diff options
| -rw-r--r-- | go.mod | 2 | ||||
| -rw-r--r-- | go.sum | 4 | ||||
| -rw-r--r-- | vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/doc.go | 20 | ||||
| -rw-r--r-- | vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go | 41 | ||||
| -rw-r--r-- | vendor/modules.txt | 2 |
5 files changed, 58 insertions, 11 deletions
@@ -8,7 +8,7 @@ require ( github.com/buger/goterm v1.0.4 github.com/checkpoint-restore/checkpointctl v0.0.0-20211204171957-54b4ebfdb681 github.com/checkpoint-restore/go-criu/v5 v5.3.0 - github.com/container-orchestrated-devices/container-device-interface v0.3.0 + github.com/container-orchestrated-devices/container-device-interface v0.3.2 github.com/containernetworking/cni v1.0.1 github.com/containernetworking/plugins v1.1.1 github.com/containers/buildah v1.25.2-0.20220406205807-5b8e79118057 @@ -244,8 +244,8 @@ github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:z github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI= -github.com/container-orchestrated-devices/container-device-interface v0.3.0 h1:tM2zdVYZY8getsFaTc7Z+v+UqDXhk5alchOHVEADes0= -github.com/container-orchestrated-devices/container-device-interface v0.3.0/go.mod h1:LGs3yHVe1wZn2XsWl4AxywYQ3NRZ6osTEZozCHQCRSM= +github.com/container-orchestrated-devices/container-device-interface v0.3.2 h1:vZVaQwmFFddi7Y9mJgQTLPFxTWg81+OIHEMu/Th1wuw= +github.com/container-orchestrated-devices/container-device-interface v0.3.2/go.mod h1:E1zcucIkq9P3eyNmY+68dBQsTcsXJh9cgRo2IVNScKQ= github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU= github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= diff --git a/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/doc.go b/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/doc.go index 4fcdc44db..a9017259c 100644 --- a/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/doc.go +++ b/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/doc.go @@ -127,4 +127,24 @@ // The default directories are '/etc/cdi' and '/var/run/cdi'. By putting // dynamically generated Spec files under '/var/run/cdi', those take // precedence over static ones in '/etc/cdi'. +// +// CDI Spec Validation +// +// This package performs both syntactic and semantic validation of CDI +// Spec file data when a Spec file is loaded via the registry or using +// the ReadSpec API function. As part of the semantic verification, the +// Spec file is verified against the CDI Spec JSON validation schema. +// +// If a valid externally provided JSON validation schema is found in +// the filesystem at /etc/cdi/schema/schema.json it is loaded and used +// as the default validation schema. If such a file is not found or +// fails to load, an embedded no-op schema is used. +// +// The used validation schema can also be changed programmatically using +// the SetSchema API convenience function. This function also accepts +// the special "builtin" (BuiltinSchemaName) and "none" (NoneSchemaName) +// schema names which switch the used schema to the in-repo validation +// schema embedded into the binary or the now default no-op schema +// correspondingly. Other names are interpreted as the path to the actual +/// validation schema to load and use. package cdi diff --git a/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go b/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go index adebc101f..59f01acb7 100644 --- a/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go +++ b/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go @@ -35,6 +35,9 @@ var ( "0.2.0": {}, "0.3.0": {}, } + + // Externally set CDI Spec validation function. + specValidator func(*cdi.Spec) error ) // Spec represents a single CDI Spec. It is usually loaded from a @@ -68,8 +71,16 @@ func ReadSpec(path string, priority int) (*Spec, error) { if err != nil { return nil, errors.Wrapf(err, "failed to parse CDI Spec %q", path) } + if raw == nil { + return nil, errors.Errorf("failed to parse CDI Spec %q, no Spec data", path) + } + + spec, err := NewSpec(raw, path, priority) + if err != nil { + return nil, err + } - return NewSpec(raw, path, priority) + return spec, nil } // NewSpec creates a new Spec from the given CDI Spec data. The @@ -77,7 +88,10 @@ func ReadSpec(path string, priority int) (*Spec, error) { // priority. If Spec data validation fails NewSpec returns a nil // Spec and an error. func NewSpec(raw *cdi.Spec, path string, priority int) (*Spec, error) { - var err error + err := validateSpec(raw) + if err != nil { + return nil, err + } spec := &Spec{ Spec: raw, @@ -170,16 +184,29 @@ func validateVersion(version string) error { // Parse raw CDI Spec file data. func parseSpec(data []byte) (*cdi.Spec, error) { - raw := &cdi.Spec{} + var raw *cdi.Spec err := yaml.UnmarshalStrict(data, &raw) if err != nil { return nil, errors.Wrap(err, "failed to unmarshal CDI Spec") } - return raw, validateJSONSchema(raw) + return raw, nil +} + +// SetSpecValidator sets a CDI Spec validator function. This function +// is used for extra CDI Spec content validation whenever a Spec file +// loaded (using ReadSpec() or NewSpec()) or written (Spec.Write()). +func SetSpecValidator(fn func(*cdi.Spec) error) { + specValidator = fn } -// Validate CDI Spec against JSON Schema. -func validateJSONSchema(raw *cdi.Spec) error { - // TODO +// validateSpec validates the Spec using the extneral validator. +func validateSpec(raw *cdi.Spec) error { + if specValidator == nil { + return nil + } + err := specValidator(raw) + if err != nil { + return errors.Wrap(err, "Spec validation failed") + } return nil } diff --git a/vendor/modules.txt b/vendor/modules.txt index 11ee3b189..259f218c3 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -57,7 +57,7 @@ github.com/checkpoint-restore/go-criu/v5/rpc github.com/checkpoint-restore/go-criu/v5/stats # github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e github.com/chzyer/readline -# github.com/container-orchestrated-devices/container-device-interface v0.3.0 +# github.com/container-orchestrated-devices/container-device-interface v0.3.2 ## explicit github.com/container-orchestrated-devices/container-device-interface/pkg/cdi github.com/container-orchestrated-devices/container-device-interface/specs-go |