1
0

validation.py 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345
  1. from __future__ import absolute_import
  2. from __future__ import unicode_literals
  3. import json
  4. import logging
  5. import os
  6. import re
  7. import sys
  8. import six
  9. from docker.utils.ports import split_port
  10. from jsonschema import Draft4Validator
  11. from jsonschema import FormatChecker
  12. from jsonschema import RefResolver
  13. from jsonschema import ValidationError
  14. from .errors import ConfigurationError
  15. log = logging.getLogger(__name__)
  16. DOCKER_CONFIG_HINTS = {
  17. 'cpu_share': 'cpu_shares',
  18. 'add_host': 'extra_hosts',
  19. 'hosts': 'extra_hosts',
  20. 'extra_host': 'extra_hosts',
  21. 'device': 'devices',
  22. 'link': 'links',
  23. 'memory_swap': 'memswap_limit',
  24. 'port': 'ports',
  25. 'privilege': 'privileged',
  26. 'priviliged': 'privileged',
  27. 'privilige': 'privileged',
  28. 'volume': 'volumes',
  29. 'workdir': 'working_dir',
  30. }
  31. VALID_NAME_CHARS = '[a-zA-Z0-9\._\-]'
  32. VALID_EXPOSE_FORMAT = r'^\d+(\/[a-zA-Z]+)?$'
  33. @FormatChecker.cls_checks(format="ports", raises=ValidationError)
  34. def format_ports(instance):
  35. try:
  36. split_port(instance)
  37. except ValueError as e:
  38. raise ValidationError(six.text_type(e))
  39. return True
  40. @FormatChecker.cls_checks(format="expose", raises=ValidationError)
  41. def format_expose(instance):
  42. if isinstance(instance, six.string_types):
  43. if not re.match(VALID_EXPOSE_FORMAT, instance):
  44. raise ValidationError(
  45. "should be of the format 'PORT[/PROTOCOL]'")
  46. return True
  47. @FormatChecker.cls_checks(format="bool-value-in-mapping")
  48. def format_boolean_in_environment(instance):
  49. """
  50. Check if there is a boolean in the environment and display a warning.
  51. Always return True here so the validation won't raise an error.
  52. """
  53. if isinstance(instance, bool):
  54. log.warn(
  55. "There is a boolean value in the 'environment' key.\n"
  56. "Environment variables can only be strings.\n"
  57. "Please add quotes to any boolean values to make them string "
  58. "(eg, 'True', 'yes', 'N').\n"
  59. "This warning will become an error in a future release. \r\n"
  60. )
  61. return True
  62. def validate_top_level_service_objects(filename, service_dicts):
  63. """Perform some high level validation of the service name and value.
  64. This validation must happen before interpolation, which must happen
  65. before the rest of validation, which is why it's separate from the
  66. rest of the service validation.
  67. """
  68. for service_name, service_dict in service_dicts.items():
  69. if not isinstance(service_name, six.string_types):
  70. raise ConfigurationError(
  71. "In file '{}' service name: {} needs to be a string, eg '{}'".format(
  72. filename,
  73. service_name,
  74. service_name))
  75. if not isinstance(service_dict, dict):
  76. raise ConfigurationError(
  77. "In file '{}' service '{}' doesn\'t have any configuration options. "
  78. "All top level keys in your docker-compose.yml must map "
  79. "to a dictionary of configuration options.".format(
  80. filename, service_name
  81. )
  82. )
  83. def validate_top_level_object(config_file):
  84. if not isinstance(config_file.config, dict):
  85. raise ConfigurationError(
  86. "Top level object in '{}' needs to be an object not '{}'. Check "
  87. "that you have defined a service at the top level.".format(
  88. config_file.filename,
  89. type(config_file.config)))
  90. def validate_extends_file_path(service_name, extends_options, filename):
  91. """
  92. The service to be extended must either be defined in the config key 'file',
  93. or within 'filename'.
  94. """
  95. error_prefix = "Invalid 'extends' configuration for %s:" % service_name
  96. if 'file' not in extends_options and filename is None:
  97. raise ConfigurationError(
  98. "%s you need to specify a 'file', e.g. 'file: something.yml'" % error_prefix
  99. )
  100. def get_unsupported_config_msg(service_name, error_key):
  101. msg = "Unsupported config option for '{}' service: '{}'".format(service_name, error_key)
  102. if error_key in DOCKER_CONFIG_HINTS:
  103. msg += " (did you mean '{}'?)".format(DOCKER_CONFIG_HINTS[error_key])
  104. return msg
  105. def anglicize_validator(validator):
  106. if validator in ["array", "object"]:
  107. return 'an ' + validator
  108. return 'a ' + validator
  109. def is_service_dict_schema(schema_id):
  110. return schema_id == 'fields_schema_v1.json' or schema_id == '#/properties/services'
  111. def handle_error_for_schema_with_id(error, service_name):
  112. schema_id = error.schema['id']
  113. if is_service_dict_schema(schema_id) and error.validator == 'additionalProperties':
  114. return "Invalid service name '{}' - only {} characters are allowed".format(
  115. # The service_name is the key to the json object
  116. list(error.instance)[0],
  117. VALID_NAME_CHARS)
  118. if schema_id == '#/definitions/constraints':
  119. # TODO: only applies to v1
  120. if 'image' in error.instance and 'build' in error.instance:
  121. return (
  122. "Service '{}' has both an image and build path specified. "
  123. "A service can either be built to image or use an existing "
  124. "image, not both.".format(service_name))
  125. if 'image' not in error.instance and 'build' not in error.instance:
  126. return (
  127. "Service '{}' has neither an image nor a build path "
  128. "specified. At least one must be provided.".format(service_name))
  129. # TODO: only applies to v1
  130. if 'image' in error.instance and 'dockerfile' in error.instance:
  131. return (
  132. "Service '{}' has both an image and alternate Dockerfile. "
  133. "A service can either be built to image or use an existing "
  134. "image, not both.".format(service_name))
  135. if schema_id == '#/definitions/service':
  136. if error.validator == 'additionalProperties':
  137. invalid_config_key = parse_key_from_error_msg(error)
  138. return get_unsupported_config_msg(service_name, invalid_config_key)
  139. def handle_generic_service_error(error, service_name):
  140. config_key = " ".join("'%s'" % k for k in error.path)
  141. msg_format = None
  142. error_msg = error.message
  143. if error.validator == 'oneOf':
  144. msg_format = "Service '{}' configuration key {} {}"
  145. error_msg = _parse_oneof_validator(error)
  146. elif error.validator == 'type':
  147. msg_format = ("Service '{}' configuration key {} contains an invalid "
  148. "type, it should be {}")
  149. error_msg = _parse_valid_types_from_validator(error.validator_value)
  150. # TODO: no test case for this branch, there are no config options
  151. # which exercise this branch
  152. elif error.validator == 'required':
  153. msg_format = "Service '{}' configuration key '{}' is invalid, {}"
  154. elif error.validator == 'dependencies':
  155. msg_format = "Service '{}' configuration key '{}' is invalid: {}"
  156. config_key = list(error.validator_value.keys())[0]
  157. required_keys = ",".join(error.validator_value[config_key])
  158. error_msg = "when defining '{}' you must set '{}' as well".format(
  159. config_key,
  160. required_keys)
  161. elif error.cause:
  162. error_msg = six.text_type(error.cause)
  163. msg_format = "Service '{}' configuration key {} is invalid: {}"
  164. elif error.path:
  165. msg_format = "Service '{}' configuration key {} value {}"
  166. if msg_format:
  167. return msg_format.format(service_name, config_key, error_msg)
  168. return error.message
  169. def parse_key_from_error_msg(error):
  170. return error.message.split("'")[1]
  171. def _parse_valid_types_from_validator(validator):
  172. """A validator value can be either an array of valid types or a string of
  173. a valid type. Parse the valid types and prefix with the correct article.
  174. """
  175. if not isinstance(validator, list):
  176. return anglicize_validator(validator)
  177. if len(validator) == 1:
  178. return anglicize_validator(validator[0])
  179. return "{}, or {}".format(
  180. ", ".join([anglicize_validator(validator[0])] + validator[1:-1]),
  181. anglicize_validator(validator[-1]))
  182. def _parse_oneof_validator(error):
  183. """oneOf has multiple schemas, so we need to reason about which schema, sub
  184. schema or constraint the validation is failing on.
  185. Inspecting the context value of a ValidationError gives us information about
  186. which sub schema failed and which kind of error it is.
  187. """
  188. types = []
  189. for context in error.context:
  190. if context.validator == 'required':
  191. return context.message
  192. if context.validator == 'additionalProperties':
  193. invalid_config_key = parse_key_from_error_msg(context)
  194. return "contains unsupported option: '{}'".format(invalid_config_key)
  195. if context.path:
  196. invalid_config_key = " ".join(
  197. "'{}' ".format(fragment) for fragment in context.path
  198. if isinstance(fragment, six.string_types)
  199. )
  200. return "{}contains {}, which is an invalid type, it should be {}".format(
  201. invalid_config_key,
  202. # Always print the json repr of the invalid value
  203. json.dumps(context.instance),
  204. _parse_valid_types_from_validator(context.validator_value))
  205. if context.validator == 'uniqueItems':
  206. return "contains non unique items, please remove duplicates from {}".format(
  207. context.instance)
  208. if context.validator == 'type':
  209. types.append(context.validator_value)
  210. valid_types = _parse_valid_types_from_validator(types)
  211. return "contains an invalid type, it should be {}".format(valid_types)
  212. def process_errors(errors, service_name=None):
  213. """jsonschema gives us an error tree full of information to explain what has
  214. gone wrong. Process each error and pull out relevant information and re-write
  215. helpful error messages that are relevant.
  216. """
  217. def format_error_message(error, service_name):
  218. if not service_name and error.path:
  219. # field_schema errors will have service name on the path
  220. service_name = error.path.popleft()
  221. if 'id' in error.schema:
  222. error_msg = handle_error_for_schema_with_id(error, service_name)
  223. if error_msg:
  224. return error_msg
  225. return handle_generic_service_error(error, service_name)
  226. return '\n'.join(format_error_message(error, service_name) for error in errors)
  227. def validate_against_fields_schema(config, filename, version):
  228. schema_filename = "fields_schema_v{0}.json".format(version)
  229. _validate_against_schema(
  230. config,
  231. schema_filename,
  232. format_checker=["ports", "expose", "bool-value-in-mapping"],
  233. filename=filename)
  234. def validate_against_service_schema(config, service_name, version):
  235. _validate_against_schema(
  236. config,
  237. "service_schema_v{0}.json".format(version),
  238. format_checker=["ports"],
  239. service_name=service_name)
  240. def _validate_against_schema(
  241. config,
  242. schema_filename,
  243. format_checker=(),
  244. service_name=None,
  245. filename=None):
  246. config_source_dir = os.path.dirname(os.path.abspath(__file__))
  247. if sys.platform == "win32":
  248. file_pre_fix = "///"
  249. config_source_dir = config_source_dir.replace('\\', '/')
  250. else:
  251. file_pre_fix = "//"
  252. resolver_full_path = "file:{}{}/".format(file_pre_fix, config_source_dir)
  253. schema_file = os.path.join(config_source_dir, schema_filename)
  254. with open(schema_file, "r") as schema_fh:
  255. schema = json.load(schema_fh)
  256. resolver = RefResolver(resolver_full_path, schema)
  257. validation_output = Draft4Validator(
  258. schema,
  259. resolver=resolver,
  260. format_checker=FormatChecker(format_checker))
  261. errors = [error for error in sorted(validation_output.iter_errors(config), key=str)]
  262. if not errors:
  263. return
  264. error_msg = process_errors(errors, service_name)
  265. file_msg = " in file '{}'".format(filename) if filename else ''
  266. raise ConfigurationError("Validation failed{}, reason(s):\n{}".format(
  267. file_msg,
  268. error_msg))