diff mbox series

[nft,RFC,2/2] tests/py: Support JSON validation

Message ID 20190425140502.22761-3-phil@nwl.cc
State RFC
Delegated to: Pablo Neira
Headers show
Series None | expand

Commit Message

Phil Sutter April 25, 2019, 2:05 p.m. UTC 
Introduce a new flag -s/--schema to nft-test.py which enables validation
of any JSON input and output against our schema.

If validation was requested on command line, try to import traceback
module. Upon validation errors, this provides more insight into what
went wrong. If unavailable, simply continue without it.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 tests/py/nft-test.py | 29 ++++++++++++++++++++++++++++-
 1 file changed, 28 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/tests/py/nft-test.py b/tests/py/nft-test.py
index 1c0afd0ec0eb3..bc038629befd3 100755
--- a/tests/py/nft-test.py
+++ b/tests/py/nft-test.py
@@ -687,6 +687,14 @@  def json_dump_normalize(json_string, human_readable = False):
     else:
         return json.dumps(json_obj, sort_keys = True)
 
+def json_validate(json_string):
+    json_obj = json.loads(json_string)
+    try:
+        nftables.json_validate(json_obj)
+    except Exception:
+        print_error("schema validation failed for input '%s'" % json_string)
+        if not traceback is None:
+            print_error(traceback.format_exc())
 
 def rule_add(rule, filename, lineno, force_all_family_option, filename_path):
     '''
@@ -912,6 +920,9 @@  def rule_add(rule, filename, lineno, force_all_family_option, filename_path):
                     "expr": json.loads(json_input),
             }}}]})
 
+            if enable_json_schema:
+                json_validate(cmd)
+
             json_old = nftables.set_json_output(True)
             ret = execute_cmd(cmd, filename, lineno, payload_log, debug="netlink")
             nftables.set_json_output(json_old)
@@ -945,6 +956,9 @@  def rule_add(rule, filename, lineno, force_all_family_option, filename_path):
             nftables.set_numeric_proto_output(numeric_proto_old)
             nftables.set_stateless_output(stateless_old)
 
+            if enable_json_schema:
+                json_validate(json_output)
+
             json_output = json.loads(json_output)
             for item in json_output["nftables"]:
                 if "rule" in item:
@@ -1341,12 +1355,17 @@  def main():
                         dest='enable_json',
                         help='test JSON functionality as well')
 
+    parser.add_argument('-s', '--schema', action='store_true',
+                        dest='enable_schema',
+                        help='verify json input/output against schema')
+
     args = parser.parse_args()
-    global debug_option, need_fix_option, enable_json_option
+    global debug_option, need_fix_option, enable_json_option, enable_json_schema
     debug_option = args.debug
     need_fix_option = args.need_fix_line
     force_all_family_option = args.force_all_family
     enable_json_option = args.enable_json
+    enable_json_schema = args.enable_schema
     specific_file = False
 
     signal.signal(signal.SIGINT, signal_handler)
@@ -1367,6 +1386,14 @@  def main():
     global nftables
     nftables = Nftables(sofile = 'src/.libs/libnftables.so')
 
+    global traceback
+    traceback = None
+    if enable_json_schema:
+        try:
+            import traceback
+        except:
+            pass
+
     test_files = files_ok = run_total = 0
     tests = passed = warnings = errors = 0
     global log_file