use load, skip valid

Signed-off-by: schristoff <[email protected]>
zarf-dev · Sep 23, 2024 · 0ce03fd · 0ce03fd
1 parent 813e18d
commit 0ce03fd
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 39 deletions.
diff --git a/src/cmd/package.go b/src/cmd/package.go
@@ -194,27 +194,14 @@ var packageInspectCmd = &cobra.Command{
 			return err
 		}
 
-		loadOpt := packager2.LoadOptions{
-			Source:                  src,
-			Shasum:                  pkgConfig.PkgOpts.Shasum,
-			PublicKeyPath:           pkgConfig.PkgOpts.PublicKeyPath,
-			SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation,
-			Filter:                  filters.Empty(),
-		}
-
-		pkgPaths, err := packager2.LoadPackage(cmd.Context(), loadOpt)
-		if err != nil {
-			return err
-		}
-		defer os.RemoveAll(pkgPaths.Base)
-
 		cluster, _ := cluster.NewCluster()
 		inspectOpt := packager2.ZarfInspectOptions{
-			PackagePaths:  pkgPaths,
-			Cluster:       cluster,
-			ListImages:    pkgConfig.InspectOpts.ListImages,
-			ViewSBOM:      pkgConfig.InspectOpts.ViewSBOM,
-			SBOMOutputDir: pkgConfig.InspectOpts.SBOMOutputDir,
+			Source:                  src,
+			SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation,
+			Cluster:                 cluster,
+			ListImages:              pkgConfig.InspectOpts.ListImages,
+			ViewSBOM:                pkgConfig.InspectOpts.ViewSBOM,
+			SBOMOutputDir:           pkgConfig.InspectOpts.SBOMOutputDir,
 		}
 
 		if pkgConfig.InspectOpts.ListImages {

diff --git a/src/internal/packager2/inspect.go b/src/internal/packager2/inspect.go
@@ -12,28 +12,29 @@ import (
 	"github.com/zarf-dev/zarf/src/api/v1alpha1"
 	"github.com/zarf-dev/zarf/src/internal/packager/sbom"
 	"github.com/zarf-dev/zarf/src/pkg/cluster"
-	"github.com/zarf-dev/zarf/src/pkg/layout"
+	"github.com/zarf-dev/zarf/src/pkg/packager/filters"
 )
 
 // ZarfInspectOptions tracks the user-defined preferences during a package inspection.
 type ZarfInspectOptions struct {
-	PackagePaths  *layout.PackagePaths
-	Cluster       *cluster.Cluster
-	ViewSBOM      bool
-	SBOMOutputDir string
-	ListImages    bool
+	Source                  string
+	Cluster                 *cluster.Cluster
+	ViewSBOM                bool
+	SBOMOutputDir           string
+	ListImages              bool
+	SkipSignatureValidation bool
 }
 
 // Inspect list the contents of a package.
-func Inspect(ctx context.Context, options ZarfInspectOptions) (v1alpha1.ZarfPackage, error) {
+func Inspect(ctx context.Context, opt ZarfInspectOptions) (v1alpha1.ZarfPackage, error) {
 	var err error
-	pkg, err := getPackageMetadata(ctx, options.PackagePaths)
+	pkg, err := getPackageMetadata(ctx, opt)
 	if err != nil {
 		return pkg, err
 	}
 
-	if getSBOM(options.ViewSBOM, options.SBOMOutputDir) {
-		err = handleSBOMOptions(options.PackagePaths, pkg, options.ViewSBOM, options.SBOMOutputDir)
+	if getSBOM(opt.ViewSBOM, opt.SBOMOutputDir) {
+		err = handleSBOMOptions(ctx, pkg, opt)
 		if err != nil {
 			return pkg, err
 		}
@@ -43,9 +44,9 @@ func Inspect(ctx context.Context, options ZarfInspectOptions) (v1alpha1.ZarfPack
 }
 
 // InspectList lists the images in a component action
-func InspectList(ctx context.Context, options ZarfInspectOptions) ([]string, error) {
+func InspectList(ctx context.Context, opt ZarfInspectOptions) ([]string, error) {
 	var imageList []string
-	pkg, err := getPackageMetadata(ctx, options.PackagePaths)
+	pkg, err := getPackageMetadata(ctx, opt)
 	if err != nil {
 		return nil, err
 	}
@@ -64,27 +65,37 @@ func InspectList(ctx context.Context, options ZarfInspectOptions) ([]string, err
 	return imageList, err
 }
 
-func getPackageMetadata(_ context.Context, layout *layout.PackagePaths) (v1alpha1.ZarfPackage, error) {
-	pkg, _, err := layout.ReadZarfYAML()
+func getPackageMetadata(ctx context.Context, opt ZarfInspectOptions) (v1alpha1.ZarfPackage, error) {
+	pkg, err := packageFromSourceOrCluster(ctx, opt.Cluster, opt.Source, opt.SkipSignatureValidation)
 	if err != nil {
 		return pkg, err
 	}
+
 	return pkg, nil
 }
 
-func handleSBOMOptions(layout *layout.PackagePaths, pkg v1alpha1.ZarfPackage, viewSBOM bool, SBOMOutputDir string) error {
-	if SBOMOutputDir != "" {
-		out, err := layout.SBOMs.OutputSBOMFiles(SBOMOutputDir, pkg.Metadata.Name)
+func handleSBOMOptions(ctx context.Context, pkg v1alpha1.ZarfPackage, opt ZarfInspectOptions) error {
+	loadOpt := LoadOptions{
+		Source:                  opt.Source,
+		SkipSignatureValidation: opt.SkipSignatureValidation,
+		Filter:                  filters.Empty(),
+	}
+	layout, err := LoadPackage(ctx, loadOpt)
+	if err != nil {
+		return err
+	}
+	if opt.SBOMOutputDir != "" {
+		out, err := layout.SBOMs.OutputSBOMFiles(opt.SBOMOutputDir, pkg.Metadata.Name)
 		if err != nil {
 			return err
 		}
-		if viewSBOM {
+		if opt.ViewSBOM {
 			err := sbom.ViewSBOMFiles(out)
 			if err != nil {
 				return err
 			}
 		}
-	} else if viewSBOM {
+	} else if opt.ViewSBOM {
 		err := sbom.ViewSBOMFiles(layout.SBOMs.Path)
 		if err != nil {
 			return err

diff --git a/src/test/e2e/11_oci_pull_inspect_test.go b/src/test/e2e/11_oci_pull_inspect_test.go
@@ -70,7 +70,7 @@ func (suite *PullInspectTestSuite) Test_1_Remote_Inspect() {
 	// Test inspect on a public package.
 	// NOTE: This also makes sure that Zarf does not attempt auth when inspecting a public package.
 	ref := fmt.Sprintf("oci://ghcr.io/zarf-dev/packages/dos-games:1.0.0-%s", e2e.Arch)
-	_, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", ref, "--insecure")
+	_, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", ref, "--skip-signature-validation")
 	suite.NoError(err, stdErr)
 }