From 51a8c3c4be45d35e7b523c3925ec37ba75a93ac6 Mon Sep 17 00:00:00 2001 From: Benjamin Gilbert Date: Fri, 24 Jan 2020 11:03:27 -0500 Subject: [PATCH 1/3] docs: fix versions for 1.1.0-experimental --- docs/configuration-v1_1-exp.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuration-v1_1-exp.md b/docs/configuration-v1_1-exp.md index c52c5f16..6e34b55f 100644 --- a/docs/configuration-v1_1-exp.md +++ b/docs/configuration-v1_1-exp.md @@ -5,7 +5,7 @@ The Fedora CoreOS configuration is a YAML document conforming to the following specification, with **_italicized_** entries being optional: * **variant** (string): used to differentiate configs for different operating systems. Must be `fcos` for FCCT. -* **version** (string): the semantic version of the spec for this document. This document is for version `1.0.0` and generates Ignition configs with version `3.0.0`. +* **version** (string): the semantic version of the spec for this document. This document is for version `1.1.0-experimental` and generates Ignition configs with version `3.1.0-experimental`. * **ignition** (object): metadata about the configuration itself. * **_config_** (objects): options related to the configuration. * **_merge_** (list of objects): a list of the configs to be merged to the current config. From e6c420e07d177f7c02f3b51a4657d2ab37a8b581 Mon Sep 17 00:00:00 2001 From: Benjamin Gilbert Date: Fri, 24 Jan 2020 11:04:39 -0500 Subject: [PATCH 2/3] go.mod: bump Ignition to 2.1.1 --- go.mod | 2 +- go.sum | 6 ++- .../v2/config/shared/errors/errors.go | 2 + .../ignition/v2/config/v3_0/types/file.go | 2 +- .../v2/config/v3_1_experimental/types/file.go | 2 +- .../v3_1_experimental/types/filesystem.go | 3 +- .../config/v3_1_experimental/types/proxy.go | 49 +++++++++++++++++++ .../config/v3_1_experimental/types/schema.go | 3 ++ vendor/modules.txt | 2 +- 9 files changed, 64 insertions(+), 7 deletions(-) create mode 100644 vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/proxy.go diff --git a/go.mod b/go.mod index 2f85ec99..07cbb2d7 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.12 require ( github.com/coreos/go-semver v0.3.0 github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e - github.com/coreos/ignition/v2 v2.0.1 + github.com/coreos/ignition/v2 v2.1.1 github.com/coreos/vcontext v0.0.0-20191017033345-260217907eb5 github.com/davecgh/go-spew v1.1.1 // indirect github.com/stretchr/testify v1.3.0 diff --git a/go.sum b/go.sum index f4016d64..a975eb6c 100644 --- a/go.sum +++ b/go.sum @@ -7,8 +7,8 @@ github.com/coreos/go-systemd v0.0.0-20181031085051-9002847aa142 h1:3jFq2xL4ZajGK github.com/coreos/go-systemd v0.0.0-20181031085051-9002847aa142/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e h1:Wf6HqHfScWJN9/ZjdUKyjop4mf3Qdd+1TvvltAvM3m8= github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/ignition/v2 v2.0.1 h1:aKZARDpl6rDr83Ur/fUoQ3uuSM0VCLH5nTERkLczJFM= -github.com/coreos/ignition/v2 v2.0.1/go.mod h1:EJP9Gk/u21BPwWa5nT6yYbm5mO0u8JQAAzFqaxgH7Fg= +github.com/coreos/ignition/v2 v2.1.1 h1:siNZchKAWoLeV708X4QWG9chTYhssE93HBKkZx+JJO8= +github.com/coreos/ignition/v2 v2.1.1/go.mod h1:RqmqU64zxarUJa3l4cHtbhcSwfQLpUhv0WVziZwoXvE= github.com/coreos/vcontext v0.0.0-20190529201340-22b159166068/go.mod h1:E+6hug9bFSe0KZ2ZAzr8M9F5JlArJjv5D1JS7KSkPKE= github.com/coreos/vcontext v0.0.0-20191017033345-260217907eb5 h1:DjoHHi6+9J7DGYPvBdmszKZLY+ucx2bnA77jf8KIk9M= github.com/coreos/vcontext v0.0.0-20191017033345-260217907eb5/go.mod h1:E+6hug9bFSe0KZ2ZAzr8M9F5JlArJjv5D1JS7KSkPKE= @@ -17,6 +17,7 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/godbus/dbus v0.0.0-20181025153459-66d97aec3384/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= +github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= @@ -39,6 +40,7 @@ github.com/vincent-petithory/dataurl v0.0.0-20160330182126-9a301d65acbb/go.mod h github.com/vmware/vmw-guestinfo v0.0.0-20170707015358-25eff159a728/go.mod h1:x9oS4Wk2s2u4tS29nEaDLdzvuHdB19CvSGJjPgkZJNk= github.com/vmware/vmw-ovflib v0.0.0-20170608004843-1f217b9dc714/go.mod h1:jiPk45kn7klhByRvUq5i2vo1RtHKBHj+iWGFpxbXuuI= golang.org/x/net v0.0.0-20190228165749-92fc7df08ae7/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/sys v0.0.0-20191110163157-d32e6e3b99c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/vendor/github.com/coreos/ignition/v2/config/shared/errors/errors.go b/vendor/github.com/coreos/ignition/v2/config/shared/errors/errors.go index 1439d4f3..18911082 100644 --- a/vendor/github.com/coreos/ignition/v2/config/shared/errors/errors.go +++ b/vendor/github.com/coreos/ignition/v2/config/shared/errors/errors.go @@ -68,6 +68,8 @@ var ( ErrZeroesWithShouldNotExist = errors.New("shouldExist is false for a partition and other partition(s) has start or size 0") ErrNeedLabelOrNumber = errors.New("a partition number >= 1 or a label must be specified") ErrDuplicateLabels = errors.New("cannot use the same partition label twice") + ErrInvalidProxy = errors.New("proxies must be http(s)") + ErrInsecureProxy = errors.New("insecure plaintext HTTP proxy specified for HTTPS resources") // Systemd section errors ErrInvalidSystemdExt = errors.New("invalid systemd unit extension") diff --git a/vendor/github.com/coreos/ignition/v2/config/v3_0/types/file.go b/vendor/github.com/coreos/ignition/v2/config/v3_0/types/file.go index ffa9918e..c3e3a339 100644 --- a/vendor/github.com/coreos/ignition/v2/config/v3_0/types/file.go +++ b/vendor/github.com/coreos/ignition/v2/config/v3_0/types/file.go @@ -24,7 +24,7 @@ import ( func (f File) Validate(c path.ContextPath) (r report.Report) { r.Merge(f.Node.Validate(c)) r.AddOnError(c.Append("mode"), validateMode(f.Mode)) - if f.Mode == nil { + if f.Mode == nil && f.Contents.Source != nil { r.AddOnWarn(c.Append("mode"), errors.ErrFilePermissionsUnset) } r.AddOnError(c.Append("overwrite"), f.validateOverwrite()) diff --git a/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/file.go b/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/file.go index ffa9918e..c3e3a339 100644 --- a/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/file.go +++ b/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/file.go @@ -24,7 +24,7 @@ import ( func (f File) Validate(c path.ContextPath) (r report.Report) { r.Merge(f.Node.Validate(c)) r.AddOnError(c.Append("mode"), validateMode(f.Mode)) - if f.Mode == nil { + if f.Mode == nil && f.Contents.Source != nil { r.AddOnWarn(c.Append("mode"), errors.ErrFilePermissionsUnset) } r.AddOnError(c.Append("overwrite"), f.validateOverwrite()) diff --git a/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/filesystem.go b/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/filesystem.go index 86f08911..964dfcac 100644 --- a/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/filesystem.go +++ b/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/filesystem.go @@ -28,7 +28,8 @@ func (f Filesystem) Key() string { func (f Filesystem) IgnoreDuplicates() map[string]struct{} { return map[string]struct{}{ - "Options": {}, + "Options": {}, + "MountOptions": {}, } } diff --git a/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/proxy.go b/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/proxy.go new file mode 100644 index 00000000..4a60087f --- /dev/null +++ b/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/proxy.go @@ -0,0 +1,49 @@ +// Copyright 2019 Red Hat, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package types + +import ( + "net/url" + + "github.com/coreos/ignition/v2/config/shared/errors" + + "github.com/coreos/vcontext/path" + "github.com/coreos/vcontext/report" +) + +func (p Proxy) Validate(c path.ContextPath) (r report.Report) { + validateProxyURL(p.HTTPProxy, c.Append("httpProxy"), &r, true) + validateProxyURL(p.HTTPSProxy, c.Append("httpsProxy"), &r, false) + return +} + +func validateProxyURL(s *string, p path.ContextPath, r *report.Report, httpOk bool) { + if s == nil { + return + } + u, err := url.Parse(*s) + if err != nil { + r.AddOnError(p, errors.ErrInvalidUrl) + return + } + + if u.Scheme != "https" && u.Scheme != "http" { + r.AddOnError(p, errors.ErrInvalidProxy) + return + } + if u.Scheme == "http" && !httpOk { + r.AddOnWarn(p, errors.ErrInsecureProxy) + } +} diff --git a/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/schema.go b/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/schema.go index e552cdbf..ddcf15b3 100644 --- a/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/schema.go +++ b/vendor/github.com/coreos/ignition/v2/config/v3_1_experimental/types/schema.go @@ -62,6 +62,7 @@ type Filesystem struct { Device string `json:"device"` Format *string `json:"format,omitempty"` Label *string `json:"label,omitempty"` + MountOptions []MountOption `json:"mountOptions,omitempty"` Options []FilesystemOption `json:"options,omitempty"` Path *string `json:"path,omitempty"` UUID *string `json:"uuid,omitempty"` @@ -95,6 +96,8 @@ type LinkEmbedded1 struct { Target string `json:"target"` } +type MountOption string + type NoProxyItem string type Node struct { diff --git a/vendor/modules.txt b/vendor/modules.txt index 461ddc0f..92f71b6b 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -4,7 +4,7 @@ github.com/ajeddeloh/go-json github.com/coreos/go-semver/semver # github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e github.com/coreos/go-systemd/unit -# github.com/coreos/ignition/v2 v2.0.1 +# github.com/coreos/ignition/v2 v2.1.1 github.com/coreos/ignition/v2/config/shared/errors github.com/coreos/ignition/v2/config/shared/validations github.com/coreos/ignition/v2/config/util From dda7754ae9fe8e46a20ff8a5deaa48deb520ca2f Mon Sep 17 00:00:00 2001 From: Benjamin Gilbert Date: Fri, 24 Jan 2020 11:07:14 -0500 Subject: [PATCH 3/3] base/v0_2_exp: translate filesystem.mountOptions field --- base/v0_2_exp/schema.go | 1 + base/v0_2_exp/translate.go | 3 ++- base/v0_2_exp/translate_test.go | 2 ++ docs/configuration-v1_1-exp.md | 1 + 4 files changed, 6 insertions(+), 1 deletion(-) diff --git a/base/v0_2_exp/schema.go b/base/v0_2_exp/schema.go index efe9bc51..f74b0e72 100644 --- a/base/v0_2_exp/schema.go +++ b/base/v0_2_exp/schema.go @@ -73,6 +73,7 @@ type Filesystem struct { Device string `yaml:"device"` Format *string `yaml:"format"` Label *string `yaml:"label"` + MountOptions []string `yaml:"mount_options"` Options []string `yaml:"options"` Path *string `yaml:"path"` UUID *string `yaml:"uuid"` diff --git a/base/v0_2_exp/translate.go b/base/v0_2_exp/translate.go index ddf9c248..3bee4d33 100644 --- a/base/v0_2_exp/translate.go +++ b/base/v0_2_exp/translate.go @@ -125,7 +125,8 @@ func translateLink(from Link) (to types.Link, tm translate.TranslationSet) { func translateFilesystem(from Filesystem) (to types.Filesystem, tm translate.TranslationSet) { tr := translate.NewTranslator("yaml", "json") - tm = tr.Translate(&from.Options, &to.Options).Prefix("options") + tm = tr.Translate(&from.MountOptions, &to.MountOptions).Prefix("mount_options") + tm.MergeP("options", tr.Translate(&from.Options, &to.Options)) to.Device = from.Device to.Label = from.Label to.Format = from.Format diff --git a/base/v0_2_exp/translate_test.go b/base/v0_2_exp/translate_test.go index df22ef71..31c0e2ed 100644 --- a/base/v0_2_exp/translate_test.go +++ b/base/v0_2_exp/translate_test.go @@ -290,6 +290,7 @@ func TestTranslateFilesystem(t *testing.T) { Device: "/foo", Format: util.StrToPtr("/bar"), Label: util.StrToPtr("/baz"), + MountOptions: []string{"yes", "no", "maybe"}, Options: []string{"foo", "foo", "bar"}, Path: util.StrToPtr("/quux"), UUID: util.StrToPtr("1234"), @@ -300,6 +301,7 @@ func TestTranslateFilesystem(t *testing.T) { Device: "/foo", Format: util.StrToPtr("/bar"), Label: util.StrToPtr("/baz"), + MountOptions: []types.MountOption{"yes", "no", "maybe"}, Options: []types.FilesystemOption{"foo", "foo", "bar"}, Path: util.StrToPtr("/quux"), UUID: util.StrToPtr("1234"), diff --git a/docs/configuration-v1_1-exp.md b/docs/configuration-v1_1-exp.md index 6e34b55f..cea0f85d 100644 --- a/docs/configuration-v1_1-exp.md +++ b/docs/configuration-v1_1-exp.md @@ -56,6 +56,7 @@ The Fedora CoreOS configuration is a YAML document conforming to the following s * **_label_** (string): the label of the filesystem. * **_uuid_** (string): the uuid of the filesystem. * **_options_** (list of strings): any additional options to be passed to the format-specific mkfs utility. + * **_mount_options_** (list of strings): any special options to be passed to the mount command. * **_with_mount_unit_** (bool): Whether to generate a generic mount unit for this filesystem as well. If a more specific unit is needed, a custom one can be specified in the `systemd.units` section. The unit will be named with the [escaped][systemd-escape] version of the `path`. * **_files_** (list of objects): the list of files to be written. Every file, directory and link must have a unique `path`. * **path** (string): the absolute path to the file.