Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

validate: Check configuration against JSON Schema #197

Merged
merged 2 commits into from
Sep 14, 2017
Merged

validate: Check configuration against JSON Schema #197

merged 2 commits into from
Sep 14, 2017

Commits on Sep 11, 2017

  1. validate: Check configuration against JSON Schema 

    runtime-spec publishes a JSON Schema covering the configuration format
(and other JSON related to runtime-spec) [1].  Reduce duplication of
effort by validating configurations against that schema.  For example
this gives us lots allowed value/type checking:

  $ cat config.json
  {
    "ociVersion": "1.0.0-rc6",
    "process": {
      "cwd": "/",
      "args": [
        "sh"
      ],
      "user": {
        "uid": 1,
        "gid": 1
      },
      "rlimits": [{}]
    },
    "root": {
      "path": "rootfs"
    }
  }
  $ ./oci-runtime-tool validate
  3 Errors detected:
  process.rlimits.0.type: Does not match pattern '^RLIMIT_[A-Z]+$'
  'POSIXRlimit.Type' should not be empty.
  rlimit type "" is invalid

without us having to duplicate all the work that the runtime-spec
folks have already done for us.

Only validating the JSON Schema is not sufficient, because
--host-specific (e.g. you're running on a Linux box) and
cross-property constraits (e.g. must create a new UTS namespace if you
set hostname) are difficult/impossible to express in JSON Schema.

The 1.0.0-rc5 test is an example of pulling in JSON Schema from an
older release, since the 'process' property was required in rc5 and
optional in rc6, with opencontainers/runtime-spec@c41ea83d, config:
Make process optional, 2017-02-27, opencontainers#701) landing in between.

[1]: https://github.com/opencontainers/runtime-spec/tree/v1.0.0-rc2/schema

Signed-off-by: W. Trevor King <wking@tremily.us>
    @wking
    wking committed Sep 11, 2017
    Configuration menu
    Copy the full SHA
    6e940f8 View commit details
    Browse the repository at this point in the history

  2. Godeps: Include github.com/xeipuuv/gojsonschema 

    Generated with:

  $ godep save ./...

When I originally did this with v74 I needed to move the entries from
Godeps/_workspace/src to vendor/ by hand, but now that I'm using godep
v77 they're added to vendor/ automatically.

I'm not sure why github.com/stretchr/testify/assert and descendants
weren't added to Godeps.json back in 15577bd (add runtime struct; add
create test, 2017-08-24, opencontainers#447), since that's when they landed in
vendor/.  The fact that they weren't there means it's hard to tell
whether the changes my godep call made are moving the libraries
forward or backward in time, but I expect they're moving forward
because I just updated them with 'go get -u ...'.

Signed-off-by: W. Trevor King <wking@tremily.us>
    @wking
    wking committed Sep 11, 2017
    Configuration menu
    Copy the full SHA
    3935592 View commit details
    Browse the repository at this point in the history