Merge pull request #29 from fabriziosestito/refactor/remove-easyjson

refactor: remove easyjson

.github/workflows/release.yml

@@ -1,17 +1,16 @@
 on:
   push:
     branches:
-    - main
+      - main
     tags:
-    - 'v*'
+      - "v*"
 
 name: Release policy
 
 jobs:
-
   test:
     name: run tests and linters
-    uses: kubewarden/github-actions/.github/workflows/[email protected].4
+    uses: kubewarden/github-actions/.github/workflows/[email protected].7
 
   release:
     needs: test
@@ -23,6 +22,6 @@ jobs:
       # Required by cosign keyless signing
       id-token: write
 
-    uses: kubewarden/github-actions/.github/workflows/[email protected].4
+    uses: kubewarden/github-actions/.github/workflows/[email protected].7
     with:
       oci-target: ghcr.io/${{ github.repository_owner }}/policies/sysctl-psp

.github/workflows/test.yml

@@ -3,4 +3,4 @@ name: Continuous integration
 jobs:
   test:
     name: run tests and linters
-    uses: kubewarden/github-actions/.github/workflows/[email protected].4
+    uses: kubewarden/github-actions/.github/workflows/[email protected].7

Makefile

@@ -8,7 +8,7 @@ policy.wasm: $(SOURCE_FILES) go.mod go.sum
 		--rm \
 		-e GOFLAGS="-buildvcs=false" \
 		-v ${PWD}:/src \
-		-w /src tinygo/tinygo:0.27.0 \
+		-w /src tinygo/tinygo:0.28.1 \
 		tinygo build -o policy.wasm -target=wasi -no-debug .
 
 artifacthub-pkg.yml: metadata.yml go.mod
@@ -23,14 +23,6 @@ artifacthub-pkg.yml: metadata.yml go.mod
 annotated-policy.wasm: policy.wasm metadata.yml artifacthub-pkg.yml
 	kwctl annotate -m metadata.yml -u README.md -o annotated-policy.wasm policy.wasm
 
-.PHONY: generate-easyjson
-types_easyjson.go: types.go
-	docker run \
-		--rm \
-		-v ${PWD}:/src \
-		-w /src \
-		golang:1.20-alpine ./hack/generate-easyjson.sh
-
 .PHONY: test
 test:
 	go test -v

artifacthub-pkg.yml

@@ -4,29 +4,29 @@
 #
 # This config can be saved to its default location with:
 #   kwctl scaffold artifacthub > artifacthub-pkg.yml 
-version: 0.1.11
+version: 0.1.12
 name: sysctl-psp
 displayName: Sysctl PSP
-createdAt: 2023-07-10T16:14:15.921200892Z
+createdAt: 2023-08-03T12:49:39.38986867Z
 description: A Pod Security Policy that controls usage of sysctls in pods
 license: Apache-2.0
 homeURL: https://github.com/kubewarden/sysctl-psp-policy
 containersImages:
 - name: policy
-  image: ghcr.io/kubewarden/policies/sysctl-psp:v0.1.11
+  image: ghcr.io/kubewarden/policies/sysctl-psp:v0.1.12
 keywords:
 - sysctl
 - psp
 - pod
 links:
 - name: policy
-  url: https://github.com/kubewarden/sysctl-psp-policy/releases/download/v0.1.11/policy.wasm
+  url: https://github.com/kubewarden/sysctl-psp-policy/releases/download/v0.1.12/policy.wasm
 - name: source
   url: https://github.com/kubewarden/sysctl-psp-policy
 install: |
   The policy can be obtained using [`kwctl`](https://github.com/kubewarden/kwctl):
   ```console
-  kwctl pull ghcr.io/kubewarden/policies/sysctl-psp:v0.1.11
+  kwctl pull ghcr.io/kubewarden/policies/sysctl-psp:v0.1.12
   ```
 maintainers:
 - name: Kubewarden developers

go.mod

@@ -3,21 +3,19 @@ module github.com/kubewarden/go-policy-template
 go 1.20
 
 require (
-	github.com/deckarep/golang-set/v2 v2.3.0
+	github.com/deckarep/golang-set/v2 v2.3.1
 	github.com/francoispqt/onelog v0.0.0-20190306043706-8c2bb31b10a4
 	github.com/kubewarden/gjson v1.7.2
-	github.com/kubewarden/policy-sdk-go v0.4.1
-	github.com/mailru/easyjson v0.7.7
+	github.com/kubewarden/policy-sdk-go v0.5.0
 	github.com/wapc/wapc-guest-tinygo v0.3.3
 )
 
 require (
 	github.com/francoispqt/gojay v0.0.0-20181220093123-f2cc13a668ca // indirect
 	github.com/go-openapi/strfmt v0.21.3 // indirect
-	github.com/josharian/intern v1.0.0 // indirect
-	github.com/kubewarden/k8s-objects v1.24.0-kw7 // indirect
+	github.com/kubewarden/k8s-objects v1.27.0-kw2 // indirect
 	github.com/tidwall/match v1.0.3 // indirect
 	github.com/tidwall/pretty v1.0.2 // indirect
 )
 
-replace github.com/go-openapi/strfmt => github.com/kubewarden/strfmt v0.1.2
+replace github.com/go-openapi/strfmt => github.com/kubewarden/strfmt v0.1.3

go.sum

@@ -1,36 +1,27 @@
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/deckarep/golang-set/v2 v2.3.0 h1:qs18EKUfHm2X9fA50Mr/M5hccg2tNnVqsiBImnyDs0g=
-github.com/deckarep/golang-set/v2 v2.3.0/go.mod h1:VAky9rY/yGXJOLEDv3OMci+7wtDpOF4IN+y82NBOac4=
+github.com/deckarep/golang-set/v2 v2.3.1 h1:vjmkvJt/IV27WXPyYQpAh4bRyWJc5Y435D17XQ9QU5A=
+github.com/deckarep/golang-set/v2 v2.3.1/go.mod h1:VAky9rY/yGXJOLEDv3OMci+7wtDpOF4IN+y82NBOac4=
 github.com/francoispqt/gojay v0.0.0-20181220093123-f2cc13a668ca h1:F2BD6Vhei4w0rtm4eNpzylNsB07CcCbpYA+xlqMx3mA=
 github.com/francoispqt/gojay v0.0.0-20181220093123-f2cc13a668ca/go.mod h1:H8Wgri1Asi1VevY3ySdpIK5+KCpqzToVswNq8g2xZj4=
 github.com/francoispqt/onelog v0.0.0-20190306043706-8c2bb31b10a4 h1:N9eG+1y9e3tnNPXKjssLMa8MumIBDWWoJQWM7htGWUc=
 github.com/francoispqt/onelog v0.0.0-20190306043706-8c2bb31b10a4/go.mod h1:v1Il1fkBpjiYPpEJcGxqgrPUPcHuTC7eHh9zBV3CLBE=
-github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
-github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/kubewarden/gjson v1.7.2 h1:+cLRfPqyvjwrkgE68cGdNfUy1Z6L45DjvuFH9/ofwQ0=
 github.com/kubewarden/gjson v1.7.2/go.mod h1:jSlxpubGqBG5HHe4v8kwcc8z1JF2reJ7AJAUojw66AY=
-github.com/kubewarden/k8s-objects v1.24.0-kw4 h1:/XAEdK8uHUz+asM/PgUs1T4vgCN7d+tiDDb5azMOimo=
-github.com/kubewarden/k8s-objects v1.24.0-kw4/go.mod h1:0d8vhSnO2G4bwo58G9ncQYhsgBggGzgh+V0Wqc3CLe8=
-github.com/kubewarden/k8s-objects v1.24.0-kw7 h1:uXGSLyyp/qnipq7yNxFy5zebFRy8utoO+wn1fW6QkkU=
-github.com/kubewarden/k8s-objects v1.24.0-kw7/go.mod h1:IuIHLG1JtxjC1JnY7SyEEA9MukCh/FACcwpzaBjgdLQ=
-github.com/kubewarden/policy-sdk-go v0.3.0 h1:5WqhrC3eJP+gRti14d4vCyXCITeM95X4hob6QA96eX8=
-github.com/kubewarden/policy-sdk-go v0.3.0/go.mod h1:zJLxhZkoFVKOlHJ3mlbG8qTCvVbkZprZ7odVwVsunUo=
-github.com/kubewarden/policy-sdk-go v0.4.0 h1:qxYHarQ3fHD90QErZEjXRzErEOXLQVtTYKmtyv0rtMQ=
-github.com/kubewarden/policy-sdk-go v0.4.0/go.mod h1:pY1FrcuGdhnzzN31wNieAimI4+7rYWbtkP+tYGna0Ug=
-github.com/kubewarden/policy-sdk-go v0.4.1 h1:MTGxJaWWH6dZBwCdZ+FYVUclxveGzW3p4kuUJiZw+7M=
-github.com/kubewarden/policy-sdk-go v0.4.1/go.mod h1:pY1FrcuGdhnzzN31wNieAimI4+7rYWbtkP+tYGna0Ug=
-github.com/kubewarden/strfmt v0.1.2 h1:S0YUVkPeyUMikz8QssbMzfd1MC5K8ZqxLI2zfF8euMs=
-github.com/kubewarden/strfmt v0.1.2/go.mod h1:sqLlis8qlm4A4pnZsRyRjNxyH86fiM+7Ee7bO+uJk94=
-github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
-github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
+github.com/kubewarden/k8s-objects v1.27.0-kw2 h1:6ZA72SFtDSbCupwxlIyJimUzN0nSweMCUx5jUEnoxkw=
+github.com/kubewarden/k8s-objects v1.27.0-kw2/go.mod h1:wVx4Rg1HKml8yewPwAHUWp1wYSAtBlKV/tsmteDuK1g=
+github.com/kubewarden/policy-sdk-go v0.5.0 h1:JnSRf5pHjFzTNNp6jJbSP5a4cwzFzkUBjLujqJd+Z+w=
+github.com/kubewarden/policy-sdk-go v0.5.0/go.mod h1:1IZXauwI5iCuOZj7tU58nE/SZFb/HsCmj3ZpDVStVQs=
+github.com/kubewarden/strfmt v0.1.3 h1:bb+2rbotioROjCkziSt+hqnHXzOlumN94NxDKdV2kPI=
+github.com/kubewarden/strfmt v0.1.3/go.mod h1:DXoaaIYwqW1LyyRoMeyxfHUU+VUSTNFdj38juCXfRzs=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/tidwall/match v1.0.3 h1:FQUVvBImDutD8wJLN6c5eMzWtjgONK9MwIBCOrUJKeE=
 github.com/tidwall/match v1.0.3/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
 github.com/tidwall/pretty v1.0.2 h1:Z7S3cePv9Jwm1KwS0513MRaoUe3S01WPbLNV40pwWZU=
 github.com/tidwall/pretty v1.0.2/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
 github.com/wapc/wapc-guest-tinygo v0.3.3 h1:jLebiwjVSHLGnS+BRabQ6+XOV7oihVWAc05Hf1SbeR0=
 github.com/wapc/wapc-guest-tinygo v0.3.3/go.mod h1:mzM3CnsdSYktfPkaBdZ8v88ZlfUDEy5Jh5XBOV3fYcw=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

settings.go

@@ -1,10 +1,11 @@
 package main
 
 import (
+	"encoding/json"
+
 	mapset "github.com/deckarep/golang-set/v2"
 	"github.com/kubewarden/gjson"
 	kubewarden "github.com/kubewarden/policy-sdk-go"
-	easyjson "github.com/mailru/easyjson"
 
 	"fmt"
 	"strings"
@@ -15,16 +16,6 @@ type Settings struct {
 	ForbiddenSysctls     mapset.Set[string] `json:"forbiddenSysctls"`
 }
 
-func NewSettingsFromRaw(rawSettings *RawSettings) (Settings, error) {
-	allowedUnsafeSysctls := mapset.NewThreadUnsafeSet(rawSettings.AllowedUnsafeSysctls...)
-	forbiddenSysctls := mapset.NewThreadUnsafeSet(rawSettings.ForbiddenSysctls...)
-
-	return Settings{
-		AllowedUnsafeSysctls: allowedUnsafeSysctls,
-		ForbiddenSysctls:     forbiddenSysctls,
-	}, nil
-}
-
 // Builds a new Settings instance starting from a validation
 // request payload:
 //
@@ -38,13 +29,13 @@ func NewSettingsFromRaw(rawSettings *RawSettings) (Settings, error) {
 func NewSettingsFromValidationReq(payload []byte) (Settings, error) {
 	settingsJson := gjson.GetBytes(payload, "settings")
 
-	rawSettings := RawSettings{}
-	err := easyjson.Unmarshal([]byte(settingsJson.Raw), &rawSettings)
+	settings := Settings{}
+	err := json.Unmarshal([]byte(settingsJson.Raw), &settings)
 	if err != nil {
 		return Settings{}, err
 	}
 
-	return NewSettingsFromRaw(&rawSettings)
+	return settings, nil
 }
 
 // Builds a new Settings instance starting from a Settings
@@ -55,17 +46,35 @@ func NewSettingsFromValidationReq(payload []byte) (Settings, error) {
 //	   "forbiddenSysctls": [...]
 //	}
 func NewSettingsFromValidateSettingsPayload(payload []byte) (Settings, error) {
-	rawSettings := RawSettings{}
-	err := easyjson.Unmarshal(payload, &rawSettings)
+	settings := Settings{}
+	err := json.Unmarshal(payload, &settings)
 	if err != nil {
 		return Settings{}, err
 	}
 
-	return NewSettingsFromRaw(&rawSettings)
+	return settings, nil
 }
 
-func (s *Settings) Valid() (bool, error) {
+func (s *Settings) UnmarshalJSON(data []byte) error {
+	// This is needed becaus golang-set v2.3.0 has a bug that prevents
+	// the correct unmarshalling of ThreadUnsafeSet types.
+	rawSettings := struct {
+		AllowedUnsafeSysctls []string `json:"allowedUnsafeSysctls"`
+		ForbiddenSysctls     []string `json:"forbiddenSysctls"`
+	}{}
+
+	err := json.Unmarshal(data, &rawSettings)
+	if err != nil {
+		return err
+	}
+
+	s.AllowedUnsafeSysctls = mapset.NewThreadUnsafeSet(rawSettings.AllowedUnsafeSysctls...)
+	s.ForbiddenSysctls = mapset.NewThreadUnsafeSet(rawSettings.ForbiddenSysctls...)
 
+	return nil
+}
+
+func (s *Settings) Valid() (bool, error) {
 	for _, elem := range s.AllowedUnsafeSysctls.ToSlice() {
 		if strings.Contains(elem, "*") {
 			return false,