-
Notifications
You must be signed in to change notification settings - Fork 303
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Conftest can now successfully load files using a file URL (e.g., file:///C:/path/to/data.yaml
) on windows
#999
Open
pckvcode
wants to merge
4
commits into
open-policy-agent:master
Choose a base branch
from
pckvcode:fix/support-load-data-files-from-file-url
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit
Hold shift + click to select a range
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think a couple of clarifications might be helpful here:
1- What is the reasoning behind using
WithProcessAnnotation(true)
2- Why are we rewriting the same logic as defined in the previous block: https://github.com/open-policy-agent/conftest/blob/db75f9e237ddafb20ef6990eab75b8dea2d557f9/policy/engine.go#L127-#L131
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1- What is the reasoning behind using WithProcessAnnotation(true)
I have removed calling the function WithProcessAnnotation(true). It is not needed.
2- Why are we rewriting the same logic as defined in the previous block: https://github.com/open-policy-agent/conftest/blob/db75f9e237ddafb20ef6990eab75b8dea2d557f9/policy/engine.go#L127-#L131
FileLoader
supports paths like:/path/from/root/data.yaml
file:///C:/path/with/drive/data.yaml
However, it does not support paths with Windows drive letters in the format
C:/path/with/drive/data.yaml
. This causes an error:According to recommendations, For FileLoader, paths should be passed as
file:///C:/path/with/drive/data.yaml
to avoid this issue.In the previous code, the file-paths(
allDocumentPaths
) extracted from the input(dataPaths
)conftest/policy/engine.go
Line 127 in a3bfb98
were passed directly to
FileLoader
, which caused issues on Windows systems.conftest/policy/engine.go
Line 137 in a3bfb98
As a solution, I am using
FileLoader
, which takes input argdataPaths
such asfile:///C:/path/with/drive/data.yaml
instead ofallDocumentPaths
and filters the required files(.yaml, .yml and .json files).https://github.com/pckvcode/conftest-pck/blob/fix/support-load-data-files-from-file-url/policy/engine.go#L137
With this, it supports loading from other drives on Windows without affecting other inputs like
/path/from/root/data.yaml
on Linux and macOS.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@boranx
Can you please review this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just found some time to look at this today (disclaimer, didn't delve into it deeply), here's my thoughts:
I think it's still not clear why we'd need two-times call
loader.Filtered()
back to back to get the data files loaded into engine. I wonder if we could just lean on one singleloader.NewFileLoader().Filtered
as follows?The above doesn't break any unit-test/e2e
so what is the point of having
engine.docs = documentContents
given we already store the data viastore, err := documents.Store()
cc: @jalseth I'd love to consult your opinions here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To be honest, I'm not sure what this change actually does.
allDocumentPaths
is already defined usingloader.FilteredPaths
(L127) using what appears to be the same filter function.I'll have to locate a Windows machine to dig into this more, I don't have one readily available at the moment.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, me neither.. @pckvcode could you help clarify how adding a second same filter function solves the issues on windows.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was able to repro and it seems that the issue is the path returned from
loader.FilteredPaths
trims thefile://
prefix (likely due to https://github.com/open-policy-agent/opa/blob/6bfd4cdf92ec246754894804976918453ade3b74/internal/file/url/url.go#L37). Sofile:///F:/something.yaml
in the CLI inputs is nowF:/something.yaml
which the loader then does not work with the call toloader.FileLoader.All()
, same as if the CLI arg was justF:/something.yaml
without the prefix which OPA doesn't handle correctly.This fix is reasonable, but it raises the question of do we need the
allDocumentPaths
anymore? I don't think we do as we can retrieve the same info from the returneddocuments
variable from the loader.@pckvcode Can you update this PR to make that change so we don't have duplicate loading code?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
documents.Documents
is of typemap[string]interface{}
, whileengine.docs
is of typemap[string]string
.We cannot directly assign
documents.Documents
toengine.docs
due to the type mismatch.Casting
documents.Documents
tomap[string]string
is an option, but it could fail if any values in the map are not strings.In this merge request #1007, @boranx tried removing the initialization of
engine.docs
, but the CI tests failed.As a result, I proceeded with the current code. I modified it slightly to eliminate redundancy.
Please suggest @boranx @jalseth
documents.Documents
tomap[string]string
and load it intoengine.docs
? orengine.docs
tomap[string]interface{}
to match the type? Code changesThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@boranx and @jalseth
Can you please share you suggestion on the above comments?