From 83a55d3c6f1a3c932a25bc8f26763ebf0a1a58b6 Mon Sep 17 00:00:00 2001 From: Jaime Soriano Pastor Date: Fri, 4 Mar 2022 17:38:06 +0100 Subject: [PATCH 1/3] Validate built packages too Built packages can have content that was not in their source files, such as imported ECS fields. Validate final packages to ensure that content included during build is also valid. --- internal/builder/packages.go | 40 ++++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 9 deletions(-) diff --git a/internal/builder/packages.go b/internal/builder/packages.go index 231df37660..3c9a08d296 100644 --- a/internal/builder/packages.go +++ b/internal/builder/packages.go @@ -9,11 +9,13 @@ import ( "os" "path/filepath" + "github.com/pkg/errors" + + "github.com/elastic/package-spec/code/go/pkg/validator" + "github.com/elastic/elastic-package/internal/files" "github.com/elastic/elastic-package/internal/logger" "github.com/elastic/elastic-package/internal/packages" - - "github.com/pkg/errors" ) const buildIntegrationsFolder = "integrations" @@ -166,10 +168,18 @@ func BuildPackage(options BuildOptions) (string, error) { return "", errors.Wrap(err, "resolving external fields failed") } - if !options.CreateZip { - return destinationDir, nil + if options.CreateZip { + return buildZippedPackage(options, destinationDir) } + err = validator.ValidateFromPath(destinationDir) + if err != nil { + return "", errors.Wrap(err, "invalid content found in built package") + } + return destinationDir, nil +} + +func buildZippedPackage(options BuildOptions, destinationDir string) (string, error) { logger.Debug("Build zipped package") zippedPackagePath, err := buildPackagesZipPath(options.PackageRoot) if err != nil { @@ -181,14 +191,26 @@ func BuildPackage(options BuildOptions) (string, error) { return "", errors.Wrapf(err, "can't compress the built package (compressed file path: %s)", zippedPackagePath) } - if !options.SignPackage { - return zippedPackagePath, nil + err = validator.ValidateFromZip(zippedPackagePath) + if err != nil { + return "", errors.Wrapf(err, "invalid content found in built zip package") + } + + if options.SignPackage { + err := signZippedPackage(options, zippedPackagePath) + if err != nil { + return "", err + } } + return zippedPackagePath, nil +} + +func signZippedPackage(options BuildOptions, zippedPackagePath string) error { logger.Debug("Sign the package") m, err := packages.ReadPackageManifestFromPackageRoot(options.PackageRoot) if err != nil { - return "", errors.Wrapf(err, "reading package manifest failed (path: %s)", options.PackageRoot) + return errors.Wrapf(err, "reading package manifest failed (path: %s)", options.PackageRoot) } err = files.Sign(zippedPackagePath, files.SignOptions{ @@ -196,9 +218,9 @@ func BuildPackage(options BuildOptions) (string, error) { PackageVersion: m.Version, }) if err != nil { - return "", errors.Wrapf(err, "can't sign the zipped package (path: %s)", zippedPackagePath) + return errors.Wrapf(err, "can't sign the zipped package (path: %s)", zippedPackagePath) } - return zippedPackagePath, nil + return nil } func createBuildDirectory(dirs ...string) (string, error) { From 3aea54fe986d912ff9d721846cb804ed65997d94 Mon Sep 17 00:00:00 2001 From: Jaime Soriano Pastor Date: Thu, 10 Mar 2022 17:33:11 +0100 Subject: [PATCH 2/3] Remove empty line --- internal/builder/packages.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/internal/builder/packages.go b/internal/builder/packages.go index 3c9a08d296..e936d95a6c 100644 --- a/internal/builder/packages.go +++ b/internal/builder/packages.go @@ -9,9 +9,8 @@ import ( "os" "path/filepath" - "github.com/pkg/errors" - "github.com/elastic/package-spec/code/go/pkg/validator" + "github.com/pkg/errors" "github.com/elastic/elastic-package/internal/files" "github.com/elastic/elastic-package/internal/logger" From 093b1e18e0fbac6184e4d71e1740e03afefee795 Mon Sep 17 00:00:00 2001 From: Jaime Soriano Pastor Date: Mon, 14 Mar 2022 13:23:11 +0100 Subject: [PATCH 3/3] Split linting and source validation --- cmd/lint.go | 31 +++++++++++++++++++++---------- 1 file changed, 21 insertions(+), 10 deletions(-) diff --git a/cmd/lint.go b/cmd/lint.go index 648c188960..80f2a8c0e8 100644 --- a/cmd/lint.go +++ b/cmd/lint.go @@ -24,7 +24,17 @@ func setupLintCommand() *cobraext.Command { Use: "lint", Short: "Lint the package", Long: lintLongDescription, - RunE: lintCommandAction, + RunE: func(cmd *cobra.Command, args []string) error { + err := cobraext.ComposeCommandActions(cmd, args, + lintCommandAction, + validateSourceCommandAction, + ) + if err != nil { + return err + } + cmd.Println("Done") + return nil + }, } return cobraext.NewCommand(cmd, cobraext.ContextPackage) @@ -33,14 +43,6 @@ func setupLintCommand() *cobraext.Command { func lintCommandAction(cmd *cobra.Command, args []string) error { cmd.Println("Lint the package") - packageRootPath, found, err := packages.FindPackageRoot() - if !found { - return errors.New("package root not found") - } - if err != nil { - return errors.Wrap(err, "locating package root failed") - } - readmeFiles, err := docs.AreReadmesUpToDate() if err != nil { for _, f := range readmeFiles { @@ -53,12 +55,21 @@ func lintCommandAction(cmd *cobra.Command, args []string) error { } return errors.Wrap(err, "checking readme files are up-to-date failed") } + return nil +} +func validateSourceCommandAction(cmd *cobra.Command, args []string) error { + packageRootPath, found, err := packages.FindPackageRoot() + if !found { + return errors.New("package root not found") + } + if err != nil { + return errors.Wrap(err, "locating package root failed") + } err = validator.ValidateFromPath(packageRootPath) if err != nil { return errors.Wrap(err, "linting package failed") } - cmd.Println("Done") return nil }