mirror of
https://github.com/gravitational/teleport
synced 2024-10-22 02:03:24 +00:00
cd2f4fceb7
* Remove JSON schema validation Removing JSON schema validation from all resource unmarshalers. --- what JSON schema gets us Looking at the JSON schema spec and our usage, here are the supposed benefits: - type validation - make sure incoming data uses the right types for the right fields - required fields - make sure that mandatory fields are set - defaulting - set defaults for fields - documentation - schema definition for our API objects Note that it does _not_ do: - fail on unknown fields in data - fail on a required field with an empty value --- what replaces it Based on the above, it may seem like JSON schema provides value. But it's not the case, let's break it down one by one: - type validation - unmarshaling JSON into a typed Go struct does this - required fields - only checks that the field was provided, doesn't actually check that a value is set (e.g. `"name": ""` will pass the `required` check) - so it's pretty useless for any real validation - and we already have a separate place for proper validation - `CheckAndSetDefaults` methods - defaulting - done in `CheckAndSetDefaults` methods - `Version` is the only annoying field, had to add it in a bunch of objects - documentation - protobuf definitions are the source of truth for our API schema --- the benefits - performance - schema validation does a few rounds of `json.Marshal/Unmarshal` in addition to actual validation; now we simply skip all that - maintenance - no need to keep protobuf and JSON schema definitions in sync anymore - creating new API objects - one error-prone step removed - (future) fewer dependencies - we can _almost_ remove the Go libraries for schema validation (one transient dependency keeping them around) * Remove services.SkipValidation No more JSON schema validation so this option is a noop. |
||
|---|---|---|
| .. | ||
| mocku2f | ||
| native | ||
| test | ||
| testauthority | ||
| u2f | ||
| api.go | ||
| apiserver.go | ||
| apiserver_test.go | ||
| auth.go | ||
| auth_test.go | ||
| auth_with_roles.go | ||
| auth_with_roles_test.go | ||
| clt.go | ||
| db.go | ||
| github.go | ||
| github_test.go | ||
| grpcserver.go | ||
| grpcserver_test.go | ||
| helpers.go | ||
| httpfallback.go | ||
| init.go | ||
| init_test.go | ||
| kube.go | ||
| kube_test.go | ||
| methods.go | ||
| middleware.go | ||
| middleware_test.go | ||
| oidc.go | ||
| oidc_test.go | ||
| password.go | ||
| password_test.go | ||
| permissions.go | ||
| register.go | ||
| resetpasswordtoken.go | ||
| resetpasswordtoken_test.go | ||
| rotate.go | ||
| saml.go | ||
| saml_test.go | ||
| sessions.go | ||
| state.go | ||
| state_unix.go | ||
| state_windows.go | ||
| tls_test.go | ||
| trustedcluster.go | ||
| trustedcluster_test.go | ||
| user.go | ||