use rfc code in bundle validate #451
Conversation
liangchenye
force-pushed
the
runtimeenv
branch
from
a1f3098 to
c4acfbb
Compare
|
This is a big change to bundle validation. It uses RFC error. |
liangchenye
force-pushed
the
runtimeenv
branch
from
c4acfbb to
af6946f
Compare
There was a problem hiding this comment.
Overall, I think this PR is a tremendous improvement, although I ran out of time before reviewing all the changes. Besides the issues I raised inline, golint has many concerns, which should all be easy to fix.
validate/error.go
Outdated
| return fmt.Sprintf(referenceTemplate, version, "config-linux.md#default-filesystems"), nil | ||
| }, | ||
| }, | ||
| // NonRFCError represents that an error is not a rfc2119 error |
There was a problem hiding this comment.
I don't think we need to duplicate this comment here (you already have it on line 19).
validate/error.go
Outdated
| // Root | ||
| RootOnNonHyperV: errorTemplate{Level: rfc2119.Required, Reference: rootRef}, | ||
| RootOnHyperV: errorTemplate{Level: rfc2119.Must, Reference: rootRef}, | ||
| // TODO |
There was a problem hiding this comment.
Probably expand this comment to:
TODO: Add tests for these spec conditions
or some such.
validate/error.go
Outdated
| PathFormatOnWindows: errorTemplate{Level: rfc2119.Must, Reference: rootRef}, | ||
| PathName: errorTemplate{Level: rfc2119.Should, Reference: rootRef}, | ||
| PathExistence: errorTemplate{Level: rfc2119.Must, Reference: rootRef}, | ||
| ReadonlyFilesystem: errorTemplate{Level: rfc2119.Must, Reference: rootRef}, |
There was a problem hiding this comment.
I think you intend this for the spec's:
readonly(bool, OPTIONAL) If true then the root filesystem MUST be read-only inside the container, defaults to false.
But that is a runtime requirement which is tested by validation and runtimetest. It doesn't belong in validate, which is about config/bundle validation.
There was a problem hiding this comment.
Yes, it is same with DefaultFilesystems. I prefer to put the error definition of runtime test and bundle test together. Maybe I should also move the validate/error.go file to the error directory?
validate/error.go
Outdated
| // FindError finds an error from a source error (mulitple error) and | ||
| // returns the error code if founded. | ||
| // If the source error is nil or empty, return NonErr. | ||
| // If the source error is not a multiple error, return NonRFCErr. |
There was a problem hiding this comment.
NonErr → NonError and NonRFCErr → NonRFCError.
validate/validate.go
Outdated
| } else if !fi.IsDir() { | ||
| msgs = append(msgs, fmt.Sprintf("The root path %q is not a directory.", rootfsPath)) | ||
| errs = multierror.Append(errs, | ||
| NewError(PathExistence, fmt.Sprintf("The root path %q is not a directory.", rootfsPath), rspec.Version)) | ||
| } | ||
|
|
||
| rootParent := filepath.Dir(absRootPath) |
There was a problem hiding this comment.
We will need a guard for the case where absRootPath was not initialized because the Abs call failed above. Although that issue predates this PR and can be handled in a separate PR if you like.
There was a problem hiding this comment.
From the golang document, it seems only a terrible system failure will cause an Abs Error.
I think we can just return when we catch an Abs error. I'll add it in the following update.
validate/validate.go
Outdated
| } | ||
| if version != rspec.Version { | ||
| msgs = append(msgs, fmt.Sprintf("internal error: validate currently only handles version %s, but the supplied configuration targets %s", rspec.Version, version)) | ||
| errs = multierror.Append(errs, fmt.Errorf("internal error: validate currently only handles version %s, but the supplied configuration targets %s", rspec.Version, version)) |
There was a problem hiding this comment.
This is clearly an internal error because it is a non-RFC error. I think we should drop “internal error: ” from the value.
validate/validate.go
Outdated
| for _, hook := range hooks { | ||
| if !filepath.IsAbs(hook.Path) { | ||
| msgs = append(msgs, fmt.Sprintf("The %s hook %v: is not absolute path", hookType, hook.Path)) | ||
| errs = multierror.Append(errs, fmt.Errorf("The %s hook %v: is not absolute path", hookType, hook.Path)) |
There was a problem hiding this comment.
The MUST for this check is here. For poststart and poststop the requirement is indirect, via this and this. Perhaps we should expand Error.Reference to an array of strings so we can represent trails like that? Although if we're sticking to Markdown links, this is as specific as we can get at the moment, and it covers all the lines I linked earlier.
There was a problem hiding this comment.
I opened an issue to track this: #452.
| @@ -228,17 +242,17 @@ func (v *Validator) CheckProcess() (msgs []string) { | |||
|
|
|||
| process := v.spec.Process | |||
| if !filepath.IsAbs(process.Cwd) { | |||
| msgs = append(msgs, fmt.Sprintf("cwd %q is not an absolute path", process.Cwd)) | |||
| errs = multierror.Append(errs, fmt.Errorf("cwd %q is not an absolute path", process.Cwd)) | |||
There was a problem hiding this comment.
The MUST for this check is here.
There was a problem hiding this comment.
This PR is quite big. I think we could change other errors in the following PRs.
validate/validate.go
Outdated
| } | ||
|
|
||
| for _, env := range process.Env { | ||
| if !envValid(env) { | ||
| msgs = append(msgs, fmt.Sprintf("env %q should be in the form of 'key=value'. The left hand side must consist solely of letters, digits, and underscores '_'.", env)) | ||
| errs = multierror.Append(errs, fmt.Errorf("env %q should be in the form of 'key=value'. The left hand side must consist solely of letters, digits, and underscores '_'.", env)) |
There was a problem hiding this comment.
The spec punts to POSIX here, and POSIX has:
These strings have the form name=value; names shall not contain the character '='.
which I read as a MUST-level requirement. POSIX also has:
Environment variable names used by the utilities in the Shell and Utilities volume of POSIX.1-2008 consist solely of uppercase letters, digits, and the ( '_' ) from the characters defined in Portable Character Set and do not begin with a digit. Other characters may be permitted by an implementation; applications shall tolerate the presence of such names.
which I read as a SHOULD-level requirement for names, because OCI runtimes are not “used by the utilities in the Shell and Utilities volume of POSIX.1-2008”.
liangchenye
force-pushed
the
runtimeenv
branch
3 times, most recently
from
597bf92 to
7950d0b
Compare
liangchenye
force-pushed
the
runtimeenv
branch
2 times, most recently
from
7fd6597 to
be46cca
Compare
The next plan:
PTAL @wking @q384566678 @Mashimiao @mrunalp @hqhq |
Signed-off-by: Liang Chenye <[email protected]>
liangchenye
force-pushed
the
runtimeenv
branch
from
be46cca to
2520212
Compare
|
LGTM |
|
LGTM |
…kage With 8f4d367 (error: Pull the RFC 2119 error representation into its own package, 2017-07-28, opencontainers#437), I'd created a package that was completely independent of runtime-spec. As I pointed out in that commit message, this made it possible for image-tools and other projects to reuse the generic RFC 2119 handling (which they care about) without involving the runtime-spec-specific error enumeration and such (which they don't care about). In 2520212 (add stretchr/testify/assert pkgs; use rfc code in bundle validation, 2017-08-29, opencontainers#451), some runtime-spec-specific functionality leaked into the error package. I'd recommended keeping configuration and runtime requirements separate [1], because you're unlikely to be testing both of those at once. But Liang wanted them collected [2,3]. And the NewError and FindError utilities would be the same regardless of target, so that's a good argument for keeping them together. This commit moves the runtime-spec-specific functionality into a new package where both config and runtime validators can share it, but where it won't pollute the generic RFC 2119 error package. I've also changed NewError to take an error argument instead of a string message, because creating an error from a string is easy (e.g. with fmt.Errorf(...)), and using an error allows you to preserve any additional structured information from a system error (e.g. as returned by GetMounts). [1]: opencontainers#451 (comment) [2]: opencontainers#451 (comment) [3]: opencontainers#451 (comment) Signed-off-by: W. Trevor King <[email protected]>
…kage With 8f4d367 (error: Pull the RFC 2119 error representation into its own package, 2017-07-28, opencontainers#437), I'd created a package that was completely independent of runtime-spec. As I pointed out in that commit message, this made it possible for image-tools and other projects to reuse the generic RFC 2119 handling (which they care about) without involving the runtime-spec-specific error enumeration and such (which they don't care about). In 2520212 (add stretchr/testify/assert pkgs; use rfc code in bundle validation, 2017-08-29, opencontainers#451), some runtime-spec-specific functionality leaked into the error package. I'd recommended keeping configuration and runtime requirements separate [1], because you're unlikely to be testing both of those at once. But Liang wanted them collected [2,3]. And the NewError and FindError utilities would be the same regardless of target, so that's a good argument for keeping them together. This commit moves the runtime-spec-specific functionality into a new package where both config and runtime validators can share it, but where it won't pollute the generic RFC 2119 error package. I've also changed NewError to take an error argument instead of a string message, because creating an error from a string is easy (e.g. with fmt.Errorf(...)), and using an error allows you to preserve any additional structured information from a system error (e.g. as returned by GetMounts). [1]: opencontainers#451 (comment) [2]: opencontainers#451 (comment) [3]: opencontainers#451 (comment) Signed-off-by: W. Trevor King <[email protected]>
…kage With 8f4d367 (error: Pull the RFC 2119 error representation into its own package, 2017-07-28, opencontainers#437), I'd created a package that was completely independent of runtime-spec. As I pointed out in that commit message, this made it possible for image-tools and other projects to reuse the generic RFC 2119 handling (which they care about) without involving the runtime-spec-specific error enumeration and such (which they don't care about). In 2520212 (add stretchr/testify/assert pkgs; use rfc code in bundle validation, 2017-08-29, opencontainers#451), some runtime-spec-specific functionality leaked into the error package. I'd recommended keeping configuration and runtime requirements separate [1], because you're unlikely to be testing both of those at once. But Liang wanted them collected [2,3]. And the NewError and FindError utilities would be the same regardless of target, so that's a good argument for keeping them together. This commit moves the runtime-spec-specific functionality into a new package where both config and runtime validators can share it, but where it won't pollute the generic RFC 2119 error package. I've also changed NewError to take an error argument instead of a string message, because creating an error from a string is easy (e.g. with fmt.Errorf(...)), and using an error allows you to preserve any additional structured information from a system error (e.g. as returned by GetMounts). [1]: opencontainers#451 (comment) [2]: opencontainers#451 (comment) [3]: opencontainers#451 (comment) Signed-off-by: W. Trevor King <[email protected]>
…kage With 8f4d367 (error: Pull the RFC 2119 error representation into its own package, 2017-07-28, opencontainers#437), I'd created a package that was completely independent of runtime-spec. As I pointed out in that commit message, this made it possible for image-tools and other projects to reuse the generic RFC 2119 handling (which they care about) without involving the runtime-spec-specific error enumeration and such (which they don't care about). In 2520212 (add stretchr/testify/assert pkgs; use rfc code in bundle validation, 2017-08-29, opencontainers#451), some runtime-spec-specific functionality leaked into the error package. I'd recommended keeping configuration and runtime requirements separate [1], because you're unlikely to be testing both of those at once. But Liang wanted them collected [2,3]. And the NewError and FindError utilities would be the same regardless of target, so that's a good argument for keeping them together. This commit moves the runtime-spec-specific functionality into a new package where both config and runtime validators can share it, but where it won't pollute the generic RFC 2119 error package. I've also changed NewError to take an error argument instead of a string message, because creating an error from a string is easy (e.g. with fmt.Errorf(...)), and using an error allows you to preserve any additional structured information from a system error (e.g. as returned by GetMounts). [1]: opencontainers#451 (comment) [2]: opencontainers#451 (comment) [3]: opencontainers#451 (comment) Signed-off-by: W. Trevor King <[email protected]>
Signed-off-by: Liang Chenye [email protected]