From 97f6178eca88c3a6bcee53607fcad86d0de5f0f4 Mon Sep 17 00:00:00 2001 From: Austin Abro <37223396+AustinAbro321@users.noreply.github.com> Date: Mon, 16 Sep 2024 08:25:34 -0600 Subject: [PATCH] fix: add shasum flag and test for https pull (#2998) Signed-off-by: Austin Abro --- site/src/content/docs/commands/zarf_package_deploy.md | 2 +- site/src/content/docs/commands/zarf_package_pull.md | 1 + src/cmd/package.go | 1 + src/config/lang/english.go | 3 ++- src/test/e2e/00_use_cli_test.go | 11 +++++++++++ 5 files changed, 16 insertions(+), 2 deletions(-) diff --git a/site/src/content/docs/commands/zarf_package_deploy.md b/site/src/content/docs/commands/zarf_package_deploy.md index 1009c9bf56..2dda0e6fad 100644 --- a/site/src/content/docs/commands/zarf_package_deploy.md +++ b/site/src/content/docs/commands/zarf_package_deploy.md @@ -28,7 +28,7 @@ zarf package deploy [ PACKAGE_SOURCE ] [flags] -h, --help help for deploy --retries int Number of retries to perform for Zarf deploy operations like git/image pushes or Helm installs (default 3) --set stringToString Specify deployment variables to set on the command line (KEY=value) (default []) - --shasum string Shasum of the package to deploy. Required if deploying a remote package. + --shasum string Shasum of the package to deploy. Required if deploying a remote https package. --skip-signature-validation Skip validating the signature of the Zarf package --skip-webhooks [alpha] Skip waiting for external webhooks to execute as each package component is deployed --timeout duration Timeout for health checks and Helm operations such as installs and rollbacks (default 15m0s) diff --git a/site/src/content/docs/commands/zarf_package_pull.md b/site/src/content/docs/commands/zarf_package_pull.md index 202eb2e807..81bee3464c 100644 --- a/site/src/content/docs/commands/zarf_package_pull.md +++ b/site/src/content/docs/commands/zarf_package_pull.md @@ -33,6 +33,7 @@ $ zarf package pull oci://ghcr.io/defenseunicorns/packages/dos-games:1.0.0 -a sk ``` -h, --help help for pull -o, --output-directory string Specify the output directory for the pulled Zarf package + --shasum string Shasum of the package to pull. Required if pulling a https package. A shasum can be retrieved using 'zarf dev sha256sum ' ``` ### Options inherited from parent commands diff --git a/src/cmd/package.go b/src/cmd/package.go index 130a11c884..500b3bc7a0 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -518,5 +518,6 @@ func bindPublishFlags(v *viper.Viper) { func bindPullFlags(v *viper.Viper) { pullFlags := packagePullCmd.Flags() + pullFlags.StringVar(&pkgConfig.PkgOpts.Shasum, "shasum", "", lang.CmdPackagePullFlagShasum) pullFlags.StringVarP(&pkgConfig.PullOpts.OutputDirectory, "output-directory", "o", v.GetString(common.VPkgPullOutputDir), lang.CmdPackagePullFlagOutputDirectory) } diff --git a/src/config/lang/english.go b/src/config/lang/english.go index ccc2f83f06..26f67b60c5 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -276,7 +276,7 @@ $ zarf package mirror-resources \ CmdPackageDeployFlagAdoptExistingResources = "Adopts any pre-existing K8s resources into the Helm charts managed by Zarf. ONLY use when you have existing deployments you want Zarf to takeover." CmdPackageDeployFlagSet = "Specify deployment variables to set on the command line (KEY=value)" CmdPackageDeployFlagComponents = "Comma-separated list of components to deploy. Adding this flag will skip the prompts for selected components. Globbing component names with '*' and deselecting 'default' components with a leading '-' are also supported." - CmdPackageDeployFlagShasum = "Shasum of the package to deploy. Required if deploying a remote package." + CmdPackageDeployFlagShasum = "Shasum of the package to deploy. Required if deploying a remote https package." CmdPackageDeployFlagSget = "[Deprecated] Path to public sget key file for remote packages signed via cosign. This flag will be removed in v1.0.0 please use the --key flag instead." CmdPackageDeployFlagSkipWebhooks = "[alpha] Skip waiting for external webhooks to execute as each package component is deployed" CmdPackageDeployFlagTimeout = "Timeout for health checks and Helm operations such as installs and rollbacks" @@ -317,6 +317,7 @@ $ zarf package pull oci://ghcr.io/defenseunicorns/packages/dos-games:1.0.0 -a ar # Pull a skeleton package $ zarf package pull oci://ghcr.io/defenseunicorns/packages/dos-games:1.0.0 -a skeleton` CmdPackagePullFlagOutputDirectory = "Specify the output directory for the pulled Zarf package" + CmdPackagePullFlagShasum = "Shasum of the package to pull. Required if pulling a https package. A shasum can be retrieved using 'zarf dev sha256sum '" CmdPackageChoose = "Choose or type the package file" CmdPackageClusterSourceFallback = "%q does not satisfy any current sources, assuming it is a package deployed to a cluster" diff --git a/src/test/e2e/00_use_cli_test.go b/src/test/e2e/00_use_cli_test.go index de0c5a7a51..9071a114b7 100644 --- a/src/test/e2e/00_use_cli_test.go +++ b/src/test/e2e/00_use_cli_test.go @@ -50,6 +50,17 @@ func TestUseCLI(t *testing.T) { require.Contains(t, stdOut, expectedShasum, "The expected SHASUM should equal the actual SHASUM") }) + t.Run("zarf package pull https", func(t *testing.T) { + t.Parallel() + packageShasum := "690799dbe8414238e11d4488754eee52ec264c1584cd0265e3b91e3e251e8b1a" + packageName := "zarf-init-amd64-v0.39.0.tar.zst" + _, _, err := e2e.Zarf(t, "package", "pull", fmt.Sprintf("https://github.com/zarf-dev/zarf/releases/download/v0.39.0/%s", packageName), "--shasum", packageShasum) + require.NoError(t, err) + require.FileExists(t, packageName) + err = os.Remove(packageName) + require.NoError(t, err) + }) + t.Run("zarf version", func(t *testing.T) { t.Parallel() // Test `zarf version`