Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

generate: Adjust to Spec.Linux being a pointer #112

Merged
merged 1 commit into from
Dec 20, 2016
Merged

generate: Adjust to Spec.Linux being a pointer #112

merged 1 commit into from
Dec 20, 2016

Conversation

wking
Copy link
Contributor

@wking wking commented Jun 18, 2016

Catch up with the in-flight opencontainers/runtime-spec@6323157 (specs-go/config: Make Linux and Solaris omitempty (again), 2016-06-17, opencontainers/runtime-spec#502).

The “does the marshaled JSON look like '{}'?” check is a pretty cheap trick, but it was the easiest way I could think of for “is there anything useful in here?”. An alternative approach that conditionally added an &rspec.Linux{} only if needed seemed too tedious.

This should not land before opencontainers/runtime-spec#502, and it may not even be worth reviewing until then. But I'd worked up the changes while testing the runtime-spec PR, so I thought I might as well push them in case other folks wanted to see how I'd tested it.

@liangchenye
Copy link
Member

liangchenye commented Jun 28, 2016
edited
Loading

Your commit to runtime spec is checked in.

I don't like the '{}' way, how about using 'reflect.DeepEqual', like this:

if reflect.DeepEqual(Spec.Linux, &rspec.Linux{}) {
     spec.Linux = nil
}

@wking
Copy link
Contributor Author

wking commented Jun 28, 2016

On Tue, Jun 28, 2016 at 02:57:30AM -0700, 梁辰晔 (Liang Chenye) wrote:

Your commit to runtime spec is checked in.

I'd rather hold off on landing this PR until runtime-spec cuts another
tag (#108).

I don't quite like the '{}' way, how about using
'reflect.DeepEqual', like this:

if reflect.DeepEqual(Spec.Linux, &rspec.Linux{}) {
     spec.Linux = nil
}

A agree that the JSON marshaling feels awkward, but it is checking
what we want (“will this serialize to really boring JSON?”). I tried
the DeepEqual way and still had a Linux entry with:

$ ./ocitools generate -template <(echo '{}')

My guess is that DeepEquals doesn't work because spec.Annotations is
an empty map [1](instead of nil), or some such.

@wking wking mentioned this pull request Jul 20, 2016
Closed
@wking wking force-pushed the optional-linux branch 2 times, most recently from 2f3e807 to 1cd5062 Compare July 20, 2016 18:19
@wking
Copy link
Contributor Author

wking commented Jul 20, 2016 via email

This was referenced Jul 22, 2016
Merged
Merged
@wking
Copy link
Contributor Author

wking commented Jul 26, 2016 via email

wking added a commit to wking/ocitools-v2 that referenced this pull request Aug 3, 2016
@wking
test/t1001-generate-template.t: Add --template tests
dd0e053 
Using jq to format the output so we don't have to worry about
ocitools' default tab indents or lack of trailing newlines, neither of
which play nicely with <<-EOF here documents.

The tests are known failures, because runtime-spec v1.0.0-rc1 lacks
good omitempty handling.

  $ ocitools generate --template <(echo '{}')
  …
    "hooks": {},
    "linux": {},
    "solaris": {
      "cappedCPU": {},
      "cappedMemory": {}
    }
  }

These issues are addressed by the in-flight [1,2], although their late
landings in runtime-spec mean we'll never be able to address them in
the v1.0.0.rc1 branch of ocitools.

[1]: opencontainers/runtime-spec#427
     Subject: config: Explicitly list 'hooks' as optional
[2]: opencontainers#112
     Subject: generate: Adjust to Spec.Linux being a pointer

Signed-off-by: W. Trevor King <wking@tremily.us>
Mashimiao
Mashimiao reviewed Sep 23, 2016
View reviewed changes
generate/generate.go
@@ -959,6 +969,9 @@ func (g *Generator) SetupPrivileged(privileged bool) {
g.spec.Process.Capabilities = finalCapList
g.spec.Process.SelinuxLabel = ""
g.spec.Process.ApparmorProfile = ""
if g.spec.Linux == nil {
g.spec.Linux = &rspec.Linux{}
}
g.spec.Linux.Seccomp = nil
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is not needed any more. Because we have g.initSpecLinux()

@wking
Copy link
Contributor Author

wking commented Sep 24, 2016

On Fri, Sep 23, 2016 at 01:31:59AM -0700, Ma Shimiao wrote:

@@ -959,6 +969,9 @@ func (g *Generator) SetupPrivileged(privileged bool) {
g.spec.Process.Capabilities = finalCapList
g.spec.Process.SelinuxLabel = ""
g.spec.Process.ApparmorProfile = ""

  • if g.spec.Linux == nil {

  •     g.spec.Linux = &rspec.Linux{}

  • }
    g.spec.Linux.Seccomp = nil

I think this is not needed any more. Because we have g.initSpecLinux()

Dropped and rebased onto master with f2107e57fcc366.

wking added a commit to wking/ocitools-v2 that referenced this pull request Nov 8, 2016
@wking
generate: Adjust command-line generator to use .Config directly
330d00d 
This saves a few lines of code and removes a layer of indirection.
It's now obvious to the caller exactly what is changing, although
there is sometimes less per-setting validation.  That's ok though;
folks interested in validating the config can call the validator on it
after they've finished mucking about.

This new approach also initializes any needer pointer fields at the
top.  With the current runtime-spec types, that can lead to some
orphaned pointer fields, e.g.;

  $ ./oci-runtime-tool generate --template <(echo '{}')
  {
          "ociVersion": "1.0.0-rc1-dev",
          "platform": {
                  "os": "linux",
                  "arch": "amd64"
          },
          "process": {
                  "user": {
                          "uid": 0,
                          "gid": 0
                  },
                  "args": null,
                  "cwd": "/"
          },
          "root": {
                  "path": "rootfs"
          },
          "hooks": {},
          "linux": {
                  "resources": {
                          "devices": null
                  }
          }
  }

but the devices issue was fixed in runtime-spec 1.0.0-rc2 [1] and
there are other approaches to collapsing unused pointer properties
[2].

[1]: opencontainers/runtime-spec#526
[2]: opencontainers#112

Signed-off-by: W. Trevor King <wking@tremily.us>
@Mashimiao
Copy link

need rebase @wking

@wking
generate: Don't serialize Spec.Linux as an empty JSON object
9004f6d 
The "does the marshaled JSON look like '{}'?" check is a pretty cheap
trick, but it was the easiest way I could think of for "is there
anything useful in here?".

Signed-off-by: W. Trevor King <wking@tremily.us>
@wking
Copy link
Contributor Author

wking commented Dec 19, 2016 via email

@Mashimiao
Copy link

@liangchenye any comments?

@liangchenye
Copy link
Member

https://golang.org/src/encoding/json/encode.go?s=5895:5938#L585
I think this solution is the simplest way (to my knowledge) and won't bring any side-effect.

@liangchenye
Copy link
Member

liangchenye commented Dec 19, 2016
edited by caniszczyk
Loading

LGTM

Approved with PullApprove

1 similar comment
@Mashimiao
Copy link

Mashimiao commented Dec 20, 2016
edited by caniszczyk
Loading

LGTM

Approved with PullApprove

@Mashimiao Mashimiao merged commit f3499f2 into opencontainers:master Dec 20, 2016
@wking wking deleted the optional-linux branch January 21, 2017 15:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mashimiao Mashimiao Mashimiao left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@wking @liangchenye @Mashimiao