Harden registry API and schema validation

This commit is contained in:
2026-05-17 22:33:21 +02:00
parent 5c20f62fbb
commit bc73b05566
9 changed files with 232 additions and 30 deletions

View File

@@ -4,10 +4,9 @@ from collections import defaultdict
from pathlib import Path
from typing import Any
import jsonschema
from .loader import load_declarations, load_yaml, repo_root
from .model import Declaration, ValidationReport
from .schema_validation import draft202012_validator
SCHEMA_BY_KIND = {
"ServiceDeclaration": "service.schema.yaml",
@@ -32,10 +31,6 @@ def validate_roots(paths: list[Path]) -> ValidationReport:
def _validate_schema(root: Path, declarations: list[Declaration], report: ValidationReport) -> None:
schemas_dir = root / "schemas"
store = {
path.resolve().as_uri(): load_yaml(path)
for path in sorted(schemas_dir.glob("*.schema.yaml"))
}
for declaration in declarations:
schema_name = SCHEMA_BY_KIND.get(declaration.kind)
@@ -49,13 +44,7 @@ def _validate_schema(root: Path, declarations: list[Declaration], report: Valida
continue
schema_path = schemas_dir / schema_name
schema = load_yaml(schema_path)
resolver = jsonschema.RefResolver(
base_uri=schema_path.resolve().as_uri(),
referrer=schema,
store=store,
)
validator = jsonschema.Draft202012Validator(schema, resolver=resolver)
validator = draft202012_validator(schema_path)
for error in sorted(validator.iter_errors(declaration.data), key=lambda e: list(e.path)):
location = ".".join(str(part) for part in error.path) or "<root>"
report.add(