-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fail lookups on invalid resource names #69
Conversation
Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rob-clarke, thanks for the PR the code and tests look good to me.
As you pointed out, I'm not sure if this should be fixed in ros2launch. @hidmic, what do you think?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I couldn't find any hard requirements on resource names other than a suggestion here that they should conform to REP 127 suggestions on naming, which are now captured in REP 144.
@rob-clarke to the best of my knowledge, there aren't any strict requirements. I'd rather enforce valid package names instead of coming up with extra checks for resource names.
The current resource index documentation says:
So I'm hesitant to enforce package names as it doesn't fit with the warnings there. Currently the PR only checks for forward slashes in the resource name which fixes the issue that led to this. It could be made stricter to only accept valid package names and additionally spaces to follow the resource index doc. |
@rob-clarke I meant enforcing valid package names where a package name is expected i.e. in |
Yes, a check for a valid package name can be added to I think some form of resource name check is still necessary. Ultimately the cause of this was that if a resource name starting with |
That's fair. I think it's reasonable to assume absolute paths are no-go for resource names and types, as these break search paths. But a relative path for a resource type or name wouldn't -- and it may be even be handy for someone, though I don't know of an existing use case. Checking for invalid package names and absolute paths in both resource types and names should address the issue in |
Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
3860070
to
6c77e05
Compare
Quoting from the docs again:
That suggests that relative paths should not be expected for resource type names or resource names. Looking at the bigger picture: is looking up a resource of a type with a relative path name not just equivalent to looking up a different resource type? At which point would the user not be better off just calling |
Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
Indeed. I missed that piece of documentation. I'm fine with blocking slashes for resource types and names then.
Yes, it'd equivalent from a user POV. The ambiguity is not necessarily bad, but it appears it wasn't intended. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall LGTM
if ('/' in resource_name) or ('\\' in resource_name): | ||
return True | ||
return False |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rob-clarke nit:
if ('/' in resource_name) or ('\\' in resource_name): | |
return True | |
return False | |
return ('/' in resource_name) or ('\\' in resource_name) |
Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me with green CI.
While this is definitely a bugfix, I'm nervous about putting it into Galactic at this juncture. It's in such a low-level package that any problems here have the potential to cause instabilities all the way up the stack. I'm going to suggest that we hold off on this one for post-Galactic, and then consider backporting it into Galactic in a patch release. If we go that route, I think this also deserves an entry in the Galactic release notes as a Known Issue. |
Sounds good to me.
If that is what we decide to do, I can add this to the release notes. |
This one sounds like a good one to add to the (not-yet-created) Galactic Patch Release 1 board. @cottsay please add this one as well when you get a chance. |
The main thing to watch out for in the full stack testing is use of
|
@rob-clarke, from you fix the CI errors? It looks like (1) there is a linter warning and (2) that another PR needs to be added to update a test in |
|
Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
I think that fixes the linter warnings. I'll need a bit more input on the |
@rob-clarke You've mentioned auto-generated package names that don't conform to REP-144 a couple of times here. Could you explain more on where you expect these to come from? |
It's not really that I expect them to exist, just that the standard leaves that option open so I don't want to break things elsewhere in the stack. |
We should not relax the naming rules in REP 144. First, we should not relax the REP for "generated" packages. To a user a generated package is the same as any other package on their system. You'll find that several packages already have generated content pragmatically. To keep "generated" packages from colliding I recommend using a unique prefix with the name relating to the project or organization. Packages operate in a flat namespace and it's the developer's responsibility not to clobber others in that namespace. Adding the prefix underscore will keep you from colliding with others not using the double underscore. But if you're generating packages without controls or limits it would seem to be easy for And second, the name rules are leveraged in our different language code generators so that generated code cannot collide with user written code that follows our naming conventions. Relaxing the requirement that the underscores are only internal separators would prevent the generated code from using a double underscore to provide a higher level separator. This is particularly important as we need to have this same guarantee even if a new language support is added that the developer didn't know about when writing their code etc. |
Now allows uppercase letters, dashes and leading numerals. Test modified to reflect this Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
Tracking work in progress in ament/ament_index#69 Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
Tracking work in progress in ament/ament_index#69 Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
@rob-clarke, is this ready to be reviewed again by @wjwwood ? |
Yes, I think I've addressed all the comments. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lgtm
It seems that this test is now throwing a @rob-clarke, if you make a small PR in |
New CI with ros2/ros2cli#643: |
* Add invalid package name test Tracking work in progress in ament/ament_index#69 Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk> * Handle ValueError from get_package_prefix Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk> * Lint Signed-off-by: Rob Clarke <robert.clarke@bristol.ac.uk>
Thanks @rob-clarke for the PR! 🎉 |
Depends on ros2/ros2cli#643
This was found through ros2launch, where attempting to provide an absolute path to a launch file, along with launch arguments, resulted in failure. This was because ros2launch was passing the absolute path to
get_package_prefix()
in attempting to see if it was a package.If a valid absolute path was passed to
get_package_prefix()
as the package name, aPackageNotFoundError
was not raised and instead the first path fromget_search_paths()
was returned.This resulted from the behaviour of
get_resource()
: if a valid absolute path was passed toget_resource()
as the resource name, the contents of that absolute path was returned along with the first path fromget_search_paths()
as the path.This PR adds an
InvalidResourceNameError
which is raised when the resource name argument contains a/
. This catches the absolute path case as well as cases that may result from relative paths. I couldn't find any hard requirements on resource names other than a suggestion here that they should conform to REP 127 suggestions on naming, which are now captured in REP 144. If stricter restrictions on resource names are defined, these can be added to thename_is_invalid()
function added here.I'm unsure if this is a good fit for here or the problem is better off being addressed in ros2launch, where input to
get_package_prefix()
could be sanitised. Even if changed here, a fix in ros2launch will be needed but the error message should now be a little clearer.