From af4e66d2b2dadc7b134f93b7b2f357f76abfc314 Mon Sep 17 00:00:00 2001
From: Christian Kellner <christian@kellner.me>
Date: Thu, 10 Sep 2020 00:33:54 +0200
Subject: [PATCH] plugin/hub: use jsonschema to validate input

Use jsonschema to validate the input to the XMLRPC call to catch
mistakes early, i.e. before creating the task.
---
 container/hub/Dockerfile |  1 +
 plugins/hub/osbuild.py   | 61 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+)

diff --git a/container/hub/Dockerfile b/container/hub/Dockerfile
index ef3b86b..b2d5cd3 100644
--- a/container/hub/Dockerfile
+++ b/container/hub/Dockerfile
@@ -6,6 +6,7 @@ RUN dnf -y upgrade \
             --setopt=install_weak_deps=False \
             install \
 	koji-web \
+	python3-jsonschema \
 	&& dnf clean all
 
 COPY container/hub/hub.conf /etc/koji-hub/hub.conf
diff --git a/plugins/hub/osbuild.py b/plugins/hub/osbuild.py
index 16733b4..7973ccd 100644
--- a/plugins/hub/osbuild.py
+++ b/plugins/hub/osbuild.py
@@ -1,5 +1,8 @@
+"""Koji osbuild integration for Koji Hub"""
 import sys
 
+import jsonschema
+
 import logging
 import koji
 from koji.context import context
@@ -8,6 +11,62 @@ sys.path.insert(0, "/usr/share/koji-hub/")
 import kojihub
 
 
+OSBUILD_IMAGE_SCHMEA = {
+    "$schema": "http://json-schema.org/draft-04/schema#",
+    "title": "osbuildImage arguments",
+    "type": "array",
+    "minItems": 7,
+    "items": [
+        {
+            "type": "string",
+            "description": "Name"
+        },
+        {
+            "type": "string",
+            "description": "Version"
+        },
+        {
+            "type": "string",
+            "description": "Distribution"
+        },
+        {
+            "type": "array",
+            "description": "Image Types",
+            "minItems": 1
+        },
+        {
+            "type": "string",
+            "description": "Target"
+        },
+        {
+            "type": "array",
+            "description": "Architectures",
+            "minItems": 1
+        },
+        {
+            "type": "object",
+            "$ref": "#/definitions/options"
+        }],
+    "definitions": {
+        "options":{
+            "title": "Optional arguments",
+            "type": "object",
+            "additionalProperties": False,
+            "properties": {
+                "repo": {
+                    "type": "string",
+                    "description": "Repositories"
+                },
+                "release": {
+                    "type": "string",
+                    "description": "Release override"
+                }
+            }
+        }
+    }
+}
+
+
 @koji.plugin.export
 def osbuildImage(name, version, distro, image_types, target, arches, opts=None, priority=None):
     """Create an image via osbuild"""
@@ -15,6 +74,8 @@ def osbuildImage(name, version, distro, image_types, target, arches, opts=None,
     args = [name, version, distro, image_types, target, arches, opts]
     task = {"channel": "image"}
 
+    jsonschema.validate(args, OSBUILD_IMAGE_SCHMEA)
+
     if priority and priority < 0 and not context.session.hasPerm('admin'):
         raise koji.ActionNotAllowed('only admins may create high-priority tasks')