cosalib/meta.py: support sub schemas #1084
Conversation
src/cosalib/meta.py
Outdated
| for k, v in self._validator.items(): | ||
| if k in ("main", self.get("name")): | ||
| log.debug(f"validating against {k} schema") | ||
| v.validate(dict(self)) |
There was a problem hiding this comment.
Hmm, so this is just doing a sequential check of the various schemas, right? But I think one other really valuable part of validating against a schema is erroring/warning against unknown keys. Otherwise, e.g. it would not have prevented #1045 really.
Briefly looking through https://python-jsonschema.readthedocs.io/en/stable/, I couldn't find an option to specify multiple schemas to "overlay", which I think is understandable.
How about something like this:
- we read in the OS-specific schema file, and add the
propertiesitems to thepropertiesof the base schema - we turn on
additionalProperties: falsein the base schema
There was a problem hiding this comment.
Take another look :)
|
I need to fix the tests, but the latest push:
|
|
@jlebon can I bother you for another review? I think this accomplishes what you suggested, while doing strict schema enforcement. |
Fixed up. The Schema is now:
I dropped the sub-schemas and the code around ingesting them |
There was a problem hiding this comment.
Yeah, I think this is a good next step for sure! 👍
I feel a little uneasy about having to repeat the common properties between rhcos and fedora-coreos, but I think we can fix that up in a follow-up by defining them as a top-level named schema and then extending the RHCOS/FCOS-specific schemas using allOf within the anyOfs? (I'm looking at https://json-schema.org/understanding-json-schema/structuring.html#reuse and https://json-schema.org/understanding-json-schema/structuring.html#extending).
Leaving it open for a bit in case anyone else wants to take a look.
src/schema/v1.json
Outdated
| "fedora-coreos.parent-commit", | ||
| "fedora-coreos.parent-version", | ||
| "images", | ||
| "name", |
There was a problem hiding this comment.
Can't name be dropped from the anyOf of both rhcos & fedora-coreos because it's in the outer level required (line 8)?
src/schema/v1.json
Outdated
| ], | ||
| "pattern":"^(.*)$" | ||
| "enum": [ |
There was a problem hiding this comment.
It looks like this is exhaustive? The whole idea is to support people doing custom builds, let's not force name to be one of those.
There was a problem hiding this comment.
Changed to support hack builds by defining a "core" schema with the expected outputs for RHCOS and FCOS.
|
Looks like this needs a rebase now. |
|
@petr-muller Any idea why the bot is being spammy here? |
|
@cgwalters @arithx can you gentleman take another look? The schema is conditionalized so that unsupported builds (e.g. non-CoreOS) won't be broken. |
|
Don't know if it's just github showing the commits wrong but all of the content is in the first commit ( |
| "examples": [ | ||
| "fedora/x86_64/coreos/testing-devel" | ||
| ], | ||
| "pattern":"^(?!\\s*$).+" |
There was a problem hiding this comment.
Optional: single quoting regex patterns to avoid having to escape backslashes can be nice
src/schema/v1.json
Outdated
| { | ||
| "if": { | ||
| "properties": { | ||
| "name": { "pattern": "^(rhcos|fedora-coreos)" } |
There was a problem hiding this comment.
Many of these are core properties emitted by coreos-assembler; I don't see why e.g. if someone is doing a custom build they shouldn't have coreos-assembler.basearch.
src/schema/v1.json
Outdated
| "coreos-assembler.config-dirty", | ||
| "coreos-assembler.config-gitrev", | ||
| "coreos-assembler.container-config-git", | ||
| "coreos-assembler.container-image-git", |
There was a problem hiding this comment.
Let's not make these required again please? I don't see a connection between "custom coreos-like builds" and "custom coreos-assembler builds inside an existing development container".
IOW, I want to be able to test patches to coreos-assembler and rpm-ostree inside my dev container, targeting all of fcos/rhcos and e.g. FCOSB.
There was a problem hiding this comment.
The problem is that they are required for RHCOS and the purpose of the schema is to validate the results from builds. I am sympathetic towards your pain @cgwalters -- I am -- but your argument is a required production schema should be weakened for you as a developer based on your workflow.
#1089 was targeted at helping you out with this.
But the larger problem, IMO, is that we have developers who run their own pet container, while COSA expects certain things; that's the tension here. I'm open to ideas
There was a problem hiding this comment.
I think delivering coreos-assembler as a container image has been very successful; I often tell people about that.
BUT I don't think we should entirely rule out e.g. shipping it as an RPM too.
And conceptually, these keys only cover the container build path.
And further, they duplicate metadata already available in the container metadata (OpenShift builds e.g. inject the git commit); unfortunately quay.io's build system is more primitive.
So I'm not sure I'd agree these keys are "required for RHCOS".
I guess I can just set the environment variable for now, it'll just be annoying.
There was a problem hiding this comment.
I'll also chime in as a developer who hacks on cosa from his pet container. 🐕 I think it's important to cover that use-case. Not just for rpm-ostree/$util, but just overall I think it yields a faster edit-build-test feedback loop which makes hacking more pleasant. I've documented it in the README too.
There was a problem hiding this comment.
Dropped in the last push.
After(if) this merged I'll through up one that allows for per-recipe overrides.
This changes the v1.json schema is be aware of "fedora-coreos" and "rhcos" builds. Using the "name" key, the schema is conditionally applied. fixtures/fcos.json: defined test JSON for Fedora CoreOS tests/test_cosalib_meta.py: support testing both FCOS and RHCOS schemas Makefile: set the directory for the test JSON.
|
The other aspect to this debate is; maybe we want to drive down into coreos-assembler the concept of an "official" build; we can be more strict in that case. So it'd be e.g. the pipelines which do |
| "coreos-assembler.config-gitrev", | ||
| "coreos-assembler.image-config-checksum", | ||
| "coreos-assembler.image-genver", | ||
| "coreos-assembler.image-input-checksum" |
There was a problem hiding this comment.
I think it's OK for all of these to be required too?
Unless we're trying to be compatible with older builds (whole rat's nest there)?
There was a problem hiding this comment.
I was going for the lowest common denominator here. The new schema is strict enough that having these as optional should be good enough IMHO.
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: arithx, cgwalters, darkmuggle, jlebon The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
I'll look into it. |
kola: Change distro default to fcos, drop cl
This adds support for discerning whether or not a sub-schema should
exist based on the name in 'meta.json' to support variants.
The new behavior to treat the main schema file as a basename. Any schema
that is found in the same directory with the basename is loaded. The
"name" field is then used to find any sub schemas. For example, given
"v1.json" with a build name of "fedora-coreos", a schema named
"fedora-coreos-v1.json" in the same directory will be applied.
fixtures/fcos.json: defined test JSON for Fedora CoreOS
src/schema/{fedora-coreos,rhcos}-v1.json: stub out for the different
schemas. This is to support the FCOS use of:
"fedora-coreos.parent-version" and
"fedora-coreos.parent-commit" keys.
tests/test_cosalib_meta.py: support testing both FCOS and RHCOS schemas
Makefile: set the directory for the test JSON.