add validation to s9pks

backend/src/action/docker.rs

@@ -1,5 +1,5 @@
 use std::borrow::Cow;
-use std::collections::BTreeMap;
+use std::collections::{BTreeMap, BTreeSet};
 use std::ffi::{OsStr, OsString};
 use std::net::Ipv4Addr;
 use std::path::PathBuf;
@@ -23,6 +23,17 @@ use crate::{Error, ResultExt, HOST_IP};
 
 pub const NET_TLD: &str = "embassy";
 
+lazy_static::lazy_static! {
+    pub static ref SYSTEM_IMAGES: BTreeSet<ImageId> = {
+        let mut set = BTreeSet::new();
+
+        set.insert("compat".parse().unwrap());
+        set.insert("utils".parse().unwrap());
+
+        set
+    };
+}
+
 #[derive(Clone, Debug, Deserialize, Serialize)]
 #[serde(rename_all = "kebab-case")]
 pub struct DockerAction {
@@ -44,6 +55,32 @@ pub struct DockerAction {
     pub sigterm_timeout: Option<SerdeDuration>,
 }
 impl DockerAction {
+    pub fn validate(
+        &self,
+        volumes: &Volumes,
+        image_ids: &BTreeSet<ImageId>,
+        expected_io: bool,
+    ) -> Result<(), color_eyre::eyre::Report> {
+        for (volume, _) in &self.mounts {
+            if !volumes.contains_key(volume) {
+                color_eyre::eyre::bail!("unknown volume: {}", volume);
+            }
+        }
+        if self.system {
+            if !SYSTEM_IMAGES.contains(&self.image) {
+                color_eyre::eyre::bail!("unknown system image: {}", self.image);
+            }
+        } else {
+            if !image_ids.contains(&self.image) {
+                color_eyre::eyre::bail!("image for {} not contained in package", self.image);
+            }
+        }
+        if expected_io && self.io_format.is_none() {
+            color_eyre::eyre::bail!("expected io-format");
+        }
+        Ok(())
+    }
+
     #[instrument(skip(ctx, input))]
     pub async fn execute<I: Serialize, O: for<'de> Deserialize<'de>>(
         &self,

backend/src/action/mod.rs

@@ -1,4 +1,4 @@
-use std::collections::BTreeMap;
+use std::collections::{BTreeMap, BTreeSet};
 use std::path::Path;
 use std::str::FromStr;
 use std::time::Duration;
@@ -14,7 +14,7 @@ use tracing::instrument;
 use self::docker::DockerAction;
 use crate::config::{Config, ConfigSpec};
 use crate::context::RpcContext;
-use crate::id::{Id, InvalidId};
+use crate::id::{Id, ImageId, InvalidId};
 use crate::s9pk::manifest::PackageId;
 use crate::util::serde::{display_serializable, parse_stdin_deserializable, IoFormat};
 use crate::util::Version;
@@ -109,6 +109,18 @@ pub struct Action {
     pub input_spec: ConfigSpec,
 }
 impl Action {
+    #[instrument]
+    pub fn validate(&self, volumes: &Volumes, image_ids: &BTreeSet<ImageId>) -> Result<(), Error> {
+        self.implementation
+            .validate(volumes, image_ids, true)
+            .with_ctx(|_| {
+                (
+                    crate::ErrorKind::ValidateS9pk,
+                    format!("Action {}", self.name),
+                )
+            })
+    }
+
     #[instrument(skip(ctx))]
     pub async fn execute(
         &self,
@@ -147,6 +159,20 @@ pub enum ActionImplementation {
     Docker(DockerAction),
 }
 impl ActionImplementation {
+    #[instrument]
+    pub fn validate(
+        &self,
+        volumes: &Volumes,
+        image_ids: &BTreeSet<ImageId>,
+        expected_io: bool,
+    ) -> Result<(), color_eyre::eyre::Report> {
+        match self {
+            ActionImplementation::Docker(action) => {
+                action.validate(volumes, image_ids, expected_io)
+            }
+        }
+    }
+
     #[instrument(skip(ctx, input))]
     pub async fn execute<I: Serialize, O: for<'de> Deserialize<'de>>(
         &self,