From 314b8b213c1638879bd1e4fc1f67e8c1d5e5b2d7 Mon Sep 17 00:00:00 2001
From: David Hao <davidhao3300@yahoo.com>
Date: Wed, 5 Feb 2020 20:01:14 -0500
Subject: [PATCH 1/2] Uncomment nil cache line and modify test to expose error
 mentioned in TODO

---
 fixtures/test_crd.yaml | 11 ++++++++++-
 kubeval/kubeval.go     |  5 ++---
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/fixtures/test_crd.yaml b/fixtures/test_crd.yaml
index 5bb4356..66652c9 100644
--- a/fixtures/test_crd.yaml
+++ b/fixtures/test_crd.yaml
@@ -6,4 +6,13 @@ metadata:
   namespace: test-namespace
 spec:
   encryptedData:
-    SOME_ENCRYPTED_DATA: c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2
\ No newline at end of file
+    SOME_ENCRYPTED_DATA: c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2
+---
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  name: test-secret-clone
+  namespace: test-namespace
+spec:
+  encryptedData:
+    SOME_ENCRYPTED_DATA: c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2
diff --git a/kubeval/kubeval.go b/kubeval/kubeval.go
index a3f1d2a..7baebf8 100644
--- a/kubeval/kubeval.go
+++ b/kubeval/kubeval.go
@@ -196,9 +196,8 @@ func downloadSchema(resource *ValidationResult, schemaCache map[string]*gojsonsc
 		errors.ErrorFormat = singleLineErrorFormat
 	}
 
-	// TODO: this currently triggers a segfault in offline cases
-	// We couldn't find a schema for this resource. Cache it's lack of existence, then stop
-	//schemaCache[resource.VersionKind()] = nil
+	// We couldn't find a schema for this resource. Cache its lack of existence
+	schemaCache[resource.VersionKind()] = nil
 	return nil, errors.ErrorOrNil()
 }
 

From ef1599d0d98f3fe2ee52314ffe7c314b8d8559a4 Mon Sep 17 00:00:00 2001
From: David Hao <davidhao3300@yahoo.com>
Date: Wed, 5 Feb 2020 20:05:04 -0500
Subject: [PATCH 2/2] Introduce fix

---
 kubeval/kubeval.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/kubeval/kubeval.go b/kubeval/kubeval.go
index 7baebf8..75e9d22 100644
--- a/kubeval/kubeval.go
+++ b/kubeval/kubeval.go
@@ -135,7 +135,7 @@ func validateResource(data []byte, schemaCache map[string]*gojsonschema.Schema,
 func validateAgainstSchema(body interface{}, resource *ValidationResult, schemaCache map[string]*gojsonschema.Schema, config *Config) ([]gojsonschema.ResultError, error) {
 
 	schema, err := downloadSchema(resource, schemaCache, config)
-	if err != nil {
+	if err != nil || schema == nil {
 		return handleMissingSchema(err, config)
 	}
 
@@ -161,6 +161,7 @@ func validateAgainstSchema(body interface{}, resource *ValidationResult, schemaC
 	return []gojsonschema.ResultError{}, nil
 }
 
+// returned schema may be nil scehma is missing and missing schemas are allowed
 func downloadSchema(resource *ValidationResult, schemaCache map[string]*gojsonschema.Schema, config *Config) (*gojsonschema.Schema, error) {
 	if schema, ok := schemaCache[resource.VersionKind()]; ok {
 		// If the schema was previously cached, there's no work to be done