Skip to content

Commit

Permalink
fix: use regctl instead of oras
Browse files Browse the repository at this point in the history 
regctl supports dist-spec 1.1.0-rc3

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
  • Loading branch information
@rchincha
rchincha committed Jul 15, 2023
1 parent da62c03 commit 2136740
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 16 deletions.
11 changes: 9 additions & 2 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,15 @@ ZOT_VERSION := 2.0.0-rc5
# OCI registry clients
ORAS := $(TOOLSDIR)/bin/oras
ORAS_VERSION := 1.0.0-rc.1
REGCTL := $(TOOLSDIR)/bin/regctl
REGCTL_VERSION := 0.5.0
# project-machine trust
TRUST := $(TOOLSDIR)/bin/trust
TRUST_VERSION := 0.0.3

GO_SRC=$(shell find cmd pkg -name "*.go")

all: mosctl mosb $(ZOT) $(ORAS)
all: mosctl mosb $(ZOT) $(ORAS) $(REGCTL)

mosctl: .made-gofmt $(GO_SRC)
go build -tags "$(BUILD_TAGS)" -ldflags "-s -w" ./cmd/mosctl
Expand All @@ -37,6 +39,11 @@ $(ORAS):
tar xvzf oras.tar.gz -C $(TOOLSDIR)/bin oras
rm oras.tar.gz

$(REGCTL):
mkdir -p $(TOOLSDIR)/bin
curl -Lo $(REGCTL) https://github.com/regclient/regclient/releases/download/v$(REGCTL_VERSION)/regctl-linux-amd64
chmod +x $(REGCTL)

.PHONY: gofmt
gofmt: .made-gofmt

Expand All @@ -47,7 +54,7 @@ gofmt: .made-gofmt
@touch $@

.PHONY: test
test: mosctl mosb $(ORAS) $(ZOT) $(TRUST)
test: mosctl mosb $(ORAS) $(REGCTL) $(ZOT) $(TRUST)
bats tests/install.bats
bats tests/rfs.bats
bats tests/activate.bats
Expand Down
34 changes: 20 additions & 14 deletions tests/install.bats
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,8 @@ function teardown() {
$TMPD/manifest.yaml
[ -f $TMPD/zot/mos/index.json ] # the layers were pushed
[ -f $TMPD/zot/machine/install/index.json ] # the manifest was pushed
oras discover --plain-http $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
regctl registry set --tls=disabled $ZOT_HOST:$ZOT_PORT
regctl artifact tree $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
}

@test "mosctl manifest publish twice" {
Expand All @@ -30,7 +31,8 @@ function teardown() {
$TMPD/manifest.yaml
[ -f $TMPD/zot/mos/index.json ] # the layers were pushed
[ -f $TMPD/zot/machine/install/index.json ] # the manifest was pushed
oras discover --plain-http $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
regctl registry set --tls=disabled $ZOT_HOST:$ZOT_PORT
regctl artifact tree $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
}

@test "simple mos install from local zot" {
Expand Down Expand Up @@ -58,11 +60,12 @@ function teardown() {
EOF

skopeo copy --dest-tls-verify=false oci:zothub:busybox-squashfs docker://$ZOT_HOST:$ZOT_PORT/mos:$sum
oras push --plain-http --image-spec v1.1-image $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json":vnd.machine.install
regctl registry set --tls=disabled $ZOT_HOST:$ZOT_PORT
regctl artifact put --artifact-type vnd.machine.install -f vnd.machine.install $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
openssl dgst -sha256 -sign "$M_KEY" \
-out "$TMPD/install.json.signed" "$TMPD/install.json"
oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.pubkeycrt $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$M_CERT"
oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.signature $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json.signed"
regctl artifact put --artifact-type vnd.machine.pubkeycrt -f "$M_CERT" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
regctl artifact put --artifact-type vnd.machine.signature -f "$TMPD/install.json.signed" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
mkdir -p "$TMPD/factory/secure"
cp "$CA_PEM" "$TMPD/factory/secure/manifestCA.pem"
./mosctl install --rfs $TMPD $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
Expand Down Expand Up @@ -98,10 +101,11 @@ EOF
EOF

skopeo copy --dest-tls-verify=false oci:zothub:busybox-squashfs docker://$ZOT_HOST:$ZOT_PORT/mos:$sum
oras push --plain-http --image-spec v1.1-image $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json":vnd.machine.install
regctl registry set --tls=disabled $ZOT_HOST:$ZOT_PORT
regctl artifact put --artifact-type vnd.machine.install -f vnd.machine.install $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
echo "fooled ya" > "$TMPD/install.json.signed"
oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.pubkeycrt $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$M_CERT"
oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.signature $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json.signed"
regctl artifact put --artifact-type vnd.machine.pubkeycrt -f "$M_CERT" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
regctl artifact put --artifact-type vnd.machine.signature -f "$TMPD/install.json.signed" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
mkdir -p "$TMPD/factory/secure"
cp "$CA_PEM" "$TMPD/factory/secure/manifestCA.pem"
failed=0
Expand All @@ -121,11 +125,12 @@ EOF
}
EOF
skopeo copy --dest-tls-verify=false oci:zothub:busybox-squashfs docker://$ZOT_HOST:$ZOT_PORT/mos:$sum
oras push --plain-http --image-spec v1.1-image $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json":vnd.machine.install
regctl registry set --tls=disabled $ZOT_HOST:$ZOT_PORT
regctl artifact put --artifact-type vnd.machine.install -f vnd.machine.install $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
openssl dgst -sha256 -sign "$M_KEY" \
-out "$TMPD/install.json.signed" "$TMPD/install.json"
oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.pubkeycrt $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$M_CERT"
oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.signature $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json.signed"
regctl artifact put --artifact-type vnd.machine.pubkeycrt -f "$M_CERT" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
regctl artifact put --artifact-type vnd.machine.signature -f "$TMPD/install.json.signed" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0

failed=0
mkdir -p "$TMPD/factory/secure"
Expand Down Expand Up @@ -160,11 +165,12 @@ EOF
]
}
EOF
oras push --plain-http --image-spec v1.1-image $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json":vnd.machine.install
regctl registry set --tls=disabled $ZOT_HOST:$ZOT_PORT
regctl artifact put --artifact-type vnd.machine.install -f vnd.machine.install $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
openssl dgst -sha256 -sign "$M_KEY" \
-out "$TMPD/install.json.signed" "$TMPD/install.json"
oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.pubkeycrt $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$M_CERT"
oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.signature $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json.signed"
regctl artifact put --artifact-type vnd.machine.pubkeycrt -f "$M_CERT" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
regctl artifact put --artifact-type vnd.machine.signature -f "$TMPD/install.json.signed" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0

failed=0
mkdir -p "$TMPD/factory/secure"
Expand Down

0 comments on commit 2136740

Please sign in to comment.