Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make scriptlet validation even safer #1403

Open
bensmrs opened this issue Nov 20, 2024 · 1 comment
Open

Make scriptlet validation even safer #1403

bensmrs opened this issue Nov 20, 2024 · 1 comment
Assignees
Milestone

Comments

@bensmrs
Copy link
Contributor

bensmrs commented Nov 20, 2024

Currently, we validate scriptlets simply if they pass Starlark’s parsing. I intend to add an additional validation step in the *Validate methods to ensure that required functions (qemu_hook for QEMU, instance_placement for InstancePlacement, authorize for the future Authorize) are actually defined in the scriptlet.
It will not ensure that the scriptlet works or is well-typed, but adds quite a bit of safety.

If it looks good to you, you can assign me on the issue and I’ll ship it with the Authorization scriptlet.

@stgraber
Copy link
Member

Sounds good!

@stgraber stgraber added this to the soon milestone Nov 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

2 participants