Merge pull request #210 from davidhao3300/master

Cache schema misses if missing schemas allowed
instrumenta · Apr 14, 2020 · 46c69da · 46c69da
2 parents ed0bb9a + ef1599d
commit 46c69da
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 5 deletions.
diff --git a/fixtures/test_crd.yaml b/fixtures/test_crd.yaml
@@ -6,4 +6,13 @@ metadata:
   namespace: test-namespace
 spec:
   encryptedData:
-    SOME_ENCRYPTED_DATA: c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2
+    SOME_ENCRYPTED_DATA: c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2
+---
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  name: test-secret-clone
+  namespace: test-namespace
+spec:
+  encryptedData:
+    SOME_ENCRYPTED_DATA: c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2
diff --git a/kubeval/kubeval.go b/kubeval/kubeval.go
@@ -135,7 +135,7 @@ func validateResource(data []byte, schemaCache map[string]*gojsonschema.Schema,
 func validateAgainstSchema(body interface{}, resource *ValidationResult, schemaCache map[string]*gojsonschema.Schema, config *Config) ([]gojsonschema.ResultError, error) {
 
 	schema, err := downloadSchema(resource, schemaCache, config)
-	if err != nil {
+	if err != nil || schema == nil {
 		return handleMissingSchema(err, config)
 	}
 
@@ -161,6 +161,7 @@ func validateAgainstSchema(body interface{}, resource *ValidationResult, schemaC
 	return []gojsonschema.ResultError{}, nil
 }
 
+// returned schema may be nil scehma is missing and missing schemas are allowed
 func downloadSchema(resource *ValidationResult, schemaCache map[string]*gojsonschema.Schema, config *Config) (*gojsonschema.Schema, error) {
 	if schema, ok := schemaCache[resource.VersionKind()]; ok {
 		// If the schema was previously cached, there's no work to be done
@@ -196,9 +197,8 @@ func downloadSchema(resource *ValidationResult, schemaCache map[string]*gojsonsc
 		errors.ErrorFormat = singleLineErrorFormat
 	}
 
-	// TODO: this currently triggers a segfault in offline cases
-	// We couldn't find a schema for this resource. Cache it's lack of existence, then stop
-	//schemaCache[resource.VersionKind()] = nil
+	// We couldn't find a schema for this resource. Cache its lack of existence
+	schemaCache[resource.VersionKind()] = nil
 	return nil, errors.ErrorOrNil()
 }