S `MddlZddlZddlZddlZddlZddlmZddlmZddlm Z ddlm Z ddlm Z ddl m Zdd l mZd d lmZd d lmZd d lmZej*eZdddddddddddddd ZdZdZdZdj9eZdj9eZdZd jAd!j9ee"jCZ"e jFde #d$Z$e jFd%e #d&Z%e jFd'e (d)Z&d*Z'd+Z(d,Z)d-Z*d.Z+d/Z,d0Z-d1Z.d2Z/d3Z0d4Z1d5Z2d6Z3d7Z4d8Z5d9Z6d:Z7d;Z8d<Z9d=Z:d>Z;d?ZdBZ?dCZ@dDZAdEZBdFZCdGZDdHZEdIZFy)JN) split_port)Draft4Validator) FormatChecker) RefResolver)ValidationError)COMPOSEFILE_V1)NANOCPUS_SCALEConfigurationError)VERSION_EXPLANATION)"get_service_name_from_network_mode cpu_shares extra_hostsdeviceslinks memswap_limitports privilegedvolumes working_dir) cpu_shareadd_hosthosts extra_hostdevicelink memory_swapport privilege priviliged priviligevolumeworkdirz[a-zA-Z0-9\._\-]z^\d+(\-\d+)?(\/[a-zA-Z]+)?$z!(\d{1,2}|1\d{2}|2[0-4]\d|25[0-5])z({IPV4_SEG}\.){{3}}{IPV4_SEG})IPV4_SEGz!^{IPV4_ADDR}/(\d|[1-2]\d|3[0-2])$) IPV4_ADDRz[0-9a-fA-F]{1,4}a9 ^ ( (({IPV6_SEG}:){{7}}{IPV6_SEG})| (({IPV6_SEG}:){{1,7}}:)| (({IPV6_SEG}:){{1,6}}(:{IPV6_SEG}){{1,1}})| (({IPV6_SEG}:){{1,5}}(:{IPV6_SEG}){{1,2}})| (({IPV6_SEG}:){{1,4}}(:{IPV6_SEG}){{1,3}})| (({IPV6_SEG}:){{1,3}}(:{IPV6_SEG}){{1,4}})| (({IPV6_SEG}:){{1,2}}(:{IPV6_SEG}){{1,5}})| (({IPV6_SEG}:){{1,1}}(:{IPV6_SEG}){{1,6}})| (:((:{IPV6_SEG}){{1,7}}|:))| (fe80:(:{IPV6_SEG}){{0,4}}%[0-9a-zA-Z]{{1,}})| (::(ffff(:0{{1,4}}){{0,1}}:){{0,1}}{IPV4_ADDR})| (({IPV6_SEG}:){{1,4}}:{IPV4_ADDR}) ) /(\d|[1-9]\d|1[0-1]\d|12[0-8]) $ )IPV6_SEGr')formatraisescf t|y#t$r}tt|d}~wwxYw)NT)r ValueErrorrstr)instancees ;/usr/lib/python3/dist-packages/compose/config/validation.py format_portsr2Es5&8  &c!f%%&s  0+0exposecnt|tr%tjt|s t dy)Nz)should be of the format 'PORT[/PROTOCOL]'T) isinstancer.rematchVALID_EXPOSE_FORMATrr/s r1 format_exposer:Ns0(C xx+X6!;= = subnet_ip_address)r+ct|tr?tjt|s%tjt |s t dy)Nzshould use the CIDR formatT)r5r.r6r7VALID_REGEX_IPV4_CIDRVALID_REGEX_IPV6_CIDRrr9s r1format_subnet_ip_addressr@Xs9(C xx-x8HH2H=!">? ? r;c |jdg}|D]U}|js|j|vstdj |j |jdy)Nrz^Named volume "{}" is used in service "{}" but no declaration was found in the volumes section.name)getis_named_volumeexternalr r*repr) service_dictproject_volumesservice_volumes volume_specs r1match_named_volumesrKbsp"&&y"5O&  & &;+?+?+V$AAG$$& (8(8(@B r;c bt|j}dddddddddj||S)Nmappingarraynumberbooleanstring)dictlistintfloatboolunicoder.bytes)type__name__rC)type_ type_names r1python_type_to_yaml_typer]nsAU $$I  c)Y  r;c t|ts/tdj||t t ||j D]}\}}t|tstdj|||t|ttdfrOtdj|||t t |y)zValidate the structure of a configuration section. This must be done before interpolation so it's separate from schema validation. z>In file '{filename}', {section} must be a mapping, not {type}.)filenamesectionrYzWIn file '{filename}', the {section} name {name} must be a quoted string, i.e. '{name}'.)r_r`rBNzFIn file '{filename}', {section} '{name}' must be a mapping not {type}.)r_r`rBrY) r5rRr r*anglicize_json_typer]itemsr.rY)r_configr`keyvalues r1validate_config_sectionrf|s fd #  f!()A&)IJLM MllnP U#s#$006%#171 %$T !34$ &%#,-Ee-LM !OP PPr;ct|jts8tdj |j t |jy)Nz8Top level object in '{}' needs to be an object not '{}'.)r5rcrRr r*r_rY) config_files r1validate_top_level_objectrisI k(($ / F M M$$[''( *+ + 0r;c|jjdi}|jD]=\}}t|ts|d|dkr#t dj ||y)NulimitssofthardzdService '{s.name}' has invalid ulimit '{ulimit}'. 'soft' value can not be greater than 'hard' value )sulimit)rcrCrbr5rRr r*)service_config ulimit_config limit_namesoft_hard_valuess r1validate_ulimitsrts"))--iz1handle_error_for_schema_with_id.."sbhh'7;;r;rz#/definitions/serviceconfig_schema_zInvalid top-level property "{key}". Valid top-level sections for this Compose file are: {properties}, and extensions starting with "x-". {explanation}, properties)rdr explanationz{} {})schemar validatorr*rSr/anyfilterrparse_key_from_error_msgrrjoinrrrmessage)errorrrrinvalid_config_keys r1handle_error_for_schema_with_idrs0 T"Ii(U__@V-VKRRU^^, 1AV;Q>:Q       00 / /!9%!@ -d4FG G    0 1!9%!@ FGMv&99U\\,%?%D%D%FG/HNH zz$$U]]4GH H1  s D4*D4cd}|j}|jdk(r%d}t|\}}|r|j|n|jdk(rd}t |j }n|jdk(rdj |j }d}n|jdk(rjt|j jd }d j |j |}d }|j|d j||}n2|jrt|j}d }n|jrd }|r|jt||S|jS)NoneOfz {path} {msg}rYz3{path} contains an invalid type, it should be {msg}requiredrz%{path} is invalid, {msg} is required. dependenciesr,z{path} is invalid: {msg}z,when defining '{}' you must set '{}' as wellz{path} value {msg})rr)rr_parse_oneof_validatorappend!_parse_valid_types_from_validatorvalidator_valuerrSrr*causer.rr)rr msg_format error_msg config_key required_keyss r1handle_generic_errorr:s?J I '!# 6u = I  KK # F "J 5e6K6KL J &IIe334 < N *%//4467: !6!6z!BC /  JBII     $ / )   k$&7Y GG ==r;c |jjddS#t$rB|jjddjddjdcYSwxYw)N'r ( r)rr IndexErrorstrip)rs r1rrcshD}}""3'** D}}""3'*005a8>>sCCDs AA+*A+c2djd|DS)N.c3BK|]}t|ts|ywr)r5r.).0rs r1 zpath_string..ks:!z!S'9A:s)r)rs r1rrjs 88:t: ::r;ct|ts t|St|dk(rt|dSdj dj t|dg|ddzt|dS)zA validator value can be either an array of valid types or a string of a valid type. Parse the valid types and prefix with the correct article. r rz {}, or {}r)r5rSralenr*r)rs r1rrnsw i &"9-- 9~"9Q<00    &y|45 !BGHIbM* ,,r;c0g}|jD]g}|jdk(r't|\}}t|j|fcS|jdk(rd|j fcS|jdk(r t |}ddj|fcS|jdk(r@|jrt|jnddj|jfcS|jrYt|jdjtj|jt|jfcS|jd k(sM|j|jjt|}dd j|fS) aoneOf has multiple schemas, so we need to reason about which schema, sub schema or constraint the validation is failing on. Inspecting the context value of a ValidationError gives us information about which sub schema failed and which kind of error it is. rrNrz!contains unsupported option: '{}' uniqueItemsz;contains non-unique items, please remove duplicates from {}z6contains {}, which is an invalid type, it should be {}rYz)contains an invalid type, it should be {})contextrrrrrrr*r/jsondumpsrrr)rtypesr_rr valid_typess r1rr}sq E==2    '1':LAyw||,i7 7    *'//* *    6 6!9'!B =DDEWXY Y    --4\\ GLL)tMTT$$&  <<GLL)HOOJJw//05g6M6MNP     & LL00 192<4E:K =DD[Q RRr;c&|tk(rZd|jvrd|jvrdj|Sd|jvrd|jvrdj|Sd|jvr d|jvrdj|Syy)NimagebuildzService {} has both an image and build path specified. A service can either be built to image or use an existing image, not both. dockerfilezService {} has both an image and alternate Dockerfile. A service can either be built to image or use an existing image, not both.z]Service {} has neither an image nor a build context specified. At least one must be provided.)V1r/r*)rrwversions r1!process_service_constraint_errorsrs"} enn $ENN)B##)6,#7 9 enn $)G##)6,#7 9 enn$)F --3VL-A C*G$r;ct|j}d|jvrt||}|r|St ||S)Nr)rSrrrr)rrrs r1process_config_schema_errorsrs>  D u||3E4@   t ,,r;ci}|jD];\}}||t|<t|ts%t ||t|<=|S)zH Non-string keys may break validator with patterned fields. )rbr.r5rR keys_to_str)rhdkvs r1rrsT A!!#'1#a& a #AAc!fI' Hr;ct|}t|j}tgd}t |t t ||}t|j|t|jy)N)rr3r<)resolverformat_checker) load_jsonschemarrcrrrget_resolver_path handle_errors iter_errorsrr_)rhrrrcrrs r1validate_against_config_schemarsi W %F ++ ,F"#KLN.0&9%'If%$r;cfd}tj}t|ddd}t|j ||dy)Nc2t|jSr)rr)errorsrhrws r1handlerz-validate_service_constraints..handlers0 L+"5"57 7r; definitions constraintsservice)rrrrr)rcrwrhrrrs `` r1validate_service_constraintsrsJ7[00 1F} 5m DY OPI)''/$?r;c|jjd}|sy|tz}t|tr|j s t dyy)Ncpusz6cpus must have nine or less digits after decimal point)rcrCr r5rU is_integerr )rpr nano_cpuss r1 validate_cpur sX  $ $V ,D ~%I)U#I,@,@,B DF F-C#r;ctjjtjjtSr)osrdirnameabspath__file__rr;r1get_schema_pathrs" 77??277??84 55r;crd}|tk(rd}tjjt dj |}tjj |stdj |tt|5}tj|cdddS#1swYyxYw)N compose_specconfig_schema_v1z{}.jsonz"Version in "{}" is unsupported. {}) rr rrrr*existsr ropenrload)rrBr_fhs r1rrs D"}!ww|| H 77>>( # 0 VH1 24 4 h2yy}s B--B6ct}tjdk(rd}|jdd}nd}dj ||S)Nwin32z///\/z//z file:{}{}/)rsysplatformreplacer*) schema_pathschemes r1rr sE!#K ||w!))$4    v{ 33r;ct|t}|sydjfd|D}tdj |rdj |nd|) zjsonschema returns an error tree full of information to explain what has gone wrong. Process each error and pull out relevant information and re-write helpful error messages that are relevant. )rdN c3.K|] }|ywrr)rrformat_error_funcs r1rz handle_errors..sGu+E2Gsz:The Compose file{file_msg} is invalid because: {error_msg}z '{}'r()file_msgr)sortedr.rr r*)rr#r_rs ` r1rrs_ F $F  GGGI ELL19W^^H-r M ! ""r;c|jjdi}d|vrt|dtrt |ddk(r$t dj |j|dddk(r2t |dkDr$t dj |j|dddvr$t d j |jyyy) N healthchecktestrzDService "{}" defines an invalid healthcheck: "test" is an empty listNONEr zbService "{}" defines an invalid healthcheck: "disable: true" cannot be combined with other options)r)CMDz CMD-SHELLzwService "{}" defines an invalid healthcheck: when "test" is a list the first item must be either NONE, CMD or CMD-SHELL)rcrCr5rSrr r*rB)rpr's r1validate_healthcheckr+$s ''++M2>K K,?!F {6" #q ($*++,. .   #v -#k2BQ2F$H++,. .   #+G G$]++,. .H"Gr;)Grloggingr r6rdocker.utils.portsr jsonschemarrrrconstr rr rr r sort_servicesr getLoggerrZlogrrr8VALID_IPV4_SEGr*VALID_IPV4_ADDRr>VALID_IPV6_SEGrrr? cls_checksr2r:r@rKr]rfrirtrzrrrrrrrrarrrrrrrrrrrrr rrrrr+rr;r1r7s  )&$"&("&'=g!  " "'45299>9R<CCoC^$!$ FNoF>uuw%H*AB/BC-oFG   P>+ /  F$    B   KI>&RD; ,&SRC(-   @F6"4 " .r;