cli: add --system param to allow validating system user-data on a machine

[blackboxsw]

Proposed Commit Message

cli: add --system param schema to allow validating system user-data

Allow root user to validate the userdata provided to the launched a machine using:
cloud-init devel schema --system

Test Steps

lxc launch ubuntu-daily:xenial dev-x
lxc file push cloudinit/config/schema.py dev-x/usr/lib/python3/dist-packages/cloudinit/config/
lxc exec dev-x bash
$ cloud-init devel schema --system

Checklist:

• My code follows the process laid out in the documentation
• I have updated or added any unit tests accordingly
• I have updated or added any documentation accordingly: NOTE: separating auto-generated documentation for all CLI commands to a separate PR

[mitechie]

shouldn't there be associated doc updates with adding a new argument to UI?

[mitechie]

This is the doc update but it seemed an edit to an existing doc and didn't seem clear to me.

[blackboxsw]

Yeah, devel commands, and general CLI documentation, isn't great. In the devel case I had originally left it fairly undocumented as these devel commands will likely change form or break compatibility before we decide to make them fully fledged top-level (non-devel) subcommands of cloud-init. But, now that we are referencing subcommand switches in docs in other places. it would be helpful to have a more full rendering of cli docs for this devel subcommands. I ultimately think we should autogeerate docs from the argparse configs so that we can keep that up to date any time the cli is changed. I think sphinx-argparse extension could do this for us, but I'd like to leave that to a separate PR as it'll potentially involve re-organizing the top-level CLI docs docs. As I think we could try to modify how the CLI docs in general are exposed and documented.

[blackboxsw]

That said, I did just push a commit that renders cmdline devel schema to this branch. I think we can build on this if an acceptable format for all CLI commands.

[OddBloke]

Thanks Chad, this is a nice little UX improvement. A couple of inline comments.

[OddBloke]

This should really be using a Paths object rather than hardcoding a path.

[blackboxsw]

@mitechie @OddBloke OOPS while the code no longer relies on this static var, I had forgotten to remove it.
Done.

[github-actions]

Hello! Thank you for this proposed change to cloud-init. This pull request is now marked as stale as it has not seen any activity in 14 days. If no activity occurs within the next 7 days, this pull request will automatically close.

If you are waiting for code review and you are seeing this message, apologies! Please reply, tagging mitechie, and he will ensure that someone takes a look soon.

(If the pull request is closed, please do feel free to reopen it if you wish to continue working on it.)

[blackboxsw]

@OddBloke @mitechie I've updated this branch and added auto-generated docs for review for only the devel subcommand using sphinx-argparse. If this documentation approach is palatable. I can add a followup PR to auto-gen docs for our entire CLI as a followup PR. (I could separate that from this PR too).

[blackboxsw]

@OddBloke @mitechie separated doc changes into a followup PR as discussed in standup yesterday

[mitechie]

With a +1 to Dan's comment on the file path at the start of the PR.

[OddBloke]

Thanks Chad! Overall this looks good, I have one inline comment that I think needs addressing before this can land (and another one which you can ignore because it's a nit 👍).

[OddBloke]

Thanks Chad! Some nits inline, which you can fix in a follow-up if you so desire.

[OddBloke]

A nit: it took me a while to grok what this was doing; I think params = " ".join(params).split() has the same effect?

In [12]: params = ('--docs all', '--config-file something')

In [13]: list(itertools.chain(*[a.split() for a in params]))
Out[13]: ['--docs', 'all', '--config-file', 'something']

In [14]: " ".join(params).split()
Out[14]: ['--docs', 'all', '--config-file', 'something']

[OddBloke]

A nit: the pytest docs use excinfo for these, and we follow that pattern elsewhere in the codebase:

$ a -s pytest.raises.\*as
cloudinit/tests/test_conftest.py
28:        with pytest.raises(AssertionError) as excinfo:
35:        with pytest.raises(AssertionError) as excinfo:

We also broadly follow the pattern in UA client and pycloudlib, though there is more divergence there.

[OddBloke]

A nit (unless I'm wrong, then not even that): you could potentially fold this into the above definition by making the parameters list(exclusive_combinations) + [()].

[OddBloke]

Nit: a not-particularly-important gap here is all three being specified at once.

[OddBloke]

This file is always root:root-owned by default and not world-readable, so this is not even a nit: we could instead rely on the user's permissions to determine if they can use this path.