From 2136740be09f513d6478dac1e6cf06bb6cde3abe Mon Sep 17 00:00:00 2001
From: Ramkumar Chinchani <rchincha@cisco.com>
Date: Sat, 15 Jul 2023 07:32:16 +0000
Subject: [PATCH] fix: use regctl instead of oras

regctl supports dist-spec 1.1.0-rc3

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
---
 Makefile           | 11 +++++++++--
 tests/install.bats | 34 ++++++++++++++++++++--------------
 2 files changed, 29 insertions(+), 16 deletions(-)

diff --git a/Makefile b/Makefile
index 4f65074..8b8079b 100644
--- a/Makefile
+++ b/Makefile
@@ -7,13 +7,15 @@ ZOT_VERSION := 2.0.0-rc5
 # OCI registry clients
 ORAS := $(TOOLSDIR)/bin/oras
 ORAS_VERSION := 1.0.0-rc.1
+REGCTL := $(TOOLSDIR)/bin/regctl
+REGCTL_VERSION := 0.5.0
 # project-machine trust
 TRUST := $(TOOLSDIR)/bin/trust
 TRUST_VERSION := 0.0.3
 
 GO_SRC=$(shell find cmd pkg  -name "*.go")
 
-all: mosctl mosb $(ZOT) $(ORAS)
+all: mosctl mosb $(ZOT) $(ORAS) $(REGCTL)
 
 mosctl: .made-gofmt $(GO_SRC)
 	go build -tags "$(BUILD_TAGS)" -ldflags "-s -w" ./cmd/mosctl
@@ -37,6 +39,11 @@ $(ORAS):
 	tar xvzf oras.tar.gz -C $(TOOLSDIR)/bin oras
 	rm oras.tar.gz
 
+$(REGCTL):
+	mkdir -p $(TOOLSDIR)/bin
+	curl -Lo $(REGCTL) https://github.com/regclient/regclient/releases/download/v$(REGCTL_VERSION)/regctl-linux-amd64
+	chmod +x $(REGCTL)
+
 .PHONY: gofmt
 gofmt: .made-gofmt
 
@@ -47,7 +54,7 @@ gofmt: .made-gofmt
 	@touch $@
 
 .PHONY: test
-test: mosctl mosb $(ORAS) $(ZOT) $(TRUST)
+test: mosctl mosb $(ORAS) $(REGCTL) $(ZOT) $(TRUST)
 	bats tests/install.bats
 	bats tests/rfs.bats
 	bats tests/activate.bats
diff --git a/tests/install.bats b/tests/install.bats
index 7d4b7f7..9603e25 100644
--- a/tests/install.bats
+++ b/tests/install.bats
@@ -17,7 +17,8 @@ function teardown() {
 		$TMPD/manifest.yaml
 	[ -f $TMPD/zot/mos/index.json ]  # the layers were pushed
 	[ -f $TMPD/zot/machine/install/index.json ]  # the manifest was pushed
-	oras discover --plain-http $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
+  regctl registry set --tls=disabled $ZOT_HOST:$ZOT_PORT
+  regctl artifact tree $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
 }
 
 @test "mosctl manifest publish twice" {
@@ -30,7 +31,8 @@ function teardown() {
 		$TMPD/manifest.yaml
 	[ -f $TMPD/zot/mos/index.json ]  # the layers were pushed
 	[ -f $TMPD/zot/machine/install/index.json ]  # the manifest was pushed
-	oras discover --plain-http $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
+  regctl registry set --tls=disabled $ZOT_HOST:$ZOT_PORT
+  regctl artifact tree $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
 }
 
 @test "simple mos install from local zot" {
@@ -58,11 +60,12 @@ function teardown() {
 EOF
 
 	skopeo copy --dest-tls-verify=false oci:zothub:busybox-squashfs docker://$ZOT_HOST:$ZOT_PORT/mos:$sum
-	oras push --plain-http --image-spec v1.1-image $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json":vnd.machine.install
+  regctl registry set --tls=disabled $ZOT_HOST:$ZOT_PORT
+  regctl artifact put --artifact-type vnd.machine.install -f vnd.machine.install $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
 	openssl dgst -sha256 -sign "$M_KEY" \
 		-out "$TMPD/install.json.signed" "$TMPD/install.json"
-	oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.pubkeycrt $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$M_CERT"
-	oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.signature $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json.signed"
+  regctl artifact put --artifact-type vnd.machine.pubkeycrt -f "$M_CERT" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
+  regctl artifact put --artifact-type vnd.machine.signature -f "$TMPD/install.json.signed" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
 	mkdir -p "$TMPD/factory/secure"
 	cp "$CA_PEM" "$TMPD/factory/secure/manifestCA.pem"
 	./mosctl install --rfs $TMPD $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
@@ -98,10 +101,11 @@ EOF
 EOF
 
 	skopeo copy --dest-tls-verify=false oci:zothub:busybox-squashfs docker://$ZOT_HOST:$ZOT_PORT/mos:$sum
-	oras push --plain-http --image-spec v1.1-image $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json":vnd.machine.install
+  regctl registry set --tls=disabled $ZOT_HOST:$ZOT_PORT
+  regctl artifact put --artifact-type vnd.machine.install -f vnd.machine.install $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
 	echo "fooled ya" > "$TMPD/install.json.signed"
-	oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.pubkeycrt $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$M_CERT"
-	oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.signature $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json.signed"
+  regctl artifact put --artifact-type vnd.machine.pubkeycrt -f "$M_CERT" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
+  regctl artifact put --artifact-type vnd.machine.signature -f "$TMPD/install.json.signed" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
 	mkdir -p "$TMPD/factory/secure"
 	cp "$CA_PEM" "$TMPD/factory/secure/manifestCA.pem"
 	failed=0
@@ -121,11 +125,12 @@ EOF
 }
 EOF
 	skopeo copy --dest-tls-verify=false oci:zothub:busybox-squashfs docker://$ZOT_HOST:$ZOT_PORT/mos:$sum
-	oras push --plain-http --image-spec v1.1-image $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json":vnd.machine.install
+  regctl registry set --tls=disabled $ZOT_HOST:$ZOT_PORT
+  regctl artifact put --artifact-type vnd.machine.install -f vnd.machine.install $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
 	openssl dgst -sha256 -sign "$M_KEY" \
 		-out "$TMPD/install.json.signed" "$TMPD/install.json"
-	oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.pubkeycrt $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$M_CERT"
-	oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.signature $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json.signed"
+  regctl artifact put --artifact-type vnd.machine.pubkeycrt -f "$M_CERT" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
+  regctl artifact put --artifact-type vnd.machine.signature -f "$TMPD/install.json.signed" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
 
 	failed=0
 	mkdir -p "$TMPD/factory/secure"
@@ -160,11 +165,12 @@ EOF
   ]
 }
 EOF
-	oras push --plain-http --image-spec v1.1-image $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json":vnd.machine.install
+  regctl registry set --tls=disabled $ZOT_HOST:$ZOT_PORT
+  regctl artifact put --artifact-type vnd.machine.install -f vnd.machine.install $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
 	openssl dgst -sha256 -sign "$M_KEY" \
 		-out "$TMPD/install.json.signed" "$TMPD/install.json"
-	oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.pubkeycrt $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$M_CERT"
-	oras attach --plain-http --image-spec v1.1-image --artifact-type vnd.machine.signature $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0 "$TMPD/install.json.signed"
+  regctl artifact put --artifact-type vnd.machine.pubkeycrt -f "$M_CERT" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
+  regctl artifact put --artifact-type vnd.machine.signature -f "$TMPD/install.json.signed" --subject $ZOT_HOST:$ZOT_PORT/machine/install:1.0.0
 
 	failed=0
 	mkdir -p "$TMPD/factory/secure"