From e2cf2093123456ac1a340599e8b54e74e9539bfb Mon Sep 17 00:00:00 2001 From: Gerald Pinder Date: Wed, 3 Dec 2025 12:19:25 -0500 Subject: [PATCH 1/3] fix: Make use of @oneOf decorator for typespec --- src/commands/validate/schema_validator.rs | 166 +++++++++--------- .../modules/containerfile/containerfile.tsp | 25 +-- template/templates/modules/copy/copy.tsp | 33 ++-- utils/src/constants.rs | 3 +- 4 files changed, 115 insertions(+), 112 deletions(-) diff --git a/src/commands/validate/schema_validator.rs b/src/commands/validate/schema_validator.rs index 7071cdea..c61f4899 100644 --- a/src/commands/validate/schema_validator.rs +++ b/src/commands/validate/schema_validator.rs @@ -5,10 +5,10 @@ use std::{ }; use blue_build_process_management::ASYNC_RUNTIME; -use blue_build_recipe::ModuleTypeVersion; -use blue_build_utils::constants::{ - CUSTOM_MODULE_SCHEMA, IMPORT_MODULE_SCHEMA, JSON_SCHEMA, STAGE_SCHEMA, -}; +// use blue_build_recipe::ModuleTypeVersion; +// use blue_build_utils::constants::{ +// CUSTOM_MODULE_SCHEMA, IMPORT_MODULE_SCHEMA, JSON_SCHEMA, STAGE_SCHEMA, +// }; use bon::bon; use cached::proc_macro::cached; use colored::Colorize; @@ -22,8 +22,8 @@ use super::{location::Location, yaml_span::YamlSpan}; #[cfg(test)] use std::eprintln as trace; -#[cfg(test)] -use std::eprintln as warn; +// #[cfg(test)] +// use std::eprintln as warn; #[cfg(not(test))] use log::{trace, warn}; @@ -200,7 +200,7 @@ where I: Iterator>, { errors - .flat_map(|err| process_anyof_error(&err).unwrap_or_else(|| vec![err])) + // .flat_map(|err| process_anyof_error(&err).unwrap_or_else(|| vec![err])) .map(|err| { let masked_err = err.masked(); LabeledSpan::new_primary_with_span( @@ -213,82 +213,82 @@ where .collect() } -fn process_anyof_error(err: &ValidationError<'_>) -> Option>> { - trace!("to_processed_module_err({err:#?})"); - let ValidationError { - instance, - kind, - instance_path, - schema_path: _, - } = err; - - let mut path_iter = instance_path.into_iter(); - let uri = match (kind, path_iter.next_back(), path_iter.next_back()) { - ( - jsonschema::error::ValidationErrorKind::AnyOf, - Some(jsonschema::paths::LocationSegment::Index(_)), - Some(jsonschema::paths::LocationSegment::Property("modules")), - ) => { - trace!("FOUND MODULE ANYOF ERROR at {instance_path}"); - if instance.get("source").is_some() { - Uri::parse(CUSTOM_MODULE_SCHEMA.to_string()).ok()? - } else if instance.get("from-file").is_some() { - Uri::parse(IMPORT_MODULE_SCHEMA.to_string()).ok()? - } else { - let typ = instance.get("type").and_then(Value::as_str)?; - let typ = ModuleTypeVersion::from(typ); - trace!("Module type: {typ}"); - Uri::parse(format!( - "{JSON_SCHEMA}/modules/{}-{}.json", - typ.typ(), - typ.version().unwrap_or("latest") - )) - .ok()? - } - } - ( - jsonschema::error::ValidationErrorKind::AnyOf, - Some(jsonschema::paths::LocationSegment::Index(_)), - Some(jsonschema::paths::LocationSegment::Property("stages")), - ) => { - trace!("FOUND STAGE ANYOF ERROR at {instance_path}"); - - if instance.get("from-file").is_some() { - Uri::parse(IMPORT_MODULE_SCHEMA.to_string()).ok()? - } else { - Uri::parse(STAGE_SCHEMA.to_string()).ok()? - } - } - _ => return None, - }; - - trace!("Schema URI: {uri}"); - let schema = ASYNC_RUNTIME.block_on(cache_retrieve(&uri)).ok()?; - - let validator = jsonschema::options() - .with_retriever(ModuleSchemaRetriever) - .build(&schema) - .inspect_err(|e| warn!("{e:#?}")) - .ok()?; - - Some( - validator - .iter_errors(instance) - .flat_map(|err| process_anyof_error(&err).unwrap_or_else(|| vec![err])) - .map(|err| { - let mut err = err.to_owned(); - err.instance_path = instance_path - .into_iter() - .chain(&err.instance_path) - .collect(); - err - }) - .inspect(|errs| { - trace!("From error: {err:#?}\nTo error list: {errs:#?}"); - }) - .collect(), - ) -} +// fn process_anyof_error(err: &ValidationError<'_>) -> Option>> { +// trace!("to_processed_module_err({err:#?})"); +// let ValidationError { +// instance, +// kind, +// instance_path, +// schema_path: _, +// } = err; + +// let mut path_iter = instance_path.into_iter(); +// let uri = match (kind, path_iter.next_back(), path_iter.next_back()) { +// ( +// jsonschema::error::ValidationErrorKind::AnyOf, +// Some(jsonschema::paths::LocationSegment::Index(_)), +// Some(jsonschema::paths::LocationSegment::Property("modules")), +// ) => { +// trace!("FOUND MODULE ANYOF ERROR at {instance_path}"); +// if instance.get("source").is_some() { +// Uri::parse(CUSTOM_MODULE_SCHEMA.to_string()).ok()? +// } else if instance.get("from-file").is_some() { +// Uri::parse(IMPORT_MODULE_SCHEMA.to_string()).ok()? +// } else { +// let typ = instance.get("type").and_then(Value::as_str)?; +// let typ = ModuleTypeVersion::from(typ); +// trace!("Module type: {typ}"); +// Uri::parse(format!( +// "{JSON_SCHEMA}/modules/{}-{}.json", +// typ.typ(), +// typ.version().unwrap_or("latest") +// )) +// .ok()? +// } +// } +// ( +// jsonschema::error::ValidationErrorKind::AnyOf, +// Some(jsonschema::paths::LocationSegment::Index(_)), +// Some(jsonschema::paths::LocationSegment::Property("stages")), +// ) => { +// trace!("FOUND STAGE ANYOF ERROR at {instance_path}"); + +// if instance.get("from-file").is_some() { +// Uri::parse(IMPORT_MODULE_SCHEMA.to_string()).ok()? +// } else { +// Uri::parse(STAGE_SCHEMA.to_string()).ok()? +// } +// } +// _ => return None, +// }; + +// trace!("Schema URI: {uri}"); +// let schema = ASYNC_RUNTIME.block_on(cache_retrieve(&uri)).ok()?; + +// let validator = jsonschema::options() +// .with_retriever(ModuleSchemaRetriever) +// .build(&schema) +// .inspect_err(|e| warn!("{e:#?}")) +// .ok()?; + +// Some( +// validator +// .iter_errors(instance) +// .flat_map(|err| process_anyof_error(&err).unwrap_or_else(|| vec![err])) +// .map(|err| { +// let mut err = err.to_owned(); +// err.instance_path = instance_path +// .into_iter() +// .chain(&err.instance_path) +// .collect(); +// err +// }) +// .inspect(|errs| { +// trace!("From error: {err:#?}\nTo error list: {errs:#?}"); +// }) +// .collect(), +// ) +// } fn remove_json(string: &S) -> String where diff --git a/template/templates/modules/containerfile/containerfile.tsp b/template/templates/modules/containerfile/containerfile.tsp index 4f24b76c..58827570 100644 --- a/template/templates/modules/containerfile/containerfile.tsp +++ b/template/templates/modules/containerfile/containerfile.tsp @@ -1,21 +1,22 @@ import "@typespec/json-schema"; using TypeSpec.JsonSchema; -@jsonSchema("/modules/containerfile-latest.json") -model ContainerfileModuleLatest { - ...ContainerfileModuleV1; -} +// @jsonSchema("/modules/containerfile-latest.json") +// model ContainerfileModuleLatest { +// ...ContainerfileModuleV1; +// } @jsonSchema("/modules/containerfile-v1.json") model ContainerfileModuleV1 { - /** The containerfile module is a tool for adding custom Containerfile instructions for custom image builds. - * https://blue-build.org/reference/modules/containerfile/ - */ - type: "containerfile" | "containerfile@latest" | "containerfile@v1"; + /** The containerfile module is a tool for adding custom Containerfile instructions for custom image builds. + * https://blue-build.org/reference/modules/containerfile/ + */ + @oneOf + type: "containerfile" | "containerfile@latest" | "containerfile@v1"; - /** Lines to directly insert into the generated Containerfile. */ - snippets?: Array; + /** Lines to directly insert into the generated Containerfile. */ + snippets?: Array; - /** Names of directories in ./containerfiles/ containing each a Containerfile to insert into the generated Containerfile. */ - containerfiles?: Array; + /** Names of directories in ./containerfiles/ containing each a Containerfile to insert into the generated Containerfile. */ + containerfiles?: Array; } diff --git a/template/templates/modules/copy/copy.tsp b/template/templates/modules/copy/copy.tsp index f4828bf5..1d31a78a 100644 --- a/template/templates/modules/copy/copy.tsp +++ b/template/templates/modules/copy/copy.tsp @@ -1,26 +1,27 @@ import "@typespec/json-schema"; using TypeSpec.JsonSchema; -@jsonSchema("/modules/copy-latest.json") -model CopyModuleLatest { - ...CopyModuleV1; -} +// @jsonSchema("/modules/copy-latest.json") +// model CopyModuleLatest { +// ...CopyModuleV1; +// } @jsonSchema("/modules/copy-v1.json") model CopyModuleV1 { - /** The copy module is a short-hand method of adding a COPY instruction into the Containerfile. - * https://blue-build.org/reference/modules/copy/ - */ - type: "copy" | "copy@latest" | "copy@v1"; + /** The copy module is a short-hand method of adding a COPY instruction into the Containerfile. + * https://blue-build.org/reference/modules/copy/ + */ + @oneOf + type: "copy" | "copy@latest" | "copy@v1"; - /** Equivalent to the --from property in a COPY statement, use to specify an image to copy from. - * By default, the COPY source is the build environment's file tree. - */ - from?: string; + /** Equivalent to the --from property in a COPY statement, use to specify an image to copy from. + * By default, the COPY source is the build environment's file tree. + */ + from?: string; - /** Path to source file or directory. */ - src: string; + /** Path to source file or directory. */ + src: string; - /** Path to destination file or directory. */ - dest: string; + /** Path to destination file or directory. */ + dest: string; } diff --git a/utils/src/constants.rs b/utils/src/constants.rs index 28d7629e..257b3ed4 100644 --- a/utils/src/constants.rs +++ b/utils/src/constants.rs @@ -123,7 +123,8 @@ pub const GITHUB_CHAR_LIMIT: usize = 8100; // Magic number accepted by Github pub const DEFAULT_MAX_LAYERS: NonZeroU32 = NonZeroU32::new(128).unwrap(); // Schema -pub const SCHEMA_BASE_URL: &str = "https://schema.blue-build.org"; +// pub const SCHEMA_BASE_URL: &str = "https://schema.blue-build.org"; +pub const SCHEMA_BASE_URL: &str = "https://use-oneof.schema-e29.pages.dev"; pub const RECIPE_V1_SCHEMA_URL: &str = concat!(SCHEMA_BASE_URL, "/recipe-v1.json"); pub const STAGE_V1_SCHEMA_URL: &str = concat!(SCHEMA_BASE_URL, "/stage-v1.json"); pub const MODULE_V1_SCHEMA_URL: &str = concat!(SCHEMA_BASE_URL, "/module-v1.json"); From 794300105cbed45c1fd976e0b18407fac8f14f7b Mon Sep 17 00:00:00 2001 From: Gerald Pinder Date: Wed, 3 Dec 2025 18:40:27 -0500 Subject: [PATCH 2/3] chore: Upgrade to latest jsonschema --- Cargo.lock | 48 ++++++++++++----------- Cargo.toml | 2 +- src/commands/validate/schema_validator.rs | 6 +-- src/commands/validate/yaml_span.rs | 10 ++--- 4 files changed, 34 insertions(+), 32 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 9928444f..21467b06 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1185,6 +1185,12 @@ version = "0.3.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "06d2e3287df1c007e74221c49ca10a95d557349e54b3a75dc2fb14712c751f04" +[[package]] +name = "data-encoding" +version = "2.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a2330da5de22e8a3cb63252ce2abb30116bf5265e89c0e01bc17015ce30a476" + [[package]] name = "decoded-char" version = "0.1.1" @@ -1498,17 +1504,6 @@ dependencies = [ "windows-sys 0.61.2", ] -[[package]] -name = "fancy-regex" -version = "0.14.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6e24cb5a94bcae1e5408b0effca5cd7172ea3c5755049c5f3af4cd283a165298" -dependencies = [ - "bit-set", - "regex-automata", - "regex-syntax", -] - [[package]] name = "fancy-regex" version = "0.16.2" @@ -1572,9 +1567,9 @@ dependencies = [ [[package]] name = "fluent-uri" -version = "0.3.2" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1918b65d96df47d3591bed19c5cca17e3fa5d0707318e4b5ef2eae01764df7e5" +checksum = "bc74ac4d8359ae70623506d512209619e5cf8f347124910440dbc221714b328e" dependencies = [ "borrow-or-share", "ref-cast", @@ -2417,21 +2412,21 @@ dependencies = [ [[package]] name = "jsonschema" -version = "0.30.0" +version = "0.37.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f1b46a0365a611fbf1d2143104dcf910aada96fafd295bab16c60b802bf6fa1d" +checksum = "73c9ffb2b5c56d58030e1b532d8e8389da94590515f118cf35b5cb68e4764a7e" dependencies = [ "ahash 0.8.12", - "base64 0.22.1", "bytecount", + "data-encoding", "email_address", - "fancy-regex 0.14.0", + "fancy-regex", "fraction", + "getrandom 0.3.4", "idna", "itoa", "num-cmp", "num-traits", - "once_cell", "percent-encoding", "referencing", "regex", @@ -2439,6 +2434,7 @@ dependencies = [ "reqwest", "serde", "serde_json", + "unicode-general-category", "uuid-simd", ] @@ -3980,13 +3976,14 @@ dependencies = [ [[package]] name = "referencing" -version = "0.30.0" +version = "0.37.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8eff4fa778b5c2a57e85c5f2fe3a709c52f0e60d23146e2151cbef5893f420e" +checksum = "4283168a506f0dcbdce31c9f9cce3129c924da4c6bca46e46707fcb746d2d70c" dependencies = [ "ahash 0.8.12", "fluent-uri", - "once_cell", + "getrandom 0.3.4", + "hashbrown 0.16.1", "parking_lot", "percent-encoding", "serde_json", @@ -4927,7 +4924,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "656b45c05d95a5704399aeef6bd0ddec7b2b3531b7c9e900abbf7c4d2190c925" dependencies = [ "bincode", - "fancy-regex 0.16.2", + "fancy-regex", "flate2", "fnv", "once_cell", @@ -5395,6 +5392,12 @@ version = "2.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "75b844d17643ee918803943289730bec8aac480150456169e647ed0b576ba539" +[[package]] +name = "unicode-general-category" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b993bddc193ae5bd0d623b49ec06ac3e9312875fdae725a975c51db1cc1677f" + [[package]] name = "unicode-ident" version = "1.0.22" @@ -5537,7 +5540,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "23b082222b4f6619906941c17eb2297fff4c2fb96cb60164170522942a200bd8" dependencies = [ "outref", - "uuid", "vsimd", ] diff --git a/Cargo.toml b/Cargo.toml index e5daa242..64aa80aa 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -78,7 +78,7 @@ clap-verbosity-flag = "3.0.4" clap_complete = "4.5.59" clap_complete_nushell = "4.5.9" fuzzy-matcher = "0.3.7" -jsonschema = "0.30.0" +jsonschema = "0.37.4" open = "5.3.2" os_info = "3.12.0" requestty = { version = "0.6.1", features = ["macros", "termion"] } diff --git a/src/commands/validate/schema_validator.rs b/src/commands/validate/schema_validator.rs index c61f4899..f88de2f1 100644 --- a/src/commands/validate/schema_validator.rs +++ b/src/commands/validate/schema_validator.rs @@ -26,7 +26,7 @@ use std::eprintln as trace; // use std::eprintln as warn; #[cfg(not(test))] -use log::{trace, warn}; +use log::trace; mod error; @@ -115,7 +115,7 @@ impl SchemaValidator { trace!("{recipe_path_display}:\n{file}"); Ok(if self.all_errors { - process_basic_output(self.validator.apply(&instance).basic(), &spanner) + process_basic_output(self.validator.evaluate(&instance), &spanner) } else { process_err(self.validator.iter_errors(&instance), &spanner) }) @@ -206,7 +206,7 @@ where LabeledSpan::new_primary_with_span( Some(masked_err.to_string().bold().red().to_string()), spanner - .get_span(&Location::from(err.instance_path)) + .get_span(&Location::from(err.instance_path())) .unwrap(), ) }) diff --git a/src/commands/validate/yaml_span.rs b/src/commands/validate/yaml_span.rs index 162bd236..3503457e 100644 --- a/src/commands/validate/yaml_span.rs +++ b/src/commands/validate/yaml_span.rs @@ -120,15 +120,15 @@ where let (event, marker) = self.events.next().unwrap(); trace!("{event:?} {marker:?}"); - match (event, expected_key) { + match (event, &expected_key) { (Event::Scalar(key, _, _, _), LocationSegment::Property(expected_key)) - if key == expected_key => + if *key == *expected_key => { trace!("Found matching key '{key}'"); break self.value(); } (Event::Scalar(key, _, _, _), LocationSegment::Property(expected_key)) - if key != expected_key => + if *key != *expected_key => { trace!("Non-matching key '{key}'"); let (event, marker) = self.events.next().unwrap(); @@ -143,11 +143,11 @@ where (Event::Scalar(key, _, _, _), LocationSegment::Index(index)) => { return Err(YamlSpanError::ExpectIndexFoundKey { key: key.to_owned(), - index, + index: *index, }); } (Event::SequenceStart(_, _), LocationSegment::Index(index)) => { - break self.sequence(index, 0); + break self.sequence(*index, 0); } (Event::SequenceStart(_, _), _) => { self.skip_sequence(marker.index()); From 3b9a04f1f3accb043f43ee25d0ed14336541381b Mon Sep 17 00:00:00 2001 From: Gerald Pinder Date: Tue, 9 Dec 2025 19:23:02 -0500 Subject: [PATCH 3/3] fix(jsonschema): Upgrade and make use of new data structures --- Cargo.lock | 1 + Cargo.toml | 1 + integration-tests/Earthfile | 2 +- src/bin/bluebuild.rs | 14 + src/commands/validate.rs | 18 +- src/commands/validate/location.rs | 14 +- src/commands/validate/schema_validator.rs | 248 ++----- .../validate/schema_validator/error.rs | 6 +- src/commands/validate/yaml_span.rs | 18 +- .../modules/containerfile/containerfile.tsp | 8 +- template/templates/modules/copy/copy.tsp | 8 +- test-files/recipes/modules/brew-fail.yml | 2 +- test-files/recipes/modules/chezmoi-fail.yml | 2 +- test-files/schema/import-v1.json | 26 +- test-files/schema/module-custom-v1.json | 219 +++++- test-files/schema/module-list-v1.json | 51 +- test-files/schema/module-stage-list-v1.json | 72 +- test-files/schema/module-v1.json | 214 +++--- test-files/schema/modules/akmods-latest.json | 312 +++++++-- test-files/schema/modules/akmods-v1.json | 312 +++++++-- test-files/schema/modules/bling-latest.json | 289 ++++++-- test-files/schema/modules/bling-v1.json | 289 ++++++-- test-files/schema/modules/brew-latest.json | 313 +++++++-- test-files/schema/modules/brew-v1.json | 313 +++++++-- test-files/schema/modules/chezmoi-latest.json | 319 +++++++-- test-files/schema/modules/chezmoi-v1.json | 319 +++++++-- .../schema/modules/containerfile-latest.json | 35 - .../schema/modules/containerfile-v1.json | 250 ++++++- test-files/schema/modules/copy-latest.json | 35 - test-files/schema/modules/copy-v1.json | 250 ++++++- .../modules/default-flatpaks-latest.json | 340 +++++++--- .../schema/modules/default-flatpaks-v1.json | 311 ++++++--- .../schema/modules/default-flatpaks-v2.json | 273 ++++++++ test-files/schema/modules/dnf-latest.json | 636 ++++++++++++++++++ test-files/schema/modules/dnf-v1.json | 636 ++++++++++++++++++ test-files/schema/modules/files-latest.json | 284 ++++++-- test-files/schema/modules/files-v1.json | 284 ++++++-- test-files/schema/modules/fonts-latest.json | 290 +++++++- test-files/schema/modules/fonts-v1.json | 290 +++++++- .../modules/gnome-extensions-latest.json | 265 ++++++-- .../schema/modules/gnome-extensions-v1.json | 265 ++++++-- .../modules/gschema-overrides-latest.json | 237 ++++++- .../schema/modules/gschema-overrides-v1.json | 237 ++++++- .../schema/modules/initramfs-latest.json | 210 ++++++ test-files/schema/modules/initramfs-v1.json | 210 ++++++ .../schema/modules/justfiles-latest.json | 247 ++++++- test-files/schema/modules/justfiles-v1.json | 247 ++++++- test-files/schema/modules/kargs-latest.json | 222 ++++++ test-files/schema/modules/kargs-v1.json | 222 ++++++ .../schema/modules/os-release-latest.json | 215 ++++++ test-files/schema/modules/os-release-v1.json | 215 ++++++ .../schema/modules/rpm-ostree-latest.json | 341 ++++++++-- test-files/schema/modules/rpm-ostree-v1.json | 341 ++++++++-- test-files/schema/modules/script-latest.json | 251 ++++++- test-files/schema/modules/script-v1.json | 251 ++++++- test-files/schema/modules/signing-latest.json | 223 +++++- test-files/schema/modules/signing-v1.json | 223 +++++- test-files/schema/modules/soar-latest.json | 225 +++++++ test-files/schema/modules/soar-v1.json | 225 +++++++ test-files/schema/modules/systemd-latest.json | 317 ++++++--- test-files/schema/modules/systemd-v1.json | 317 ++++++--- test-files/schema/modules/yafti-latest.json | 246 ++++++- test-files/schema/modules/yafti-v1.json | 246 ++++++- test-files/schema/recipe-v1.json | 212 +++--- test-files/schema/stage-list-v1.json | 51 +- test-files/schema/stage-v1.json | 87 +-- 66 files changed, 11468 insertions(+), 2184 deletions(-) delete mode 100644 test-files/schema/modules/containerfile-latest.json delete mode 100644 test-files/schema/modules/copy-latest.json create mode 100644 test-files/schema/modules/default-flatpaks-v2.json create mode 100644 test-files/schema/modules/dnf-latest.json create mode 100644 test-files/schema/modules/dnf-v1.json create mode 100644 test-files/schema/modules/initramfs-latest.json create mode 100644 test-files/schema/modules/initramfs-v1.json create mode 100644 test-files/schema/modules/kargs-latest.json create mode 100644 test-files/schema/modules/kargs-v1.json create mode 100644 test-files/schema/modules/os-release-latest.json create mode 100644 test-files/schema/modules/os-release-v1.json create mode 100644 test-files/schema/modules/soar-latest.json create mode 100644 test-files/schema/modules/soar-v1.json diff --git a/Cargo.lock b/Cargo.lock index 21467b06..2ea65592 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -457,6 +457,7 @@ dependencies = [ "oci-client", "open", "os_info", + "pretty_assertions", "rayon", "regex", "requestty", diff --git a/Cargo.toml b/Cargo.toml index 64aa80aa..87a604c2 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -123,6 +123,7 @@ vendored-libgit2 = ["dep:git2", "git2/vendored-libgit2"] rusty-hook = "0.11" rstest.workspace = true +pretty_assertions.workspace = true [build-dependencies] git2 = { version = "0.20.0", default-features = false, optional = true } diff --git a/integration-tests/Earthfile b/integration-tests/Earthfile index 514d9ea0..cf1dfebf 100644 --- a/integration-tests/Earthfile +++ b/integration-tests/Earthfile @@ -39,7 +39,7 @@ build-full: WITH DOCKER RUN --secret BB_PASSWORD=github/registry bluebuild build --push -S sigstore -vv recipes/recipe.yml END - + switch: FROM +test-base diff --git a/src/bin/bluebuild.rs b/src/bin/bluebuild.rs index b7b1e2b3..5f0659be 100644 --- a/src/bin/bluebuild.rs +++ b/src/bin/bluebuild.rs @@ -6,6 +6,20 @@ use log::LevelFilter; fn main() { let args = BlueBuildArgs::parse(); + miette::set_hook(Box::new(|_| { + Box::new( + miette::MietteHandlerOpts::new() + .terminal_links(true) + .context_lines(3) + .tab_width(2) + .break_words(false) + .wrap_lines(false) + .with_cause_chain() + .build(), + ) + })) + .expect("Should set hook for miette"); + Logger::new() .filter_level(args.verbosity.log_level_filter()) .filter_modules([ diff --git a/src/commands/validate.rs b/src/commands/validate.rs index eda73374..85dda203 100644 --- a/src/commands/validate.rs +++ b/src/commands/validate.rs @@ -37,6 +37,8 @@ pub struct ValidateCommand { /// bluebuild repository. pub recipe: PathBuf, + /// DEPRECATED + /// /// Display all errors that failed /// validation of the recipe. #[arg(short, long)] @@ -104,21 +106,11 @@ impl BlueBuildCommand for ValidateCommand { impl ValidateCommand { async fn setup_validators(&mut self) -> Result<(), Report> { let (rv, sv, mv, mslv) = tokio::try_join!( - SchemaValidator::builder() - .url(RECIPE_V1_SCHEMA_URL) - .all_errors(self.all_errors) - .build(), - SchemaValidator::builder() - .url(STAGE_V1_SCHEMA_URL) - .all_errors(self.all_errors) - .build(), - SchemaValidator::builder() - .url(MODULE_V1_SCHEMA_URL) - .all_errors(self.all_errors) - .build(), + SchemaValidator::builder().url(RECIPE_V1_SCHEMA_URL).build(), + SchemaValidator::builder().url(STAGE_V1_SCHEMA_URL).build(), + SchemaValidator::builder().url(MODULE_V1_SCHEMA_URL).build(), SchemaValidator::builder() .url(MODULE_STAGE_LIST_V1_SCHEMA_URL) - .all_errors(self.all_errors) .build(), )?; self.recipe_validator = Some(rv); diff --git a/src/commands/validate/location.rs b/src/commands/validate/location.rs index 48febbc2..47653bff 100644 --- a/src/commands/validate/location.rs +++ b/src/commands/validate/location.rs @@ -1,8 +1,20 @@ use jsonschema::paths::{LazyLocation, Location as JsonLocation}; +use serde::Deserialize; -#[derive(Debug, Default, Clone, PartialEq, Eq)] +#[derive(Debug, Default, Clone, PartialEq, Eq, PartialOrd, Ord)] pub struct Location(JsonLocation); +impl<'de> Deserialize<'de> for Location { + fn deserialize(deserializer: D) -> Result + where + D: serde::Deserializer<'de>, + { + String::deserialize(deserializer)? + .try_into() + .map_err(serde::de::Error::custom) + } +} + impl std::ops::Deref for Location { type Target = JsonLocation; diff --git a/src/commands/validate/schema_validator.rs b/src/commands/validate/schema_validator.rs index f88de2f1..ff971284 100644 --- a/src/commands/validate/schema_validator.rs +++ b/src/commands/validate/schema_validator.rs @@ -1,33 +1,21 @@ use std::{ - collections::HashSet, + collections::{BTreeMap, BTreeSet}, path::Path, - sync::{Arc, LazyLock}, + sync::Arc, }; use blue_build_process_management::ASYNC_RUNTIME; -// use blue_build_recipe::ModuleTypeVersion; -// use blue_build_utils::constants::{ -// CUSTOM_MODULE_SCHEMA, IMPORT_MODULE_SCHEMA, JSON_SCHEMA, STAGE_SCHEMA, -// }; use bon::bon; use cached::proc_macro::cached; use colored::Colorize; -use indexmap::IndexMap; -use jsonschema::{BasicOutput, Retrieve, Uri, ValidationError, Validator}; +use jsonschema::{Evaluation, Retrieve, Uri, Validator}; +use log::trace; use miette::{Context, IntoDiagnostic, LabeledSpan, NamedSource}; -use regex::Regex; +use serde::Deserialize; use serde_json::Value; use super::{location::Location, yaml_span::YamlSpan}; -#[cfg(test)] -use std::eprintln as trace; -// #[cfg(test)] -// use std::eprintln as warn; - -#[cfg(not(test))] -use log::trace; - mod error; pub use error::*; @@ -36,7 +24,6 @@ pub use error::*; pub struct SchemaValidator { validator: Arc, url: &'static str, - all_errors: bool, } #[bon] @@ -45,9 +32,6 @@ impl SchemaValidator { pub async fn new( /// The URL of the schema to validate against url: &'static str, - /// Produce all errors found - #[builder(default)] - all_errors: bool, ) -> Result { tokio::spawn(async move { let schema: Value = { @@ -79,11 +63,7 @@ impl SchemaValidator { .map_err(|e| SchemaValidateBuilderError::JsonSchemaBuild(url.into(), e))?, ); - Ok(Self { - validator, - url, - all_errors, - }) + Ok(Self { validator, url }) }) .await .expect("Should join task") @@ -114,11 +94,7 @@ impl SchemaValidator { .map_err(|e| SchemaValidateError::SerdeYaml(e, path.to_path_buf()))?; trace!("{recipe_path_display}:\n{file}"); - Ok(if self.all_errors { - process_basic_output(self.validator.evaluate(&instance), &spanner) - } else { - process_err(self.validator.iter_errors(&instance), &spanner) - }) + process_evaluation(&self.validator.evaluate(&instance), &spanner) } fn spans_to_report( @@ -143,169 +119,64 @@ impl SchemaValidator { } } -fn process_basic_output(out: BasicOutput<'_>, spanner: &YamlSpan) -> Vec { - match out { - BasicOutput::Valid(_) => Vec::new(), - BasicOutput::Invalid(errors) => { - let errors = { - let mut e = errors.into_iter().collect::>(); - e.sort_by(|e1, e2| { - e1.instance_location() - .as_str() - .cmp(e2.instance_location().as_str()) - }); - e - }; - let errors: Vec<(Location, String)> = { - let e = errors - .into_iter() - .map(|e| { - ( - Location::from(e.instance_location()), - remove_json(&e.error_description().to_string()), - ) - }) - .collect::>(); - let mut e = e.into_iter().collect::>(); - e.sort_by(|e1, e2| e1.0.as_str().cmp(e2.0.as_str())); - e - }; +fn process_evaluation( + errors: &Evaluation, + spanner: &YamlSpan, +) -> Result, SchemaValidateError> { + #[derive(Debug, Deserialize)] + struct EvalList { + valid: bool, + details: Vec, + } + #[derive(Debug, Deserialize, PartialEq, Eq, PartialOrd, Ord)] + #[serde(untagged)] + enum Error { + Single(String), + Multi(Vec), + } + #[derive(Debug, Deserialize, PartialEq, Eq, PartialOrd, Ord)] + #[serde(rename_all = "camelCase")] + struct EvalEntry { + valid: bool, + instance_location: Location, + errors: Option>, + } + // #[derive(Debug, Deserialize, Hash, PartialEq, Eq)] + // struct ErrorEntry { + // #[serde(rename = "type")] + // typ: Option, + // } - let mut collection: IndexMap> = IndexMap::new(); + let errors = serde_json::to_value(errors.list())?; + // dbg!(&errors); - for (instance_path, err) in errors { - collection - .entry(instance_path) - .and_modify(|errs| { - errs.push(format!("- {}", err.bold().red())); - }) - .or_insert_with(|| vec![format!("- {}", err.bold().red())]); - } + let errors: EvalList = serde_json::from_value(errors)?; + // dbg!(&errors); - collection - .into_iter() - .map(|(key, value)| { - LabeledSpan::new_with_span( - Some(value.into_iter().collect::>().join("\n")), - spanner.get_span(&key).unwrap(), - ) - }) - .collect() - } + if errors.valid { + return Ok(Vec::default()); } -} -fn process_err<'a, I>(errors: I, spanner: &YamlSpan) -> Vec -where - I: Iterator>, -{ - errors - // .flat_map(|err| process_anyof_error(&err).unwrap_or_else(|| vec![err])) - .map(|err| { - let masked_err = err.masked(); - LabeledSpan::new_primary_with_span( - Some(masked_err.to_string().bold().red().to_string()), - spanner - .get_span(&Location::from(err.instance_path())) - .unwrap(), - ) + let errors = errors + .details + .into_iter() + .filter(|entry| !entry.valid && entry.errors.is_some()) + .collect::>(); + dbg!(&errors); + + Ok(errors + .into_iter() + // .filter(|entry| !entry.valid) + // .collect::>() + // .into_iter() + .filter_map(|entry| { + Some(LabeledSpan::new_primary_with_span( + Some(format!("{:?}", entry.errors?)), + // Some(entry.errors?.typ?), + spanner.get_span(&entry.instance_location).ok()?, + )) }) - .collect() -} - -// fn process_anyof_error(err: &ValidationError<'_>) -> Option>> { -// trace!("to_processed_module_err({err:#?})"); -// let ValidationError { -// instance, -// kind, -// instance_path, -// schema_path: _, -// } = err; - -// let mut path_iter = instance_path.into_iter(); -// let uri = match (kind, path_iter.next_back(), path_iter.next_back()) { -// ( -// jsonschema::error::ValidationErrorKind::AnyOf, -// Some(jsonschema::paths::LocationSegment::Index(_)), -// Some(jsonschema::paths::LocationSegment::Property("modules")), -// ) => { -// trace!("FOUND MODULE ANYOF ERROR at {instance_path}"); -// if instance.get("source").is_some() { -// Uri::parse(CUSTOM_MODULE_SCHEMA.to_string()).ok()? -// } else if instance.get("from-file").is_some() { -// Uri::parse(IMPORT_MODULE_SCHEMA.to_string()).ok()? -// } else { -// let typ = instance.get("type").and_then(Value::as_str)?; -// let typ = ModuleTypeVersion::from(typ); -// trace!("Module type: {typ}"); -// Uri::parse(format!( -// "{JSON_SCHEMA}/modules/{}-{}.json", -// typ.typ(), -// typ.version().unwrap_or("latest") -// )) -// .ok()? -// } -// } -// ( -// jsonschema::error::ValidationErrorKind::AnyOf, -// Some(jsonschema::paths::LocationSegment::Index(_)), -// Some(jsonschema::paths::LocationSegment::Property("stages")), -// ) => { -// trace!("FOUND STAGE ANYOF ERROR at {instance_path}"); - -// if instance.get("from-file").is_some() { -// Uri::parse(IMPORT_MODULE_SCHEMA.to_string()).ok()? -// } else { -// Uri::parse(STAGE_SCHEMA.to_string()).ok()? -// } -// } -// _ => return None, -// }; - -// trace!("Schema URI: {uri}"); -// let schema = ASYNC_RUNTIME.block_on(cache_retrieve(&uri)).ok()?; - -// let validator = jsonschema::options() -// .with_retriever(ModuleSchemaRetriever) -// .build(&schema) -// .inspect_err(|e| warn!("{e:#?}")) -// .ok()?; - -// Some( -// validator -// .iter_errors(instance) -// .flat_map(|err| process_anyof_error(&err).unwrap_or_else(|| vec![err])) -// .map(|err| { -// let mut err = err.to_owned(); -// err.instance_path = instance_path -// .into_iter() -// .chain(&err.instance_path) -// .collect(); -// err -// }) -// .inspect(|errs| { -// trace!("From error: {err:#?}\nTo error list: {errs:#?}"); -// }) -// .collect(), -// ) -// } - -fn remove_json(string: &S) -> String -where - S: ToString, -{ - static REGEX_OBJECT: LazyLock = LazyLock::new(|| Regex::new(r"^\{.*\}\s(.*)$").unwrap()); - static REGEX_ARRAY: LazyLock = LazyLock::new(|| Regex::new(r"^\[.*\]\s(.*)$").unwrap()); - - let string = string.to_string(); - - if REGEX_OBJECT.is_match(&string) { - REGEX_OBJECT.replace_all(string.trim(), "$1").into_owned() - } else if REGEX_ARRAY.is_match(&string) { - REGEX_ARRAY.replace_all(string.trim(), "$1").into_owned() - } else { - string - } + .collect()) } struct ModuleSchemaRetriever; @@ -389,6 +260,7 @@ async fn cache_retrieve(uri: &Uri) -> miette::Result { #[cfg(test)] mod test { use blue_build_process_management::ASYNC_RUNTIME; + use pretty_assertions::assert_eq; use rstest::rstest; use super::*; diff --git a/src/commands/validate/schema_validator/error.rs b/src/commands/validate/schema_validator/error.rs index 9b988c63..4a305773 100644 --- a/src/commands/validate/schema_validator/error.rs +++ b/src/commands/validate/schema_validator/error.rs @@ -30,10 +30,14 @@ pub enum SchemaValidateBuilderError { #[derive(Error, Diagnostic, Debug)] pub enum SchemaValidateError { - #[error("Failed to deserialize file {}", .1.display().to_string().bold().italic())] + #[error("Failed to deserialize file {}:\n{}", .1.display().to_string().bold().italic(), .0)] #[diagnostic()] SerdeYaml(serde_yaml::Error, PathBuf), + #[error("Failed to deserialize schema errors:\n{}", .0)] + #[diagnostic()] + SerdeJson(#[from] serde_json::Error), + #[error( "{} error{} encountered", .labels.len().to_string().red(), diff --git a/src/commands/validate/yaml_span.rs b/src/commands/validate/yaml_span.rs index 3503457e..e2a4f8e1 100644 --- a/src/commands/validate/yaml_span.rs +++ b/src/commands/validate/yaml_span.rs @@ -3,6 +3,7 @@ use std::sync::Arc; use bon::bon; use jsonschema::paths::LocationSegment; +use log::{debug, trace}; use miette::SourceSpan; use yaml_rust2::{ Event, @@ -10,13 +11,6 @@ use yaml_rust2::{ scanner::Marker, }; -#[cfg(not(test))] -use log::{debug, trace}; -#[cfg(test)] -use std::eprintln as trace; -#[cfg(test)] -use std::eprintln as debug; - use super::location::Location; mod error; @@ -106,14 +100,14 @@ where document_start = true; } Event::MappingStart(_, _) if stream_start && document_start => { - break self.key(key)?.into(); + break self.key(&key)?.into(); } event => return Err(YamlSpanError::UnexpectedEvent(event.to_owned())), } }) } - fn key(&mut self, expected_key: LocationSegment<'_>) -> Result<(usize, usize), YamlSpanError> { + fn key(&mut self, expected_key: &LocationSegment<'_>) -> Result<(usize, usize), YamlSpanError> { trace!("Looking for location {expected_key:?}"); loop { @@ -229,7 +223,7 @@ where let index = marker.index(); (index, self.skip_mapping(index) - index) } - Some(key) => self.key(key)?, + Some(key) => self.key(&key)?, } } Event::SequenceStart(_, _) if index > curr_index => { @@ -243,7 +237,7 @@ where let index = marker.index(); (index, self.skip_sequence(index) - index) } - Some(key) => self.key(key)?, + Some(key) => self.key(&key)?, } } event => unreachable!("{event:?}"), @@ -265,7 +259,7 @@ where }); } (Event::MappingStart(_, _), Some(LocationSegment::Property(key))) => { - self.key(LocationSegment::Property(key))? + self.key(&LocationSegment::Property(key))? } (Event::MappingStart(_, _), None) => { let index = marker.index(); diff --git a/template/templates/modules/containerfile/containerfile.tsp b/template/templates/modules/containerfile/containerfile.tsp index 58827570..131245fe 100644 --- a/template/templates/modules/containerfile/containerfile.tsp +++ b/template/templates/modules/containerfile/containerfile.tsp @@ -1,10 +1,10 @@ import "@typespec/json-schema"; using TypeSpec.JsonSchema; -// @jsonSchema("/modules/containerfile-latest.json") -// model ContainerfileModuleLatest { -// ...ContainerfileModuleV1; -// } +@jsonSchema("/modules/containerfile-latest.json") +model ContainerfileModuleLatest { + ...ContainerfileModuleV1; +} @jsonSchema("/modules/containerfile-v1.json") model ContainerfileModuleV1 { diff --git a/template/templates/modules/copy/copy.tsp b/template/templates/modules/copy/copy.tsp index 1d31a78a..d34c7364 100644 --- a/template/templates/modules/copy/copy.tsp +++ b/template/templates/modules/copy/copy.tsp @@ -1,10 +1,10 @@ import "@typespec/json-schema"; using TypeSpec.JsonSchema; -// @jsonSchema("/modules/copy-latest.json") -// model CopyModuleLatest { -// ...CopyModuleV1; -// } +@jsonSchema("/modules/copy-latest.json") +model CopyModuleLatest { + ...CopyModuleV1; +} @jsonSchema("/modules/copy-v1.json") model CopyModuleV1 { diff --git a/test-files/recipes/modules/brew-fail.yml b/test-files/recipes/modules/brew-fail.yml index f184a507..238e48b3 100644 --- a/test-files/recipes/modules/brew-fail.yml +++ b/test-files/recipes/modules/brew-fail.yml @@ -1,5 +1,5 @@ --- -# yaml-language-server: $schema=https://schema.blue-build.org/modules/brew.json +# yaml-language-server: $schema=https://schema.blue-build.org/modules/brew-v1.json type: brew auto-update: true update-interval: "6h" diff --git a/test-files/recipes/modules/chezmoi-fail.yml b/test-files/recipes/modules/chezmoi-fail.yml index dbaf6e03..808ee79a 100644 --- a/test-files/recipes/modules/chezmoi-fail.yml +++ b/test-files/recipes/modules/chezmoi-fail.yml @@ -1,5 +1,5 @@ --- -# yaml-language-server: $schema=https://schema.blue-build.org/modules/chezmoi.json +# yaml-language-server: $schema=https://schema.blue-build.org/modules/chezmoi-v1.json type: chezmoi repository: 'test-repo.git' branch: 'main' diff --git a/test-files/schema/import-v1.json b/test-files/schema/import-v1.json index ce17361f..2999143b 100644 --- a/test-files/schema/import-v1.json +++ b/test-files/schema/import-v1.json @@ -1,15 +1,15 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "import-v1.json", - "type": "object", - "properties": { - "from-file": { - "type": "string", - "description": "The path to another file containing module configuration to import here.\nhttps://blue-build.org/how-to/multiple-files/" - } - }, - "required": [ - "from-file" - ], - "additionalProperties": false + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "import-v1.json", + "type": "object", + "properties": { + "from-file": { + "type": "string", + "description": "The path to another file containing module configuration to import here.\nhttps://blue-build.org/how-to/multiple-files/" + } + }, + "required": [ + "from-file" + ], + "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/module-custom-v1.json b/test-files/schema/module-custom-v1.json index d2fa4053..1697871a 100644 --- a/test-files/schema/module-custom-v1.json +++ b/test-files/schema/module-custom-v1.json @@ -1,25 +1,202 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "module-custom-v1.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "This is not a built-in module." + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "module-custom-v1.json", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "This is not a built-in module." + }, + "source": { + "type": "string", + "description": "The image ref of the module repository (an OCI image) to pull the module from.\nIf this is a local module, set the value to 'local'.\nhttps://blue-build.org/reference/module/#source-optional" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + } }, - "source": { - "type": "string", - "description": "The image ref of the module repository (an OCI image) to pull the module from.\nIf this is a local module, set the value to 'local'.\nhttps://blue-build.org/reference/module/#source-optional" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + "required": [ + "type", + "source" + ], + "additionalProperties": {}, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type", - "source" - ], - "additionalProperties": {} } \ No newline at end of file diff --git a/test-files/schema/module-list-v1.json b/test-files/schema/module-list-v1.json index 634bf4d5..bdea2b95 100644 --- a/test-files/schema/module-list-v1.json +++ b/test-files/schema/module-list-v1.json @@ -1,29 +1,30 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "module-list-v1.json", - "type": "object", - "properties": { - "modules": { - "type": "array", - "items": { - "$ref": "#/$defs/ModuleEntry" - }, - "description": "A list of [modules](https://blue-build.org/reference/module/) that is executed in order. Multiple of the same module can be included.\n\nEach item in this list should have at least a `type:` or be specified to be included from an external file in the `recipes/` directory with `from-file:`." - } - }, - "required": [ - "modules" - ], - "$defs": { - "ModuleEntry": { - "anyOf": [ - { - "$ref": "module-v1.json" - }, - { - "$ref": "import-v1.json" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "module-list-v1.json", + "type": "object", + "properties": { + "modules": { + "type": "array", + "items": { + "$ref": "#/$defs/ModuleEntry" + }, + "description": "A list of [modules](https://blue-build.org/reference/module/) that is executed in order. Multiple of the same module can be included.\n\nEach item in this list should have at least a `type:` or be specified to be included from an external file in the `recipes/` directory with `from-file:`." + } + }, + "required": [ + "modules" + ], + "additionalProperties": false, + "$defs": { + "ModuleEntry": { + "oneOf": [ + { + "$ref": "module-v1.json" + }, + { + "$ref": "import-v1.json" + } + ] } - ] } - } } \ No newline at end of file diff --git a/test-files/schema/module-stage-list-v1.json b/test-files/schema/module-stage-list-v1.json index 1675db4f..0b4755ea 100644 --- a/test-files/schema/module-stage-list-v1.json +++ b/test-files/schema/module-stage-list-v1.json @@ -1,44 +1,44 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "module-stage-list-v1.json", - "type": "object", - "properties": { - "modules": { - "type": "array", - "items": { - "$ref": "#/$defs/ModuleEntry" - }, - "description": "A list of [modules](https://blue-build.org/reference/module/) that is executed in order. Multiple of the same module can be included.\n\nEach item in this list should have at least a `type:` or be specified to be included from an external file in the `recipes/` directory with `from-file:`." - }, - "stages": { - "type": "array", - "items": { - "$ref": "#/$defs/StageEntry" - }, - "description": "A list of [stages](https://blue-build.org/reference/stages/) that are executed before the build of the final image.\nThis is useful for compiling programs from source without polluting the final bootable image." - } - }, - "additionalProperties": false, - "$defs": { - "ModuleEntry": { - "anyOf": [ - { - "$ref": "module-v1.json" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "module-stage-list-v1.json", + "type": "object", + "properties": { + "modules": { + "type": "array", + "items": { + "$ref": "#/$defs/ModuleEntry" + }, + "description": "A list of [modules](https://blue-build.org/reference/module/) that is executed in order. Multiple of the same module can be included.\n\nEach item in this list should have at least a `type:` or be specified to be included from an external file in the `recipes/` directory with `from-file:`." }, - { - "$ref": "import-v1.json" + "stages": { + "type": "array", + "items": { + "$ref": "#/$defs/StageEntry" + }, + "description": "A list of [stages](https://blue-build.org/reference/stages/) that are executed before the build of the final image.\nThis is useful for compiling programs from source without polluting the final bootable image." } - ] }, - "StageEntry": { - "anyOf": [ - { - "$ref": "stage-v1.json" + "additionalProperties": false, + "$defs": { + "ModuleEntry": { + "oneOf": [ + { + "$ref": "module-v1.json" + }, + { + "$ref": "import-v1.json" + } + ] }, - { - "$ref": "import-v1.json" + "StageEntry": { + "oneOf": [ + { + "$ref": "stage-v1.json" + }, + { + "$ref": "import-v1.json" + } + ] } - ] } - } } \ No newline at end of file diff --git a/test-files/schema/module-v1.json b/test-files/schema/module-v1.json index e16fda55..5fea0fad 100644 --- a/test-files/schema/module-v1.json +++ b/test-files/schema/module-v1.json @@ -1,143 +1,87 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "module-v1.json", - "anyOf": [ - { - "$ref": "#/$defs/RepoModule" - }, - { - "$ref": "#/$defs/CustomModule" - } - ], - "$defs": { - "RepoModule": { - "anyOf": [ - { - "$ref": "/modules/akmods-latest.json" - }, - { - "$ref": "/modules/akmods-v1.json" - }, - { - "$ref": "/modules/bling-latest.json" - }, - { - "$ref": "/modules/bling-v1.json" - }, - { - "$ref": "/modules/brew-latest.json" - }, - { - "$ref": "/modules/brew-v1.json" - }, - { - "$ref": "/modules/chezmoi-latest.json" - }, - { - "$ref": "/modules/chezmoi-v1.json" - }, + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "module-v1.json", + "oneOf": [ { - "$ref": "/modules/default-flatpaks-latest.json" + "$ref": "#/$defs/RepoModule" }, { - "$ref": "/modules/default-flatpaks-v1.json" - }, - { - "$ref": "/modules/files-latest.json" - }, - { - "$ref": "/modules/files-v1.json" - }, - { - "$ref": "/modules/fonts-latest.json" - }, - { - "$ref": "/modules/fonts-v1.json" - }, - { - "$ref": "/modules/gnome-extensions-latest.json" - }, - { - "$ref": "/modules/gnome-extensions-v1.json" - }, - { - "$ref": "/modules/gschema-overrides-latest.json" - }, - { - "$ref": "/modules/gschema-overrides-v1.json" - }, - { - "$ref": "/modules/justfiles-latest.json" - }, - { - "$ref": "/modules/justfiles-v1.json" - }, - { - "$ref": "/modules/rpm-ostree-latest.json" - }, - { - "$ref": "/modules/rpm-ostree-v1.json" - }, - { - "$ref": "/modules/script-latest.json" - }, - { - "$ref": "/modules/script-v1.json" - }, - { - "$ref": "/modules/signing-latest.json" - }, - { - "$ref": "/modules/signing-v1.json" - }, - { - "$ref": "/modules/systemd-latest.json" - }, - { - "$ref": "/modules/systemd-v1.json" - }, - { - "$ref": "/modules/yafti-latest.json" - }, - { - "$ref": "/modules/yafti-v1.json" - }, - { - "$ref": "/modules/containerfile-latest.json" - }, - { - "$ref": "/modules/containerfile-v1.json" - }, - { - "$ref": "/modules/copy-latest.json" - }, - { - "$ref": "/modules/copy-v1.json" + "$ref": "module-custom-v1.json" } - ] - }, - "CustomModule": { - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "This is not a built-in module." - }, - "source": { - "type": "string", - "description": "The image ref of the module repository (an OCI image) to pull the module from.\nIf this is a local module, set the value to 'local'.\nhttps://blue-build.org/reference/module/#source-optional" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + ], + "$defs": { + "RepoModule": { + "oneOf": [ + { + "$ref": "/modules/akmods-v1.json" + }, + { + "$ref": "/modules/bling-v1.json" + }, + { + "$ref": "/modules/brew-v1.json" + }, + { + "$ref": "/modules/chezmoi-v1.json" + }, + { + "$ref": "/modules/default-flatpaks-v1.json" + }, + { + "$ref": "/modules/default-flatpaks-v2.json" + }, + { + "$ref": "/modules/dnf-v1.json" + }, + { + "$ref": "/modules/files-v1.json" + }, + { + "$ref": "/modules/fonts-v1.json" + }, + { + "$ref": "/modules/gnome-extensions-v1.json" + }, + { + "$ref": "/modules/gschema-overrides-v1.json" + }, + { + "$ref": "/modules/initramfs-v1.json" + }, + { + "$ref": "/modules/justfiles-v1.json" + }, + { + "$ref": "/modules/kargs-v1.json" + }, + { + "$ref": "/modules/os-release-v1.json" + }, + { + "$ref": "/modules/rpm-ostree-v1.json" + }, + { + "$ref": "/modules/script-v1.json" + }, + { + "$ref": "/modules/signing-v1.json" + }, + { + "$ref": "/modules/soar-v1.json" + }, + { + "$ref": "/modules/systemd-v1.json" + }, + { + "$ref": "/modules/yafti-v1.json" + }, + { + "$ref": "/modules/containerfile-v1.json" + }, + { + "$ref": "/modules/copy-v1.json" + } + ] } - }, - "required": [ - "type", - "source" - ], - "additionalProperties": {} } - } } \ No newline at end of file diff --git a/test-files/schema/modules/akmods-latest.json b/test-files/schema/modules/akmods-latest.json index f9aceb57..f8b1a72f 100644 --- a/test-files/schema/modules/akmods-latest.json +++ b/test-files/schema/modules/akmods-latest.json @@ -1,67 +1,269 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/akmods.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "akmods", - "description": "The akmods module is a tool used for managing and installing kernel modules built by Universal Blue.\nhttps://blue-build.org/reference/modules/akmods/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/akmods-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "akmods" + }, + { + "type": "string", + "const": "akmods@v1" + }, + { + "type": "string", + "const": "akmods@latest" + } + ], + "description": "The akmods module is a tool used for managing and installing kernel modules built by Universal Blue.\nhttps://blue-build.org/reference/modules/akmods/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "base": { + "anyOf": [ + { + "type": "string", + "const": "main" + }, + { + "type": "string", + "const": "asus" + }, + { + "type": "string", + "const": "fsync" + }, + { + "type": "string", + "const": "fsync-ba" + }, + { + "type": "string", + "const": "surface" + }, + { + "type": "string", + "const": "coreos-stable" + }, + { + "type": "string", + "const": "coreos-testing" + }, + { + "type": "string", + "const": "bazzite" + } + ], + "default": "main", + "description": "The kernel your images uses.\n- main: stock Fedora kernel / main and nvidia images\n- asus: asus kernel / asus images\n- fsync: fsync kernel / not used in any Universal Blue images\n- fsync-ba: fsync kernel, stable version / not used in any Universal Blue images\n- surface: surface kernel / surface images\n- coreos-stable: stock CoreOS kernel / uCore stable images\n- coreos-testing: stock CoreOS Testing kernel / uCore testing images\n- bazzite: Bazzite's kernel / bazzite images" + }, + "install": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of akmods to install.\nSee all available akmods here: https://github.com/ublue-os/akmods#kmod-packages" + }, + "nvidia-driver": { + "anyOf": [ + { + "type": "string", + "const": "nvidia" + }, + { + "type": "string", + "const": "nvidia-open" + } + ], + "description": "Nvidia driver to install\n- nvidia : for the old nvidia propietary driver, compatible with Maxwell and newer cards (but not Blackwell)\n- nvidia-open : for the new kernel-open driver, to be used in Turing and newer cards" + } }, - "base": { - "anyOf": [ - { - "type": "string", - "const": "main" + "required": [ + "type", + "install" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } }, - { - "type": "string", - "const": "asus" + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] }, - { - "type": "string", - "const": "fsync" + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false }, - { - "type": "string", - "const": "fsync-ba" + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false }, - { - "type": "string", - "const": "surface" + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false }, - { - "type": "string", - "const": "coreos-stable" + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false }, - { - "type": "string", - "const": "coreos-testing" + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] }, - { - "type": "string", - "const": "bazzite" + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false } - ], - "default": "main", - "description": "The kernel your images uses.\n- main: stock Fedora kernel / main and nvidia images\n- asus: asus kernel / asus images\n- fsync: fsync kernel / not used in any Universal Blue images\n- fsync-ba: fsync kernel, stable version / not used in any Universal Blue images\n- surface: surface kernel / surface images\n- coreos-stable: stock CoreOS kernel / uCore stable images\n- coreos-testing: stock CoreOS Testing kernel / uCore testing images\n- bazzite: Bazzite's kernel / bazzite images" - }, - "install": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of akmods to install.\nSee all available akmods here: https://github.com/ublue-os/akmods#kmod-packages" } - }, - "required": [ - "type", - "install" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/akmods-v1.json b/test-files/schema/modules/akmods-v1.json index f9aceb57..2d7005d2 100644 --- a/test-files/schema/modules/akmods-v1.json +++ b/test-files/schema/modules/akmods-v1.json @@ -1,67 +1,269 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/akmods.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "akmods", - "description": "The akmods module is a tool used for managing and installing kernel modules built by Universal Blue.\nhttps://blue-build.org/reference/modules/akmods/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/akmods-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "akmods" + }, + { + "type": "string", + "const": "akmods@v1" + }, + { + "type": "string", + "const": "akmods@latest" + } + ], + "description": "The akmods module is a tool used for managing and installing kernel modules built by Universal Blue.\nhttps://blue-build.org/reference/modules/akmods/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "base": { + "anyOf": [ + { + "type": "string", + "const": "main" + }, + { + "type": "string", + "const": "asus" + }, + { + "type": "string", + "const": "fsync" + }, + { + "type": "string", + "const": "fsync-ba" + }, + { + "type": "string", + "const": "surface" + }, + { + "type": "string", + "const": "coreos-stable" + }, + { + "type": "string", + "const": "coreos-testing" + }, + { + "type": "string", + "const": "bazzite" + } + ], + "default": "main", + "description": "The kernel your images uses.\n- main: stock Fedora kernel / main and nvidia images\n- asus: asus kernel / asus images\n- fsync: fsync kernel / not used in any Universal Blue images\n- fsync-ba: fsync kernel, stable version / not used in any Universal Blue images\n- surface: surface kernel / surface images\n- coreos-stable: stock CoreOS kernel / uCore stable images\n- coreos-testing: stock CoreOS Testing kernel / uCore testing images\n- bazzite: Bazzite's kernel / bazzite images" + }, + "install": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of akmods to install.\nSee all available akmods here: https://github.com/ublue-os/akmods#kmod-packages" + }, + "nvidia-driver": { + "anyOf": [ + { + "type": "string", + "const": "nvidia" + }, + { + "type": "string", + "const": "nvidia-open" + } + ], + "description": "Nvidia driver to install\n- nvidia : for the old nvidia propietary driver, compatible with Maxwell and newer cards (but not Blackwell)\n- nvidia-open : for the new kernel-open driver, to be used in Turing and newer cards" + } }, - "base": { - "anyOf": [ - { - "type": "string", - "const": "main" + "required": [ + "type", + "install" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } }, - { - "type": "string", - "const": "asus" + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] }, - { - "type": "string", - "const": "fsync" + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false }, - { - "type": "string", - "const": "fsync-ba" + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false }, - { - "type": "string", - "const": "surface" + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false }, - { - "type": "string", - "const": "coreos-stable" + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false }, - { - "type": "string", - "const": "coreos-testing" + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] }, - { - "type": "string", - "const": "bazzite" + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false } - ], - "default": "main", - "description": "The kernel your images uses.\n- main: stock Fedora kernel / main and nvidia images\n- asus: asus kernel / asus images\n- fsync: fsync kernel / not used in any Universal Blue images\n- fsync-ba: fsync kernel, stable version / not used in any Universal Blue images\n- surface: surface kernel / surface images\n- coreos-stable: stock CoreOS kernel / uCore stable images\n- coreos-testing: stock CoreOS Testing kernel / uCore testing images\n- bazzite: Bazzite's kernel / bazzite images" - }, - "install": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of akmods to install.\nSee all available akmods here: https://github.com/ublue-os/akmods#kmod-packages" } - }, - "required": [ - "type", - "install" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/bling-latest.json b/test-files/schema/modules/bling-latest.json index fefd57b2..b8212b1a 100644 --- a/test-files/schema/modules/bling-latest.json +++ b/test-files/schema/modules/bling-latest.json @@ -1,54 +1,243 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/bling.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "bling", - "description": "The bling module can be used to pull in small \"bling\" into your image. \nhttps://blue-build.org/reference/modules/bling/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/bling-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "bling" + }, + { + "type": "string", + "const": "bling@v1" + }, + { + "type": "string", + "const": "bling@latest" + } + ], + "description": "The bling module can be used to pull in small \"bling\" into your image.\nhttps://blue-build.org/reference/modules/bling/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "install": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string", + "const": "rpmfusion" + }, + { + "type": "string", + "const": "negativo17" + }, + { + "type": "string", + "const": "ublue-update" + }, + { + "type": "string", + "const": "1password" + }, + { + "type": "string", + "const": "dconf-update-service" + }, + { + "type": "string", + "const": "gnome-vrr" + } + ] + }, + "description": "List of bling submodules to run / things to install onto your system." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "install": { - "type": "array", - "items": { - "anyOf": [ - { - "type": "string", - "const": "rpmfusion" - }, - { - "type": "string", - "const": "negativo17" - }, - { - "type": "string", - "const": "ublue-update" - }, - { - "type": "string", - "const": "1password" - }, - { - "type": "string", - "const": "dconf-update-service" - }, - { - "type": "string", - "const": "gnome-vrr" - } - ] - }, - "description": "List of bling submodules to run / things to install onto your system." + "required": [ + "type", + "install" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type", - "install" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/bling-v1.json b/test-files/schema/modules/bling-v1.json index fefd57b2..b289be44 100644 --- a/test-files/schema/modules/bling-v1.json +++ b/test-files/schema/modules/bling-v1.json @@ -1,54 +1,243 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/bling.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "bling", - "description": "The bling module can be used to pull in small \"bling\" into your image. \nhttps://blue-build.org/reference/modules/bling/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/bling-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "bling" + }, + { + "type": "string", + "const": "bling@v1" + }, + { + "type": "string", + "const": "bling@latest" + } + ], + "description": "The bling module can be used to pull in small \"bling\" into your image.\nhttps://blue-build.org/reference/modules/bling/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "install": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string", + "const": "rpmfusion" + }, + { + "type": "string", + "const": "negativo17" + }, + { + "type": "string", + "const": "ublue-update" + }, + { + "type": "string", + "const": "1password" + }, + { + "type": "string", + "const": "dconf-update-service" + }, + { + "type": "string", + "const": "gnome-vrr" + } + ] + }, + "description": "List of bling submodules to run / things to install onto your system." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "install": { - "type": "array", - "items": { - "anyOf": [ - { - "type": "string", - "const": "rpmfusion" - }, - { - "type": "string", - "const": "negativo17" - }, - { - "type": "string", - "const": "ublue-update" - }, - { - "type": "string", - "const": "1password" - }, - { - "type": "string", - "const": "dconf-update-service" - }, - { - "type": "string", - "const": "gnome-vrr" - } - ] - }, - "description": "List of bling submodules to run / things to install onto your system." + "required": [ + "type", + "install" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type", - "install" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/brew-latest.json b/test-files/schema/modules/brew-latest.json index d2e759e4..ea0bf400 100644 --- a/test-files/schema/modules/brew-latest.json +++ b/test-files/schema/modules/brew-latest.json @@ -1,61 +1,260 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/brew.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "brew", - "description": "The brew module installs Homebrew / Linuxbrew at build time and ensures the package manager remains up-to-date.\nhttps://blue-build.org/reference/modules/brew/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/brew-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "brew" + }, + { + "type": "string", + "const": "brew@v1" + }, + { + "type": "string", + "const": "brew@latest" + } + ], + "description": "The brew module installs Homebrew / Linuxbrew at build time and ensures the package manager remains up-to-date.\nhttps://blue-build.org/reference/modules/brew/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "auto-update": { + "type": "boolean", + "default": true, + "description": "Whether to auto-update the Brew binary using a systemd service." + }, + "update-interval": { + "type": "string", + "default": "6h", + "description": "Defines how often the Brew update service should run. The string is passed directly to `OnUnitInactiveSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." + }, + "update-wait-after-boot": { + "type": "string", + "default": "10min", + "description": "Time delay after system boot before the first Brew update runs. The string is passed directly to `OnBootSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." + }, + "auto-upgrade": { + "type": "boolean", + "default": true, + "description": "Whether to auto-upgrade all installed Brew packages using a systemd service." + }, + "upgrade-interval": { + "type": "string", + "default": "8h", + "description": "Defines how often the Brew upgrade service should run. The string is passed directly to `OnUnitInactiveSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." + }, + "upgrade-wait-after-boot": { + "type": "string", + "default": "30min", + "description": "Time delay after system boot before the first Brew package upgrade runs. The string is passed directly to `OnBootSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." + }, + "nofile-limits": { + "type": "boolean", + "default": false, + "description": "Whether to increase nofile limits (limits for number of open files) for Brew installations.\nWhen set to true, it increases the nofile limits to prevent certain \"I/O heavy\" Brew packages from failing due to \"too many open files\" error.\nHowever, it's important to note that increasing nofile limits can have potential security implications for malicious applications which would try to abuse storage I/O.\nDefaults to false for security purposes.\n\nhttps://serverfault.com/questions/577437/what-is-the-impact-of-increasing-nofile-limits-in-etc-security-limits-conf" + }, + "brew-analytics": { + "type": "boolean", + "default": true, + "description": "Whether to enable Brew analytics.\nThe Homebrew project uses analytics to anonymously collect the information about Brew usage & your system in order to improve the experience of Brew users." + }, + "direct-pull": { + "type": "boolean", + "default": false, + "description": "Whether to skip ublue's cache and directly install from Homebrew using the official installer.\nUblue provides a tarball cache of a Homebrew installation." + }, + "installer-commit": { + "type": "string", + "default": "HEAD", + "description": "The commit to use when directly pulling the Homebrew install script.\nDefaults to \"HEAD\"." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "auto-update": { - "type": "boolean", - "default": true, - "description": "Whether to auto-update the Brew binary using a systemd service." - }, - "update-interval": { - "type": "string", - "default": "6h", - "description": "Defines how often the Brew update service should run. The string is passed directly to `OnUnitInactiveSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." - }, - "update-wait-after-boot": { - "type": "string", - "default": "10min", - "description": "Time delay after system boot before the first Brew update runs. The string is passed directly to `OnBootSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." - }, - "auto-upgrade": { - "type": "boolean", - "default": true, - "description": "Whether to auto-upgrade all installed Brew packages using a systemd service." - }, - "upgrade-interval": { - "type": "string", - "default": "8h", - "description": "Defines how often the Brew upgrade service should run. The string is passed directly to `OnUnitInactiveSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." - }, - "upgrade-wait-after-boot": { - "type": "string", - "default": "30min", - "description": "Time delay after system boot before the first Brew package upgrade runs. The string is passed directly to `OnBootSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." - }, - "nofile-limits": { - "type": "boolean", - "default": false, - "description": "Whether to increase nofile limits (limits for number of open files) for Brew installations.\nWhen set to true, it increases the nofile limits to prevent certain \"I/O heavy\" Brew packages from failing due to \"too many open files\" error.\nHowever, it's important to note that increasing nofile limits can have potential security implications for malicious applications which would try to abuse storage I/O.\nDefaults to false for security purposes.\n\nhttps://serverfault.com/questions/577437/what-is-the-impact-of-increasing-nofile-limits-in-etc-security-limits-conf" - }, - "brew-analytics": { - "type": "boolean", - "default": true, - "description": "Whether to enable Brew analytics. \nThe Homebrew project uses analytics to anonymously collect the information about Brew usage & your system in order to improve the experience of Brew users." + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/brew-v1.json b/test-files/schema/modules/brew-v1.json index d2e759e4..95884195 100644 --- a/test-files/schema/modules/brew-v1.json +++ b/test-files/schema/modules/brew-v1.json @@ -1,61 +1,260 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/brew.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "brew", - "description": "The brew module installs Homebrew / Linuxbrew at build time and ensures the package manager remains up-to-date.\nhttps://blue-build.org/reference/modules/brew/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/brew-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "brew" + }, + { + "type": "string", + "const": "brew@v1" + }, + { + "type": "string", + "const": "brew@latest" + } + ], + "description": "The brew module installs Homebrew / Linuxbrew at build time and ensures the package manager remains up-to-date.\nhttps://blue-build.org/reference/modules/brew/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "auto-update": { + "type": "boolean", + "default": true, + "description": "Whether to auto-update the Brew binary using a systemd service." + }, + "update-interval": { + "type": "string", + "default": "6h", + "description": "Defines how often the Brew update service should run. The string is passed directly to `OnUnitInactiveSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." + }, + "update-wait-after-boot": { + "type": "string", + "default": "10min", + "description": "Time delay after system boot before the first Brew update runs. The string is passed directly to `OnBootSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." + }, + "auto-upgrade": { + "type": "boolean", + "default": true, + "description": "Whether to auto-upgrade all installed Brew packages using a systemd service." + }, + "upgrade-interval": { + "type": "string", + "default": "8h", + "description": "Defines how often the Brew upgrade service should run. The string is passed directly to `OnUnitInactiveSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." + }, + "upgrade-wait-after-boot": { + "type": "string", + "default": "30min", + "description": "Time delay after system boot before the first Brew package upgrade runs. The string is passed directly to `OnBootSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." + }, + "nofile-limits": { + "type": "boolean", + "default": false, + "description": "Whether to increase nofile limits (limits for number of open files) for Brew installations.\nWhen set to true, it increases the nofile limits to prevent certain \"I/O heavy\" Brew packages from failing due to \"too many open files\" error.\nHowever, it's important to note that increasing nofile limits can have potential security implications for malicious applications which would try to abuse storage I/O.\nDefaults to false for security purposes.\n\nhttps://serverfault.com/questions/577437/what-is-the-impact-of-increasing-nofile-limits-in-etc-security-limits-conf" + }, + "brew-analytics": { + "type": "boolean", + "default": true, + "description": "Whether to enable Brew analytics.\nThe Homebrew project uses analytics to anonymously collect the information about Brew usage & your system in order to improve the experience of Brew users." + }, + "direct-pull": { + "type": "boolean", + "default": false, + "description": "Whether to skip ublue's cache and directly install from Homebrew using the official installer.\nUblue provides a tarball cache of a Homebrew installation." + }, + "installer-commit": { + "type": "string", + "default": "HEAD", + "description": "The commit to use when directly pulling the Homebrew install script.\nDefaults to \"HEAD\"." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "auto-update": { - "type": "boolean", - "default": true, - "description": "Whether to auto-update the Brew binary using a systemd service." - }, - "update-interval": { - "type": "string", - "default": "6h", - "description": "Defines how often the Brew update service should run. The string is passed directly to `OnUnitInactiveSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." - }, - "update-wait-after-boot": { - "type": "string", - "default": "10min", - "description": "Time delay after system boot before the first Brew update runs. The string is passed directly to `OnBootSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." - }, - "auto-upgrade": { - "type": "boolean", - "default": true, - "description": "Whether to auto-upgrade all installed Brew packages using a systemd service." - }, - "upgrade-interval": { - "type": "string", - "default": "8h", - "description": "Defines how often the Brew upgrade service should run. The string is passed directly to `OnUnitInactiveSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." - }, - "upgrade-wait-after-boot": { - "type": "string", - "default": "30min", - "description": "Time delay after system boot before the first Brew package upgrade runs. The string is passed directly to `OnBootSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." - }, - "nofile-limits": { - "type": "boolean", - "default": false, - "description": "Whether to increase nofile limits (limits for number of open files) for Brew installations.\nWhen set to true, it increases the nofile limits to prevent certain \"I/O heavy\" Brew packages from failing due to \"too many open files\" error.\nHowever, it's important to note that increasing nofile limits can have potential security implications for malicious applications which would try to abuse storage I/O.\nDefaults to false for security purposes.\n\nhttps://serverfault.com/questions/577437/what-is-the-impact-of-increasing-nofile-limits-in-etc-security-limits-conf" - }, - "brew-analytics": { - "type": "boolean", - "default": true, - "description": "Whether to enable Brew analytics. \nThe Homebrew project uses analytics to anonymously collect the information about Brew usage & your system in order to improve the experience of Brew users." + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/chezmoi-latest.json b/test-files/schema/modules/chezmoi-latest.json index 0c8da213..548903b3 100644 --- a/test-files/schema/modules/chezmoi-latest.json +++ b/test-files/schema/modules/chezmoi-latest.json @@ -1,70 +1,259 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/chezmoi.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "chezmoi", - "description": "The chezmoi module installs the latest chezmoi release at build time, along with services to clone a dotfile repository and keep it up-to-date.\nhttps://blue-build.org/reference/modules/chezmoi/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "repository": { - "type": "string", - "description": "Git repository to initialize." - }, - "branch": { - "type": "string", - "default": "", - "description": "Git branch of the chezmoi repository." - }, - "all-users": { - "type": "boolean", - "default": true, - "description": "Whether to enable the modules services globally for all users, if false users need to enable services manually." - }, - "run-every": { - "type": "string", - "default": "1d", - "description": "Dotfiles will be updated with this interval." - }, - "wait-after-boot": { - "type": "string", - "default": "5m", - "description": "Dotfile updates will wait this long after a boot before running." - }, - "disable-init": { - "type": "boolean", - "default": false, - "description": "Disable the service that initializes `repository` on users that are logged in or have linger enabled UI." - }, - "disable-update": { - "type": "boolean", - "default": false, - "description": "Disable the timer that updates chezmoi with the set interval." + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/chezmoi-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "chezmoi" + }, + { + "type": "string", + "const": "chezmoi@v1" + }, + { + "type": "string", + "const": "chezmoi@latest" + } + ], + "description": "The chezmoi module installs the latest chezmoi release at build time, along with services to clone a dotfile repository and keep it up-to-date.\nhttps://blue-build.org/reference/modules/chezmoi/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "repository": { + "type": "string", + "description": "Git repository to initialize." + }, + "branch": { + "type": "string", + "default": "", + "description": "Git branch of the chezmoi repository." + }, + "all-users": { + "type": "boolean", + "default": true, + "description": "Whether to enable the modules services globally for all users, if false users need to enable services manually." + }, + "run-every": { + "type": "string", + "default": "1d", + "description": "Dotfiles will be updated with this interval." + }, + "wait-after-boot": { + "type": "string", + "default": "5m", + "description": "Dotfile updates will wait this long after a boot before running." + }, + "disable-init": { + "type": "boolean", + "default": false, + "description": "Disable the service that initializes `repository` on users that are logged in or have linger enabled UI." + }, + "disable-update": { + "type": "boolean", + "default": false, + "description": "Disable the timer that updates chezmoi with the set interval." + }, + "file-conflict-policy": { + "anyOf": [ + { + "type": "string", + "const": "skip" + }, + { + "type": "string", + "const": "replace" + } + ], + "default": "skip", + "description": "What to do when file different that exists on your repo is has been changed or exists locally. Accepts \"skip\" or \"replace\"." + } }, - "file-conflict-policy": { - "anyOf": [ - { - "type": "string", - "const": "skip" - }, - { - "type": "string", - "const": "replace" + "required": [ + "type", + "repository" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false } - ], - "default": "skip", - "description": "What to do when file different that exists on your repo is has been changed or exists locally. Accepts \"skip\" or \"replace\"." } - }, - "required": [ - "type", - "repository" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/chezmoi-v1.json b/test-files/schema/modules/chezmoi-v1.json index 0c8da213..0a938e92 100644 --- a/test-files/schema/modules/chezmoi-v1.json +++ b/test-files/schema/modules/chezmoi-v1.json @@ -1,70 +1,259 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/chezmoi.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "chezmoi", - "description": "The chezmoi module installs the latest chezmoi release at build time, along with services to clone a dotfile repository and keep it up-to-date.\nhttps://blue-build.org/reference/modules/chezmoi/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "repository": { - "type": "string", - "description": "Git repository to initialize." - }, - "branch": { - "type": "string", - "default": "", - "description": "Git branch of the chezmoi repository." - }, - "all-users": { - "type": "boolean", - "default": true, - "description": "Whether to enable the modules services globally for all users, if false users need to enable services manually." - }, - "run-every": { - "type": "string", - "default": "1d", - "description": "Dotfiles will be updated with this interval." - }, - "wait-after-boot": { - "type": "string", - "default": "5m", - "description": "Dotfile updates will wait this long after a boot before running." - }, - "disable-init": { - "type": "boolean", - "default": false, - "description": "Disable the service that initializes `repository` on users that are logged in or have linger enabled UI." - }, - "disable-update": { - "type": "boolean", - "default": false, - "description": "Disable the timer that updates chezmoi with the set interval." + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/chezmoi-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "chezmoi" + }, + { + "type": "string", + "const": "chezmoi@v1" + }, + { + "type": "string", + "const": "chezmoi@latest" + } + ], + "description": "The chezmoi module installs the latest chezmoi release at build time, along with services to clone a dotfile repository and keep it up-to-date.\nhttps://blue-build.org/reference/modules/chezmoi/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "repository": { + "type": "string", + "description": "Git repository to initialize." + }, + "branch": { + "type": "string", + "default": "", + "description": "Git branch of the chezmoi repository." + }, + "all-users": { + "type": "boolean", + "default": true, + "description": "Whether to enable the modules services globally for all users, if false users need to enable services manually." + }, + "run-every": { + "type": "string", + "default": "1d", + "description": "Dotfiles will be updated with this interval." + }, + "wait-after-boot": { + "type": "string", + "default": "5m", + "description": "Dotfile updates will wait this long after a boot before running." + }, + "disable-init": { + "type": "boolean", + "default": false, + "description": "Disable the service that initializes `repository` on users that are logged in or have linger enabled UI." + }, + "disable-update": { + "type": "boolean", + "default": false, + "description": "Disable the timer that updates chezmoi with the set interval." + }, + "file-conflict-policy": { + "anyOf": [ + { + "type": "string", + "const": "skip" + }, + { + "type": "string", + "const": "replace" + } + ], + "default": "skip", + "description": "What to do when file different that exists on your repo is has been changed or exists locally. Accepts \"skip\" or \"replace\"." + } }, - "file-conflict-policy": { - "anyOf": [ - { - "type": "string", - "const": "skip" - }, - { - "type": "string", - "const": "replace" + "required": [ + "type", + "repository" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false } - ], - "default": "skip", - "description": "What to do when file different that exists on your repo is has been changed or exists locally. Accepts \"skip\" or \"replace\"." } - }, - "required": [ - "type", - "repository" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/containerfile-latest.json b/test-files/schema/modules/containerfile-latest.json deleted file mode 100644 index ef6dcb5e..00000000 --- a/test-files/schema/modules/containerfile-latest.json +++ /dev/null @@ -1,35 +0,0 @@ -{ - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/containerfile.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "containerfile", - "description": "The containerfile module is a tool for adding custom Containerfile instructions for custom image builds. \nhttps://blue-build.org/reference/modules/containerfile/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "snippets": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Lines to directly insert into the generated Containerfile." - }, - "containerfiles": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Names of directories in ./containerfiles/ containing each a Containerfile to insert into the generated Containerfile." - } - }, - "required": [ - "type" - ], - "additionalProperties": false -} \ No newline at end of file diff --git a/test-files/schema/modules/containerfile-v1.json b/test-files/schema/modules/containerfile-v1.json index ef6dcb5e..db40fc5a 100644 --- a/test-files/schema/modules/containerfile-v1.json +++ b/test-files/schema/modules/containerfile-v1.json @@ -1,35 +1,223 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/containerfile.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "containerfile", - "description": "The containerfile module is a tool for adding custom Containerfile instructions for custom image builds. \nhttps://blue-build.org/reference/modules/containerfile/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/containerfile-v1.json", + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "const": "containerfile" + }, + { + "type": "string", + "const": "containerfile@latest" + }, + { + "type": "string", + "const": "containerfile@v1" + } + ], + "description": "The containerfile module is a tool for adding custom Containerfile instructions for custom image builds.\nhttps://blue-build.org/reference/modules/containerfile/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "snippets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Lines to directly insert into the generated Containerfile." + }, + "containerfiles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Names of directories in ./containerfiles/ containing each a Containerfile to insert into the generated Containerfile." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "snippets": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Lines to directly insert into the generated Containerfile." - }, - "containerfiles": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Names of directories in ./containerfiles/ containing each a Containerfile to insert into the generated Containerfile." + "required": [ + "type" + ], + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/copy-latest.json b/test-files/schema/modules/copy-latest.json deleted file mode 100644 index 5763e440..00000000 --- a/test-files/schema/modules/copy-latest.json +++ /dev/null @@ -1,35 +0,0 @@ -{ - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/copy.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "copy", - "description": "The copy module is a short-hand method of adding a COPY instruction into the Containerfile.\nhttps://blue-build.org/reference/modules/copy/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "from": { - "type": "string", - "description": "Equivalent to the --from property in a COPY statement, use to specify an image to copy from.\nBy default, the COPY source is the build environment's file tree." - }, - "src": { - "type": "string", - "description": "Path to source file or directory." - }, - "dest": { - "type": "string", - "description": "Path to destination file or directory." - } - }, - "required": [ - "type", - "src", - "dest" - ], - "additionalProperties": false -} \ No newline at end of file diff --git a/test-files/schema/modules/copy-v1.json b/test-files/schema/modules/copy-v1.json index 5763e440..035994a1 100644 --- a/test-files/schema/modules/copy-v1.json +++ b/test-files/schema/modules/copy-v1.json @@ -1,35 +1,223 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/copy.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "copy", - "description": "The copy module is a short-hand method of adding a COPY instruction into the Containerfile.\nhttps://blue-build.org/reference/modules/copy/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/copy-v1.json", + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "const": "copy" + }, + { + "type": "string", + "const": "copy@latest" + }, + { + "type": "string", + "const": "copy@v1" + } + ], + "description": "The copy module is a short-hand method of adding a COPY instruction into the Containerfile.\nhttps://blue-build.org/reference/modules/copy/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "from": { + "type": "string", + "description": "Equivalent to the --from property in a COPY statement, use to specify an image to copy from.\nBy default, the COPY source is the build environment's file tree." + }, + "src": { + "type": "string", + "description": "Path to source file or directory." + }, + "dest": { + "type": "string", + "description": "Path to destination file or directory." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "from": { - "type": "string", - "description": "Equivalent to the --from property in a COPY statement, use to specify an image to copy from.\nBy default, the COPY source is the build environment's file tree." - }, - "src": { - "type": "string", - "description": "Path to source file or directory." - }, - "dest": { - "type": "string", - "description": "Path to destination file or directory." + "required": [ + "type", + "src", + "dest" + ], + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type", - "src", - "dest" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/default-flatpaks-latest.json b/test-files/schema/modules/default-flatpaks-latest.json index 31783d0d..7e3ae60f 100644 --- a/test-files/schema/modules/default-flatpaks-latest.json +++ b/test-files/schema/modules/default-flatpaks-latest.json @@ -1,94 +1,274 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/default-flatpaks.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "default-flatpaks", - "description": "The default-flatpaks module can be used to install or uninstall flatpaks from a configurable remote on every boot.\nhttps://blue-build.org/reference/modules/default-flatpaks/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "notify": { - "type": "boolean", - "default": false, - "description": "Whether to send a notification after the install/uninstall is finished." - }, - "system": { - "type": "object", - "properties": { - "repo-url": { - "type": "string", - "default": "https://dl.flathub.org/repo/flathub.flatpakrepo", - "description": "URL of the repo to add. Defaults to Flathub's URL." + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/default-flatpaks-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "default-flatpaks@v2" + }, + { + "type": "string", + "const": "default-flatpaks@latest" + }, + { + "type": "string", + "const": "default-flatpaks" + } + ], + "description": "The default-flatpaks module can be used to install Flatpaks from a configurable remote on every boot.\nusing version: v2\nhttps://blue-build.org/reference/modules/default-flatpaks/" }, - "repo-name": { - "type": "string", - "default": "flathub", - "description": "Name for the repo to add." + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" }, - "repo-title": { - "type": "string", - "description": "Pretty title for the repo to add. Not set by default." + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." }, - "install": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of Flatpak IDs to install from the repo." + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." }, - "remove": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of Flatpak IDs to remove." + "configurations": { + "type": "array", + "items": { + "$ref": "#/$defs/ConfigurationV2" + } } - }, - "description": "Configuration for system flatpaks." }, - "user": { - "type": "object", - "properties": { - "repo-url": { - "type": "string", - "default": "https://dl.flathub.org/repo/flathub.flatpakrepo", - "description": "URL of the repo to add. Defaults to Flathub's URL." + "required": [ + "type", + "configurations" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "ConfigurationV2": { + "type": "object", + "properties": { + "notify": { + "type": "boolean", + "default": true, + "description": "Whether to notify users about Flatpak installation." + }, + "scope": { + "anyOf": [ + { + "type": "string", + "const": "system" + }, + { + "type": "string", + "const": "user" + } + ], + "default": "user", + "description": "Whether to perform this configuration for system-wide or separately for each user." + }, + "repo": { + "$ref": "#/$defs/ConfigurationV2Repo", + "description": "Details of the Flatpak repository to set up. If omitted, Flathub will be used by default." + }, + "install": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Flatpak IDs to install from the repo." + } + }, + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false }, - "repo-name": { - "type": "string", - "default": "flathub", - "description": "Name for the repo to add." + "ConfigurationV2Repo": { + "type": "object", + "properties": { + "url": { + "type": "string", + "default": "https://dl.flathub.org/repo/flathub.flatpakrepo", + "description": "Flatpak repository URL." + }, + "name": { + "type": "string", + "default": "flathub", + "description": "Flatpak repository name." + }, + "title": { + "type": "string", + "default": "Flathub", + "description": "Flatpak repository formatted title." + } + }, + "additionalProperties": false }, - "repo-title": { - "type": "string", - "description": "Pretty title for the repo to add. Not set by default." + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] }, - "install": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of Flatpak IDs to install from the repo." + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false }, - "remove": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of Flatpak IDs to remove." + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false } - }, - "description": "Configuration for user flatpaks." } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/default-flatpaks-v1.json b/test-files/schema/modules/default-flatpaks-v1.json index 31783d0d..ae3cb305 100644 --- a/test-files/schema/modules/default-flatpaks-v1.json +++ b/test-files/schema/modules/default-flatpaks-v1.json @@ -1,94 +1,245 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/default-flatpaks.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "default-flatpaks", - "description": "The default-flatpaks module can be used to install or uninstall flatpaks from a configurable remote on every boot.\nhttps://blue-build.org/reference/modules/default-flatpaks/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "notify": { - "type": "boolean", - "default": false, - "description": "Whether to send a notification after the install/uninstall is finished." - }, - "system": { - "type": "object", - "properties": { - "repo-url": { - "type": "string", - "default": "https://dl.flathub.org/repo/flathub.flatpakrepo", - "description": "URL of the repo to add. Defaults to Flathub's URL." + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/default-flatpaks-v1.json", + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "default-flatpaks@v1", + "description": "The default-flatpaks module can be used to install or uninstall flatpaks from a configurable remote on every boot.\nusing version: v1\nhttps://blue-build.org/reference/modules/default-flatpaks/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." }, - "repo-name": { - "type": "string", - "default": "flathub", - "description": "Name for the repo to add." + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." }, - "repo-title": { - "type": "string", - "description": "Pretty title for the repo to add. Not set by default." + "notify": { + "type": "boolean", + "default": false, + "description": "Whether to send a notification after the install/uninstall is finished." }, - "install": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of Flatpak IDs to install from the repo." + "system": { + "$ref": "#/$defs/ConfigurationV1", + "description": "Configuration for system flatpaks." }, - "remove": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of Flatpak IDs to remove." + "user": { + "$ref": "#/$defs/ConfigurationV1", + "description": "Configuration for user flatpaks." } - }, - "description": "Configuration for system flatpaks." }, - "user": { - "type": "object", - "properties": { - "repo-url": { - "type": "string", - "default": "https://dl.flathub.org/repo/flathub.flatpakrepo", - "description": "URL of the repo to add. Defaults to Flathub's URL." + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "ConfigurationV1": { + "type": "object", + "properties": { + "repo-url": { + "type": "string", + "default": "https://dl.flathub.org/repo/flathub.flatpakrepo", + "description": "URL of the repo to add. Defaults to Flathub's URL." + }, + "repo-name": { + "type": "string", + "default": "flathub", + "description": "Name for the repo to add." + }, + "repo-title": { + "type": "string", + "description": "Pretty title for the repo to add. Not set by default." + }, + "install": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Flatpak IDs to install from the repo." + }, + "remove": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Flatpak IDs to remove." + } + }, + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false }, - "repo-name": { - "type": "string", - "default": "flathub", - "description": "Name for the repo to add." + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false }, - "repo-title": { - "type": "string", - "description": "Pretty title for the repo to add. Not set by default." + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] }, - "install": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of Flatpak IDs to install from the repo." + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false }, - "remove": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of Flatpak IDs to remove." + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false } - }, - "description": "Configuration for user flatpaks." } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/default-flatpaks-v2.json b/test-files/schema/modules/default-flatpaks-v2.json new file mode 100644 index 00000000..e7ad78a0 --- /dev/null +++ b/test-files/schema/modules/default-flatpaks-v2.json @@ -0,0 +1,273 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/default-flatpaks-v2.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "default-flatpaks@v2" + }, + { + "type": "string", + "const": "default-flatpaks@latest" + }, + { + "type": "string", + "const": "default-flatpaks" + } + ], + "description": "The default-flatpaks module can be used to install Flatpaks from a configurable remote on every boot.\nusing version: v2\nhttps://blue-build.org/reference/modules/default-flatpaks/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "configurations": { + "type": "array", + "items": { + "$ref": "#/$defs/ConfigurationV2" + } + } + }, + "required": [ + "type", + "configurations" + ], + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "ConfigurationV2": { + "type": "object", + "properties": { + "notify": { + "type": "boolean", + "default": true, + "description": "Whether to notify users about Flatpak installation." + }, + "scope": { + "anyOf": [ + { + "type": "string", + "const": "system" + }, + { + "type": "string", + "const": "user" + } + ], + "default": "user", + "description": "Whether to perform this configuration for system-wide or separately for each user." + }, + "repo": { + "$ref": "#/$defs/ConfigurationV2Repo", + "description": "Details of the Flatpak repository to set up. If omitted, Flathub will be used by default." + }, + "install": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Flatpak IDs to install from the repo." + } + }, + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "ConfigurationV2Repo": { + "type": "object", + "properties": { + "url": { + "type": "string", + "default": "https://dl.flathub.org/repo/flathub.flatpakrepo", + "description": "Flatpak repository URL." + }, + "name": { + "type": "string", + "default": "flathub", + "description": "Flatpak repository name." + }, + "title": { + "type": "string", + "default": "Flathub", + "description": "Flatpak repository formatted title." + } + }, + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/test-files/schema/modules/dnf-latest.json b/test-files/schema/modules/dnf-latest.json new file mode 100644 index 00000000..9ca8b41e --- /dev/null +++ b/test-files/schema/modules/dnf-latest.json @@ -0,0 +1,636 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/dnf-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "dnf" + }, + { + "type": "string", + "const": "dnf@v1" + }, + { + "type": "string", + "const": "dnf@latest" + } + ], + "description": "The dnf module offers pseudo-declarative package and repository management using dnf.\nhttps://blue-build.org/reference/modules/dnf/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "repos": { + "$ref": "#/$defs/DnfRepo", + "description": "List of links to .repo files to download into /etc/yum.repos.d/." + }, + "optfix": { + "type": "array", + "items": { + "type": "string" + }, + "description": "DEPRECATED: List of folder names under /opt/ to enable for installing into." + }, + "group-remove": { + "$ref": "#/$defs/DnfGroupRemove", + "description": "Configuration of RPM groups removal." + }, + "group-install": { + "$ref": "#/$defs/DnfGroupInstall", + "description": "Configuration of RPM groups install." + }, + "remove": { + "$ref": "#/$defs/DnfRemove", + "description": "Configuration of RPM packages removal." + }, + "install": { + "$ref": "#/$defs/DnfInstall", + "description": "Configuration of RPM packages install." + }, + "replace": { + "type": "array", + "items": { + "$ref": "#/$defs/DnfReplace" + }, + "description": "List of configurations for replacing packages from another repo." + } + }, + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "DnfRepo": { + "type": "object", + "properties": { + "cleanup": { + "type": "boolean", + "default": false, + "description": "Cleans up the repos added in the same step after packages are installed." + }, + "files": { + "anyOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "#/$defs/DnfRepoFiles" + } + ], + "description": "List of paths or URLs to .repo files to import" + }, + "copr": { + "anyOf": [ + { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/$defs/DnfRepoCoprEnable" + } + ] + } + }, + { + "$ref": "#/$defs/DnfRepoCopr" + } + ], + "description": "List of COPR project repos to add.\nYou can also specify 2 lists\ninstead to 'enable' or 'disable' COPR repos." + }, + "keys": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of links to key files to import for installing from custom repositories." + }, + "nonfree": { + "anyOf": [ + { + "type": "string", + "const": "negativo17" + }, + { + "type": "string", + "const": "rpmfusion" + } + ], + "description": "Enable one of the nonfree repos.\n\nThis allows you to enable one of the nonfree repos.\nHowever, only one can be enabled at a time so if one\nis enabled, the other will be disabled if it is already enabled." + } + }, + "additionalProperties": false + }, + "DnfGroupRemove": { + "type": "object", + "properties": { + "packages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of RPM groups to remove." + } + }, + "required": [ + "packages" + ], + "additionalProperties": false + }, + "DnfGroupInstall": { + "type": "object", + "properties": { + "packages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of RPM groups to install." + }, + "with-optional": { + "type": "boolean", + "default": false, + "description": "Include optional packages from group." + }, + "install-weak-deps": { + "type": "boolean", + "default": true, + "description": "Whether to install weak dependencies." + }, + "skip-unavailable": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are no packages available in the repository." + }, + "skip-broken": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are broken packages." + }, + "allow-erasing": { + "type": "boolean", + "default": false, + "description": "Whether to allow erasing (removal) of packages in case of dependency problems." + }, + "exclude": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of packages to prevent from being installed" + } + }, + "required": [ + "packages" + ], + "additionalProperties": false + }, + "DnfRemove": { + "type": "object", + "properties": { + "packages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of RPM packages to remove." + }, + "auto-remove": { + "type": "boolean", + "default": true, + "description": "Whether to remove unused dependencies during removal operation." + } + }, + "required": [ + "packages" + ], + "additionalProperties": false + }, + "DnfInstall": { + "type": "object", + "properties": { + "packages": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/$defs/DnfInstallRepo" + } + ] + }, + "description": "List of RPM packages to install." + }, + "install-weak-deps": { + "type": "boolean", + "default": true, + "description": "Whether to install weak dependencies." + }, + "skip-unavailable": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are no packages available in the repository." + }, + "skip-broken": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are broken packages." + }, + "allow-erasing": { + "type": "boolean", + "default": false, + "description": "Whether to allow erasing (removal) of packages in case of dependency problems." + }, + "exclude": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of packages to prevent from being installed" + } + }, + "required": [ + "packages" + ], + "additionalProperties": false + }, + "DnfReplace": { + "type": "object", + "properties": { + "from-repo": { + "type": "string", + "description": "URL to the source COPR repo for the new packages." + }, + "packages": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/$defs/DnfSwap" + } + ] + }, + "description": "List of packages to replace using packages from the defined repo." + }, + "install-weak-deps": { + "type": "boolean", + "default": true, + "description": "Whether to install weak dependencies." + }, + "skip-unavailable": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are no packages available in the repository." + }, + "skip-broken": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are broken packages." + }, + "allow-erasing": { + "type": "boolean", + "default": false, + "description": "Whether to allow erasing (removal) of packages in case of dependency problems." + }, + "exclude": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of packages to prevent from being installed" + } + }, + "required": [ + "from-repo", + "packages" + ], + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "DnfRepoFiles": { + "type": "object", + "properties": { + "add": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of repo files/URLs to add." + }, + "remove": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of repos to disable.\nThis must be the ID of the repo\nas seen in `dnf5 repolist`." + } + }, + "additionalProperties": false + }, + "DnfRepoCoprEnable": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The COPR repo's name" + }, + "chroot": { + "type": "string", + "description": "The chroot for the COPR repo" + } + }, + "required": [ + "name", + "chroot" + ], + "additionalProperties": false + }, + "DnfRepoCopr": { + "type": "object", + "properties": { + "enable": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/$defs/DnfRepoCoprEnable" + } + ] + }, + "description": "List of COPR repos to enable" + }, + "disable": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of COPR repos to disable" + } + }, + "additionalProperties": false + }, + "DnfInstallRepo": { + "type": "object", + "properties": { + "repo": { + "type": "string", + "description": "The repo to use when installing packages" + }, + "packages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of RPM packages to install." + }, + "install-weak-deps": { + "type": "boolean", + "default": true, + "description": "Whether to install weak dependencies." + }, + "skip-unavailable": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are no packages available in the repository." + }, + "skip-broken": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are broken packages." + }, + "allow-erasing": { + "type": "boolean", + "default": false, + "description": "Whether to allow erasing (removal) of packages in case of dependency problems." + }, + "exclude": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of packages to prevent from being installed" + } + }, + "required": [ + "repo", + "packages" + ], + "additionalProperties": false + }, + "DnfSwap": { + "type": "object", + "properties": { + "old": { + "type": "string", + "description": "The package to be replaced." + }, + "new": { + "type": "string", + "description": "The package to replace with." + }, + "allow-erasing": { + "type": "boolean", + "default": false, + "description": "Whether to allow erasing (removal) of packages in case of dependency problems." + } + }, + "required": [ + "old", + "new" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/test-files/schema/modules/dnf-v1.json b/test-files/schema/modules/dnf-v1.json new file mode 100644 index 00000000..ed55140c --- /dev/null +++ b/test-files/schema/modules/dnf-v1.json @@ -0,0 +1,636 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/dnf-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "dnf" + }, + { + "type": "string", + "const": "dnf@v1" + }, + { + "type": "string", + "const": "dnf@latest" + } + ], + "description": "The dnf module offers pseudo-declarative package and repository management using dnf.\nhttps://blue-build.org/reference/modules/dnf/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "repos": { + "$ref": "#/$defs/DnfRepo", + "description": "List of links to .repo files to download into /etc/yum.repos.d/." + }, + "optfix": { + "type": "array", + "items": { + "type": "string" + }, + "description": "DEPRECATED: List of folder names under /opt/ to enable for installing into." + }, + "group-remove": { + "$ref": "#/$defs/DnfGroupRemove", + "description": "Configuration of RPM groups removal." + }, + "group-install": { + "$ref": "#/$defs/DnfGroupInstall", + "description": "Configuration of RPM groups install." + }, + "remove": { + "$ref": "#/$defs/DnfRemove", + "description": "Configuration of RPM packages removal." + }, + "install": { + "$ref": "#/$defs/DnfInstall", + "description": "Configuration of RPM packages install." + }, + "replace": { + "type": "array", + "items": { + "$ref": "#/$defs/DnfReplace" + }, + "description": "List of configurations for replacing packages from another repo." + } + }, + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "DnfRepo": { + "type": "object", + "properties": { + "cleanup": { + "type": "boolean", + "default": false, + "description": "Cleans up the repos added in the same step after packages are installed." + }, + "files": { + "anyOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "#/$defs/DnfRepoFiles" + } + ], + "description": "List of paths or URLs to .repo files to import" + }, + "copr": { + "anyOf": [ + { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/$defs/DnfRepoCoprEnable" + } + ] + } + }, + { + "$ref": "#/$defs/DnfRepoCopr" + } + ], + "description": "List of COPR project repos to add.\nYou can also specify 2 lists\ninstead to 'enable' or 'disable' COPR repos." + }, + "keys": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of links to key files to import for installing from custom repositories." + }, + "nonfree": { + "anyOf": [ + { + "type": "string", + "const": "negativo17" + }, + { + "type": "string", + "const": "rpmfusion" + } + ], + "description": "Enable one of the nonfree repos.\n\nThis allows you to enable one of the nonfree repos.\nHowever, only one can be enabled at a time so if one\nis enabled, the other will be disabled if it is already enabled." + } + }, + "additionalProperties": false + }, + "DnfGroupRemove": { + "type": "object", + "properties": { + "packages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of RPM groups to remove." + } + }, + "required": [ + "packages" + ], + "additionalProperties": false + }, + "DnfGroupInstall": { + "type": "object", + "properties": { + "packages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of RPM groups to install." + }, + "with-optional": { + "type": "boolean", + "default": false, + "description": "Include optional packages from group." + }, + "install-weak-deps": { + "type": "boolean", + "default": true, + "description": "Whether to install weak dependencies." + }, + "skip-unavailable": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are no packages available in the repository." + }, + "skip-broken": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are broken packages." + }, + "allow-erasing": { + "type": "boolean", + "default": false, + "description": "Whether to allow erasing (removal) of packages in case of dependency problems." + }, + "exclude": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of packages to prevent from being installed" + } + }, + "required": [ + "packages" + ], + "additionalProperties": false + }, + "DnfRemove": { + "type": "object", + "properties": { + "packages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of RPM packages to remove." + }, + "auto-remove": { + "type": "boolean", + "default": true, + "description": "Whether to remove unused dependencies during removal operation." + } + }, + "required": [ + "packages" + ], + "additionalProperties": false + }, + "DnfInstall": { + "type": "object", + "properties": { + "packages": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/$defs/DnfInstallRepo" + } + ] + }, + "description": "List of RPM packages to install." + }, + "install-weak-deps": { + "type": "boolean", + "default": true, + "description": "Whether to install weak dependencies." + }, + "skip-unavailable": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are no packages available in the repository." + }, + "skip-broken": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are broken packages." + }, + "allow-erasing": { + "type": "boolean", + "default": false, + "description": "Whether to allow erasing (removal) of packages in case of dependency problems." + }, + "exclude": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of packages to prevent from being installed" + } + }, + "required": [ + "packages" + ], + "additionalProperties": false + }, + "DnfReplace": { + "type": "object", + "properties": { + "from-repo": { + "type": "string", + "description": "URL to the source COPR repo for the new packages." + }, + "packages": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/$defs/DnfSwap" + } + ] + }, + "description": "List of packages to replace using packages from the defined repo." + }, + "install-weak-deps": { + "type": "boolean", + "default": true, + "description": "Whether to install weak dependencies." + }, + "skip-unavailable": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are no packages available in the repository." + }, + "skip-broken": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are broken packages." + }, + "allow-erasing": { + "type": "boolean", + "default": false, + "description": "Whether to allow erasing (removal) of packages in case of dependency problems." + }, + "exclude": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of packages to prevent from being installed" + } + }, + "required": [ + "from-repo", + "packages" + ], + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "DnfRepoFiles": { + "type": "object", + "properties": { + "add": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of repo files/URLs to add." + }, + "remove": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of repos to disable.\nThis must be the ID of the repo\nas seen in `dnf5 repolist`." + } + }, + "additionalProperties": false + }, + "DnfRepoCoprEnable": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The COPR repo's name" + }, + "chroot": { + "type": "string", + "description": "The chroot for the COPR repo" + } + }, + "required": [ + "name", + "chroot" + ], + "additionalProperties": false + }, + "DnfRepoCopr": { + "type": "object", + "properties": { + "enable": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "$ref": "#/$defs/DnfRepoCoprEnable" + } + ] + }, + "description": "List of COPR repos to enable" + }, + "disable": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of COPR repos to disable" + } + }, + "additionalProperties": false + }, + "DnfInstallRepo": { + "type": "object", + "properties": { + "repo": { + "type": "string", + "description": "The repo to use when installing packages" + }, + "packages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of RPM packages to install." + }, + "install-weak-deps": { + "type": "boolean", + "default": true, + "description": "Whether to install weak dependencies." + }, + "skip-unavailable": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are no packages available in the repository." + }, + "skip-broken": { + "type": "boolean", + "default": false, + "description": "Whether to continue with the install if there are broken packages." + }, + "allow-erasing": { + "type": "boolean", + "default": false, + "description": "Whether to allow erasing (removal) of packages in case of dependency problems." + }, + "exclude": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of packages to prevent from being installed" + } + }, + "required": [ + "repo", + "packages" + ], + "additionalProperties": false + }, + "DnfSwap": { + "type": "object", + "properties": { + "old": { + "type": "string", + "description": "The package to be replaced." + }, + "new": { + "type": "string", + "description": "The package to replace with." + }, + "allow-erasing": { + "type": "boolean", + "default": false, + "description": "Whether to allow erasing (removal) of packages in case of dependency problems." + } + }, + "required": [ + "old", + "new" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/test-files/schema/modules/files-latest.json b/test-files/schema/modules/files-latest.json index 614f8e41..89758a59 100644 --- a/test-files/schema/modules/files-latest.json +++ b/test-files/schema/modules/files-latest.json @@ -1,60 +1,244 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/files.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "files", - "description": "Copy files to your image at build time\nhttps://blue-build.org/reference/modules/files/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/files-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "files" + }, + { + "type": "string", + "const": "files@v1" + }, + { + "type": "string", + "const": "files@latest" + } + ], + "description": "Copy files to your image at build time\nhttps://blue-build.org/reference/modules/files/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "files": { + "anyOf": [ + { + "type": "array", + "items": { + "$ref": "#/$defs/RecordString" + } + }, + { + "type": "array", + "items": { + "$ref": "#/$defs/SrcDest" + } + } + ], + "description": "List of files / folders to copy." + } }, - "files": { - "anyOf": [ - { - "type": "array", - "items": { - "$ref": "#/$defs/RecordString" - } - }, - { - "type": "array", - "items": { + "required": [ + "type", + "files" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { "type": "object", - "properties": { - "source": { - "type": "string" - }, - "destination": { + "properties": {}, + "additionalProperties": { "type": "string" - } + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SrcDest": { + "type": "object", + "properties": { + "source": { + "type": "string" + }, + "destination": { + "type": "string" + } + }, + "required": [ + "source", + "destination" + ], + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } }, "required": [ - "source", - "destination" + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } ] - } + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false } - ], - "description": "List of files / folders to copy." - } - }, - "required": [ - "type", - "files" - ], - "additionalProperties": false, - "$defs": { - "RecordString": { - "type": "object", - "properties": {}, - "additionalProperties": { - "type": "string" - } } - } } \ No newline at end of file diff --git a/test-files/schema/modules/files-v1.json b/test-files/schema/modules/files-v1.json index 614f8e41..e89d0160 100644 --- a/test-files/schema/modules/files-v1.json +++ b/test-files/schema/modules/files-v1.json @@ -1,60 +1,244 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/files.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "files", - "description": "Copy files to your image at build time\nhttps://blue-build.org/reference/modules/files/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/files-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "files" + }, + { + "type": "string", + "const": "files@v1" + }, + { + "type": "string", + "const": "files@latest" + } + ], + "description": "Copy files to your image at build time\nhttps://blue-build.org/reference/modules/files/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "files": { + "anyOf": [ + { + "type": "array", + "items": { + "$ref": "#/$defs/RecordString" + } + }, + { + "type": "array", + "items": { + "$ref": "#/$defs/SrcDest" + } + } + ], + "description": "List of files / folders to copy." + } }, - "files": { - "anyOf": [ - { - "type": "array", - "items": { - "$ref": "#/$defs/RecordString" - } - }, - { - "type": "array", - "items": { + "required": [ + "type", + "files" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { "type": "object", - "properties": { - "source": { - "type": "string" - }, - "destination": { + "properties": {}, + "additionalProperties": { "type": "string" - } + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SrcDest": { + "type": "object", + "properties": { + "source": { + "type": "string" + }, + "destination": { + "type": "string" + } + }, + "required": [ + "source", + "destination" + ], + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } }, "required": [ - "source", - "destination" + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } ] - } + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false } - ], - "description": "List of files / folders to copy." - } - }, - "required": [ - "type", - "files" - ], - "additionalProperties": false, - "$defs": { - "RecordString": { - "type": "object", - "properties": {}, - "additionalProperties": { - "type": "string" - } } - } } \ No newline at end of file diff --git a/test-files/schema/modules/fonts-latest.json b/test-files/schema/modules/fonts-latest.json index 2f5c163d..16d6dc8f 100644 --- a/test-files/schema/modules/fonts-latest.json +++ b/test-files/schema/modules/fonts-latest.json @@ -1,41 +1,259 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/fonts.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "fonts", - "description": "The fonts module can be used to install fonts from Nerd Fonts or Google Fonts. \nhttps://blue-build.org/reference/modules/fonts/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/fonts-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "fonts" + }, + { + "type": "string", + "const": "fonts@v1" + }, + { + "type": "string", + "const": "fonts@latest" + } + ], + "description": "The fonts module can be used to install fonts from Nerd Fonts, Google Fonts, or custom URLs.\nhttps://blue-build.org/reference/modules/fonts/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "fonts": { + "$ref": "#/$defs/Fonts" + } }, - "fonts": { - "type": "object", - "properties": { - "nerd-fonts": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of Nerd Fonts to install (without the \"Nerd Font\" suffix)." - }, - "google-fonts": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of Google Fonts to install." + "required": [ + "type", + "fonts" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "Fonts": { + "type": "object", + "properties": { + "nerd-fonts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Nerd Fonts to install (without the \"Nerd Font\" suffix)." + }, + "google-fonts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Google Fonts to install." + }, + "url-fonts": { + "type": "array", + "items": { + "$ref": "#/$defs/UrlFont" + }, + "description": "List of custom URL fonts to install." + } + }, + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "UrlFont": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name for the font (will be used as directory name)." + }, + "url": { + "type": "string", + "description": "URL to download the font from (supports .otf, .ttf files and archives)." + } + }, + "required": [ + "name", + "url" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false } - } } - }, - "required": [ - "type", - "fonts" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/fonts-v1.json b/test-files/schema/modules/fonts-v1.json index 2f5c163d..ad3b2d70 100644 --- a/test-files/schema/modules/fonts-v1.json +++ b/test-files/schema/modules/fonts-v1.json @@ -1,41 +1,259 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/fonts.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "fonts", - "description": "The fonts module can be used to install fonts from Nerd Fonts or Google Fonts. \nhttps://blue-build.org/reference/modules/fonts/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/fonts-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "fonts" + }, + { + "type": "string", + "const": "fonts@v1" + }, + { + "type": "string", + "const": "fonts@latest" + } + ], + "description": "The fonts module can be used to install fonts from Nerd Fonts, Google Fonts, or custom URLs.\nhttps://blue-build.org/reference/modules/fonts/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "fonts": { + "$ref": "#/$defs/Fonts" + } }, - "fonts": { - "type": "object", - "properties": { - "nerd-fonts": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of Nerd Fonts to install (without the \"Nerd Font\" suffix)." - }, - "google-fonts": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of Google Fonts to install." + "required": [ + "type", + "fonts" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "Fonts": { + "type": "object", + "properties": { + "nerd-fonts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Nerd Fonts to install (without the \"Nerd Font\" suffix)." + }, + "google-fonts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Google Fonts to install." + }, + "url-fonts": { + "type": "array", + "items": { + "$ref": "#/$defs/UrlFont" + }, + "description": "List of custom URL fonts to install." + } + }, + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "UrlFont": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name for the font (will be used as directory name)." + }, + "url": { + "type": "string", + "description": "URL to download the font from (supports .otf, .ttf files and archives)." + } + }, + "required": [ + "name", + "url" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false } - } } - }, - "required": [ - "type", - "fonts" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/gnome-extensions-latest.json b/test-files/schema/modules/gnome-extensions-latest.json index d0c8e9bb..df69d110 100644 --- a/test-files/schema/modules/gnome-extensions-latest.json +++ b/test-files/schema/modules/gnome-extensions-latest.json @@ -1,42 +1,231 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/gnome-extensions.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "gnome-extensions", - "description": "The gnome-extensions module can be used to install GNOME extensions inside system directory.\nhttps://blue-build.org/reference/modules/gnome-extensions/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/gnome-extensions-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "gnome-extensions" + }, + { + "type": "string", + "const": "gnome-extensions@v1" + }, + { + "type": "string", + "const": "gnome-extensions@latest" + } + ], + "description": "The gnome-extensions module can be used to install GNOME extensions inside system directory.\nhttps://blue-build.org/reference/modules/gnome-extensions/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "install": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ] + }, + "description": "List of GNOME extensions to install.\n(case sensitive extension names or extension IDs from https://extensions.gnome.org/)" + }, + "uninstall": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of system GNOME extensions to uninstall.\nOnly use this to remove extensions not installed by your package manager. Those extensions should be uninstalled using the package manager instead." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "install": { - "type": "array", - "items": { - "anyOf": [ - { - "type": "string" - }, - { - "type": "integer" - } - ] - }, - "description": "List of GNOME extensions to install. \n(case sensitive extension names or extension IDs from https://extensions.gnome.org/)" - }, - "uninstall": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of system GNOME extensions to uninstall. \nOnly use this to remove extensions not installed by your package manager. Those extensions should be uninstalled using the package manager instead." + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/gnome-extensions-v1.json b/test-files/schema/modules/gnome-extensions-v1.json index d0c8e9bb..73766029 100644 --- a/test-files/schema/modules/gnome-extensions-v1.json +++ b/test-files/schema/modules/gnome-extensions-v1.json @@ -1,42 +1,231 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/gnome-extensions.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "gnome-extensions", - "description": "The gnome-extensions module can be used to install GNOME extensions inside system directory.\nhttps://blue-build.org/reference/modules/gnome-extensions/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/gnome-extensions-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "gnome-extensions" + }, + { + "type": "string", + "const": "gnome-extensions@v1" + }, + { + "type": "string", + "const": "gnome-extensions@latest" + } + ], + "description": "The gnome-extensions module can be used to install GNOME extensions inside system directory.\nhttps://blue-build.org/reference/modules/gnome-extensions/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "install": { + "type": "array", + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ] + }, + "description": "List of GNOME extensions to install.\n(case sensitive extension names or extension IDs from https://extensions.gnome.org/)" + }, + "uninstall": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of system GNOME extensions to uninstall.\nOnly use this to remove extensions not installed by your package manager. Those extensions should be uninstalled using the package manager instead." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "install": { - "type": "array", - "items": { - "anyOf": [ - { - "type": "string" - }, - { - "type": "integer" - } - ] - }, - "description": "List of GNOME extensions to install. \n(case sensitive extension names or extension IDs from https://extensions.gnome.org/)" - }, - "uninstall": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of system GNOME extensions to uninstall. \nOnly use this to remove extensions not installed by your package manager. Those extensions should be uninstalled using the package manager instead." + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/gschema-overrides-latest.json b/test-files/schema/modules/gschema-overrides-latest.json index ed1a5fb4..291964f6 100644 --- a/test-files/schema/modules/gschema-overrides-latest.json +++ b/test-files/schema/modules/gschema-overrides-latest.json @@ -1,28 +1,217 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/gschema-overrides.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "gschema-overrides", - "description": "The gschema-overrides module can be used for including system-setting overrides for GTK-based desktop environments.\nhttps://blue-build.org/reference/modules/gschema-overrides/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/gschema-overrides-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "gschema-overrides" + }, + { + "type": "string", + "const": "gschema-overrides@v1" + }, + { + "type": "string", + "const": "gschema-overrides@latest" + } + ], + "description": "The gschema-overrides module can be used for including system-setting overrides for GTK-based desktop environments.\nhttps://blue-build.org/reference/modules/gschema-overrides/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "include": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Gschema override files to test and copy to the correct place." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "include": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Gschema override files to test and copy to the correct place." + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/gschema-overrides-v1.json b/test-files/schema/modules/gschema-overrides-v1.json index ed1a5fb4..325c1a64 100644 --- a/test-files/schema/modules/gschema-overrides-v1.json +++ b/test-files/schema/modules/gschema-overrides-v1.json @@ -1,28 +1,217 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/gschema-overrides.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "gschema-overrides", - "description": "The gschema-overrides module can be used for including system-setting overrides for GTK-based desktop environments.\nhttps://blue-build.org/reference/modules/gschema-overrides/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/gschema-overrides-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "gschema-overrides" + }, + { + "type": "string", + "const": "gschema-overrides@v1" + }, + { + "type": "string", + "const": "gschema-overrides@latest" + } + ], + "description": "The gschema-overrides module can be used for including system-setting overrides for GTK-based desktop environments.\nhttps://blue-build.org/reference/modules/gschema-overrides/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "include": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Gschema override files to test and copy to the correct place." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "include": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Gschema override files to test and copy to the correct place." + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/initramfs-latest.json b/test-files/schema/modules/initramfs-latest.json new file mode 100644 index 00000000..454156c3 --- /dev/null +++ b/test-files/schema/modules/initramfs-latest.json @@ -0,0 +1,210 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/initramfs-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "initramfs" + }, + { + "type": "string", + "const": "initramfs@v1" + }, + { + "type": "string", + "const": "initramfs@latest" + } + ], + "description": "The initramfs module is used to regenerate initramfs, needed to apply some modifications early in the Linux startup process.\nhttps://blue-build.org/reference/modules/initramfs/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + } + }, + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/test-files/schema/modules/initramfs-v1.json b/test-files/schema/modules/initramfs-v1.json new file mode 100644 index 00000000..7973864f --- /dev/null +++ b/test-files/schema/modules/initramfs-v1.json @@ -0,0 +1,210 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/initramfs-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "initramfs" + }, + { + "type": "string", + "const": "initramfs@v1" + }, + { + "type": "string", + "const": "initramfs@latest" + } + ], + "description": "The initramfs module is used to regenerate initramfs, needed to apply some modifications early in the Linux startup process.\nhttps://blue-build.org/reference/modules/initramfs/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + } + }, + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/test-files/schema/modules/justfiles-latest.json b/test-files/schema/modules/justfiles-latest.json index 9198abf9..5399dc28 100644 --- a/test-files/schema/modules/justfiles-latest.json +++ b/test-files/schema/modules/justfiles-latest.json @@ -1,33 +1,222 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/justfiles.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "justfiles", - "description": "The justfiles module makes it easy to include just recipes from multiple files in Universal Blue -based images.\nhttps://blue-build.org/reference/modules/justfiles/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/justfiles-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "justfiles" + }, + { + "type": "string", + "const": "justfiles@v1" + }, + { + "type": "string", + "const": "justfiles@latest" + } + ], + "description": "The justfiles module makes it easy to include just recipes from multiple files in Universal Blue -based images.\nhttps://blue-build.org/reference/modules/justfiles/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "validate": { + "type": "boolean", + "default": false, + "description": "Whether to validate the syntax of the justfiles against `just --fmt`. (warning: can be very unforgiving)" + }, + "include": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of files or subfolders to include into this image. If omitted, all justfiles will be included." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "validate": { - "type": "boolean", - "default": false, - "description": "Whether to validate the syntax of the justfiles against `just --fmt`. (warning: can be very unforgiving)" - }, - "include": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of files or subfolders to include into this image. If omitted, all justfiles will be included." + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/justfiles-v1.json b/test-files/schema/modules/justfiles-v1.json index 9198abf9..c593043a 100644 --- a/test-files/schema/modules/justfiles-v1.json +++ b/test-files/schema/modules/justfiles-v1.json @@ -1,33 +1,222 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/justfiles.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "justfiles", - "description": "The justfiles module makes it easy to include just recipes from multiple files in Universal Blue -based images.\nhttps://blue-build.org/reference/modules/justfiles/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/justfiles-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "justfiles" + }, + { + "type": "string", + "const": "justfiles@v1" + }, + { + "type": "string", + "const": "justfiles@latest" + } + ], + "description": "The justfiles module makes it easy to include just recipes from multiple files in Universal Blue -based images.\nhttps://blue-build.org/reference/modules/justfiles/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "validate": { + "type": "boolean", + "default": false, + "description": "Whether to validate the syntax of the justfiles against `just --fmt`. (warning: can be very unforgiving)" + }, + "include": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of files or subfolders to include into this image. If omitted, all justfiles will be included." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "validate": { - "type": "boolean", - "default": false, - "description": "Whether to validate the syntax of the justfiles against `just --fmt`. (warning: can be very unforgiving)" - }, - "include": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of files or subfolders to include into this image. If omitted, all justfiles will be included." + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/kargs-latest.json b/test-files/schema/modules/kargs-latest.json new file mode 100644 index 00000000..0634807e --- /dev/null +++ b/test-files/schema/modules/kargs-latest.json @@ -0,0 +1,222 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/kargs-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "kargs" + }, + { + "type": "string", + "const": "kargs@v1" + }, + { + "type": "string", + "const": "kargs@latest" + } + ], + "description": "The kargs module injects kernel arguments into the image.\nhttps://blue-build.org/reference/modules/kargs/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "arch": { + "type": "string", + "description": "Defines on which OS architectures are kargs applied. Defaults to all architectures if omitted." + }, + "kargs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Kargs to inject in the image." + } + }, + "required": [ + "type", + "kargs" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/test-files/schema/modules/kargs-v1.json b/test-files/schema/modules/kargs-v1.json new file mode 100644 index 00000000..ec045077 --- /dev/null +++ b/test-files/schema/modules/kargs-v1.json @@ -0,0 +1,222 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/kargs-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "kargs" + }, + { + "type": "string", + "const": "kargs@v1" + }, + { + "type": "string", + "const": "kargs@latest" + } + ], + "description": "The kargs module injects kernel arguments into the image.\nhttps://blue-build.org/reference/modules/kargs/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "arch": { + "type": "string", + "description": "Defines on which OS architectures are kargs applied. Defaults to all architectures if omitted." + }, + "kargs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Kargs to inject in the image." + } + }, + "required": [ + "type", + "kargs" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/test-files/schema/modules/os-release-latest.json b/test-files/schema/modules/os-release-latest.json new file mode 100644 index 00000000..d37e5356 --- /dev/null +++ b/test-files/schema/modules/os-release-latest.json @@ -0,0 +1,215 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/os-release-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "os-release" + }, + { + "type": "string", + "const": "os-release@v1" + }, + { + "type": "string", + "const": "os-release@latest" + } + ], + "description": "The `os-release` module offers a way to modify and set values in the `/etc/os-release` file in your image.\nhttps://blue-build.org/reference/modules/os-release/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "properties": { + "$ref": "#/$defs/RecordString", + "description": "The properties of the `/etc/os-release` file to set." + } + }, + "required": [ + "type", + "properties" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/test-files/schema/modules/os-release-v1.json b/test-files/schema/modules/os-release-v1.json new file mode 100644 index 00000000..ab3fbb8e --- /dev/null +++ b/test-files/schema/modules/os-release-v1.json @@ -0,0 +1,215 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/os-release-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "os-release" + }, + { + "type": "string", + "const": "os-release@v1" + }, + { + "type": "string", + "const": "os-release@latest" + } + ], + "description": "The `os-release` module offers a way to modify and set values in the `/etc/os-release` file in your image.\nhttps://blue-build.org/reference/modules/os-release/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "properties": { + "$ref": "#/$defs/RecordString", + "description": "The properties of the `/etc/os-release` file to set." + } + }, + "required": [ + "type", + "properties" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/test-files/schema/modules/rpm-ostree-latest.json b/test-files/schema/modules/rpm-ostree-latest.json index 3331cb83..b24e047e 100644 --- a/test-files/schema/modules/rpm-ostree-latest.json +++ b/test-files/schema/modules/rpm-ostree-latest.json @@ -1,80 +1,273 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/rpm-ostree.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "rpm-ostree", - "description": "The rpm-ostree module offers pseudo-declarative package and repository management using rpm-ostree.\nhttps://blue-build.org/reference/modules/rpm-ostree/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "repos": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of links to .repo files to download into /etc/yum.repos.d/." - }, - "keys": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of links to key files to import for installing from custom repositories." - }, - "optfix": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of folder names under /opt/ to enable for installing into." - }, - "install": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of RPM packages to install." - }, - "remove": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of RPM packages to remove." - }, - "replace": { - "type": "array", - "items": { - "type": "object", - "properties": { - "from-repo": { - "type": "string", - "description": "URL to the source COPR repo for the new packages." - }, - "packages": { + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/rpm-ostree-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "rpm-ostree" + }, + { + "type": "string", + "const": "rpm-ostree@v1" + }, + { + "type": "string", + "const": "rpm-ostree@latest" + } + ], + "description": "The rpm-ostree module offers pseudo-declarative package and repository management using rpm-ostree.\nhttps://blue-build.org/reference/modules/rpm-ostree/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "repos": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of links to .repo files to download into /etc/yum.repos.d/." + }, + "keys": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of links to key files to import for installing from custom repositories." + }, + "optfix": { + "type": "array", + "items": { + "type": "string" + }, + "description": "DEPRECATED: List of folder names under /opt/ to enable for installing into." + }, + "install": { "type": "array", "items": { - "type": "string" + "type": "string" + }, + "description": "List of RPM packages to install." + }, + "remove": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of RPM packages to remove." + }, + "replace": { + "type": "array", + "items": { + "$ref": "#/$defs/RpmOstreeReplace" + }, + "description": "List of configurations for `rpm-ostree override replace`ing packages." + } + }, + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "RpmOstreeReplace": { + "type": "object", + "properties": { + "from-repo": { + "type": "string", + "description": "URL to the source COPR repo for the new packages." + }, + "packages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of packages to replace using packages from the defined repo." + } + }, + "required": [ + "from-repo", + "packages" + ], + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } }, - "description": "List of packages to replace using packages from the defined repo." - } - }, - "required": [ - "from-repo", - "packages" - ] - }, - "description": "List of configurations for `rpm-ostree override replace`ing packages." + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/rpm-ostree-v1.json b/test-files/schema/modules/rpm-ostree-v1.json index 3331cb83..815612db 100644 --- a/test-files/schema/modules/rpm-ostree-v1.json +++ b/test-files/schema/modules/rpm-ostree-v1.json @@ -1,80 +1,273 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/rpm-ostree.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "rpm-ostree", - "description": "The rpm-ostree module offers pseudo-declarative package and repository management using rpm-ostree.\nhttps://blue-build.org/reference/modules/rpm-ostree/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "repos": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of links to .repo files to download into /etc/yum.repos.d/." - }, - "keys": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of links to key files to import for installing from custom repositories." - }, - "optfix": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of folder names under /opt/ to enable for installing into." - }, - "install": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of RPM packages to install." - }, - "remove": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of RPM packages to remove." - }, - "replace": { - "type": "array", - "items": { - "type": "object", - "properties": { - "from-repo": { - "type": "string", - "description": "URL to the source COPR repo for the new packages." - }, - "packages": { + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/rpm-ostree-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "rpm-ostree" + }, + { + "type": "string", + "const": "rpm-ostree@v1" + }, + { + "type": "string", + "const": "rpm-ostree@latest" + } + ], + "description": "The rpm-ostree module offers pseudo-declarative package and repository management using rpm-ostree.\nhttps://blue-build.org/reference/modules/rpm-ostree/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "repos": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of links to .repo files to download into /etc/yum.repos.d/." + }, + "keys": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of links to key files to import for installing from custom repositories." + }, + "optfix": { + "type": "array", + "items": { + "type": "string" + }, + "description": "DEPRECATED: List of folder names under /opt/ to enable for installing into." + }, + "install": { "type": "array", "items": { - "type": "string" + "type": "string" + }, + "description": "List of RPM packages to install." + }, + "remove": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of RPM packages to remove." + }, + "replace": { + "type": "array", + "items": { + "$ref": "#/$defs/RpmOstreeReplace" + }, + "description": "List of configurations for `rpm-ostree override replace`ing packages." + } + }, + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "RpmOstreeReplace": { + "type": "object", + "properties": { + "from-repo": { + "type": "string", + "description": "URL to the source COPR repo for the new packages." + }, + "packages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of packages to replace using packages from the defined repo." + } + }, + "required": [ + "from-repo", + "packages" + ], + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } }, - "description": "List of packages to replace using packages from the defined repo." - } - }, - "required": [ - "from-repo", - "packages" - ] - }, - "description": "List of configurations for `rpm-ostree override replace`ing packages." + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/script-latest.json b/test-files/schema/modules/script-latest.json index cf20fdae..7292a6da 100644 --- a/test-files/schema/modules/script-latest.json +++ b/test-files/schema/modules/script-latest.json @@ -1,35 +1,224 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/script.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "script", - "description": "The script module can be used to run arbitrary bash snippets and scripts at image build time.\nhttps://blue-build.org/reference/modules/script/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/script-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "script" + }, + { + "type": "string", + "const": "script@v1" + }, + { + "type": "string", + "const": "script@latest" + } + ], + "description": "The script module can be used to run arbitrary bash snippets and scripts at image build time.\nhttps://blue-build.org/reference/modules/script/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "snippets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of bash one-liners to run." + }, + "scripts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of script files to run." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "snippets": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of bash one-liners to run." - }, - "scripts": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of script files to run." + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/script-v1.json b/test-files/schema/modules/script-v1.json index cf20fdae..67285fb2 100644 --- a/test-files/schema/modules/script-v1.json +++ b/test-files/schema/modules/script-v1.json @@ -1,35 +1,224 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/script.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "script", - "description": "The script module can be used to run arbitrary bash snippets and scripts at image build time.\nhttps://blue-build.org/reference/modules/script/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/script-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "script" + }, + { + "type": "string", + "const": "script@v1" + }, + { + "type": "string", + "const": "script@latest" + } + ], + "description": "The script module can be used to run arbitrary bash snippets and scripts at image build time.\nhttps://blue-build.org/reference/modules/script/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "snippets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of bash one-liners to run." + }, + "scripts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of script files to run." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "snippets": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of bash one-liners to run." - }, - "scripts": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of script files to run." + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/signing-latest.json b/test-files/schema/modules/signing-latest.json index 212a27c2..e740cc34 100644 --- a/test-files/schema/modules/signing-latest.json +++ b/test-files/schema/modules/signing-latest.json @@ -1,21 +1,210 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/signing.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "signing", - "description": "The signing module is used to install the required signing policies for cosign image verification with rpm-ostree and bootc.\nhttps://blue-build.org/reference/modules/signing/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/signing-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "signing" + }, + { + "type": "string", + "const": "signing@v1" + }, + { + "type": "string", + "const": "signing@latest" + } + ], + "description": "The signing module is used to install the required signing policies for cosign image verification with rpm-ostree and bootc.\nhttps://blue-build.org/reference/modules/signing/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/signing-v1.json b/test-files/schema/modules/signing-v1.json index 212a27c2..8abba037 100644 --- a/test-files/schema/modules/signing-v1.json +++ b/test-files/schema/modules/signing-v1.json @@ -1,21 +1,210 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/signing.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "signing", - "description": "The signing module is used to install the required signing policies for cosign image verification with rpm-ostree and bootc.\nhttps://blue-build.org/reference/modules/signing/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/signing-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "signing" + }, + { + "type": "string", + "const": "signing@v1" + }, + { + "type": "string", + "const": "signing@latest" + } + ], + "description": "The signing module is used to install the required signing policies for cosign image verification with rpm-ostree and bootc.\nhttps://blue-build.org/reference/modules/signing/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/soar-latest.json b/test-files/schema/modules/soar-latest.json new file mode 100644 index 00000000..b6525d4c --- /dev/null +++ b/test-files/schema/modules/soar-latest.json @@ -0,0 +1,225 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/soar-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "soar" + }, + { + "type": "string", + "const": "soar@v1" + }, + { + "type": "string", + "const": "soar@latest" + } + ], + "description": "The soar module installs & integrates soar package manager, as an alternative to Homebrew / Linuxbrew.\nhttps://blue-build.org/reference/modules/soar/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "auto-upgrade": { + "type": "boolean", + "default": true, + "description": "Whether to auto-upgrade all installed `soar` packages using a systemd service." + }, + "upgrade-interval": { + "type": "string", + "default": "8h", + "description": "Defines how often the `soar` upgrade service should run. The string is passed directly to `OnUnitInactiveSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." + }, + "additional-repos": { + "type": "boolean", + "default": false, + "description": "Whether to enable all additional repos, including official `soar` & external repos like `AM`, for installing portable AppImages & other similar formats." + } + }, + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/test-files/schema/modules/soar-v1.json b/test-files/schema/modules/soar-v1.json new file mode 100644 index 00000000..27877c00 --- /dev/null +++ b/test-files/schema/modules/soar-v1.json @@ -0,0 +1,225 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/soar-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "soar" + }, + { + "type": "string", + "const": "soar@v1" + }, + { + "type": "string", + "const": "soar@latest" + } + ], + "description": "The soar module installs & integrates soar package manager, as an alternative to Homebrew / Linuxbrew.\nhttps://blue-build.org/reference/modules/soar/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "auto-upgrade": { + "type": "boolean", + "default": true, + "description": "Whether to auto-upgrade all installed `soar` packages using a systemd service." + }, + "upgrade-interval": { + "type": "string", + "default": "8h", + "description": "Defines how often the `soar` upgrade service should run. The string is passed directly to `OnUnitInactiveSec` in systemd timer. (Syntax: ['1d', '6h', '10m'])." + }, + "additional-repos": { + "type": "boolean", + "default": false, + "description": "Whether to enable all additional repos, including official `soar` & external repos like `AM`, for installing portable AppImages & other similar formats." + } + }, + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/test-files/schema/modules/systemd-latest.json b/test-files/schema/modules/systemd-latest.json index e94d0432..8a70ecf1 100644 --- a/test-files/schema/modules/systemd-latest.json +++ b/test-files/schema/modules/systemd-latest.json @@ -1,89 +1,252 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/systemd.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "systemd", - "description": "The systemd module streamlines the management of systemd units during image building.\nhttps://blue-build.org/reference/modules/systemd/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "system": { - "type": "object", - "properties": { - "enabled": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to enable. (runs on system boot)" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/systemd-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "systemd" + }, + { + "type": "string", + "const": "systemd@v1" + }, + { + "type": "string", + "const": "systemd@latest" + } + ], + "description": "The systemd module streamlines the management of systemd units during image building.\nhttps://blue-build.org/reference/modules/systemd/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" }, - "disabled": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to disable. (does not run on system boot, unless another unit strictly requires it)" + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." }, - "masked": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to mask. (does not run on system boot, under any circumstances)" + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." }, - "unmasked": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to unmask. (runs on system boot, even if previously masked)" + "system": { + "$ref": "#/$defs/UnitConfig", + "description": "System unit configuration." + }, + "user": { + "$ref": "#/$defs/UnitConfig", + "description": "User unit configuration (with --global to make changes for all users)." } - }, - "description": "System unit configuration." }, - "user": { - "type": "object", - "properties": { - "enabled": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to enable. (runs for the users)" + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "UnitConfig": { + "type": "object", + "properties": { + "enabled": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of systemd units to enable. (runs on system boot)" + }, + "disabled": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of systemd units to disable. (does not run on system boot, unless another unit strictly requires it)" + }, + "masked": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of systemd units to mask. (does not run on system boot, under any circumstances)" + }, + "unmasked": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of systemd units to unmask. (runs on system boot, even if previously masked)" + } + }, + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false }, - "disabled": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to disable. (does not run for the users, unless another unit strictly requires it)" + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] }, - "masked": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to mask. (does not run for the users, under any circumstances)" + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false }, - "unmasked": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to unmask. (runs for the users, even if previously masked)" + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false } - }, - "description": "User unit configuration (with --global to make changes for all users)." } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/systemd-v1.json b/test-files/schema/modules/systemd-v1.json index e94d0432..02e427d1 100644 --- a/test-files/schema/modules/systemd-v1.json +++ b/test-files/schema/modules/systemd-v1.json @@ -1,89 +1,252 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/systemd.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "systemd", - "description": "The systemd module streamlines the management of systemd units during image building.\nhttps://blue-build.org/reference/modules/systemd/" - }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "system": { - "type": "object", - "properties": { - "enabled": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to enable. (runs on system boot)" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/systemd-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "systemd" + }, + { + "type": "string", + "const": "systemd@v1" + }, + { + "type": "string", + "const": "systemd@latest" + } + ], + "description": "The systemd module streamlines the management of systemd units during image building.\nhttps://blue-build.org/reference/modules/systemd/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" }, - "disabled": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to disable. (does not run on system boot, unless another unit strictly requires it)" + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." }, - "masked": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to mask. (does not run on system boot, under any circumstances)" + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." }, - "unmasked": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to unmask. (runs on system boot, even if previously masked)" + "system": { + "$ref": "#/$defs/UnitConfig", + "description": "System unit configuration." + }, + "user": { + "$ref": "#/$defs/UnitConfig", + "description": "User unit configuration (with --global to make changes for all users)." } - }, - "description": "System unit configuration." }, - "user": { - "type": "object", - "properties": { - "enabled": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to enable. (runs for the users)" + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "UnitConfig": { + "type": "object", + "properties": { + "enabled": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of systemd units to enable. (runs on system boot)" + }, + "disabled": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of systemd units to disable. (does not run on system boot, unless another unit strictly requires it)" + }, + "masked": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of systemd units to mask. (does not run on system boot, under any circumstances)" + }, + "unmasked": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of systemd units to unmask. (runs on system boot, even if previously masked)" + } + }, + "additionalProperties": false + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false }, - "disabled": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to disable. (does not run for the users, unless another unit strictly requires it)" + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] }, - "masked": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to mask. (does not run for the users, under any circumstances)" + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false }, - "unmasked": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of systemd units to unmask. (runs for the users, even if previously masked)" + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false } - }, - "description": "User unit configuration (with --global to make changes for all users)." } - }, - "required": [ - "type" - ], - "additionalProperties": false } \ No newline at end of file diff --git a/test-files/schema/modules/yafti-latest.json b/test-files/schema/modules/yafti-latest.json index d3914c98..205e3832 100644 --- a/test-files/schema/modules/yafti-latest.json +++ b/test-files/schema/modules/yafti-latest.json @@ -1,37 +1,217 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/yafti.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "yafti", - "description": "The yafti module can be used to install yafti and set it up to run on first boot.\nhttps://blue-build.org/reference/modules/yafti/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/yafti-latest.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "yafti" + }, + { + "type": "string", + "const": "yafti@v1" + }, + { + "type": "string", + "const": "yafti@latest" + } + ], + "description": "The yafti module can be used to install yafti and set it up to run on first boot.\nhttps://blue-build.org/reference/modules/yafti/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "custom-flatpaks": { + "type": "array", + "items": { + "$ref": "#/$defs/RecordString" + }, + "description": "List of custom Flatpaks to inject to the default yafti.yml. Format is: `PrettyName: org.example.flatpak_id`" + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "custom-flatpaks": { - "type": "array", - "items": { - "$ref": "#/$defs/RecordString" - }, - "description": "List of custom Flatpaks to inject to the default yafti.yml. Format is: `PrettyName: org.example.flatpak_id`" - } - }, - "required": [ - "type" - ], - "additionalProperties": false, - "$defs": { - "RecordString": { - "type": "object", - "properties": {}, - "additionalProperties": { - "type": "string" - } + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - } } \ No newline at end of file diff --git a/test-files/schema/modules/yafti-v1.json b/test-files/schema/modules/yafti-v1.json index d3914c98..6e2d5fc0 100644 --- a/test-files/schema/modules/yafti-v1.json +++ b/test-files/schema/modules/yafti-v1.json @@ -1,37 +1,217 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "/modules/yafti.json", - "type": "object", - "properties": { - "type": { - "type": "string", - "const": "yafti", - "description": "The yafti module can be used to install yafti and set it up to run on first boot.\nhttps://blue-build.org/reference/modules/yafti/" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "/modules/yafti-v1.json", + "type": "object", + "properties": { + "type": { + "anyOf": [ + { + "type": "string", + "const": "yafti" + }, + { + "type": "string", + "const": "yafti@v1" + }, + { + "type": "string", + "const": "yafti@latest" + } + ], + "description": "The yafti module can be used to install yafti and set it up to run on first boot.\nhttps://blue-build.org/reference/modules/yafti/" + }, + "no-cache": { + "type": "boolean", + "default": false, + "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" + }, + "env": { + "$ref": "#/$defs/RecordString", + "description": "Environment variables to add for the module call." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/$defs/Secret" + }, + "description": "Secrets to mount for this module call." + }, + "custom-flatpaks": { + "type": "array", + "items": { + "$ref": "#/$defs/RecordString" + }, + "description": "List of custom Flatpaks to inject to the default yafti.yml. Format is: `PrettyName: org.example.flatpak_id`" + } }, - "no-cache": { - "type": "boolean", - "default": false, - "description": "Whether to disabling caching for this layer.\nhttps://blue-build.org/reference/module/#no-cache-optional" - }, - "custom-flatpaks": { - "type": "array", - "items": { - "$ref": "#/$defs/RecordString" - }, - "description": "List of custom Flatpaks to inject to the default yafti.yml. Format is: `PrettyName: org.example.flatpak_id`" - } - }, - "required": [ - "type" - ], - "additionalProperties": false, - "$defs": { - "RecordString": { - "type": "object", - "properties": {}, - "additionalProperties": { - "type": "string" - } + "required": [ + "type" + ], + "additionalProperties": false, + "$defs": { + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } + }, + "Secret": { + "oneOf": [ + { + "$ref": "#/$defs/SecretEnv" + }, + { + "$ref": "#/$defs/SecretFile" + }, + { + "$ref": "#/$defs/SecretExec" + }, + { + "$ref": "#/$defs/SecretSsh" + } + ] + }, + "SecretEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from an environment variable." + }, + "name": { + "type": "string", + "description": "The name of the environment variable" + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "name", + "mount" + ], + "additionalProperties": false + }, + "SecretFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file." + }, + "source": { + "type": "string", + "description": "The source file containing the secret.\n\nNOTE: Relative paths are relative to the root of the repository." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "source", + "mount" + ], + "additionalProperties": false + }, + "SecretExec": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "exec", + "description": "A secret pulled from the stdout of a command." + }, + "command": { + "type": "string", + "description": "The command that will be executed." + }, + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Arguments for the command being executed." + }, + "mount": { + "$ref": "#/$defs/SecretMount", + "description": "Defines the mount type for the result of the command into the build." + } + }, + "required": [ + "type", + "command", + "mount" + ], + "additionalProperties": false + }, + "SecretSsh": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "ssh", + "description": "Mount the SSH socket to use the hosts SSH socket." + } + }, + "required": [ + "type" + ], + "additionalProperties": false + }, + "SecretMount": { + "anyOf": [ + { + "$ref": "#/$defs/SecretMountEnv" + }, + { + "$ref": "#/$defs/SecretMountFile" + } + ] + }, + "SecretMountEnv": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "env", + "description": "A secret pulled from a file on the host system." + }, + "name": { + "type": "string", + "description": "The environment variable where the secret will be set." + } + }, + "required": [ + "type", + "name" + ], + "additionalProperties": false + }, + "SecretMountFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "const": "file", + "description": "A secret pulled from a file on the host system." + }, + "destination": { + "type": "string", + "description": "The destination path in the build to mount the secret." + } + }, + "required": [ + "type", + "destination" + ], + "additionalProperties": false + } } - } } \ No newline at end of file diff --git a/test-files/schema/recipe-v1.json b/test-files/schema/recipe-v1.json index 56c8117a..94200edd 100644 --- a/test-files/schema/recipe-v1.json +++ b/test-files/schema/recipe-v1.json @@ -1,98 +1,132 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "recipe-v1.json", - "type": "object", - "properties": { - "name": { - "type": "string", - "description": "The image name. Used when publishing to GHCR as `ghcr.io/user/name`." - }, - "description": { - "type": "string", - "description": "The image description. Published to GHCR in the image metadata." - }, - "alt-tags": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Allows setting custom tags on the recipe’s final image.\nAdding tags to this property will override the `latest` and timestamp tags." - }, - "base-image": { - "type": "string", - "description": "The [OCI](https://opencontainers.org/) image to base your custom image on.\nOnly atomic Fedora images and those based on them are officially supported.\nUniversal Blue is recommended. [A list of Universal Blue's images](https://universal-blue.org/images/) can be found on their website\nBlueBuild-built images can be used as well." - }, - "image-version": { - "anyOf": [ - { - "type": "string" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "recipe-v1.json", + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The image name. Used when publishing to GHCR as `ghcr.io/user/name`." }, - { - "type": "integer" - } - ], - "description": "The tag of the base image to build on.\nUsed to select a version explicitly (`40`) or to always use the latest stable version (`latest`).\nA list of all available tags can be viewed by pasting your `base-image` url into your browser." - }, - "blue-build-tag": { - "type": "string", - "description": "The tag to pull for the bluebuild cli. This is mostly used for\ntrying out specific versions of the cli without compiling it locally." - }, - "stages": { - "type": "array", - "items": { - "$ref": "#/$defs/StageEntry" - }, - "description": "A list of [stages](https://blue-build.org/reference/stages/) that are executed before the build of the final image.\nThis is useful for compiling programs from source without polluting the final bootable image." - }, - "modules": { - "type": "array", - "items": { - "$ref": "#/$defs/ModuleEntry" - }, - "description": "A list of [modules](https://blue-build.org/reference/module/) that is executed in order. Multiple of the same module can be included.\n\nEach item in this list should have at least a `type:` or be specified to be included from an external file in the `recipes/` directory with `from-file:`." - } - }, - "required": [ - "name", - "description", - "base-image", - "image-version", - "modules" - ], - "additionalProperties": false, - "$defs": { - "StageEntry": { - "anyOf": [ - { - "$ref": "stage-v1.json" + "description": { + "type": "string", + "description": "The image description. Published to GHCR in the image metadata." }, - { - "$ref": "#/$defs/ImportedModule" - } - ] - }, - "ModuleEntry": { - "anyOf": [ - { - "$ref": "module-v1.json" + "alt-tags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allows setting custom tags on the recipe’s final image.\nAdding tags to this property will override the `latest` and timestamp tags." }, - { - "$ref": "#/$defs/ImportedModule" + "base-image": { + "type": "string", + "description": "The [OCI](https://opencontainers.org/) image to base your custom image on.\nOnly atomic Fedora images and those based on them are officially supported.\nUniversal Blue is recommended. [A list of Universal Blue's images](https://universal-blue.org/images/) can be found on their website\nBlueBuild-built images can be used as well." + }, + "image-version": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "description": "The tag of the base image to build on.\nUsed to select a version explicitly (`40`) or to always use the latest stable version (`latest`).\nA list of all available tags can be viewed by pasting your `base-image` url into your browser." + }, + "blue-build-tag": { + "type": "string", + "description": "The tag to pull for the bluebuild cli. This is mostly used for\ntrying out specific versions of the cli without compiling it locally." + }, + "cosign-version": { + "type": "string", + "description": "The version of cosign that will be included in the image.\nThis will override the default version set by the CLI.\nSetting to `none` will prevent installing cosign altogether." + }, + "nushell-version": { + "type": "string", + "description": "The version of nushell to include in this image.\nThis will override the default BlueBuild Nushell version.\nChange only if you need a specific version of Nushell, changing this might break some BlueBuild modules." + }, + "platforms": { + "type": "array", + "items": { + "$ref": "#/$defs/Platform" + }, + "description": "A list of platforms that will be built for the image." + }, + "stages": { + "type": "array", + "items": { + "$ref": "#/$defs/StageEntry" + }, + "description": "A list of [stages](https://blue-build.org/reference/stages/) that are executed before the build of the final image.\nThis is useful for compiling programs from source without polluting the final bootable image." + }, + "modules": { + "type": "array", + "items": { + "$ref": "#/$defs/ModuleEntry" + }, + "description": "A list of [modules](https://blue-build.org/reference/module/) that is executed in order. Multiple of the same module can be included.\n\nEach item in this list should have at least a `type:` or be specified to be included from an external file in the `recipes/` directory with `from-file:`." + }, + "labels": { + "$ref": "#/$defs/RecordString", + "description": "A collection of custom labels that will be applied to the image.\n\nEach item should be a `key: value` pair representing a label name mapping to label value." } - ] }, - "ImportedModule": { - "type": "object", - "properties": { - "from-file": { - "type": "string", - "description": "The path to another file containing module configuration to import here.\nhttps://blue-build.org/how-to/multiple-files/" + "required": [ + "name", + "description", + "base-image", + "image-version", + "modules" + ], + "additionalProperties": false, + "$defs": { + "Platform": { + "type": "string", + "enum": [ + "linux/amd64", + "linux/amd64/v2", + "linux/arm64", + "linux/arm", + "linux/arm/v6", + "linux/arm/v7", + "linux/386", + "linux/loong64", + "linux/mips", + "linux/mipsle", + "linux/mips64", + "linux/mips64le", + "linux/ppc64", + "linux/ppc64le", + "linux/riscv64", + "linux/s390x" + ] + }, + "StageEntry": { + "oneOf": [ + { + "$ref": "stage-v1.json" + }, + { + "$ref": "import-v1.json" + } + ] + }, + "ModuleEntry": { + "oneOf": [ + { + "$ref": "module-v1.json" + }, + { + "$ref": "import-v1.json" + } + ] + }, + "RecordString": { + "type": "object", + "properties": {}, + "additionalProperties": { + "type": "string" + } } - }, - "required": [ - "from-file" - ], - "additionalProperties": false } - } } \ No newline at end of file diff --git a/test-files/schema/stage-list-v1.json b/test-files/schema/stage-list-v1.json index bde0479a..317d2a47 100644 --- a/test-files/schema/stage-list-v1.json +++ b/test-files/schema/stage-list-v1.json @@ -1,29 +1,30 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "stage-list-v1.json", - "type": "object", - "properties": { - "stages": { - "type": "array", - "items": { - "$ref": "#/$defs/StageEntry" - }, - "description": "A list of [stages](https://blue-build.org/reference/stages/) that are executed before the build of the final image.\nThis is useful for compiling programs from source without polluting the final bootable image." - } - }, - "required": [ - "stages" - ], - "$defs": { - "StageEntry": { - "anyOf": [ - { - "$ref": "stage-v1.json" - }, - { - "$ref": "import-v1.json" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "stage-list-v1.json", + "type": "object", + "properties": { + "stages": { + "type": "array", + "items": { + "$ref": "#/$defs/StageEntry" + }, + "description": "A list of [stages](https://blue-build.org/reference/stages/) that are executed before the build of the final image.\nThis is useful for compiling programs from source without polluting the final bootable image." + } + }, + "required": [ + "stages" + ], + "additionalProperties": false, + "$defs": { + "StageEntry": { + "oneOf": [ + { + "$ref": "stage-v1.json" + }, + { + "$ref": "import-v1.json" + } + ] } - ] } - } } \ No newline at end of file diff --git a/test-files/schema/stage-v1.json b/test-files/schema/stage-v1.json index 833994a4..8bc7c4a0 100644 --- a/test-files/schema/stage-v1.json +++ b/test-files/schema/stage-v1.json @@ -1,57 +1,44 @@ { - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "stage-v1.json", - "type": "object", - "properties": { - "name": { - "type": "string", - "description": "The name of the stage. This is used when referencing\nthe stage when using the from: property in the [`copy` module](https://blue-build.org/reference/modules/copy/)." - }, - "from": { - "type": "string", - "description": "The full image ref (image name + tag). This will be set in the FROM statement of the stage." - }, - "shell": { - "type": "string", - "description": "Allows a user to pass in an array of strings that are passed directly into the [`SHELL` instruction](https://docs.docker.com/reference/dockerfile/#shell)." - }, - "modules": { - "type": "array", - "items": { - "$ref": "#/$defs/ModuleEntry" - }, - "description": "The list of modules to execute. The exact same syntax used by the main recipe `modules:` property." - } - }, - "required": [ - "name", - "from", - "modules" - ], - "additionalProperties": false, - "$defs": { - "ModuleEntry": { - "anyOf": [ - { - "$ref": "module-v1.json" + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "stage-v1.json", + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the stage. This is used when referencing\nthe stage when using the from: property in the [`copy` module](https://blue-build.org/reference/modules/copy/)." + }, + "from": { + "type": "string", + "description": "The full image ref (image name + tag). This will be set in the FROM statement of the stage." + }, + "shell": { + "type": "string", + "description": "Allows a user to pass in an array of strings that are passed directly into the [`SHELL` instruction](https://docs.docker.com/reference/dockerfile/#shell)." }, - { - "$ref": "#/$defs/ImportedModule" + "modules": { + "type": "array", + "items": { + "$ref": "#/$defs/ModuleEntry" + }, + "description": "The list of modules to execute. The exact same syntax used by the main recipe `modules:` property." } - ] }, - "ImportedModule": { - "type": "object", - "properties": { - "from-file": { - "type": "string", - "description": "The path to another file containing module configuration to import here.\nhttps://blue-build.org/how-to/multiple-files/" + "required": [ + "name", + "from", + "modules" + ], + "additionalProperties": false, + "$defs": { + "ModuleEntry": { + "oneOf": [ + { + "$ref": "module-v1.json" + }, + { + "$ref": "import-v1.json" + } + ] } - }, - "required": [ - "from-file" - ], - "additionalProperties": false } - } } \ No newline at end of file