@intentius/chant-lexicon-gcp 0.0.18 → 0.0.24

package/src/lint/post-synth/wgc401.test.ts

@@ -0,0 +1,46 @@
+import { describe, test, expect } from "bun:test";
+import { wgc401 } from "./wgc401";
+
+function makeCtx(yaml: string) {
+  return {
+    outputs: new Map([["gcp", yaml]]),
+  };
+}
+
+describe("WGC401: unknown spec field", () => {
+  test("flags unknown field with did-you-mean suggestion", () => {
+    const yaml = `apiVersion: compute.cnrm.cloud.google.com/v1beta1
+kind: ComputeFirewall
+metadata:
+  name: my-fw
+spec:
+  allowed:
+    - protocol: tcp
+  networkRef:
+    name: my-network
+`;
+    const diags = wgc401.check(makeCtx(yaml));
+    // "allowed" is not a valid field -- "allow" is. Should flag it.
+    const unknownDiags = diags.filter(d => d.checkId === "WGC401");
+    // If schema is loaded, this will flag "allowed"
+    // If schema is not loaded (pre-generate), skip gracefully
+    if (unknownDiags.length > 0) {
+      expect(unknownDiags[0].severity).toBe("error");
+      expect(unknownDiags[0].message).toContain("allowed");
+    }
+  });
+
+  test("no diagnostic for valid fields", () => {
+    const yaml = `apiVersion: storage.cnrm.cloud.google.com/v1beta1
+kind: StorageBucket
+metadata:
+  name: my-bucket
+spec:
+  location: US
+`;
+    const diags = wgc401.check(makeCtx(yaml));
+    // "location" is a valid StorageBucket field
+    const unknownDiags = diags.filter(d => d.checkId === "WGC401");
+    expect(unknownDiags).toHaveLength(0);
+  });
+});

package/src/lint/post-synth/wgc401.ts

@@ -0,0 +1,59 @@
+/**
+ * WGC401: Unknown spec field
+ *
+ * Flags fields in a Config Connector resource spec that are not defined
+ * in the CRD schema. Includes "did you mean?" suggestion via Levenshtein.
+ */
+
+import type { PostSynthCheck, PostSynthContext, PostSynthDiagnostic } from "@intentius/chant/lint/post-synth";
+import { parseGcpManifests, isConfigConnectorResource, getResourceName, getSpec } from "./gcp-helpers";
+import { getSchemaRegistry, suggestField } from "./schema-registry";
+
+export const wgc401: PostSynthCheck = {
+  id: "WGC401",
+  description: "Config Connector resource spec contains unknown field",
+
+  check(ctx: PostSynthContext): PostSynthDiagnostic[] {
+    const diagnostics: PostSynthDiagnostic[] = [];
+    const registry = getSchemaRegistry();
+
+    for (const [_lexicon, output] of ctx.outputs) {
+      if (typeof output !== "string") continue;
+
+      const manifests = parseGcpManifests(output);
+
+      for (const manifest of manifests) {
+        if (!isConfigConnectorResource(manifest)) continue;
+
+        const kind = manifest.kind;
+        if (!kind) continue;
+
+        const schema = registry.get(kind);
+        if (!schema) continue; // No schema available for this kind
+
+        const spec = getSpec(manifest);
+        if (!spec) continue;
+
+        const knownFields = Object.keys(schema.fields);
+        const resourceName = getResourceName(manifest);
+
+        for (const field of Object.keys(spec)) {
+          if (field in schema.fields) continue;
+
+          const suggestion = suggestField(field, knownFields);
+          const hint = suggestion ? ` — did you mean "${suggestion}"?` : "";
+
+          diagnostics.push({
+            checkId: "WGC401",
+            severity: "error",
+            message: `Resource "${resourceName}" (${kind}): unknown spec field "${field}"${hint}`,
+            entity: resourceName,
+            lexicon: "gcp",
+          });
+        }
+      }
+    }
+
+    return diagnostics;
+  },
+};

package/src/lint/post-synth/wgc402.test.ts

@@ -0,0 +1,40 @@
+import { describe, test, expect } from "bun:test";
+import { wgc402 } from "./wgc402";
+
+function makeCtx(yaml: string) {
+  return {
+    outputs: new Map([["gcp", yaml]]),
+  };
+}
+
+describe("WGC402: missing required field", () => {
+  test("flags missing required field", () => {
+    const yaml = `apiVersion: compute.cnrm.cloud.google.com/v1beta1
+kind: ComputeAddress
+metadata:
+  name: my-addr
+spec:
+  description: test
+`;
+    const diags = wgc402.check(makeCtx(yaml));
+    const requiredDiags = diags.filter(d => d.checkId === "WGC402");
+    // ComputeAddress requires "location" -- if schema is loaded, this flags it
+    if (requiredDiags.length > 0) {
+      expect(requiredDiags[0].severity).toBe("error");
+      expect(requiredDiags[0].message).toContain("required");
+    }
+  });
+
+  test("no diagnostic when all required fields present", () => {
+    const yaml = `apiVersion: storage.cnrm.cloud.google.com/v1beta1
+kind: StorageBucket
+metadata:
+  name: my-bucket
+spec:
+  location: US
+`;
+    const diags = wgc402.check(makeCtx(yaml));
+    const requiredDiags = diags.filter(d => d.checkId === "WGC402");
+    expect(requiredDiags).toHaveLength(0);
+  });
+});

package/src/lint/post-synth/wgc402.ts

@@ -0,0 +1,54 @@
+/**
+ * WGC402: Missing required spec field
+ *
+ * Flags Config Connector resources that are missing required fields
+ * according to their CRD schema.
+ */
+
+import type { PostSynthCheck, PostSynthContext, PostSynthDiagnostic } from "@intentius/chant/lint/post-synth";
+import { parseGcpManifests, isConfigConnectorResource, getResourceName, getSpec } from "./gcp-helpers";
+import { getSchemaRegistry } from "./schema-registry";
+
+export const wgc402: PostSynthCheck = {
+  id: "WGC402",
+  description: "Config Connector resource is missing a required spec field",
+
+  check(ctx: PostSynthContext): PostSynthDiagnostic[] {
+    const diagnostics: PostSynthDiagnostic[] = [];
+    const registry = getSchemaRegistry();
+
+    for (const [_lexicon, output] of ctx.outputs) {
+      if (typeof output !== "string") continue;
+
+      const manifests = parseGcpManifests(output);
+
+      for (const manifest of manifests) {
+        if (!isConfigConnectorResource(manifest)) continue;
+
+        const kind = manifest.kind;
+        if (!kind) continue;
+
+        const schema = registry.get(kind);
+        if (!schema) continue;
+
+        const spec = getSpec(manifest);
+        const specKeys = new Set(spec ? Object.keys(spec) : []);
+        const resourceName = getResourceName(manifest);
+
+        for (const requiredField of schema.required) {
+          if (!specKeys.has(requiredField)) {
+            diagnostics.push({
+              checkId: "WGC402",
+              severity: "error",
+              message: `Resource "${resourceName}" (${kind}): missing required field "${requiredField}"`,
+              entity: resourceName,
+              lexicon: "gcp",
+            });
+          }
+        }
+      }
+    }
+
+    return diagnostics;
+  },
+};

package/src/lint/post-synth/wgc403.test.ts

@@ -0,0 +1,59 @@
+import { describe, test, expect } from "bun:test";
+import { wgc403 } from "./wgc403";
+
+function makeCtx(yaml: string) {
+  return {
+    outputs: new Map([["gcp", yaml]]),
+  };
+}
+
+describe("WGC403: type/structure mismatch", () => {
+  test("flags string where number expected", () => {
+    const yaml = `apiVersion: cloudfunctions.cnrm.cloud.google.com/v1beta1
+kind: CloudFunctionsFunction
+metadata:
+  name: my-fn
+spec:
+  runtime: nodejs18
+  availableMemoryMb: "512"
+  region: us-central1
+`;
+    const diags = wgc403.check(makeCtx(yaml));
+    const typeDiags = diags.filter(d => d.checkId === "WGC403");
+    if (typeDiags.length > 0) {
+      expect(typeDiags[0].severity).toBe("error");
+      expect(typeDiags[0].message).toContain("number");
+      expect(typeDiags[0].message).toContain("string");
+    }
+  });
+
+  test("flags bare string instead of resourceRef object", () => {
+    const yaml = `apiVersion: pubsub.cnrm.cloud.google.com/v1beta1
+kind: PubSubSubscription
+metadata:
+  name: my-sub
+spec:
+  topicRef: my-topic
+`;
+    const diags = wgc403.check(makeCtx(yaml));
+    const typeDiags = diags.filter(d => d.checkId === "WGC403");
+    if (typeDiags.length > 0) {
+      expect(typeDiags[0].severity).toBe("error");
+      expect(typeDiags[0].message).toContain("resourceRef");
+    }
+  });
+
+  test("no diagnostic with correct types", () => {
+    const yaml = `apiVersion: storage.cnrm.cloud.google.com/v1beta1
+kind: StorageBucket
+metadata:
+  name: my-bucket
+spec:
+  location: US
+  uniformBucketLevelAccess: true
+`;
+    const diags = wgc403.check(makeCtx(yaml));
+    const typeDiags = diags.filter(d => d.checkId === "WGC403");
+    expect(typeDiags).toHaveLength(0);
+  });
+});

package/src/lint/post-synth/wgc403.ts

@@ -0,0 +1,84 @@
+/**
+ * WGC403: Type/structure mismatch in spec field
+ *
+ * Flags spec fields where the value type doesn't match the CRD schema:
+ * - String where number expected (e.g. availableMemoryMb: "512")
+ * - Scalar string where resourceRef object expected (e.g. topicRef: "name")
+ */
+
+import type { PostSynthCheck, PostSynthContext, PostSynthDiagnostic } from "@intentius/chant/lint/post-synth";
+import { parseGcpManifests, isConfigConnectorResource, getResourceName, getSpec } from "./gcp-helpers";
+import { getSchemaRegistry } from "./schema-registry";
+
+export const wgc403: PostSynthCheck = {
+  id: "WGC403",
+  description: "Config Connector resource spec field has wrong type or structure",
+
+  check(ctx: PostSynthContext): PostSynthDiagnostic[] {
+    const diagnostics: PostSynthDiagnostic[] = [];
+    const registry = getSchemaRegistry();
+
+    for (const [_lexicon, output] of ctx.outputs) {
+      if (typeof output !== "string") continue;
+
+      const manifests = parseGcpManifests(output);
+
+      for (const manifest of manifests) {
+        if (!isConfigConnectorResource(manifest)) continue;
+
+        const kind = manifest.kind;
+        if (!kind) continue;
+
+        const schema = registry.get(kind);
+        if (!schema) continue;
+
+        const spec = getSpec(manifest);
+        if (!spec) continue;
+
+        const resourceName = getResourceName(manifest);
+
+        for (const [field, value] of Object.entries(spec)) {
+          const fieldSchema = schema.fields[field];
+          if (!fieldSchema) continue; // Unknown fields handled by WGC401
+
+          // Check: resourceRef field expects an object, got a scalar
+          if (fieldSchema.ref && typeof value === "string") {
+            diagnostics.push({
+              checkId: "WGC403",
+              severity: "error",
+              message: `Resource "${resourceName}" (${kind}): field "${field}" expects a resourceRef object (e.g. { name, kind }), got string "${value}"`,
+              entity: resourceName,
+              lexicon: "gcp",
+            });
+            continue;
+          }
+
+          // Check: number field got a string that looks numeric
+          if (fieldSchema.type === "number" && typeof value === "string") {
+            diagnostics.push({
+              checkId: "WGC403",
+              severity: "error",
+              message: `Resource "${resourceName}" (${kind}): field "${field}" expects a number, got string "${value}"`,
+              entity: resourceName,
+              lexicon: "gcp",
+            });
+            continue;
+          }
+
+          // Check: boolean field got a string
+          if (fieldSchema.type === "boolean" && typeof value === "string") {
+            diagnostics.push({
+              checkId: "WGC403",
+              severity: "error",
+              message: `Resource "${resourceName}" (${kind}): field "${field}" expects a boolean, got string "${value}"`,
+              entity: resourceName,
+              lexicon: "gcp",
+            });
+          }
+        }
+      }
+    }
+
+    return diagnostics;
+  },
+};

package/src/plugin.test.ts

@@ -30,7 +30,7 @@ describe("gcpPlugin", () => {
 
   test("returns post-synth checks", () => {
     const checks = gcpPlugin.postSynthChecks!();
-    expect(checks).toHaveLength(20);
+    expect(checks).toHaveLength(23);
     const ids = checks.map((c) => c.id);
     expect(ids).toContain("WGC101");
     expect(ids).toContain("WGC102");
@@ -52,6 +52,9 @@ describe("gcpPlugin", () => {
     expect(ids).toContain("WGC301");
     expect(ids).toContain("WGC302");
     expect(ids).toContain("WGC303");
+    expect(ids).toContain("WGC401");
+    expect(ids).toContain("WGC402");
+    expect(ids).toContain("WGC403");
   });
 
   // ── Intrinsics / pseudo-parameters ─────────────────────────────────