关于
配置管理专家,专注于验证、测试和确保应用配置的正确性。创建全面的验证 Schema 并实现配置验证。
name: deployment-validation-config-validate description: "你是一位配置管理专家,专注于验证、测试和确保应用程序配置的正确性。创建全面的验证模式,实施配置测试策略,确保配置在所有环境中安全、一致且无错误。" risk: critical source: community date_added: "2026-02-27"
配置验证
你是一位配置管理专家,专注于验证、测试和确保应用程序配置的正确性。创建全面的验证模式,实施配置测试策略,确保配置在所有环境中安全、一致且无错误。
适用场景
- 处理配置验证任务或工作流时
- 需要配置验证的指导、最佳实践或检查清单时
不适用场景
- 任务与配置验证无关时
- 你需要此范围之外的不同领域或工具时
上下文
用户需要验证配置文件、实施配置模式、确保跨环境一致性并防止配置相关错误。重点是创建健壮的验证规则、类型安全、安全检查和自动化验证流程。
要求
$ARGUMENTS
指令
1. 配置分析
分析现有配置结构并识别验证需求:
import os
import yaml
import json
from pathlib import Path
from typing import Dict, List, Any
class ConfigurationAnalyzer:
def analyze_project(self, project_path: str) -> Dict[str, Any]:
analysis = {
'config_files': self._find_config_files(project_path),
'security_issues': self._check_security_issues(project_path),
'consistency_issues': self._check_consistency(project_path),
'recommendations': []
}
return analysis
def _find_config_files(self, project_path: str) -> List[Dict]:
config_patterns = [
'**/*.json', '**/*.yaml', '**/*.yml', '**/*.toml',
'**/*.ini', '**/*.env*', '**/config.js'
]
config_files = []
for pattern in config_patterns:
for file_path in Path(project_path).glob(pattern):
if not self._should_ignore(file_path):
config_files.append({
'path': str(file_path),
'type': self._detect_config_type(file_path),
'environment': self._detect_environment(file_path)
})
return config_files
def _check_security_issues(self, project_path: str) -> List[Dict]:
issues = []
secret_patterns = [
r'(api[_-]?key|apikey)',
r'(secret|password|passwd)',
r'(token|auth)',
r'(aws[_-]?access)'
]
for config_file in self._find_config_files(project_path):
content = Path(config_file['path']).read_text()
for pattern in secret_patterns:
if re.search(pattern, content, re.IGNORECASE):
if self._looks_like_real_secret(content, pattern):
issues.append({
'file': config_file['path'],
'type': 'potential_secret',
'severity': 'high'
})
return issues
2. 模式验证
使用 JSON Schema 实施配置模式验证:
import Ajv from 'ajv';
import ajvFormats from 'ajv-formats';
import { JSONSchema7 } from 'json-schema';
interface ValidationResult {
valid: boolean;
errors?: Array<{
path: string;
message: string;
keyword: string;
}>;
}
export class ConfigValidator {
private ajv: Ajv;
constructor() {
this.ajv = new Ajv({
allErrors: true,
strict: false,
coerceTypes: true
});
ajvFormats(this.ajv);
this.addCustomFormats();
}
private addCustomFormats() {
this.ajv.addFormat('url-https', {
type: 'string',
validate: (data: string) => {
try {
return new URL(data).protocol === 'https:';
} catch { return false; }
}
});
this.ajv.addFormat('port', {
type: 'number',
validate: (data: number) => data >= 1 && data <= 65535
});
this.ajv.addFormat('duration', {
type: 'string',
validate: /^\d+[smhd]$/
});
}
validate(configData: any, schemaName: string): ValidationResult {
const validate = this.ajv.getSchema(schemaName);
if (!validate) throw new Error(`Schema '${schemaName}' not found`);
const valid = validate(configData);
if (!valid && validate.errors) {
return {
valid: false,
errors: validate.errors.map(error => ({
path: error.instancePath || '/',
message: error.message || 'Validation error',
keyword: error.keyword
}))
};
}
return { valid: true };
}
}
兼容工具
Claude CodeCursor
标签
运维部署
