lintnet - General purpose linter powered by Jsonnet

Transcript

1. lintnet - General purpose linter powered by Jsonnet Shunsuke Suzuki

   2024-06-07 Lint Night#3 1

2. Self introduction Shunsuke Suzuki Platform Engineer at Mercari Platform Group

   GitHub: suzuki-shunsuke X: szkdash 2

3. My OSS • aqua - Declarative CLI Version Manager written

   in Go • tfcmt - Notify the result of terraform to GitHub pull requests • tfaction - GitHub Actions for Terraform Monorepo • etc 3

4. Overview • Introduction of my new OSS lintnet • What’s

   lintnet? 4

5. What’s lintnet? • https://lintnet.github.io/ • General purpose linter for structured

   configuration data powered by Jsonnet • CLI like Conftest • Single binary written in Go. No dependency and easy to install • lintnet itself has no lint rule. You can define lint rules and lint files 5

6. General purpose • k8s, Terraform, GitHub Actions, CircleCI, etc •

   No need to use different linters and develop linters from scratch • Support various data format • Programing languages aren't supported 6

7. Jsonnet • Superset of JSON for dynamic configuration • Generate

   JSON dynamically https://jsonnet.org/ 7

8. Jsonnet • Popular • Simple - low learning cost •

   Powerful - if, for, function, std lib, import, native function, etc • Secure - restrict access to filesystem and network and OS command 8

9. Extend Jsonnet by Native functions • lintnet extends Jsonnet by

   adding native functions • https://lintnet.github.io/docs/lint-rule/native-function/ 9

10. Module • Easy to reuse and distribute lint rules •

    Reuse is just referring to modules in config or lint files • Distribution is just publishing Jsonnet files in GitHub repositories • Hopefully many awesome modules are published by community so that we can achieve awesome lint easily 10

11. Auto module update by Renovate • https://github.com/lintnet/renovate-config • lintnet’s Official

    Renovate Preset 11

12. Official Modules • Official Modules • e.g. ◦ lintnet-modules/ghalint -

    Port of ghalint ◦ lintnet-modules/nllint - Port of nllint 12

13. Extra features • Test lint rules • Parameterize lint rules

    • Lint across multiple files • Customize Output • Control the result by error level 13

14. How to achieve lint by Jsonnet 14

15. Limitation • Utilize the location of lint errors ◦ reviewdog

    and editor integration ◦ Output code where error occurs • Auto fix • Disable some lint rules by code annotation • Lint of programming languages It's difficult to support them as a general purpose linter 15

16. How to use lintnet 1. Create a configuration file lintnet.jsonnet

    2. Define lint rules by Jsonnet 3. Test rules by Jsonnet 4. Run lintnet lint command 16

17. Configuration file (lintnet.jsonnet) $ lintnet init 17

18. Lint rule hello.jsonnet 18

19. Test hello_test.jsonnet *_test.jsonnet A list of test cases test data

    + expected lint result $ lintnet test 19

20. Run lintnet 20

21. Comparison with Conftest 21

22. Conftest • https://www.conftest.dev/ • Utility to help you write tests

    against structured configuration data • Use Rego as a Policy Language • Cover various lint rules with one tool 22

23. Issues of Conftest • Low reusability of policies ◦ People

    develop similar lint rules independently ◦ No standard way to share policies across multiple repositories ◦ conftest push/pull is a low level API ◦ https://www.conftest.dev/sharing/ 23

24. Compared with Conftest • Easy to reuse and distribute lint

    rules by Module • Standardized workflow by Configuration file and sub commands 24

25. Jsonnet vs Rego • It is difficult to compare them

    objectively • This is up to users • Some people feel Rego is difficult and Jsonnet is easier than Rego 25

26. Summary • lintnet is a general purpose linter powered by

    Jsonnet • Users don’t need to use many different linters • Developers can focus on developing lint rules • lintnet enables us to reuse and distribute lint rules by Module 26