Upgrade to Pro — share decks privately, control downloads, hide ads and more …

lintnet - General purpose linter powered by Jsonnet

lintnet - General purpose linter powered by Jsonnet

This presentation is about my OSS project named lintnet.


lintnet is a general-purpose linter for structured configuration data, powered by Jsonnet.
In this presentation, you will learn what lintnet is and why you should use it.


Native functions: https://lintnet.github.io/docs/lint-rule/native-function/
Official Modules: https://github.com/orgs/lintnet-modules/repositories
Conftest: https://www.conftest.dev/
Conftest - Sharing policies: https://www.conftest.dev/sharing/

Shunsuke Suzuki

June 07, 2024

More Decks by Shunsuke Suzuki

Other Decks in Technology


  1. My OSS • aqua - Declarative CLI Version Manager written

    in Go • tfcmt - Notify the result of terraform to GitHub pull requests • tfaction - GitHub Actions for Terraform Monorepo • etc 3
  2. What’s lintnet? • https://lintnet.github.io/ • General purpose linter for structured

    configuration data powered by Jsonnet • CLI like Conftest • Single binary written in Go. No dependency and easy to install • lintnet itself has no lint rule. You can define lint rules and lint files 5
  3. General purpose • k8s, Terraform, GitHub Actions, CircleCI, etc •

    No need to use different linters and develop linters from scratch • Support various data format • Programing languages aren't supported 6
  4. Jsonnet • Popular • Simple - low learning cost •

    Powerful - if, for, function, std lib, import, native function, etc • Secure - restrict access to filesystem and network and OS command 8
  5. Extend Jsonnet by Native functions • lintnet extends Jsonnet by

    adding native functions • https://lintnet.github.io/docs/lint-rule/native-function/ 9
  6. Module • Easy to reuse and distribute lint rules •

    Reuse is just referring to modules in config or lint files • Distribution is just publishing Jsonnet files in GitHub repositories • Hopefully many awesome modules are published by community so that we can achieve awesome lint easily 10
  7. Official Modules • Official Modules • e.g. ◦ lintnet-modules/ghalint -

    Port of ghalint ◦ lintnet-modules/nllint - Port of nllint 12
  8. Extra features • Test lint rules • Parameterize lint rules

    • Lint across multiple files • Customize Output • Control the result by error level 13
  9. Limitation • Utilize the location of lint errors ◦ reviewdog

    and editor integration ◦ Output code where error occurs • Auto fix • Disable some lint rules by code annotation • Lint of programming languages It's difficult to support them as a general purpose linter 15
  10. How to use lintnet 1. Create a configuration file lintnet.jsonnet

    2. Define lint rules by Jsonnet 3. Test rules by Jsonnet 4. Run lintnet lint command 16
  11. Conftest • https://www.conftest.dev/ • Utility to help you write tests

    against structured configuration data • Use Rego as a Policy Language • Cover various lint rules with one tool 22
  12. Issues of Conftest • Low reusability of policies ◦ People

    develop similar lint rules independently ◦ No standard way to share policies across multiple repositories ◦ conftest push/pull is a low level API ◦ https://www.conftest.dev/sharing/ 23
  13. Compared with Conftest • Easy to reuse and distribute lint

    rules by Module • Standardized workflow by Configuration file and sub commands 24
  14. Jsonnet vs Rego • It is difficult to compare them

    objectively • This is up to users • Some people feel Rego is difficult and Jsonnet is easier than Rego 25
  15. Summary • lintnet is a general purpose linter powered by

    Jsonnet • Users don’t need to use many different linters • Developers can focus on developing lint rules • lintnet enables us to reuse and distribute lint rules by Module 26