genschema.go shouldn't import multiple jsonschema libraries

[AkihiroSuda]

lima/cmd/limactl/genschema.go

Lines 13 to 15 in 00e3398

	"github.com/invopop/jsonschema"
	"github.com/lima-vm/lima/pkg/limayaml"
	jsonschema2 "github.com/santhosh-tekuri/jsonschema/v6"

Shouldn't need both "github.com/invopop/jsonschema" and "github.com/santhosh-tekuri/jsonschema/v6

[afbjorklund]

There is one library (called "jsonschema") to generate the jsonschema from the comments in the Go code.
There is another library (called "jsonschema") to validate that the default.yaml follows the generated schema.

We could perhaps move the validation into a separate util directory? That would make the separation clearer.
Also the jsonschema validation does not understand the new base directory, and doesn't embed documents:

• Embedded json templates are failing jsonschema validation #3511

[afbjorklund]

Should we remove the validation code from Lima, or how do you want to handle not using the santhosh-tekuri/jsonschema library?

• jsonschema should have tests #2768

commit 157f7a4

We can call the jv CLI instead, as an external program (or check-jsonschema, even though it is written in python)

jv schema-limayaml.json templates/default.yaml default-template.yaml

check-jsonschema --schemafile schema-limayaml.json templates/default.yaml default-template.yaml

[jandubois]

I don't understand what the desired action is for this issue.

Given that the 2 jsonschema libraries perform different functions, it sounds like they are both needed (or can both be removed).

I have not checked; do they add significantly to the size of limactl? If they do, then I could see the need for moving the functionality into a separate utility.

I think the json schema should be an artifact that is included in the release, like the man pages. That way a user could install it in their IDE to validate lima.yaml files.

I don't see any need why a user would ever need to generate the schema themselves.

The same argument can be made for the man pages.

So maybe both the gendoc and genschema commands should be moved to a helper program that is only used during build time? Could be a "Good First Issue".

[AkihiroSuda]

I wished there might be a single jsonschema library that covers both validation and generation, but not a high priority issue.

[AkihiroSuda]

Related:

• Remove indirect dependency on github.com/mailru/easyjson #3527 (comment)

[afbjorklund]

I think the json schema should be an artifact that is included in the release, like the man pages. That way a user could install it in their IDE to validate lima.yaml files.

It is supposed to be published on a website, and then the URL made available to include in the JSON Schema "store"...

https://www.schemastore.org/json/

But you can work around that, by rendering a local file or using the git browser directly or something similar - like so:

https://raw.githubusercontent.com/canonical/cloud-init/main/cloudinit/config/schemas/versions.schema.cloud-config.json

I don't see any need why a user would ever need to generate the schema themselves.

That is why the commands are hidden, and only used by make rules for producing artifacts.

But the schema is more intended for a web site, and the manpages better included with binaries

[jandubois]

Related:

• Remove indirect dependency on github.com/mailru/easyjson #3527 (comment)

I see.

As I wrote in that issue, "I have no problem with removing the dependency from our code base as much as reasonably possible", but I don't think we need to go out of our way to remove dependencies that in turn rely on easyjson.

From a legal perspective we are covered by the decision of CNCF that no action is necessary. From a supply chain perspective I think there are enough eyes on this particular module now that it seems unlikely it will be exploited in the future (especially since it doesn't have a lot of activity anymore anyways).

So I think the "reasonably possible" part comes into play here: how much effort would it take, and what does it actually gain us.

To me it is still not clear what the next action should be on this issue.

[jandubois]

I have not checked; do they add significantly to the size of limactl?

I've checked now, and removing the gendoc and genschema commands reduces the size of limactl by 1MB from 28MB to 27MB, which I would consider immaterial; I think that is not a reason to move them to a separate built-time utility.