validate: allow unset "type" fields in resource devices whitelist #491
Conversation
|
CI failure is caused by a build failure I cannot reproduce on my local machine. |
|
Build failures were fixed by #490. The check you're patching is from #374, and I think we can drop at least the |
|
I've commented on opencontainers/runtime-spec#690, which currently has the same bug as the one I'm fixing here. But since it might take a while to land in runtime-spec, we should fix this bug as currently our validation isn't even consistent with our own defaults (which really shouldn't have happened in the first place -- don't we test that our own default configuration is compliant?). |
+1 to unit tests for this code, runtime-tools is currently sparsely-tested. I'm fine with either this PR or dropping the local |
cyphar
force-pushed
the
validate-fix-type-whitelist
branch
2 times, most recently
from
fc0b7d8
to
f9de4c6
Compare
|
Rebased, added the smoke test, and corrected another bug in our default configuration. |
validate/validate.go
Outdated
| @@ -206,11 +206,6 @@ func (v *Validator) CheckRoot() (errs error) { | |||
| return | |||
| } | |||
|
|
|||
| if filepath.Base(v.spec.Root.Path) != "rootfs" { | |||
| errs = multierror.Append(errs, | |||
| specerror.NewError(specerror.PathName, fmt.Errorf("path name should be the conventional 'rootfs'"), rspec.Version)) | |||
There was a problem hiding this comment.
This is a spec SHOULD, and removing it is why your Travis tests fail. I think we need to keep this check, and users that don't care about SHOULD-level violations can ignore those errors like this.
There was a problem hiding this comment.
I know it's a SHOULD. But CheckAll doesn't appear to understand that SHOULD doesn't mean MUST. The following error happens:
=== RUN TestGenerateValid
--- FAIL: TestGenerateValid (0.52s)
generate_test.go:42: unexpected error(s) validating default: 1 error occurred:
* path name should be the conventional 'rootfs'
Refer to: https://github.com/opencontainers/runtime-spec/blob/v1.0.0/config.md#root
And this means that oci-runtime-tool validate returns a non-zero error code.
There was a problem hiding this comment.
But
CheckAlldoesn't appear to understand that SHOULD doesn't mean MUST.
CheckAll shouldn't care; it's up to the caller to decide what is fatal or not. Using rootfs in the default config should be enough for your TestGenerateValid. cmd/oci-runtime-tool/validate.go needs a --compliance-level like runtimetest (which may be in flight somewhere, I don't have my dev box handy to grep open PRs).
There was a problem hiding this comment.
cmd/oci-runtime-tool/validate.goneeds a--compliance-levellikeruntimetest(which may be in flight somewhere, I don't have my dev box handy to grep open PRs).
I couldn't find this in flight, so I filed it as #492.
cyphar
force-pushed
the
validate-fix-type-whitelist
branch
from
f9de4c6
to
4d6860d
Compare
|
Rebased off #492. |
validation/generate_test.go
Outdated
| levelErrors, err2 := specerror.SplitLevel(err, rfc2119.Must) | ||
| if err2 != nil { | ||
| t.Errorf("unexpected error(s) filtering errors default: %+v", err2) | ||
| t.Errorf("unexpected error(s): %+v", err) |
There was a problem hiding this comment.
What you call err2 will only ever be non-nil if it exactly matches the input error. So I think you want to drop the previous line and keep only this one to avoid redundancy. Perhaps the SplitLevel comment can also be improved to make this more clear?
cyphar
force-pushed
the
validate-fix-type-whitelist
branch
from
4d6860d
to
27ad856
Compare
| } | ||
|
|
||
| // Validate the bundle. | ||
| v, err := validate.NewValidatorFromPath(bundle, true, runtime.GOOS) |
There was a problem hiding this comment.
I'm not excited about the asymmetry between unparmeterized generation and host-specific validation. This will cerainly die if runtime.GOOS is not Linux. It may die even on Linux if the host system is sufficiently ancient or the stock config becomes sufficiently demanding. But I'm ok crossing those bridges later.
There was a problem hiding this comment.
Do you want me to set the OS explicitly?
There was a problem hiding this comment.
Do you want me to set the OS explicitly?
I'm fine leaving it as it stands, as a reminder that New will need similar options when we get our first non-Linux user and/or stabilize the API.
According to the spec, an unset .Type field in the .Linux.Resources.Devices list is permitted (and it maps to "all"). This was broken recently, making our own default profile (as well as umoci's and runc's) not pass validation anymore. Signed-off-by: Aleksa Sarai <asarai@suse.de>
It doesn't make sense for us to not include a rootfs in our default configuration -- as it means that we're providing an invalid configuration. Signed-off-by: Aleksa Sarai <asarai@suse.de>
To avoid cases where our own validation code would consider our defaults unsafe (which has happened in the past several times), add a smoke-test to ensure that this won't happen. Our defaults should not be intentionally invalid, as that confuses downstreams like umoci which use runtime-tools for the default as well as for validation of the generated configuration. Signed-off-by: Aleksa Sarai <asarai@suse.de>
cyphar
force-pushed
the
validate-fix-type-whitelist
branch
from
27ad856
to
6df06d9
Compare
|
/ping @opencontainers/runtime-tools-maintainers |
|
LGTM |
1 similar comment
|
LGTM |
According to the spec, an unset .Type field in the
.Linux.Resources.Devices list is permitted (and it maps to "all").
This was broken recently, making our own default profile (as well as
umoci's and runc's) not pass validation anymore.
Signed-off-by: Aleksa Sarai asarai@suse.de