[bug] fix bug where verify status gets overwritten (#136)

* fix bug where verify status gets overwritten * add ociregistry adapter for oci for acr compatability
ChristofferNissen · Oct 29, 2024 · a430648 · a430648
1 parent e01cfd6
commit a430648
Show file tree

Hide file tree

Showing 8 changed files with 152 additions and 56 deletions.
diff --git a/internal/bootstrap/viper.go b/internal/bootstrap/viper.go
@@ -142,6 +142,11 @@ func LoadViperConfiguration(rc helm.RegistryClient) (*viper.Viper, error) {
 	}
 
 	for _, c := range inputConf.Charts {
+		rc, _ = helm.NewRegistryClient(c.PlainHTTP, false)
+		if strings.HasPrefix(c.Repo.URL, "oci://") {
+			rc = helm.NewOCIRegistryClient(rc, c.PlainHTTP)
+		}
+
 		c.RegistryClient = rc
 		c.IndexFileLoader = &helm.FunctionLoader{
 			LoadFunc: repo.LoadIndexFile,

diff --git a/pkg/cosign/verify.go b/pkg/cosign/verify.go
@@ -201,9 +201,10 @@ func (vo *VerifyOption) Run(ctx context.Context) (map[*registry.Registry]map[*im
 					default:
 						return make(map[*registry.Registry]map[*image.Image]bool), err
 					}
+				} else {
+					elem[i] = false
 				}
 
-				elem[i] = false
 				*row = append(*row, terminal.StatusEmoji(!elem[i]))
 				sc.Inc("index_import")
 				_ = bar.Add(1)

diff --git a/pkg/cosign/verifyChart.go b/pkg/cosign/verifyChart.go
@@ -183,9 +183,10 @@ func (vo *VerifyChartOption) Run(ctx context.Context) (map[*registry.Registry]ma
 					default:
 						return make(map[*registry.Registry]map[*helm.Chart]bool), err
 					}
+				} else {
+					elem[c] = false
 				}
 
-				elem[c] = false
 				*row = append(*row, terminal.StatusEmoji(!elem[c]))
 				sc.Inc("index_sign_charts")
 				_ = bar.Add(1)

diff --git a/pkg/helm/OCIRegistry.go b/pkg/helm/OCIRegistry.go
@@ -0,0 +1,63 @@
+package helm
+
+import (
+	"context"
+	"strings"
+
+	helm_registry "helm.sh/helm/v3/pkg/registry"
+	"oras.land/oras-go/v2/registry/remote"
+	"oras.land/oras-go/v2/registry/remote/auth"
+	"oras.land/oras-go/v2/registry/remote/credentials"
+	"oras.land/oras-go/v2/registry/remote/retry"
+)
+
+type OCIRegistryClient struct {
+	client    RegistryClient
+	PlainHTTP bool
+}
+
+func NewOCIRegistryClient(client RegistryClient, plainHTTP bool) *OCIRegistryClient {
+	return &OCIRegistryClient{
+		client:    client,
+		PlainHTTP: plainHTTP,
+	}
+}
+
+func (c *OCIRegistryClient) Pull(ref string, opts ...helm_registry.PullOption) (*helm_registry.PullResult, error) {
+	return c.client.Pull(ref, opts...)
+}
+
+func (c *OCIRegistryClient) Push(chart []byte, destination string, opts ...helm_registry.PushOption) (*helm_registry.PushResult, error) {
+	return c.client.Push(chart, destination, opts...)
+}
+
+func (c *OCIRegistryClient) Tags(ref string) ([]string, error) {
+	ref = strings.TrimPrefix(strings.TrimSuffix(ref, "/"), "oci://")
+	repo, err := remote.NewRepository(ref)
+	if err != nil {
+		return []string{}, err
+	}
+	repo.PlainHTTP = c.PlainHTTP
+
+	storeOpts := credentials.StoreOptions{}
+	credStore, err := credentials.NewStoreFromDocker(storeOpts)
+	if err != nil {
+		return []string{}, err
+	}
+	repo.Client = &auth.Client{
+		Client:     retry.DefaultClient,
+		Cache:      auth.NewCache(),
+		Credential: credentials.Credential(credStore), // Use the credentials store
+	}
+
+	vs := []string{}
+	err = repo.Tags(context.TODO(), "", func(tags []string) error {
+		vs = append(vs, tags...)
+		return nil
+	})
+	if err != nil {
+		return []string{}, err
+	}
+
+	return vs, nil
+}
diff --git a/pkg/helm/chart_version.go b/pkg/helm/chart_version.go
@@ -9,10 +9,6 @@ import (
 	"golang.org/x/xerrors"
 	"helm.sh/helm/v3/pkg/cli"
 	"helm.sh/helm/v3/pkg/repo"
-	"oras.land/oras-go/v2/registry/remote"
-	"oras.land/oras-go/v2/registry/remote/auth"
-	"oras.land/oras-go/v2/registry/remote/credentials"
-	"oras.land/oras-go/v2/registry/remote/retry"
 )
 
 func VersionsInRange(r semver.Range, c Chart) ([]string, error) {
@@ -46,7 +42,6 @@ func VersionsInRange(r semver.Range, c Chart) ([]string, error) {
 }
 
 func (c Chart) ResolveVersions(settings *cli.EnvSettings) ([]string, error) {
-	// prefixV := strings.Contains(c.Version, "v")
 	version := strings.ReplaceAll(c.Version, "v", "")
 	r, err := semver.ParseRange(version)
 	if err != nil {
@@ -55,10 +50,37 @@ func (c Chart) ResolveVersions(settings *cli.EnvSettings) ([]string, error) {
 
 	if strings.HasPrefix(c.Repo.URL, "oci://") {
 		url, _ := strings.CutPrefix(c.Repo.URL, "oci://")
-		versionsInRange, err := c.RegistryClient.Tags(url)
+		tags, err := c.RegistryClient.Tags(url)
 		if err != nil {
 			return nil, err
 		}
+
+		vs := []semver.Version{}
+		for _, t := range tags {
+			s, err := semver.ParseTolerant(t)
+			if err != nil {
+				// non semver tag
+				continue
+			}
+			vs = append(vs, s)
+		}
+
+		semver.Sort(vs)
+
+		prefixV := strings.Contains(c.Version, "v")
+		versionsInRange := []string{}
+		for _, v := range vs {
+			if len(v.Pre) > 0 {
+				continue
+			}
+			if r(v) {
+				s := v.String()
+				if prefixV {
+					s = "v" + s
+				}
+				versionsInRange = append(versionsInRange, s)
+			}
+		}
 		return versionsInRange, nil
 	}
 
@@ -133,23 +155,6 @@ func (c Chart) LatestVersion(settings *cli.EnvSettings) (string, error) {
 
 	if strings.HasPrefix(c.Repo.URL, "oci://") {
 		url, _ := strings.CutPrefix(c.Repo.URL, "oci://")
-		repo, err := remote.NewRepository(url)
-		if err != nil {
-			return "", err
-		}
-		repo.PlainHTTP = c.PlainHTTP
-
-		storeOpts := credentials.StoreOptions{}
-		credStore, err := credentials.NewStoreFromDocker(storeOpts)
-		if err != nil {
-			return "", err
-		}
-		repo.Client = &auth.Client{
-			Client:     retry.DefaultClient,
-			Cache:      auth.NewCache(),
-			Credential: credentials.Credential(credStore),
-		}
-
 		vPrefix := strings.Contains(c.Version, "v")
 		vs, err := c.RegistryClient.Tags(url)
 

diff --git a/pkg/helm/indexFileLoader.go b/pkg/helm/indexFileLoader.go
@@ -0,0 +1,18 @@
+package helm
+
+import (
+	"go.uber.org/fx"
+	"helm.sh/helm/v3/pkg/repo"
+)
+
+type IndexFileLoader interface {
+	LoadIndexFile(indexFilePath string) (*repo.IndexFile, error)
+}
+
+type DefaultIndexFileLoader struct{}
+
+func (d *DefaultIndexFileLoader) LoadIndexFile(indexFilePath string) (*repo.IndexFile, error) {
+	return repo.LoadIndexFile(indexFilePath)
+}
+
+var IndexFileLoaderModule = fx.Provide(FunctionLoader{LoadFunc: repo.LoadIndexFile})
diff --git a/pkg/helm/registryClient.go b/pkg/helm/registryClient.go
@@ -0,0 +1,34 @@
+package helm
+
+import (
+	"go.uber.org/fx"
+	helm_registry "helm.sh/helm/v3/pkg/registry"
+)
+
+// Define the interface for the registry client
+type RegistryClient interface {
+	Pull(ref string, opts ...helm_registry.PullOption) (*helm_registry.PullResult, error)
+	Push(chart []byte, destination string, opts ...helm_registry.PushOption) (*helm_registry.PushResult, error)
+	Tags(ref string) ([]string, error)
+}
+
+// Default registry client provider
+func NewDefaultRegistryClient() (RegistryClient, error) {
+	plainHTTP := false
+	debug := false
+
+	return NewRegistryClient(plainHTTP, debug)
+}
+
+func NewRegistryClient(plainHTTP, debug bool) (RegistryClient, error) {
+	opts := []helm_registry.ClientOption{}
+	if plainHTTP {
+		opts = append(opts, helm_registry.ClientOptPlainHTTP())
+	}
+	if debug {
+		opts = append(opts, helm_registry.ClientOptDebug(true))
+	}
+	return helm_registry.NewClient(opts...)
+}
+
+var RegistryModule = fx.Provide(NewDefaultRegistryClient)
diff --git a/pkg/helm/types.go b/pkg/helm/types.go
@@ -3,9 +3,7 @@ package helm
 import (
 	"github.com/ChristofferNissen/helmper/pkg/image"
 	"github.com/ChristofferNissen/helmper/pkg/registry"
-	"go.uber.org/fx"
 	"helm.sh/helm/v3/pkg/chart"
-	helm_registry "helm.sh/helm/v3/pkg/registry"
 	"helm.sh/helm/v3/pkg/repo"
 )
 
@@ -23,35 +21,6 @@ type Images struct {
 	} `json:"modify"`
 }
 
-type IndexFileLoader interface {
-	LoadIndexFile(indexFilePath string) (*repo.IndexFile, error)
-}
-
-type DefaultIndexFileLoader struct{}
-
-func (d *DefaultIndexFileLoader) LoadIndexFile(indexFilePath string) (*repo.IndexFile, error) {
-	return repo.LoadIndexFile(indexFilePath)
-}
-
-var IndexFileLoaderModule = fx.Provide(FunctionLoader{LoadFunc: repo.LoadIndexFile})
-
-// Define the interface for the registry client
-type RegistryClient interface {
-	Pull(ref string, opts ...helm_registry.PullOption) (*helm_registry.PullResult, error)
-	Push(chart []byte, destination string, opts ...helm_registry.PushOption) (*helm_registry.PushResult, error)
-	Tags(ref string) ([]string, error)
-}
-
-// Default registry client provider
-func NewDefaultRegistryClient() (RegistryClient, error) {
-	return helm_registry.NewClient(
-		helm_registry.ClientOptDebug(true),
-		helm_registry.ClientOptPlainHTTP(),
-	)
-}
-
-var RegistryModule = fx.Provide(NewDefaultRegistryClient)
-
 type Chart struct {
 	Name            string     `json:"name"`
 	Version         string     `json:"version"`