Skip to content

Validate rendered cloud-init templates against official schema#63

Open
ret2libc wants to merge 3 commits intomainfrom
feat/cloudinit-schema-validation
Open

Validate rendered cloud-init templates against official schema#63
ret2libc wants to merge 3 commits intomainfrom
feat/cloudinit-schema-validation

Conversation

@ret2libc
Copy link
Copy Markdown
Collaborator

@ret2libc ret2libc commented Mar 31, 2026

Summary

  • Add jsonschema as a dev dependency
  • Add two new tests that render the default Jinja2 cloud-init template (with/without Tailscale) and validate the output against the official cloud-init JSON schema
  • Schema is fetched at test time via a module-scoped fixture; tests skip gracefully if the network is unavailable

Test plan

  • uv run pytest tests/test_cloudinit.py -v — all 6 tests pass
  • uv run pytest -v — full suite (291 tests) passes with coverage above threshold
  • prek run — all pre-commit hooks pass
  • Verify tests skip correctly when offline (disconnect network, run tests)

🤖 Generated with Claude Code

@ret2libc ret2libc force-pushed the feat/cloudinit-schema-validation branch from e7410fe to bc121e8 Compare March 31, 2026 12:30
@ret2libc @claude
Validate rendered cloud-init templates against official schema
7a37172 
Add jsonschema dev dependency and two new tests that render the Jinja2
cloud-init template (with and without Tailscale) then validate the
output against canonical/cloud-init's JSON schema. Tests skip gracefully
when the network is unavailable.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@ret2libc ret2libc force-pushed the feat/cloudinit-schema-validation branch from bc121e8 to 7a37172 Compare March 31, 2026 12:32
@ret2libc ret2libc requested review from BradSwain and DarkaMaul March 31, 2026 12:32
ret2libc
ret2libc commented Mar 31, 2026
View reviewed changes
BradSwain
BradSwain reviewed Mar 31, 2026
View reviewed changes
tests/test_cloudinit.py
Comment on lines +13 to +16
CLOUD_CONFIG_SCHEMA_URL = (
"https://raw.githubusercontent.com/canonical/cloud-init/main/"
"cloudinit/config/schemas/schema-cloud-config-v1.json"
)
Copy link
Copy Markdown

@BradSwain BradSwain Mar 31, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we always want to check against main? Some older distros may not support the latest cloud-init schema. Adding a newer keys would pass this test, but break dropkit for older distros.

If we look at all the distro slugs supported by the digital ocean API and pick the ones we want to support, we could pin the check against the lowest common version among the supported distros.

If we pin the version, we could also commit the schema directly to the repo, eliminating the need to fetch the scema each time.

But also, that may be overkill for what we are doing here 😄

Copy link
Copy Markdown
Collaborator

@DarkaMaul DarkaMaul Apr 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO - we should have this dependency in the repo directly, and have a github action workflow to update it periodically.

I prefer to be able to run tests locally, and that would avoid to have to redownload the file and each tests run :)

tests/test_cloudinit.py
"""Verify the rendered template without Tailscale also passes schema validation."""
rendered = _render_template(tailscale_enabled=False)
doc = yaml.safe_load(rendered)
validator = Draft4Validator(cloud_config_schema)
Copy link
Copy Markdown

@BradSwain BradSwain Mar 31, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the schema on main guaranteed to stay on Draft 4?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@BradSwain BradSwain BradSwain left review comments

@DarkaMaul DarkaMaul Awaiting requested review from DarkaMaul

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ret2libc @DarkaMaul @BradSwain