Deal with jsonschema's automatic remote reference resolving deprecation

[aciba90]

Bug report

jsonschema will drop support for automatically retrieving remote references in the future.

tests/unittests/config/test_schema.py::TestVersionedSchemas::test_versioned_cloud_config_schema_is_valid_json[schema4-None]
/home/aciba/canonical/server/cloud-init/5175-depre-warnings/cloudinit/config/schema.py:462: DeprecationWarning: Automatically retrieving remote references can be a security vulnerability and is discouraged by the JSON Schema specifications. Relying on this behavior is deprecated and will shortly become an error. If you are sure you want to remotely retrieve your reference and that it is safe to do so, you can find instructions for doing so via referencing.Registry in the referencing documentation (https://referencing.readthedocs.org).
    all_errs = list(

Possible solutions

1. Directly manipulate python3-referencing to resolve references before passing the schema to jsonchema.
2. Remove remote references. As the only remote reference is contained in this project, we could directly put schema-cloud-config-v1.json into versions.schema.cloud-config.json removing the indirection and the problem.

Steps to reproduce the problem

Run pytest tests/unittest on Python 3.12+.

Environment details

• Cloud-init version: main
• Operating System Distribution: N/A
• Cloud provider, platform or installer type: N/A

cloud-init logs

N/A

[blackboxsw]

Note that this file is directly sourced and references pulled in by https://github.com/SchemaStore/schemastore (which in turn is automatically loaded into several schema validation engines/plugins both web-based and VScode to automatically annotate/validate user-data json schema outside of cloud-init source environments. when we look to change this we should investigate impact and best practices for remote sourcing schemas in https://github.com/SchemaStore/schemastore which populates https://www.schemastore.org/json/

…

On Thu, Nov 7, 2024 at 1:05 AM Alberto Contreras ***@***.***> wrote: Bug report jsonschema will drop support for automatically retrieving remote references <https://github.com/canonical/cloud-init/blob/aeccf89914031422604e41080c50cba8a0717743/cloudinit/config/schemas/versions.schema.cloud-config.json#L17> in the future. tests/unittests/config/test_schema.py::TestVersionedSchemas::test_versioned_cloud_config_schema_is_valid_json[schema4-None] /home/aciba/canonical/server/cloud-init/5175-depre-warnings/cloudinit/config/schema.py:462: DeprecationWarning: Automatically retrieving remote references can be a security vulnerability and is discouraged by the JSON Schema specifications. Relying on this behavior is deprecated and will shortly become an error. If you are sure you want to remotely retrieve your reference and that it is safe to do so, you can find instructions for doing so via referencing.Registry in the referencing documentation (https://referencing.readthedocs.org). all_errs = list( Possible solutions 1. Directly manipulate python3-referencing to resolve references before passing the schema to jsonchema. 2. Remove remote references. As the only remote reference <https://github.com/canonical/cloud-init/blob/aeccf89914031422604e41080c50cba8a0717743/cloudinit/config/schemas/versions.schema.cloud-config.json#L17> is contained in this project, we could directly put schema-cloud-config-v1.json into versions.schema.cloud-config.json removing the indirection and the problem. Steps to reproduce the problem Run pytest tests/unittest on Python 3.12+. Environment details - Cloud-init version: main - Operating System Distribution: N/A - Cloud provider, platform or installer type: N/A cloud-init logs N/A — Reply to this email directly, view it on GitHub <#5855>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADLZJRUFEWJLY3ATUCR7IK3Z7MNN7AVCNFSM6AAAAABRKS2PVCVHI2DSMVQWIX3LMV43ASLTON2WKOZSGY2DAMRRGA2DKNI> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>