From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Eric Garver <e@erig.me>,
netfilter-devel@vger.kernel.org,
Jones Desougi <jones.desougi+netfilter@gmail.com>
Subject: [nft PATCH v2 2/2] tests/py: Support JSON validation
Date: Fri, 17 May 2019 22:17:58 +0200 [thread overview]
Message-ID: <20190517201758.1576-3-phil@nwl.cc> (raw)
In-Reply-To: <20190517201758.1576-1-phil@nwl.cc>
Introduce a new flag -s/--schema to nft-test.py which enables validation
of any JSON input and output against our schema.
Make use of traceback module to get more details if validation fails.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
Changes since v1:
- Adjust commit message to changes from RFC.
Changes since RFC:
- Import builtin traceback module unconditionally
---
tests/py/nft-test.py | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/tests/py/nft-test.py b/tests/py/nft-test.py
index 1c0afd0ec0eb3..d785f7ec74341 100755
--- a/tests/py/nft-test.py
+++ b/tests/py/nft-test.py
@@ -18,6 +18,7 @@ import os
import argparse
import signal
import json
+import traceback
TESTS_PATH = os.path.dirname(os.path.abspath(__file__))
sys.path.insert(0, os.path.join(TESTS_PATH, '../../py/'))
@@ -687,6 +688,13 @@ def json_dump_normalize(json_string, human_readable = False):
else:
return json.dumps(json_obj, sort_keys = True)
+def json_validate(json_string):
+ json_obj = json.loads(json_string)
+ try:
+ nftables.json_validate(json_obj)
+ except Exception:
+ print_error("schema validation failed for input '%s'" % json_string)
+ print_error(traceback.format_exc())
def rule_add(rule, filename, lineno, force_all_family_option, filename_path):
'''
@@ -912,6 +920,9 @@ def rule_add(rule, filename, lineno, force_all_family_option, filename_path):
"expr": json.loads(json_input),
}}}]})
+ if enable_json_schema:
+ json_validate(cmd)
+
json_old = nftables.set_json_output(True)
ret = execute_cmd(cmd, filename, lineno, payload_log, debug="netlink")
nftables.set_json_output(json_old)
@@ -945,6 +956,9 @@ def rule_add(rule, filename, lineno, force_all_family_option, filename_path):
nftables.set_numeric_proto_output(numeric_proto_old)
nftables.set_stateless_output(stateless_old)
+ if enable_json_schema:
+ json_validate(json_output)
+
json_output = json.loads(json_output)
for item in json_output["nftables"]:
if "rule" in item:
@@ -1341,12 +1355,17 @@ def main():
dest='enable_json',
help='test JSON functionality as well')
+ parser.add_argument('-s', '--schema', action='store_true',
+ dest='enable_schema',
+ help='verify json input/output against schema')
+
args = parser.parse_args()
- global debug_option, need_fix_option, enable_json_option
+ global debug_option, need_fix_option, enable_json_option, enable_json_schema
debug_option = args.debug
need_fix_option = args.need_fix_line
force_all_family_option = args.force_all_family
enable_json_option = args.enable_json
+ enable_json_schema = args.enable_schema
specific_file = False
signal.signal(signal.SIGINT, signal_handler)
--
2.21.0
next prev parent reply other threads:[~2019-05-17 20:18 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-17 20:17 [nft PATCH v2 0/2] JSON schema for nftables.py Phil Sutter
2019-05-17 20:17 ` [nft PATCH v2 1/2] py: Implement JSON validation in nftables module Phil Sutter
2019-05-22 13:03 ` Eric Garver
2019-05-17 20:17 ` Phil Sutter [this message]
2019-05-22 8:48 ` [nft PATCH v2 0/2] JSON schema for nftables.py Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190517201758.1576-3-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=e@erig.me \
--cc=jones.desougi+netfilter@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).