validate: prepare for new xeipuuv/gojsonschema

New(er) xeipuuv/gojsonschema package is trying to fetch id fields, which in the spec were looking like this: "id": "https://opencontainers.org/schema/bundle/linux" Obviously, this results in HTTP 404s, and multiple test failures. This was fixed by opencontainers/runtime-spec#945 which ended up in runtime-spec v1.0.2. This essentially means with newer xeipuuv/gojsonschema we are no longer able to validate against runtime-spec < 1.0.2. To adopt for a new xeipuuv/gojsonschema, do the following: 1. Add the version check, add a test case for it. 2. Remove some test cases: - "process is required" as it needed v1.0.0-rc5 version of spec. - "args is required" as args are no longer required since commit opencontainers/runtime-spec@deb4d954eafc4fc. 3. Bump the spec version in all test cases. 4. Fix "invalid seccomp action" error as it now also has SCMP_ACT_LOG. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
kolyshkin · Oct 20, 2021 · 61f09ec · 61f09ec
1 parent 0514154
commit 61f09ec
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 29 deletions.
diff --git a/validate/validate.go b/validate/validate.go
@@ -131,9 +131,8 @@ func JSONSchemaURL(version string) (url string, err error) {
 	if err != nil {
 		return "", specerror.NewError(specerror.SpecVersionInSemVer, err, rspec.Version)
 	}
-	configRenamedToConfigSchemaVersion, _ := semver.Parse("1.0.0-rc2") // config.json became config-schema.json in 1.0.0-rc2
-	if ver.Compare(configRenamedToConfigSchemaVersion) == -1 {
-		return "", fmt.Errorf("unsupported configuration version (older than %s)", configRenamedToConfigSchemaVersion)
+	if ver.LT(semver.Version{Major: 1, Minor: 0, Patch: 2}) {
+		return "", errors.New("unsupported configuration version (older than 1.0.2)")
 	}
 	return fmt.Sprintf(configSchemaTemplate, version), nil
 }

diff --git a/validate/validate_test.go b/validate/validate_test.go
@@ -47,33 +47,32 @@ func TestJSONSchema(t *testing.T) {
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.1-rc1",
+				Version: "1.0.99-rc1", // non-existent
 			},
 			error: "Could not read schema from HTTP, response status is 404 Not Found",
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.0", // too old
 			},
-			error: "",
+			error: "1 error occurred:\n\t* unsupported configuration version (older than 1.0.2)\n\n",
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
-				Process: &rspec.Process{},
+				Version: "1.0.2",
 			},
-			error: "1 error occurred:\n\t* args: args is required\n\n",
+			error: "",
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.2",
 				Linux:   &rspec.Linux{},
 			},
 			error: "",
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.2",
 				Linux: &rspec.Linux{
 					RootfsPropagation: "",
 				},
@@ -82,7 +81,7 @@ func TestJSONSchema(t *testing.T) {
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.2",
 				Linux: &rspec.Linux{
 					RootfsPropagation: "shared",
 				},
@@ -91,7 +90,7 @@ func TestJSONSchema(t *testing.T) {
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.2",
 				Linux: &rspec.Linux{
 					RootfsPropagation: "rshared",
 				},
@@ -100,13 +99,7 @@ func TestJSONSchema(t *testing.T) {
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0-rc5",
-			},
-			error: "process: process is required",
-		},
-		{
-			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.2",
 				Linux: &rspec.Linux{
 					Namespaces: []rspec.LinuxNamespace{
 						{
@@ -119,7 +112,7 @@ func TestJSONSchema(t *testing.T) {
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.2",
 				Linux: &rspec.Linux{
 					Namespaces: []rspec.LinuxNamespace{
 						{
@@ -132,7 +125,7 @@ func TestJSONSchema(t *testing.T) {
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.2",
 				Linux: &rspec.Linux{
 					Seccomp: &rspec.LinuxSeccomp{
 						DefaultAction: "SCMP_ACT_ALLOW",
@@ -147,7 +140,7 @@ func TestJSONSchema(t *testing.T) {
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.2",
 				Linux: &rspec.Linux{
 					Seccomp: &rspec.LinuxSeccomp{
 						DefaultAction: "SCMP_ACT_ALLOW",
@@ -162,7 +155,7 @@ func TestJSONSchema(t *testing.T) {
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.2",
 				Linux: &rspec.Linux{
 					Seccomp: &rspec.LinuxSeccomp{
 						DefaultAction: "SCMP_ACT_ALLOW",
@@ -179,7 +172,7 @@ func TestJSONSchema(t *testing.T) {
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.2",
 				Linux: &rspec.Linux{
 					Seccomp: &rspec.LinuxSeccomp{
 						DefaultAction: "SCMP_ACT_ALLOW",
@@ -192,11 +185,11 @@ func TestJSONSchema(t *testing.T) {
 					},
 				},
 			},
-			error: "linux.seccomp.syscalls.0.action: linux.seccomp.syscalls.0.action must be one of the following: \"SCMP_ACT_KILL\", \"SCMP_ACT_TRAP\", \"SCMP_ACT_ERRNO\", \"SCMP_ACT_TRACE\", \"SCMP_ACT_ALLOW\"",
+			error: "linux.seccomp.syscalls.0.action: linux.seccomp.syscalls.0.action must be one of the following: \"SCMP_ACT_KILL\", \"SCMP_ACT_TRAP\", \"SCMP_ACT_ERRNO\", \"SCMP_ACT_TRACE\", \"SCMP_ACT_ALLOW\", \"SCMP_ACT_LOG\"",
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.2",
 				Linux: &rspec.Linux{
 					Seccomp: &rspec.LinuxSeccomp{
 						DefaultAction: "SCMP_ACT_ALLOW",
@@ -220,7 +213,7 @@ func TestJSONSchema(t *testing.T) {
 		},
 		{
 			config: &rspec.Spec{
-				Version: "1.0.0",
+				Version: "1.0.2",
 				Linux: &rspec.Linux{
 					Seccomp: &rspec.LinuxSeccomp{
 						DefaultAction: "SCMP_ACT_ALLOW",
@@ -322,7 +315,7 @@ func TestCheckSemVer(t *testing.T) {
 		expected specerror.Code
 	}{
 		{rspec.Version, specerror.NonError},
-		//FIXME: validate currently only handles rpsec.Version
+		// FIXME: validate currently only handles rpsec.Version
 		{"0.0.1", specerror.NonRFCError},
 		{"invalid", specerror.SpecVersionInSemVer},
 	}