
+		{
+			name: "Kind not set",
+			input: []byte(
+				`spec:
+  dnsRules:
+  - name: Resolve Google
+    host: google.com
+`),
+			expectedSpec: nil,
+			expectedErr:  errors.New("plugin kind is not set"),
+		},
+		{
+			name:         "Invalid YAML format",
+			input:        []byte("hello"),
+			expectedSpec: nil,
+			expectedErr:  errors.New("cannot unmarshal"),
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			spec, err := unmarshalPluginSpec(tt.input)
+
+			// If an error is expected
+			if tt.expectedErr != nil {
+				assert.Error(t, err)
+				assert.Contains(t, err.Error(), tt.expectedErr.Error())
+			} else {
+				assert.NoError(t, err)
+				assert.Equal(t, tt.expectedSpec, spec)
+			}
+		})
+	}
+}
@@ -30,6 +30,7 @@ type Config struct {
 type TaskConfig struct {
 	CliVersion       string
 	ConfigFile       string
+	CRPath           string
 	Apply            bool
 	CreateConfigOnly bool
 	DeleteCluster    bool

@@ -36,6 +36,13 @@ const (
 	ValidatorPluginOci     = "validator-plugin-oci"
 	ValidatorPluginVsphere = "validator-plugin-vsphere"
 
+	ValidatorPluginAwsKind     = "AwsValidator"
+	ValidatorPluginAzureKind   = "AzureValidator"
+	ValidatorPluginMaasKind    = "MaasValidator"
+	ValidatorPluginNetworkKind = "NetworkValidator"
+	ValidatorPluginOciKind     = "OciValidator"
+	ValidatorPluginVsphereKind = "VsphereValidator"
+
 	ValidatorPluginAwsTemplate     = "validator-rules-aws.tmpl"
 	ValidatorPluginAzureTemplate   = "validator-rules-azure.tmpl"
 	ValidatorPluginMaasTemplate    = "validator-rules-maas.tmpl"

@@ -0,0 +1,28 @@
+// Package file provides utility functions for working with a filesystem.
+package file
+
+import (
+	"io/fs"
+	"path/filepath"
+)
+
+// GetFilesInDir walks the file tree from dir and returns a list of all files found in lexical order.
+func GetFilesInDir(dir string) ([]string, error) {
+	files := make([]string, 0)
+	err := filepath.WalkDir(dir, func(path string, d fs.DirEntry, err error) error {
+		if err != nil {
+			return err
+		}
+
+		if !d.IsDir() {
+			files = append(files, path)
+		}
+
+		return nil
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return files, nil
+}