From 41a14644525f4e4bde53d7f7f71ee8bd5f24b912 Mon Sep 17 00:00:00 2001 From: razzle Date: Tue, 3 Oct 2023 14:02:53 -0500 Subject: [PATCH] Fix publish not publishing component tarballs (#2046) ## Description Re-archives component tarballs during `package publish` as `LoadPackage` results in uncompressed component directories. ## Type of change - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Other (security config, docs update, etc) ## Checklist before merging - [ ] Test, docs, adr added or updated as needed - [x] [Contributor Guide Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow) followed --------- Signed-off-by: razzle Co-authored-by: Wayne Starr --- src/pkg/layout/component.go | 2 +- src/pkg/packager/deploy.go | 2 +- src/pkg/packager/mirror.go | 2 +- src/pkg/packager/publish.go | 2 +- src/pkg/packager/sources/cluster.go | 2 +- src/pkg/packager/sources/new.go | 2 +- src/pkg/packager/sources/oci.go | 30 +++++++++++++++++------------ src/pkg/packager/sources/split.go | 4 ++-- src/pkg/packager/sources/tarball.go | 27 +++++++++++++------------- src/pkg/packager/sources/url.go | 4 ++-- src/test/e2e/50_oci_package_test.go | 4 ++++ 11 files changed, 46 insertions(+), 35 deletions(-) diff --git a/src/pkg/layout/component.go b/src/pkg/layout/component.go index 18d6e0096c..2309d8200c 100644 --- a/src/pkg/layout/component.go +++ b/src/pkg/layout/component.go @@ -136,7 +136,7 @@ func (c *Components) Unarchive(component types.ZarfComponent) (err error) { return nil } - message.Debugf("Unarchiving %q", tb) + message.Debugf("Unarchiving %q", filepath.Base(tb)) if err := archiver.Unarchive(tb, c.Base); err != nil { return err } diff --git a/src/pkg/packager/deploy.go b/src/pkg/packager/deploy.go index 210861e70c..b2c350d40c 100644 --- a/src/pkg/packager/deploy.go +++ b/src/pkg/packager/deploy.go @@ -41,7 +41,7 @@ func (p *Packager) Deploy() (err error) { message.Debug(err) } - if err = p.source.LoadPackage(p.layout); err != nil { + if err = p.source.LoadPackage(p.layout, true); err != nil { return fmt.Errorf("unable to load the package: %w", err) } if err = p.readZarfYAML(p.layout.ZarfYAML); err != nil { diff --git a/src/pkg/packager/mirror.go b/src/pkg/packager/mirror.go index 2b1bd84257..a273287d03 100644 --- a/src/pkg/packager/mirror.go +++ b/src/pkg/packager/mirror.go @@ -29,7 +29,7 @@ func (p *Packager) Mirror() (err error) { spinner := message.NewProgressSpinner("Mirroring Zarf package %s", p.cfg.PkgOpts.PackageSource) defer spinner.Stop() - if err = p.source.LoadPackage(p.layout); err != nil { + if err = p.source.LoadPackage(p.layout, true); err != nil { return fmt.Errorf("unable to load the package: %w", err) } if err = p.readZarfYAML(p.layout.ZarfYAML); err != nil { diff --git a/src/pkg/packager/publish.go b/src/pkg/packager/publish.go index a1272700dc..b9d433db31 100644 --- a/src/pkg/packager/publish.go +++ b/src/pkg/packager/publish.go @@ -73,7 +73,7 @@ func (p *Packager) Publish() (err error) { return err } } else { - if err = p.source.LoadPackage(p.layout); err != nil { + if err = p.source.LoadPackage(p.layout, false); err != nil { return fmt.Errorf("unable to load the package: %w", err) } if err = p.readZarfYAML(p.layout.ZarfYAML); err != nil { diff --git a/src/pkg/packager/sources/cluster.go b/src/pkg/packager/sources/cluster.go index c37b924f8f..b33a2b2931 100644 --- a/src/pkg/packager/sources/cluster.go +++ b/src/pkg/packager/sources/cluster.go @@ -41,7 +41,7 @@ type ClusterSource struct { // LoadPackage loads a package from a cluster. // // This is not implemented. -func (s *ClusterSource) LoadPackage(_ *layout.PackagePaths) error { +func (s *ClusterSource) LoadPackage(_ *layout.PackagePaths, _ bool) error { return fmt.Errorf("not implemented") } diff --git a/src/pkg/packager/sources/new.go b/src/pkg/packager/sources/new.go index 338c2c499e..c0d6d68a4e 100644 --- a/src/pkg/packager/sources/new.go +++ b/src/pkg/packager/sources/new.go @@ -28,7 +28,7 @@ import ( // `sources.ValidatePackageSignature` and `sources.ValidatePackageIntegrity` can be leveraged for this purpose. type PackageSource interface { // LoadPackage loads a package from a source. - LoadPackage(dst *layout.PackagePaths) error + LoadPackage(dst *layout.PackagePaths, unarchiveAll bool) error // LoadPackageMetadata loads a package's metadata from a source. LoadPackageMetadata(dst *layout.PackagePaths, wantSBOM bool, skipValidation bool) error diff --git a/src/pkg/packager/sources/oci.go b/src/pkg/packager/sources/oci.go index d9c1fd2017..5eccc7720c 100644 --- a/src/pkg/packager/sources/oci.go +++ b/src/pkg/packager/sources/oci.go @@ -34,7 +34,7 @@ type OCISource struct { } // LoadPackage loads a package from an OCI registry. -func (s *OCISource) LoadPackage(dst *layout.PackagePaths) (err error) { +func (s *OCISource) LoadPackage(dst *layout.PackagePaths, unarchiveAll bool) (err error) { var pkg types.ZarfPackage layersToPull := []ocispec.Descriptor{} @@ -83,22 +83,24 @@ func (s *OCISource) LoadPackage(dst *layout.PackagePaths) (err error) { } } - for _, component := range pkg.Components { - if err := dst.Components.Unarchive(component); err != nil { - if layout.IsNotLoaded(err) { - _, err := dst.Components.Create(component) - if err != nil { + if unarchiveAll { + for _, component := range pkg.Components { + if err := dst.Components.Unarchive(component); err != nil { + if layout.IsNotLoaded(err) { + _, err := dst.Components.Create(component) + if err != nil { + return err + } + } else { return err } - } else { - return err } } - } - if dst.SBOMs.Path != "" { - if err := dst.SBOMs.Unarchive(); err != nil { - return err + if dst.SBOMs.Path != "" { + if err := dst.SBOMs.Unarchive(); err != nil { + return err + } } } @@ -174,6 +176,10 @@ func (s *OCISource) Collect(dir string) (string, error) { return "", err } + if err := ValidatePackageIntegrity(loaded, pkg.Metadata.AggregateChecksum, false); err != nil { + return "", err + } + isSkeleton := strings.HasSuffix(s.Repo().Reference.Reference, oci.SkeletonSuffix) name := NameFromMetadata(&pkg, isSkeleton) diff --git a/src/pkg/packager/sources/split.go b/src/pkg/packager/sources/split.go index 5a8f8ffbc0..296b26deb2 100644 --- a/src/pkg/packager/sources/split.go +++ b/src/pkg/packager/sources/split.go @@ -103,7 +103,7 @@ func (s *SplitTarballSource) Collect(dir string) (string, error) { } // LoadPackage loads a package from a split tarball. -func (s *SplitTarballSource) LoadPackage(dst *layout.PackagePaths) (err error) { +func (s *SplitTarballSource) LoadPackage(dst *layout.PackagePaths, unarchiveAll bool) (err error) { tb, err := s.Collect(filepath.Dir(s.PackageSource)) if err != nil { return err @@ -117,7 +117,7 @@ func (s *SplitTarballSource) LoadPackage(dst *layout.PackagePaths) (err error) { ts := &TarballSource{ s.ZarfPackageOptions, } - return ts.LoadPackage(dst) + return ts.LoadPackage(dst, unarchiveAll) } // LoadPackageMetadata loads a package's metadata from a split tarball. diff --git a/src/pkg/packager/sources/tarball.go b/src/pkg/packager/sources/tarball.go index 9b0f9763d2..2a2b5ee666 100644 --- a/src/pkg/packager/sources/tarball.go +++ b/src/pkg/packager/sources/tarball.go @@ -31,7 +31,7 @@ type TarballSource struct { } // LoadPackage loads a package from a tarball. -func (s *TarballSource) LoadPackage(dst *layout.PackagePaths) (err error) { +func (s *TarballSource) LoadPackage(dst *layout.PackagePaths, unarchiveAll bool) (err error) { var pkg types.ZarfPackage message.Debugf("Loading package from %q", s.PackageSource) @@ -75,7 +75,6 @@ func (s *TarballSource) LoadPackage(dst *layout.PackagePaths) (err error) { return err } - message.Debugf("Loaded %q --> %q", path, dstPath) return nil }) if err != nil { @@ -102,22 +101,24 @@ func (s *TarballSource) LoadPackage(dst *layout.PackagePaths) (err error) { } } - for _, component := range pkg.Components { - if err := dst.Components.Unarchive(component); err != nil { - if layout.IsNotLoaded(err) { - _, err := dst.Components.Create(component) - if err != nil { + if unarchiveAll { + for _, component := range pkg.Components { + if err := dst.Components.Unarchive(component); err != nil { + if layout.IsNotLoaded(err) { + _, err := dst.Components.Create(component) + if err != nil { + return err + } + } else { return err } - } else { - return err } } - } - if dst.SBOMs.Path != "" { - if err := dst.SBOMs.Unarchive(); err != nil { - return err + if dst.SBOMs.Path != "" { + if err := dst.SBOMs.Unarchive(); err != nil { + return err + } } } diff --git a/src/pkg/packager/sources/url.go b/src/pkg/packager/sources/url.go index cc9ace0083..8d65cf6a9c 100644 --- a/src/pkg/packager/sources/url.go +++ b/src/pkg/packager/sources/url.go @@ -49,7 +49,7 @@ func (s *URLSource) Collect(dir string) (string, error) { } // LoadPackage loads a package from an http, https or sget URL. -func (s *URLSource) LoadPackage(dst *layout.PackagePaths) (err error) { +func (s *URLSource) LoadPackage(dst *layout.PackagePaths, unarchiveAll bool) (err error) { tmp, err := utils.MakeTempDir(config.CommonOptions.TempDirectory) if err != nil { return err @@ -69,7 +69,7 @@ func (s *URLSource) LoadPackage(dst *layout.PackagePaths) (err error) { s.ZarfPackageOptions, } - return ts.LoadPackage(dst) + return ts.LoadPackage(dst, unarchiveAll) } // LoadPackageMetadata loads a package's metadata from an http, https or sget URL. diff --git a/src/test/e2e/50_oci_package_test.go b/src/test/e2e/50_oci_package_test.go index e90c583249..03e2495a4d 100644 --- a/src/test/e2e/50_oci_package_test.go +++ b/src/test/e2e/50_oci_package_test.go @@ -57,6 +57,10 @@ func (suite *RegistryClientTestSuite) Test_0_Publish() { suite.NoError(err, stdOut, stdErr) suite.Contains(stdErr, "Published "+ref) + // Pull the package via OCI. + stdOut, stdErr, err = e2e.Zarf("package", "pull", "oci://"+ref+"/helm-charts:0.0.1-"+e2e.Arch, "--insecure") + suite.NoError(err, stdOut, stdErr) + // Publish w/ package missing `metadata.version` field. example = filepath.Join(suite.PackagesDir, fmt.Sprintf("zarf-package-component-actions-%s.tar.zst", e2e.Arch)) _, stdErr, err = e2e.Zarf("package", "publish", example, "oci://"+ref, "--insecure")