Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-19 15:56:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

bazel: allow custom container_prefix (#1693)

Browse Source 
* build: allow custom container registry

* build: fix .bazeloverwriterc import
This commit is contained in:
3u13r 2023-04-27 11:52:02 +02:00 committed by GitHub
parent 12216ea997
commit 1bdf410b52
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 192 additions and 257 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.bazelrc
View File

@ -26,6 +26,9 @@ build --define=gotags=netgo
# enable tpm simulator for tests # enable tpm simulator for tests
test --//bazel/settings:tpm_simulator test --//bazel/settings:tpm_simulator
# set registry flag alias
build --flag_alias=container_prefix=//bazel/settings:container_prefix
# disable test caching (rerun all test cases even if they passed before) # disable test caching (rerun all test cases even if they passed before)
test --cache_test_results=no test --cache_test_results=no
@ -52,4 +55,4 @@ build:remote_cache --experimental_remote_cache_compression
build:remote_cache --nolegacy_important_outputs build:remote_cache --nolegacy_important_outputs
build:remote_cache_readonly --noremote_upload_local_results # Uploads logs & artifacts without writing to cache build:remote_cache_readonly --noremote_upload_local_results # Uploads logs & artifacts without writing to cache
try-import .bazeloverwriterc try-import %workspace%/.bazeloverwriterc

7
BUILD.bazel
View File

@ -23,12 +23,7 @@ alias(
alias( alias(
name = "devbuild", name = "devbuild",
actual = "//bazel/devbuild:devbuild", actual = "//bazel/release:build_and_push",
)
alias(
name = "push",
actual = "//bazel/release:push",
) )
# These magic Gazelle commands need to be in the top-level BUILD file. # These magic Gazelle commands need to be in the top-level BUILD file.

102
bazel/oci/containers.bzl
View File

@ -2,11 +2,8 @@
This module holds the definitions of the containers that are built. This module holds the definitions of the containers that are built.
""" """
load("@rules_oci//oci:defs.bzl", _oci_push = "oci_push", _oci_tarball = "oci_tarball") load("@bazel_skylib//lib:paths.bzl", "paths")
load("//bazel/oci:pin.bzl", "oci_sum") load("@bazel_skylib//rules:common_settings.bzl", "BuildSettingInfo")
_default_registry = "ghcr.io"
_default_prefix = "edgelesssys/constellation"
def containers(): def containers():
return [ return [
@ -15,9 +12,7 @@ def containers():
"image_name": "join-service", "image_name": "join-service",
"name": "joinservice", "name": "joinservice",
"oci": "//joinservice/cmd:joinservice", "oci": "//joinservice/cmd:joinservice",
"prefix": _default_prefix, "repotag_file": "//bazel/release:joinservice_tag.txt",
"registry": _default_registry,
"tag_file": "//bazel/settings:tag",
"used_by": ["helm"], "used_by": ["helm"],
}, },
{ {
@ -25,9 +20,7 @@ def containers():
"image_name": "key-service", "image_name": "key-service",
"name": "keyservice", "name": "keyservice",
"oci": "//keyservice/cmd:keyservice", "oci": "//keyservice/cmd:keyservice",
"prefix": _default_prefix, "repotag_file": "//bazel/release:keyservice_tag.txt",
"registry": _default_registry,
"tag_file": "//bazel/settings:tag",
"used_by": ["helm"], "used_by": ["helm"],
}, },
{ {
@ -35,9 +28,7 @@ def containers():
"image_name": "verification-service", "image_name": "verification-service",
"name": "verificationservice", "name": "verificationservice",
"oci": "//verify/cmd:verificationservice", "oci": "//verify/cmd:verificationservice",
"prefix": _default_prefix, "repotag_file": "//bazel/release:verificationservice_tag.txt",
"registry": _default_registry,
"tag_file": "//bazel/settings:tag",
"used_by": ["helm"], "used_by": ["helm"],
}, },
{ {
@ -45,9 +36,7 @@ def containers():
"image_name": "node-operator", "image_name": "node-operator",
"name": "nodeoperator", "name": "nodeoperator",
"oci": "//operators/constellation-node-operator:node_operator", "oci": "//operators/constellation-node-operator:node_operator",
"prefix": _default_prefix, "repotag_file": "//bazel/release:nodeoperator_tag.txt",
"registry": _default_registry,
"tag_file": "//bazel/settings:tag",
"used_by": ["helm"], "used_by": ["helm"],
}, },
{ {
@ -55,9 +44,7 @@ def containers():
"image_name": "qemu-metadata-api", "image_name": "qemu-metadata-api",
"name": "qemumetadata", "name": "qemumetadata",
"oci": "//hack/qemu-metadata-api:qemumetadata", "oci": "//hack/qemu-metadata-api:qemumetadata",
"prefix": _default_prefix, "repotag_file": "//bazel/release:qemumetadata_tag.txt",
"registry": _default_registry,
"tag_file": "//bazel/settings:tag",
"used_by": ["config"], "used_by": ["config"],
}, },
{ {
@ -65,9 +52,7 @@ def containers():
"image_name": "libvirt", "image_name": "libvirt",
"name": "libvirt", "name": "libvirt",
"oci": "//cli/internal/libvirt:constellation_libvirt", "oci": "//cli/internal/libvirt:constellation_libvirt",
"prefix": _default_prefix, "repotag_file": "//bazel/release:libvirt_tag.txt",
"registry": _default_registry,
"tag_file": "//bazel/settings:tag",
"used_by": ["config"], "used_by": ["config"],
}, },
] ]
@ -78,58 +63,21 @@ def helm_containers():
def config_containers(): def config_containers():
return [container for container in containers() if "config" in container["used_by"]] return [container for container in containers() if "config" in container["used_by"]]
def container_sum(name, oci, registry, prefix, image_name, **kwargs): def _container_reponame_impl(ctx):
tag = kwargs.get("tag", None) container_prefix = ctx.attr._prefix[BuildSettingInfo].value
tag_file = kwargs.get("tag_file", None) if container_prefix == None:
oci_sum( fail("container_prefix is not set")
name = name + "_sum",
oci = oci, full_container_tag = paths.join(container_prefix, ctx.attr.container_name)
registry = registry,
prefix = prefix, output = ctx.actions.declare_file(ctx.attr.container_name + "_container_repotag")
image_name = image_name, ctx.actions.write(output = output, content = full_container_tag)
tag = tag, return [DefaultInfo(files = depset([output]))]
tag_file = tag_file,
visibility = ["//visibility:public"], container_reponame = rule(
) implementation = _container_reponame_impl,
attrs = {
def oci_push(name, image, registry, image_name, **kwargs): "container_name": attr.string(),
"""oci_push pushes an OCI image to a registry. "_prefix": attr.label(default = Label("//bazel/settings:container_prefix")),
},
Args:
name: The name of the target.
image: The OCI image to push.
registry: The registry to push to.
image_name: The name of the image.
**kwargs: Additional arguments to pass to oci_push.
"""
prefix = kwargs.pop("prefix", None)
tag = kwargs.pop("tag", None)
tag_file = kwargs.pop("tag_file", None)
if prefix == None:
repository = registry + "/" + image_name
else:
repository = registry + "/" + prefix + "/" + image_name
_oci_push(
name = name,
image = image,
repository = repository,
tag = tag,
tag_file = tag_file,
visibility = ["//visibility:public"],
**kwargs
)
# TODO(malt3): allow repotags (registry + tag) to be read from a file.
def oci_tarball(name, image):
"""oci_tarball creates a tarball of an OCI image.
Args:
name: The name of the target.
image: The OCI image to create a tarball of.
"""
_oci_tarball(
name = name,
image = image,
repotags = [],
visibility = ["//visibility:public"],
) )

61
bazel/oci/pin.bzl
View File

@ -24,17 +24,11 @@ def stamp_tags(name, repotags, **kwargs):
def _oci_go_source_impl(ctx): def _oci_go_source_impl(ctx):
oci = ctx.file.oci oci = ctx.file.oci
inputs = [oci] inputs = [oci]
if ctx.attr.tag_file: if ctx.attr.repotag_file:
inputs.append(ctx.file.tag_file) inputs.append(ctx.file.repotag_file)
output = ctx.actions.declare_file(ctx.label.name + ".go") output = ctx.actions.declare_file(ctx.label.name + ".go")
args = [ args = [
"codegen", "codegen",
"--image-registry",
ctx.attr.registry,
"--image-prefix",
ctx.attr.prefix,
"--image-name",
ctx.attr.image_name,
"--oci-path", "--oci-path",
oci.path, oci.path,
"--package", "--package",
@ -47,9 +41,9 @@ def _oci_go_source_impl(ctx):
if ctx.attr.tag: if ctx.attr.tag:
args.append("--image-tag") args.append("--image-tag")
args.append(ctx.attr.tag) args.append(ctx.attr.tag)
if ctx.attr.tag_file: if ctx.attr.repotag_file:
args.append("--image-tag-file") args.append("--repoimage-tag-file")
args.append(ctx.file.tag_file.path) args.append(ctx.file.repotag_file.path)
ctx.actions.run( ctx.actions.run(
inputs = inputs, inputs = inputs,
@ -82,20 +76,13 @@ _go_source_attrs = {
mandatory = True, mandatory = True,
doc = "Package to use for the generated Go source.", doc = "Package to use for the generated Go source.",
), ),
"prefix": attr.string( "repotag_file": attr.label(
doc = "Prefix to use for the generated Go source.", allow_single_file = True,
), doc = "OCI image tag file to use for the generated Go source.",
"registry": attr.string(
mandatory = True,
doc = "Registry to use for the generated Go source.",
), ),
"tag": attr.string( "tag": attr.string(
doc = "OCI image tag to use for the generated Go source.", doc = "OCI image tag to use for the generated Go source.",
), ),
"tag_file": attr.label(
allow_single_file = True,
doc = "OCI image tag file to use for the generated Go source.",
),
"_oci_pin": attr.label( "_oci_pin": attr.label(
allow_single_file = True, allow_single_file = True,
executable = True, executable = True,
@ -112,29 +99,19 @@ oci_go_source = rule(
def _oci_sum_impl(ctx): def _oci_sum_impl(ctx):
oci = ctx.file.oci oci = ctx.file.oci
inputs = [oci] inputs = [oci]
if ctx.attr.tag_file: if ctx.attr.repotag_file:
inputs.append(ctx.file.tag_file) inputs.append(ctx.file.repotag_file)
output = ctx.actions.declare_file(ctx.label.name + ".sha256") output = ctx.actions.declare_file(ctx.label.name + ".sha256")
args = [ args = [
"sum", "sum",
"--image-name",
ctx.attr.image_name,
"--oci-path", "--oci-path",
oci.path, oci.path,
"--output", "--output",
output.path, output.path,
"--registry",
ctx.attr.registry,
] ]
if ctx.attr.prefix: if ctx.attr.repotag_file:
args.append("--prefix") args.append("--repoimage-tag-file")
args.append(ctx.attr.prefix) args.append(ctx.file.repotag_file.path)
if ctx.attr.tag:
args.append("--image-tag")
args.append(ctx.attr.tag)
if ctx.attr.tag_file:
args.append("--image-tag-file")
args.append(ctx.file.tag_file.path)
ctx.actions.run( ctx.actions.run(
inputs = inputs, inputs = inputs,
@ -159,17 +136,7 @@ _sum_attrs = {
allow_single_file = True, allow_single_file = True,
doc = "OCI image to extract the digest from.", doc = "OCI image to extract the digest from.",
), ),
"prefix": attr.string( "repotag_file": attr.label(
doc = "Prefix to use for the sum entry.",
),
"registry": attr.string(
mandatory = True,
doc = "Registry to use for the sum entry.",
),
"tag": attr.string(
doc = "OCI image tag to use for the sum entry.",
),
"tag_file": attr.label(
allow_single_file = True, allow_single_file = True,
doc = "OCI image tag file to use for the sum entry.", doc = "OCI image tag file to use for the sum entry.",
), ),

59
bazel/release/BUILD.bazel
View File

@ -3,25 +3,48 @@ This folder contains labels used to collect release artifacts.
""" """
load("@com_github_ash2k_bazel_tools//multirun:def.bzl", "multirun") load("@com_github_ash2k_bazel_tools//multirun:def.bzl", "multirun")
load("//bazel/oci:containers.bzl", "container_sum", "containers", "oci_push", "oci_tarball") load("@rules_oci//oci:defs.bzl", "oci_push")
load("//bazel/oci:pin.bzl", "oci_sum_merge") load("//bazel/oci:containers.bzl", "container_reponame", "containers")
load("//bazel/oci:pin.bzl", "oci_sum", "oci_sum_merge")
[ [
oci_tarball( container_reponame(
name = container["name"] + "_tar", name = container["name"] + "_reponame",
image = container["oci"], container_name = container["image_name"],
) )
for container in containers() for container in containers()
] ]
[ [
container_sum( genrule(
name = container["name"], name = container["name"] + "_repotag",
srcs = [
"//bazel/release:" + container["name"] + "_reponame",
"//bazel/settings:tag",
],
outs = [container["repotag_file"]],
cmd = "echo -n ':' | cat $(location //bazel/release:" + container["name"] + "_reponame) - $(location //bazel/settings:tag) > $@",
visibility = ["//visibility:public"],
)
for container in containers()
]
# TODO(3u13r): re-enable target once https://github.com/bazel-contrib/rules_oci/issues/184 is fixed
# [
# oci_tarball(
# name = container["name"] + "_tar",
# image = container["oci"],
# repotag_file = container["repotag_file"],
# )
# for container in containers()
# ]
[
oci_sum(
name = container["name"] + "_sum",
image_name = container["image_name"], image_name = container["image_name"],
oci = container["oci"], oci = container["oci"],
prefix = container["prefix"], repotag_file = container["repotag_file"],
registry = container["registry"],
tag_file = container["tag_file"],
) )
for container in containers() for container in containers()
] ]
@ -35,16 +58,11 @@ oci_sum_merge(
visibility = ["//visibility:public"], visibility = ["//visibility:public"],
) )
# TODO(malt3): use config setting to allow devs the use of custom registries
# https://www.grahambrooks.com/software-development/2021/08/30/user-defined-bazel-arguments.html
[ [
oci_push( oci_push(
name = container["name"] + "_push", name = container["name"] + "_push",
image = container["oci"], image = container["oci"],
image_name = container["image_name"], repotags = container["repotag_file"],
prefix = container["prefix"],
registry = container["registry"],
repotags = container["tag_file"],
) )
for container in containers() for container in containers()
] ]
@ -58,3 +76,12 @@ multirun(
jobs = 0, # execute in parallel jobs = 0, # execute in parallel
visibility = ["//visibility:public"], visibility = ["//visibility:public"],
) )
multirun(
name = "build_and_push",
commands = [
"//bazel/devbuild:devbuild",
"//bazel/release:push",
],
visibility = ["//visibility:public"],
)

6
bazel/settings/BUILD.bazel
View File

@ -35,6 +35,12 @@ string_flag(
], ],
) )
string_flag(
name = "container_prefix",
build_setting_default = "ghcr.io/edgelesssys/constellation",
visibility = ["//visibility:public"],
)
bool_flag( bool_flag(
name = "select_never", name = "select_never",
build_setting_default = False, build_setting_default = False,

8
bazel/toolchains/oci_deps.bzl
View File

@ -5,11 +5,11 @@ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
def oci_deps(): def oci_deps():
http_archive( http_archive(
name = "rules_oci", name = "rules_oci",
sha256 = "4a738bdbeacb0e1df070209dddfa7b55fed9bbc553b905cf3d2dd25115e0b598", strip_prefix = "rules_oci-0.4.0",
strip_prefix = "rules_oci-0.3.8",
type = "tar.gz", type = "tar.gz",
urls = [ urls = [
"https://cdn.confidential.cloud/constellation/cas/sha256/4a738bdbeacb0e1df070209dddfa7b55fed9bbc553b905cf3d2dd25115e0b598", "https://cdn.confidential.cloud/constellation/cas/sha256/d7b0760ba28554b71941ea0bbfd0a9f089bf250fd4448f9c116e1cb7a63b3933",
"https://github.com/bazel-contrib/rules_oci/releases/download/v0.3.8/rules_oci-v0.3.8.tar.gz", "https://github.com/bazel-contrib/rules_oci/releases/download/v0.4.0/rules_oci-v0.4.0.tar.gz",
], ],
sha256 = "d7b0760ba28554b71941ea0bbfd0a9f089bf250fd4448f9c116e1cb7a63b3933",
) )

4
cli/internal/helm/imageversion/BUILD.bazel
View File

@ -24,9 +24,7 @@ go_library(
image_name = container["image_name"], image_name = container["image_name"],
oci = container["oci"], oci = container["oci"],
package = "imageversion", package = "imageversion",
prefix = container["prefix"], repotag_file = container["repotag_file"],
registry = container["registry"],
tag_file = container["tag_file"],
visibility = ["//cli:__subpackages__"], visibility = ["//cli:__subpackages__"],
) )
for container in helm_containers() for container in helm_containers()

10
dev-docs/workflows/build-test-run.md
View File

@ -28,7 +28,9 @@ mkdir build
cd build cd build
# build required binaries for a dev build # build required binaries for a dev build
# and symlink them into the current directory # and symlink them into the current directory
bazel run //:devbuild # also push the built container images
# After the first run, set the pushed imaged to public.
bazel run //:devbuild --container_prefix=ghcr.io/USERNAME/constellation
./constellation ... ./constellation ...
# modify code # modify code
# rerun to ensure that all binaries are up to date # rerun to ensure that all binaries are up to date
@ -36,6 +38,12 @@ bazel run //:devbuild
./constellation ... ./constellation ...
``` ```
Overwrite the default container_prefix in the `.bazeloverwriterc` in the root of the workspace:
```bazel
# cat .bazeloverwriterc
build --container_prefix=ghcr.io/USERNAME
```
Bazel build: Bazel build:
```sh ```sh

63
hack/oci-pin/codegen.go
View File

@ -30,17 +30,11 @@ func newCodegenCmd() *cobra.Command {
cmd.Flags().String("output", "-", "Output file. If not set, the output is written to stdout.") cmd.Flags().String("output", "-", "Output file. If not set, the output is written to stdout.")
cmd.Flags().String("package", "", "Name of the Go package.") cmd.Flags().String("package", "", "Name of the Go package.")
cmd.Flags().String("identifier", "", "Base name of the Go const identifiers.") cmd.Flags().String("identifier", "", "Base name of the Go const identifiers.")
cmd.Flags().String("image-registry", "", "Registry where the image is stored.") cmd.Flags().String("repoimage-tag-file", "", "Tag file of the OCI image to pin.")
cmd.Flags().String("image-prefix", "", "Prefix of the image name. Optional.")
cmd.Flags().String("image-name", "", "Short name of the OCI image to pin.")
cmd.Flags().String("image-tag", "", "Tag of the OCI image to pin. Optional.")
cmd.Flags().String("image-tag-file", "", "Tag file of the OCI image to pin. Optional.")
cmd.MarkFlagsMutuallyExclusive("image-tag", "image-tag-file")
must(cmd.MarkFlagRequired("oci-path")) must(cmd.MarkFlagRequired("oci-path"))
must(cmd.MarkFlagRequired("package")) must(cmd.MarkFlagRequired("package"))
must(cmd.MarkFlagRequired("identifier")) must(cmd.MarkFlagRequired("identifier"))
must(cmd.MarkFlagRequired("image-registry")) must(cmd.MarkFlagRequired("repoimage-tag-file"))
must(cmd.MarkFlagRequired("image-name"))
return cmd return cmd
} }
@ -53,7 +47,12 @@ func runCodegen(cmd *cobra.Command, _ []string) error {
log := logger.New(logger.PlainLog, flags.logLevel) log := logger.New(logger.PlainLog, flags.logLevel)
log.Debugf("Parsed flags: %+v", flags) log.Debugf("Parsed flags: %+v", flags)
log.Debugf("Generating Go code for OCI image %s.", flags.imageName) registry, prefix, name, tag, err := splitRepoTag(flags.imageRepoTag)
if err != nil {
return fmt.Errorf("splitting OCI image reference %q: %w", flags.imageRepoTag, err)
}
log.Debugf("Generating Go code for OCI image %s.", name)
ociIndexPath := filepath.Join(flags.ociPath, "index.json") ociIndexPath := filepath.Join(flags.ociPath, "index.json")
index, err := os.Open(ociIndexPath) index, err := os.Open(ociIndexPath)
@ -84,10 +83,10 @@ func runCodegen(cmd *cobra.Command, _ []string) error {
if err := inject.Render(out, inject.PinningValues{ if err := inject.Render(out, inject.PinningValues{
Package: flags.pkg, Package: flags.pkg,
Ident: flags.identifier, Ident: flags.identifier,
Registry: flags.imageRegistry, Registry: registry,
Prefix: flags.imagePrefix, Prefix: prefix,
Name: flags.imageName, Name: name,
Tag: flags.imageTag, Tag: tag,
Digest: digest, Digest: digest,
}); err != nil { }); err != nil {
return fmt.Errorf("rendering Go code: %w", err) return fmt.Errorf("rendering Go code: %w", err)
@ -102,10 +101,7 @@ type codegenFlags struct {
output string output string
pkg string pkg string
identifier string identifier string
imageRegistry string imageRepoTag string
imagePrefix string
imageName string
imageTag string
logLevel zapcore.Level logLevel zapcore.Level
} }
@ -126,33 +122,17 @@ func parseCodegenFlags(cmd *cobra.Command) (codegenFlags, error) {
if err != nil { if err != nil {
return codegenFlags{}, err return codegenFlags{}, err
} }
imageRegistry, err := cmd.Flags().GetString("image-registry")
imageRepoTagFile, err := cmd.Flags().GetString("repoimage-tag-file")
if err != nil { if err != nil {
return codegenFlags{}, err return codegenFlags{}, err
} }
imagePrefix, err := cmd.Flags().GetString("image-prefix") repotag, err := os.ReadFile(imageRepoTagFile)
if err != nil { if err != nil {
return codegenFlags{}, err return codegenFlags{}, fmt.Errorf("reading image repotag file %q: %w", imageRepoTagFile, err)
}
imageName, err := cmd.Flags().GetString("image-name")
if err != nil {
return codegenFlags{}, err
}
imageTag, err := cmd.Flags().GetString("image-tag")
if err != nil {
return codegenFlags{}, err
}
imageTagFile, err := cmd.Flags().GetString("image-tag-file")
if err != nil {
return codegenFlags{}, err
}
if imageTagFile != "" {
tag, err := os.ReadFile(imageTagFile)
if err != nil {
return codegenFlags{}, fmt.Errorf("reading image tag file %q: %w", imageTagFile, err)
}
imageTag = strings.TrimSpace(string(tag))
} }
imageRepoTag := strings.TrimSpace(string(repotag))
verbose, err := cmd.Flags().GetBool("verbose") verbose, err := cmd.Flags().GetBool("verbose")
if err != nil { if err != nil {
return codegenFlags{}, err return codegenFlags{}, err
@ -167,10 +147,7 @@ func parseCodegenFlags(cmd *cobra.Command) (codegenFlags, error) {
output: output, output: output,
pkg: pkg, pkg: pkg,
identifier: identifier, identifier: identifier,
imageRegistry: imageRegistry, imageRepoTag: imageRepoTag,
imagePrefix: imagePrefix,
imageName: imageName,
imageTag: imageTag,
logLevel: logLevel, logLevel: logLevel,
}, nil }, nil
} }

30
hack/oci-pin/oci-pin.go
View File

@ -11,6 +11,7 @@ import (
"fmt" "fmt"
"os" "os"
"os/signal" "os/signal"
"strings"
"github.com/spf13/cobra" "github.com/spf13/cobra"
) )
@ -83,3 +84,32 @@ func must(err error) {
panic(err) panic(err)
} }
} }
func splitRepoTag(ref string) (registry, prefix, name, tag string, err error) {
// last colon is separator between name and tag
tagSep := strings.LastIndexByte(ref, ':')
if tagSep == -1 {
return "", "", "", "", fmt.Errorf("invalid OCI image reference %q: missing tag", ref)
}
tag = ref[tagSep+1:]
base := ref[:tagSep]
// first slash is separator between registry and full name
registrySep := strings.IndexByte(base, '/')
if registrySep == -1 {
return "", "", "", "", fmt.Errorf("invalid OCI image reference %q: missing registry", ref)
}
registry = base[:registrySep]
fullName := base[registrySep+1:]
// last slash is separator between prefix and short name
nameSep := strings.LastIndexByte(fullName, '/')
if nameSep == -1 {
name = fullName
} else {
prefix = fullName[:nameSep]
name = fullName[nameSep+1:]
}
return
}

60
hack/oci-pin/sum.go
View File

@ -28,15 +28,10 @@ func newSumCmd() *cobra.Command {
cmd.Flags().String("oci-path", "", "Path to the OCI image to pin.") cmd.Flags().String("oci-path", "", "Path to the OCI image to pin.")
cmd.Flags().String("output", "-", "Output file. If not set, the output is written to stdout.") cmd.Flags().String("output", "-", "Output file. If not set, the output is written to stdout.")
cmd.Flags().String("registry", "", "OCI registry to use.")
cmd.Flags().String("prefix", "", "Prefix of the OCI image to pin.")
cmd.Flags().String("image-name", "", "Short name (suffix) of the OCI image to pin.") cmd.Flags().String("image-name", "", "Short name (suffix) of the OCI image to pin.")
cmd.Flags().String("image-tag", "", "Tag of the OCI image to pin. Optional.") cmd.Flags().String("repoimage-tag-file", "", "Tag file of the OCI image to pin.")
cmd.Flags().String("image-tag-file", "", "Tag file of the OCI image to pin. Optional.") must(cmd.MarkFlagRequired("repoimage-tag-file"))
cmd.MarkFlagsMutuallyExclusive("image-tag", "image-tag-file")
must(cmd.MarkFlagRequired("registry"))
must(cmd.MarkFlagRequired("oci-path")) must(cmd.MarkFlagRequired("oci-path"))
must(cmd.MarkFlagRequired("image-name"))
return cmd return cmd
} }
@ -49,7 +44,12 @@ func runSum(cmd *cobra.Command, _ []string) error {
log := logger.New(logger.PlainLog, flags.logLevel) log := logger.New(logger.PlainLog, flags.logLevel)
log.Debugf("Parsed flags: %+v", flags) log.Debugf("Parsed flags: %+v", flags)
log.Debugf("Generating sum file for OCI image %s.", flags.imageName) registry, prefix, name, tag, err := splitRepoTag(flags.imageRepoTag)
if err != nil {
return fmt.Errorf("splitting repo tag: %w", err)
}
log.Debugf("Generating sum file for OCI image %s.", name)
ociIndexPath := filepath.Join(flags.ociPath, "index.json") ociIndexPath := filepath.Join(flags.ociPath, "index.json")
index, err := os.Open(ociIndexPath) index, err := os.Open(ociIndexPath)
@ -79,10 +79,10 @@ func runSum(cmd *cobra.Command, _ []string) error {
refs := []sums.PinnedImageReference{ refs := []sums.PinnedImageReference{
{ {
Registry: flags.registry, Registry: registry,
Prefix: flags.prefix, Prefix: prefix,
Name: flags.imageName, Name: name,
Tag: flags.imageTag, Tag: tag,
Digest: digest, Digest: digest,
}, },
} }
@ -98,10 +98,7 @@ func runSum(cmd *cobra.Command, _ []string) error {
type sumFlags struct { type sumFlags struct {
ociPath string ociPath string
output string output string
registry string imageRepoTag string
prefix string
imageName string
imageTag string
logLevel zapcore.Level logLevel zapcore.Level
} }
@ -114,33 +111,17 @@ func parseSumFlags(cmd *cobra.Command) (sumFlags, error) {
if err != nil { if err != nil {
return sumFlags{}, err return sumFlags{}, err
} }
registry, err := cmd.Flags().GetString("registry")
imageTagFile, err := cmd.Flags().GetString("repoimage-tag-file")
if err != nil { if err != nil {
return sumFlags{}, err return sumFlags{}, err
} }
prefix, err := cmd.Flags().GetString("prefix")
if err != nil {
return sumFlags{}, err
}
imageName, err := cmd.Flags().GetString("image-name")
if err != nil {
return sumFlags{}, err
}
imageTag, err := cmd.Flags().GetString("image-tag")
if err != nil {
return sumFlags{}, err
}
imageTagFile, err := cmd.Flags().GetString("image-tag-file")
if err != nil {
return sumFlags{}, err
}
if imageTagFile != "" {
tag, err := os.ReadFile(imageTagFile) tag, err := os.ReadFile(imageTagFile)
if err != nil { if err != nil {
return sumFlags{}, fmt.Errorf("reading image tag file %q: %w", imageTagFile, err) return sumFlags{}, fmt.Errorf("reading image repotag file %q: %w", imageTagFile, err)
}
imageTag = strings.TrimSpace(string(tag))
} }
imageRepoTag := strings.TrimSpace(string(tag))
verbose, err := cmd.Flags().GetBool("verbose") verbose, err := cmd.Flags().GetBool("verbose")
if err != nil { if err != nil {
return sumFlags{}, err return sumFlags{}, err
@ -153,10 +134,7 @@ func parseSumFlags(cmd *cobra.Command) (sumFlags, error) {
return sumFlags{ return sumFlags{
ociPath: ociPath, ociPath: ociPath,
output: output, output: output,
registry: registry, imageRepoTag: imageRepoTag,
prefix: prefix,
imageName: imageName,
imageTag: imageTag,
logLevel: logLevel, logLevel: logLevel,
}, nil }, nil
} }

4
internal/config/imageversion/BUILD.bazel
View File

@ -24,9 +24,7 @@ go_library(
image_name = container["image_name"], image_name = container["image_name"],
oci = container["oci"], oci = container["oci"],
package = "imageversion", package = "imageversion",
prefix = container["prefix"], repotag_file = container["repotag_file"],
registry = container["registry"],
tag_file = container["tag_file"],
visibility = ["//:__subpackages__"], visibility = ["//:__subpackages__"],
) )
for container in config_containers() for container in config_containers()