diff options
author | Chad Smith <chad.smith@canonical.com> | 2022-01-18 10:05:29 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-01-18 10:05:29 -0700 |
commit | 4ba6fd283674df1ef25300d91c6d2061910744be (patch) | |
tree | c70e12ed177e8383a1e2e5fd1a1fdb041ac1d0b6 /cloudinit/cmd | |
parent | 45484c0b05d39461500212481e2466155dd1e210 (diff) | |
download | vyos-cloud-init-4ba6fd283674df1ef25300d91c6d2061910744be.tar.gz vyos-cloud-init-4ba6fd283674df1ef25300d91c6d2061910744be.zip |
Single JSON schema validation in early boot (#1175)
Package a single JSON schema file for user-data validation at
cloudinit/config/cloud-init-schema.json.
Perform validate_cloudconfig_schema call to just after the
user-data is consumed. This will allow single validation of all
user-data against the full schema instead of
repetitive validatation calls against each cloud-config module
(cloudinit.config.cc_*) sub-schemas.
This branch defines the simple apt_pipelining schema and
migrates existing cc_apk_configure into cloud-init-schema.json.
The expectation will be additional branches to migrate from legacy
"schema" attributes inside each cloud-config module toward unique
cc_<module_name> definitions in the global shema file under "$defs"
of cloud-init-schema-X.Y..json.
Before legacy sub-schema definitions are migrated the following
funcs grew support to read sub-schemas from both static
cloud-init-schema.json and the individual cloud-config module
"schema" attributes:
- get_schema: source base schema file from cloud-init-schema.json
and supplement with all legacy cloud-config module "schema" defs
- get_meta_doc: optional schema param so cloud-config modules
no longer provide the own local sub-schemas
- _get_property_doc: render only documentation of sub-schema based
on meta['id'] provided
- validate_cloudconfig_schema: allow optional schema param
Additionally, fix two minor bugs in _schemapath_for_cloudconfig:
- `cloud-init devel schema --annotate` which results in a Traceback
if two keys at the same indent level have invalid types.
- exit early on empty cloud-config to avoid a Traceback on the CLI
Diffstat (limited to 'cloudinit/cmd')
-rw-r--r-- | cloudinit/cmd/main.py | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/cloudinit/cmd/main.py b/cloudinit/cmd/main.py index e67edbc3..c9be41b3 100644 --- a/cloudinit/cmd/main.py +++ b/cloudinit/cmd/main.py @@ -22,6 +22,7 @@ from cloudinit import patcher patcher.patch_logging() +from cloudinit.config.schema import validate_cloudconfig_schema from cloudinit import log as logging from cloudinit import netinfo from cloudinit import signal_handler @@ -474,6 +475,12 @@ def main_init(name, args): util.logexc(LOG, "Consuming user data failed!") return (init.datasource, ["Consuming user data failed!"]) + # Validate user-data adheres to schema definition + if os.path.exists(init.paths.get_ipath_cur("userdata_raw")): + validate_cloudconfig_schema(config=init.cfg, strict=False) + else: + LOG.debug("Skipping user-data validation. No user-data found.") + apply_reporting_cfg(init.cfg) # Stage 8 - re-read and apply relevant cloud-config to include user-data |