Yaml manifest schemaheader validation for V.1.10.0 and above #5126
Conversation
1. Introduce functions to search, parse, and validate schema headers in YAML manifests. 2. Add/Update structs and enums to support schema header validation. 3. Add new error messages and validation options, including treating schema header validation errors as warnings. Schema Header Validation Includes: 1. Validate presence of Manifest Schema Header. 2. Ensure Schema Header format correctness. 3. Verify Schema Header URL Pattern accuracy. 4. Confirm Schema Header Manifest Type matches ManifestType Property. 5. Check Schema Header Manifest Version matches ManifestVersion Property.
…e --manifest <<path>>' command 1. Introduced a new option `SchemaHeaderValidationAsWarning` to the `validateOption` object and set it to `true`. 2. This change treats schema header validation issues as warnings instead of errors, making the validation process more lenient. [NOTE:] 1. SchemaHeaderValidation errors should be treated as warnings for the winget CLI validate command. 2. SchemaHeaderValidation errors should be treated as errors for wingetsvc community manifests.
1. Added new test data files to validate various schema header errors in YAML manifests, including a. invalid headers, b. type mismatches, c. version mismatches, d. missing headers, and e. URL pattern mismatches. 2. Updated project files to include these test data files. 3. Added a new test case in `YamlManifest.cpp` to validate the schema headers of the new test data files and existing v.1.10 schema test files.
…ommand and WinGetUtils Interop binary 1. Added new test manifests with schema headers to validate various scenarios. 2. Updated `ValidateCommand.cs` to include new test cases for extended characters and schema headers. 3. Enhanced `WinGetUtilManifest.cs` with new test cases for schema headers and added a helper method for validation. Also, made minor formatting corrections.
The error message in the test case `TEST_CASE("ManifestV1_10_SchemaHeaderValidations", "[ManifestValidation]")` has been updated to provide a clearer and more specific description. The new message clarifies the mismatch issue between the manifest version in the schema header and the `ManifestVersion` property value in the manifest.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
src/AppInstallerCommonCore/Manifest/ManifestSchemaValidation.cpp
Outdated
Show resolved
Hide resolved
The changes correct a typo in the file path for a test manifest file in two different test files. Specifically, the file name `TestWarningManifestV1_10-SchemaHeadeVersionMismatch.yaml` is corrected to `TestWarningManifestV1_10-SchemaHeaderVersionMismatch.yaml` in both `ValidateCommand.cs` and `WinGetUtilManifest.cs`.
- Updated regex pattern for schema URL matching, - Renamed and revised validation functions, and introduced new helper functions for improved error handling and validation logic. - These changes ensure accurate validation of schema header URLs against schema definition files.
Updated the URL in the comment for the YAML language server schema to correct the casing of "defaultLocale" to "defaultlocale". This ensures the schema URL is correctly referenced.
| if (std::equal(schemaId.begin(), schemaId.end(), schemaHeaderUrlString.begin(), schemaHeaderUrlString.end(), | ||
| [](char a, char b) { return tolower(a) == tolower(b); })) | ||
| { | ||
| return true; | ||
| } |
There was a problem hiding this comment.
Do we need to perform a case-insensitive comparison, or should we enforce case sensitivity (all lowercase)?
There was a problem hiding this comment.
I think it is fine to be case-sensitive here as I don't think anyone will be typing the value in by hand.
…0GoodManifestAndVerifyContents test failure Corrected the URL in the comment for the YAML language server schema by changing "defaultlocale" to "defaultLocale" to ensure proper casing.
| @@ -46,6 +46,7 @@ namespace AppInstaller::CLI | |||
| { | |||
| ManifestValidateOption validateOption; | |||
| validateOption.FullValidation = true; | |||
| validateOption.SchemaHeaderValidationAsWarning = true; | |||
There was a problem hiding this comment.
Why do we need a new option here? This seems like it should be under the same umbrella as every other warning.
There was a problem hiding this comment.
This option allows the YAML parser to treat SchemaHeader violations as either errors or warnings. For the winget CLI validate command, these violations should be warnings, but for API calls through WinGetUtils, they should be treated as errors ( for WinGetSVC use case)
Additionally, Warnings do not block validation pipeline in WinGetSVC, but errors do. Therefore, for WinGetSVC calls, violations need to be treated as errors to be marked as failures in the validation pipeline for schema header violations.
| @@ -31,7 +31,7 @@ public void ValidateManifest() | |||
| [Test] | |||
| public void ValidateManifestWithExtendedCharacter() | |||
| { | |||
| var result = TestCommon.RunAICLICommand("validate", TestCommon.GetTestDataFile("Manifests\\T�stExeInstaller.yaml")); | |||
| var result = TestCommon.RunAICLICommand("validate", TestCommon.GetTestDataFile("Manifests\\TëstExeInstaller.yaml")); | |||
There was a problem hiding this comment.
This seems like a mistake that changed the encoding of the file.
src/AppInstallerCommonCore/Manifest/ManifestSchemaValidation.cpp
Outdated
Show resolved
Hide resolved
src/AppInstallerCommonCore/Manifest/ManifestSchemaValidation.cpp
Outdated
Show resolved
Hide resolved
src/AppInstallerCommonCore/Manifest/ManifestSchemaValidation.cpp
Outdated
Show resolved
Hide resolved
| schemaHeader.SchemaHeaderString.clear(); | ||
|
|
||
| // Search for the schema header string in the comments before the root node. | ||
| while (currentLine < rootNodeBeginsAtLine && std::getline(*yamlInputStream, line)) |
There was a problem hiding this comment.
This code assumes that the input stream actually contains 8-bit characters. The YAML parser (wrapper) supports detecting the encoding on the input stream and handling it properly. The Parser type is the one that ends up containing the full string text of the stream, while Document contains probably the level that a schema should apply to (we don't really attempt to do anything past the first document in a stream).
Since the YAML parser ignores comments, I would suggest moving the code that detects the schema into the wrapper (probably Document Parser::Load()) and making it a property of a Document.
| if (std::equal(schemaId.begin(), schemaId.end(), schemaHeaderUrlString.begin(), schemaHeaderUrlString.end(), | ||
| [](char a, char b) { return tolower(a) == tolower(b); })) | ||
| { | ||
| return true; | ||
| } |
There was a problem hiding this comment.
I think it is fine to be case-sensitive here as I don't think anyone will be typing the value in by hand.
…r messages 1. Updated error messages in multiple files to simplify instructions for verifying schema headers. 2. Removed detailed YAML node verification instructions. 3. Modified function signatures in ManifestSchemaValidation.cpp to remove const qualifiers.
Enable schema header validation for YAML manifests from version 1.10.0 onwards.
YAML Manifest Validation Changes:
Schema Header Validation Includes:
WinGet CLI Validation Command Changes:
SchemaHeaderValidationAsWarningto thevalidateOptionobject and set it totrue.[NOTE:]
[Test Coverage:]
[How Validated:]
[Test Results:]
YAML Manifest Validation Test Results:
WinGet Utils Interop Test Results:
Validate Command Test Results:
Microsoft Reviewers: Open in CodeFlow