-
Notifications
You must be signed in to change notification settings - Fork 244
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
spec: unify resource fetching type #953
Conversation
Marking WIP for now. Haven't tested this much yet, nor run blackbox testing. There's also some subtle changes in validation since in some places
Still, if we prefer to keep the spec file unchanged for now, we can split this into |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This LGTM generally; thanks for doing it! I don't see an obvious downside to making all resources compressible.
Tests to add:
- Compression tests for
certificateAuthorities
,replace
, andmerge
- Negative tests for
certificateAuthorities
,replace
, andmerge
without asource
specified
Dedupe the "remote resource" type from the spec. This came up too during review of the new HTTP headers. They all had more or less the same fields in common ("source", "verification", "compression", and more recently "httpHeaders"). One noticeable spec level change from this is that some places now support compression where they didn't before. Might seem odd to support compression for e.g. certificate authorities, though it does make the spec more consistent throughout. Co-authored-by: Jonathan Lebon <jonathan@jlebon.com>
Also verify hashes, to ensure that Ignition's decompress-before-verify semantics are maintained (coreos#961).
6e69536
to
3660e8c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome, thanks for picking this up and pushing it through, LGTM! (Looks like I can't actually approve it since it's my own PR.)
Code LGTM and the PR is stamped. |
Dedupe the "remote resource" type from the spec. This came up too during
review of the new HTTP headers. They all had more or less the same
fields in common ("source", "verification", "compression", and more
recently "httpHeaders").
One noticeable spec level change from this is that some places now
support compression where they didn't before. Might seem odd to support
compression for e.g. certificate authorities, though it does make the
spec more consistent throughout.
It's a nice cleanup, though my goal with doing this is the ability to
inspect more easily whether a config contains any resources which
require some form of networking.