> On Dec. 21, 2018, 9:23 a.m., Qian Zhang wrote: > > include/mesos/slave/containerizer.proto > > Lines 197 (patched) > > <https://reviews.apache.org/r/68017/diff/10/?file=2109592#file2109592line197> > > > > Can you please elaborate a bit why our internal json format is > > incompatible with Docker Seccomp profile format?
Our internal json format is designed *only* for marshalling/unmarshalling of a *Protobuf message* via JSON. You cannot take *any* JSON and then convert it to the protobuf message, because JSON -> Proto translation requires storing a SCHEMA into JSON. This schema is used to convert from JSON to proto message by our internal parser. If we want to use our internal json format, we need to modify (to add SCHEMA) the Docker Seccomp profile. > On Dec. 21, 2018, 9:23 a.m., Qian Zhang wrote: > > include/mesos/slave/containerizer.proto > > Lines 250-254 (patched) > > <https://reviews.apache.org/r/68017/diff/10/?file=2109592#file2109592line250> > > > > If it is `Some` comparison operators accept two values, should this > > field be optional? I could do that, but it overcomplicates the logic of Seccomp parser. In order to do that, I need to add a `switch` statement that sets the value for `value_two` field depending on `op` operator's type. Note, that the user of `ContainerSeccompProfile` is `class Seccomp` which ignores `value_two` field when it's not needed. Also, `value_two` is *always* defined in Docker's profile regardless of operator's type. Hence, making a single field optional by increasing complexity of the Seccomp parser (see `parseSyscallArgument()`) doesn't look appealing to me. - Andrei ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/68017/#review211492 ----------------------------------------------------------- On Nov. 8, 2018, 3:24 p.m., Andrei Budnik wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/68017/ > ----------------------------------------------------------- > > (Updated Nov. 8, 2018, 3:24 p.m.) > > > Review request for mesos, Gilbert Song, Jie Yu, James Peach, and Qian Zhang. > > > Bugs: MESOS-9033 > https://issues.apache.org/jira/browse/MESOS-9033 > > > Repository: mesos > > > Description > ------- > > See summary. > > > Diffs > ----- > > include/mesos/mesos.proto 2ef6ba3aef67cf34227569948fd3ddc8dfd5879d > include/mesos/slave/containerizer.proto > 5b4dcdda0f55ea3355c78d1447c7be9ca54d9dc9 > include/mesos/v1/mesos.proto 1a701da65f653fe4191f92ff1fb1436809b50acb > > > Diff: https://reviews.apache.org/r/68017/diff/11/ > > > Testing > ------- > > > Thanks, > > Andrei Budnik > >
