This repository has been archived by the owner on Aug 14, 2020. It is now read-only.
pod: now reject duplicate volume names in manifest #687
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The array "volumes" is indexed via the "name" field on each volume object. This ensures that names are unique to avoid ambiguity in mount-volume matching, by rejecting pod manifests containing duplicate-named volumes.
cgonyeo
reviewed
Apr 28, 2017
| @@ -256,7 +256,7 @@ JSON Schema for the Image Manifest (app image manifest, ACI manifest), conformin | |||
| * **authors** contact details of the people or organization responsible for the image (freeform string) | |||
| * **homepage** URL to find more information on the image (string, must be a URL with scheme HTTP or HTTPS) | |||
| * **documentation** URL to get documentation on the image (string, must be a URL with scheme HTTP or HTTPS) | |||
| * **appc.io/executor/supports-systemd-notify** (boolean, optional, defaults to "false" if unset) if set to true, the application SHOULD use the sd\_notify mechanism to signal when it is ready. Also it SHOULD be able to detect if the executor had not set up the sd\_notify mechanism and skip the notification without error ([sd_notify()](https://www.freedesktop.org/software/systemd/man/sd_notify.html) from libsystemd does that automatically). | |||
| * **appc.io/executor/supports-systemd-notify** (string boolean, optional, defaults to "false" if unset) if set to "true", the application SHOULD use the sd\_notify mechanism to signal when it is ready. Also it SHOULD be able to detect if the executor had not set up the sd\_notify mechanism and skip the notification without error ([sd_notify()](https://www.freedesktop.org/software/systemd/man/sd_notify.html) from libsystemd does that automatically). | |||
There was a problem hiding this comment.
Wait, why is this a string, if it can only be "true" or "false"?
Was it before this PR, and this is just a docs update? I don't see the change to the types here.
There was a problem hiding this comment.
As @jonboulle said, this just fixes a wrong example/wording conflicting with the previous definition of annotations a couple of lines above: value is an arbitrary string.
|
Because it's an annotation
Am 28.04.2017 20:24 schrieb "Derek Gonyeo" <notifications@github.com>:
*@dgonyeo* commented on this pull request.
------------------------------
In spec/aci.md <#687 (comment)>
:
@@ -256,7 +256,7 @@ JSON Schema for the Image Manifest (app image manifest, ACI manifest), conformin
* **authors** contact details of the people or organization
responsible for the image (freeform string)
* **homepage** URL to find more information on the image (string,
must be a URL with scheme HTTP or HTTPS)
* **documentation** URL to get documentation on the image
(string, must be a URL with scheme HTTP or HTTPS)
- * **appc.io/executor/supports-systemd-notify** (boolean,
optional, defaults to "false" if unset) if set to true, the
application SHOULD use the sd\_notify mechanism to signal when it is
ready. Also it SHOULD be able to detect if the executor had not set up
the sd\_notify mechanism and skip the notification without error
([sd_notify()](https://www.freedesktop.org/software/systemd/man/sd_notify.html)
from libsystemd does that automatically).
+ * **appc.io/executor/supports-systemd-notify** (string boolean,
optional, defaults to "false" if unset) if set to "true", the
application SHOULD use the sd\_notify mechanism to signal when it is
ready. Also it SHOULD be able to detect if the executor had not set up
the sd\_notify mechanism and skip the notification without error
([sd_notify()](https://www.freedesktop.org/software/systemd/man/sd_notify.html)
from libsystemd does that automatically).
Wait, why is this a string, if it can only be "true" or "false"?
Was it before this PR, and this is just a docs update? I don't see the
change to the types here.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#687 (review)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ACewN7ofHxKGt-oeHgK9P_OAOozhvscnks5r0i7egaJpZM4NLZUX>
.
|
euank
approved these changes
May 1, 2017
euank
reviewed
May 1, 2017
| @@ -83,6 +83,15 @@ func (pm *PodManifest) assertValid() error { | |||
| if pm.ACKind != PodManifestKind { | |||
| return pmKindError | |||
| } | |||
|
|
|||
| // ensure volumes names are unique (unique key) | |||
| volNames := make(map[types.ACName]bool, len(pm.Volumes)) | |||
There was a problem hiding this comment.
dumb nit, we can save a couple bits if we use struct{} in place of bool. I'm fine with it either way.
There was a problem hiding this comment.
I thought this was golang-idiomatic to make the if-has-key check more compact. The same pattern is used in other places in appc/spec, so I'd leave it as is.
lucab
changed the title
|
@euank thanks for feedback, I've updated title and PR comment to highlight that this is now rejecting out-of-spec manifests that were previously accepted. This way the information should also propagate into release notes. |
|
rkt's release notes are what really need this imo. Still 👍 from me |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Noteworthy: validation check now rejects manifest with duplicate volume names.
This PR adds a validation check on the
volumesarray to ensure that it doesn't contain any duplicate-named volumes (and corresponding tests). Also, it clarifies string-typing of annotations.