Add addl support for rules reader/compiler subclasses

To support subclasses that may extend the falco rules format, add additional error/warning/item types for an extension item. When subclasses report errors and warnings, they can use these codes/item types in context objects and still provide an exact line/column context. Also make some previously static functions in rules reader protected methods so they can be used in sub-classes. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
2025-06-28 23:57:29 +00:00 · 2024-01-11 13:02:10 -08:00 · 2024-01-11 13:02:10 -08:00 · ce5a50cbb5
commit ce5a50cbb5
parent eed5b906a8
5 changed files with 31 additions and 8 deletions
--- a/userspace/engine/falco_load_result.h
+++ b/userspace/engine/falco_load_result.h
@ -34,7 +34,8 @@ public:
 		LOAD_ERR_YAML_VALIDATE,
 		LOAD_ERR_COMPILE_CONDITION,
 		LOAD_ERR_COMPILE_OUTPUT,
-		LOAD_ERR_VALIDATE
+		LOAD_ERR_VALIDATE,
+		LOAD_ERR_EXTENSION
 	};

 	// The error code as a string
@ -55,7 +56,8 @@ public:
 		LOAD_UNUSED_MACRO,
 		LOAD_UNUSED_LIST,
 		LOAD_UNKNOWN_ITEM,
-		LOAD_DEPRECATED_ITEM
+		LOAD_DEPRECATED_ITEM,
+		LOAD_WARNING_EXTENSION
 	};

 	virtual ~load_result() = default;
--- a/userspace/engine/rule_loader.cpp
+++ b/userspace/engine/rule_loader.cpp
@ -42,7 +42,8 @@ static const std::string item_type_strings[] = {
 	"rule output",
 	"rule output expression",
 	"rule priority",
-	"overrides"
+	"overrides",
+	"extension item"
 };

 const std::string& rule_loader::context::item_type_as_string(enum item_type it)
--- a/userspace/engine/rule_loader.h
+++ b/userspace/engine/rule_loader.h
@ -58,7 +58,8 @@ namespace rule_loader
 			RULE_OUTPUT,
 			RULE_OUTPUT_EXPRESSION,
 			RULE_PRIORITY,
-			OVERRIDE
+			OVERRIDE,
+			EXTENSION_ITEM
 		};

 		static const std::string& item_type_as_string(enum item_type it);
--- a/userspace/engine/rule_loader_reader.cpp
+++ b/userspace/engine/rule_loader_reader.cpp
@ -56,21 +56,27 @@ static void decode_val_generic(const YAML::Node& item, const char *key, std::opt
 }

 template <typename T>
-static void decode_val(const YAML::Node& item, const char *key, T& out, const rule_loader::context& ctx)
+void rule_loader::reader::decode_val(const YAML::Node& item, const char *key, T& out, const rule_loader::context& ctx)
 {
 	bool optional = false;

 	decode_val_generic(item, key, out, ctx, optional);
 }

+template void rule_loader::reader::decode_val<std::string>(const YAML::Node& item, const char *key, std::string& out, const rule_loader::context& ctx);
+
 template <typename T>
-static void decode_optional_val(const YAML::Node& item, const char *key, T& out, const rule_loader::context& ctx)
+void rule_loader::reader::decode_optional_val(const YAML::Node& item, const char *key, T& out, const rule_loader::context& ctx)
 {
 	bool optional = true;

 	decode_val_generic(item, key, out, ctx, optional);
 }

+template void rule_loader::reader::decode_optional_val<std::string>(const YAML::Node& item, const char *key, std::string& out, const rule_loader::context& ctx);
+
+template void rule_loader::reader::decode_optional_val<bool>(const YAML::Node& item, const char *key, bool& out, const rule_loader::context& ctx);
+
 // Don't call this directly, call decode_items/decode_tags instead.
 template <typename T>
 static void decode_seq(const YAML::Node& item, const char *key,
@ -289,7 +295,7 @@ static void read_rule_exceptions(
 		rule_loader::context tmp(ex, rule_loader::context::EXCEPTION, "", exes_ctx);

 		THROW(!ex.IsMap(), "Rule exception must be a mapping", tmp);
-		decode_val(ex, "name", name, tmp);
+		rule_loader::reader::decode_val(ex, "name", name, tmp);

 		// Now use a real context including the exception name.
 		rule_loader::context ex_ctx(ex, rule_loader::context::EXCEPTION, name, parent);
@ -346,7 +352,7 @@ inline static bool check_update_expected(std::set<std::string>& expected_keys, c
 	return true;
 }

-static void read_item(
+void rule_loader::reader::read_item(
 	rule_loader::configuration& cfg,
 	rule_loader::collector& collector,
 	const YAML::Node& item,
--- a/userspace/engine/rule_loader_reader.h
+++ b/userspace/engine/rule_loader_reader.h
@ -57,6 +57,19 @@ public:
 			+ std::to_string(minor) + "." 
 			+ std::to_string(FALCO_ENGINE_VERSION_PATCH));
 	}
+
+	template <typename T>
+	static void decode_val(const YAML::Node& item, const char *key, T& out, const rule_loader::context& ctx);
+
+	template <typename T>
+	static void decode_optional_val(const YAML::Node& item, const char *key, T& out, const rule_loader::context& ctx);
+
+protected:
+
+	virtual void read_item(rule_loader::configuration& cfg,
+			       rule_loader::collector& collector,
+			       const YAML::Node& item,
+			       const rule_loader::context& parent);
 };

 }; // namespace rule_loader