forked from envoyproxy/envoy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgenerate_extension_db.py
executable file
·65 lines (51 loc) · 2.43 KB
/
generate_extension_db.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#!/usr/bin/env python3
# Generate an extension database, a JSON file mapping from qualified well known
# extension name to metadata derived from the envoy_cc_extension target.
import json
import os
import pathlib
import shutil
import subprocess
import sys
from importlib.util import spec_from_loader, module_from_spec
from importlib.machinery import SourceFileLoader
BUILDOZER_PATH = os.getenv("BUILDOZER_BIN") or (os.path.expandvars("$GOPATH/bin/buildozer") if
os.getenv("GOPATH") else shutil.which("buildozer"))
# source/extensions/extensions_build_config.bzl must have a .bzl suffix for Starlark
# import, so we are forced to do this workaround.
_extensions_build_config_spec = spec_from_loader(
'extensions_build_config',
SourceFileLoader('extensions_build_config', 'source/extensions/extensions_build_config.bzl'))
extensions_build_config = module_from_spec(_extensions_build_config_spec)
_extensions_build_config_spec.loader.exec_module(extensions_build_config)
class ExtensionDbError(Exception):
pass
def IsMissing(value):
return value == '(missing)'
def GetExtensionMetadata(target):
r = subprocess.run(
[BUILDOZER_PATH, '-stdout', 'print security_posture status undocumented', target],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
security_posture, status, undocumented = r.stdout.decode('utf-8').strip().split(' ')
if IsMissing(security_posture):
raise ExtensionDbError(
'Missing security posture for %s. Please make sure the target is an envoy_cc_extension and security_posture is set'
% target)
return {
'security_posture': security_posture,
'undocumented': False if IsMissing(undocumented) else bool(undocumented),
'status': 'stable' if IsMissing(status) else status,
}
if __name__ == '__main__':
output_path = sys.argv[1]
extension_db = {}
for extension, target in extensions_build_config.EXTENSIONS.items():
extension_db[extension] = GetExtensionMetadata(target)
# The TLS and generic upstream extensions are hard-coded into the build, so
# not in source/extensions/extensions_build_config.bzl
extension_db['envoy.transport_sockets.tls'] = GetExtensionMetadata(
'//source/extensions/transport_sockets/tls:config')
extension_db['envoy.upstreams.http.generic'] = GetExtensionMetadata(
'//source/extensions/upstreams/http/generic:config')
pathlib.Path(output_path).write_text(json.dumps(extension_db))