From 0ce03fd73486afeae07d15c8c09583531aad45ef Mon Sep 17 00:00:00 2001 From: schristoff <28318173+schristoff@users.noreply.github.com> Date: Mon, 23 Sep 2024 16:14:07 -0600 Subject: [PATCH] use load, skip valid Signed-off-by: schristoff <28318173+schristoff@users.noreply.github.com> --- src/cmd/package.go | 25 +++--------- src/internal/packager2/inspect.go | 49 +++++++++++++++--------- src/test/e2e/11_oci_pull_inspect_test.go | 2 +- 3 files changed, 37 insertions(+), 39 deletions(-) diff --git a/src/cmd/package.go b/src/cmd/package.go index 28404cd89e..6ce03458c6 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -194,27 +194,14 @@ var packageInspectCmd = &cobra.Command{ return err } - loadOpt := packager2.LoadOptions{ - Source: src, - Shasum: pkgConfig.PkgOpts.Shasum, - PublicKeyPath: pkgConfig.PkgOpts.PublicKeyPath, - SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, - Filter: filters.Empty(), - } - - pkgPaths, err := packager2.LoadPackage(cmd.Context(), loadOpt) - if err != nil { - return err - } - defer os.RemoveAll(pkgPaths.Base) - cluster, _ := cluster.NewCluster() inspectOpt := packager2.ZarfInspectOptions{ - PackagePaths: pkgPaths, - Cluster: cluster, - ListImages: pkgConfig.InspectOpts.ListImages, - ViewSBOM: pkgConfig.InspectOpts.ViewSBOM, - SBOMOutputDir: pkgConfig.InspectOpts.SBOMOutputDir, + Source: src, + SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, + Cluster: cluster, + ListImages: pkgConfig.InspectOpts.ListImages, + ViewSBOM: pkgConfig.InspectOpts.ViewSBOM, + SBOMOutputDir: pkgConfig.InspectOpts.SBOMOutputDir, } if pkgConfig.InspectOpts.ListImages { diff --git a/src/internal/packager2/inspect.go b/src/internal/packager2/inspect.go index 17a39f7942..4545abe48e 100644 --- a/src/internal/packager2/inspect.go +++ b/src/internal/packager2/inspect.go @@ -12,28 +12,29 @@ import ( "github.com/zarf-dev/zarf/src/api/v1alpha1" "github.com/zarf-dev/zarf/src/internal/packager/sbom" "github.com/zarf-dev/zarf/src/pkg/cluster" - "github.com/zarf-dev/zarf/src/pkg/layout" + "github.com/zarf-dev/zarf/src/pkg/packager/filters" ) // ZarfInspectOptions tracks the user-defined preferences during a package inspection. type ZarfInspectOptions struct { - PackagePaths *layout.PackagePaths - Cluster *cluster.Cluster - ViewSBOM bool - SBOMOutputDir string - ListImages bool + Source string + Cluster *cluster.Cluster + ViewSBOM bool + SBOMOutputDir string + ListImages bool + SkipSignatureValidation bool } // Inspect list the contents of a package. -func Inspect(ctx context.Context, options ZarfInspectOptions) (v1alpha1.ZarfPackage, error) { +func Inspect(ctx context.Context, opt ZarfInspectOptions) (v1alpha1.ZarfPackage, error) { var err error - pkg, err := getPackageMetadata(ctx, options.PackagePaths) + pkg, err := getPackageMetadata(ctx, opt) if err != nil { return pkg, err } - if getSBOM(options.ViewSBOM, options.SBOMOutputDir) { - err = handleSBOMOptions(options.PackagePaths, pkg, options.ViewSBOM, options.SBOMOutputDir) + if getSBOM(opt.ViewSBOM, opt.SBOMOutputDir) { + err = handleSBOMOptions(ctx, pkg, opt) if err != nil { return pkg, err } @@ -43,9 +44,9 @@ func Inspect(ctx context.Context, options ZarfInspectOptions) (v1alpha1.ZarfPack } // InspectList lists the images in a component action -func InspectList(ctx context.Context, options ZarfInspectOptions) ([]string, error) { +func InspectList(ctx context.Context, opt ZarfInspectOptions) ([]string, error) { var imageList []string - pkg, err := getPackageMetadata(ctx, options.PackagePaths) + pkg, err := getPackageMetadata(ctx, opt) if err != nil { return nil, err } @@ -64,27 +65,37 @@ func InspectList(ctx context.Context, options ZarfInspectOptions) ([]string, err return imageList, err } -func getPackageMetadata(_ context.Context, layout *layout.PackagePaths) (v1alpha1.ZarfPackage, error) { - pkg, _, err := layout.ReadZarfYAML() +func getPackageMetadata(ctx context.Context, opt ZarfInspectOptions) (v1alpha1.ZarfPackage, error) { + pkg, err := packageFromSourceOrCluster(ctx, opt.Cluster, opt.Source, opt.SkipSignatureValidation) if err != nil { return pkg, err } + return pkg, nil } -func handleSBOMOptions(layout *layout.PackagePaths, pkg v1alpha1.ZarfPackage, viewSBOM bool, SBOMOutputDir string) error { - if SBOMOutputDir != "" { - out, err := layout.SBOMs.OutputSBOMFiles(SBOMOutputDir, pkg.Metadata.Name) +func handleSBOMOptions(ctx context.Context, pkg v1alpha1.ZarfPackage, opt ZarfInspectOptions) error { + loadOpt := LoadOptions{ + Source: opt.Source, + SkipSignatureValidation: opt.SkipSignatureValidation, + Filter: filters.Empty(), + } + layout, err := LoadPackage(ctx, loadOpt) + if err != nil { + return err + } + if opt.SBOMOutputDir != "" { + out, err := layout.SBOMs.OutputSBOMFiles(opt.SBOMOutputDir, pkg.Metadata.Name) if err != nil { return err } - if viewSBOM { + if opt.ViewSBOM { err := sbom.ViewSBOMFiles(out) if err != nil { return err } } - } else if viewSBOM { + } else if opt.ViewSBOM { err := sbom.ViewSBOMFiles(layout.SBOMs.Path) if err != nil { return err diff --git a/src/test/e2e/11_oci_pull_inspect_test.go b/src/test/e2e/11_oci_pull_inspect_test.go index 9a8189b0ab..b7d52fecec 100644 --- a/src/test/e2e/11_oci_pull_inspect_test.go +++ b/src/test/e2e/11_oci_pull_inspect_test.go @@ -70,7 +70,7 @@ func (suite *PullInspectTestSuite) Test_1_Remote_Inspect() { // Test inspect on a public package. // NOTE: This also makes sure that Zarf does not attempt auth when inspecting a public package. ref := fmt.Sprintf("oci://ghcr.io/zarf-dev/packages/dos-games:1.0.0-%s", e2e.Arch) - _, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", ref, "--insecure") + _, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", ref, "--skip-signature-validation") suite.NoError(err, stdErr) }