Skip to content

Commit

Permalink
Add support for OCI referrers (#1278)
Browse files Browse the repository at this point in the history
* refactor fetch blob logic

Signed-off-by: Ridwan Hoq <[email protected]>

* add simple referrer artifact support for spdx

Signed-off-by: Ridwan Hoq <[email protected]>

* comment

Signed-off-by: Ridwan Hoq <[email protected]>

* fmt.Errorf

Signed-off-by: Ridwan Hoq <[email protected]>

* exit collector logic after citerating thru the platform list

Signed-off-by: Ridwan Hoq <[email protected]>

* add well known media types

Signed-off-by: Ridwan Hoq <[email protected]>

* add failing test

Signed-off-by: Ridwan Hoq <[email protected]>

* close blob and uncomment SPDX to well known artifacts

Signed-off-by: Ridwan Hoq <[email protected]>

* fixx bug where manifest list wasn't being checked for fallback/referrers

Signed-off-by: Ridwan Hoq <[email protected]>

* added tests for OCI referrer artifacts

Signed-off-by: Ridwan Hoq <[email protected]>

* refactor test so that document order doesn't matter

Signed-off-by: Ridwan Hoq <[email protected]>

* check if referrer digest was already collected

Signed-off-by: Ridwan Hoq <[email protected]>

* fmt.Errorf

Signed-off-by: Ridwan Hoq <[email protected]>

* remove unnecessary referrer opts

Signed-off-by: Ridwan Hoq <[email protected]>

* fix test assertion

Signed-off-by: Ridwan Hoq <[email protected]>

* handle manifest list and referrers concurrently

Signed-off-by: Ridwan Hoq <[email protected]>

* refactor to use sync.Map for checkedDigests

Signed-off-by: Ridwan Hoq <[email protected]>

* well known suffixes

Signed-off-by: Ridwan Hoq <[email protected]>

* PR feedback

Signed-off-by: Ridwan Hoq <[email protected]>

* refactor fetchOCIArtifacts into more readable chunks and add doc comments

Signed-off-by: Ridwan Hoq <[email protected]>

* close layer instead of defer

Signed-off-by: Ridwan Hoq <[email protected]>

* check manifest list error

Signed-off-by: Ridwan Hoq <[email protected]>

* return after error

Signed-off-by: Ridwan Hoq <[email protected]>

* use slices.Contains

Signed-off-by: Ridwan Hoq <[email protected]>

* cancel other goroutines on error

Signed-off-by: Ridwan Hoq <[email protected]>

* fix tests due to new spdx docs were attached

Signed-off-by: Ridwan Hoq <[email protected]>

* check platform digests to see if previously collected

Signed-off-by: Ridwan Hoq <[email protected]>

---------

Signed-off-by: Ridwan Hoq <[email protected]>
  • Loading branch information
ridhoq authored Oct 18, 2023
1 parent 8daf872 commit a4faf80
Show file tree
Hide file tree
Showing 12 changed files with 98,780 additions and 65 deletions.

Large diffs are not rendered by default.

25,077 changes: 25,077 additions & 0 deletions internal/testing/testdata/exampledata/oci-kubectl-linux-amd64-spdx-1.json

Large diffs are not rendered by default.

2,141 changes: 2,141 additions & 0 deletions internal/testing/testdata/exampledata/oci-kubectl-linux-amd64-spdx.json

Large diffs are not rendered by default.

Large diffs are not rendered by default.

41,943 changes: 41,943 additions & 0 deletions internal/testing/testdata/exampledata/oci-kubectl-linux-arm-v7-spdx.json

Large diffs are not rendered by default.

Large diffs are not rendered by default.

25,077 changes: 25,077 additions & 0 deletions internal/testing/testdata/exampledata/oci-kubectl-linux-arm64-spdx-1.json

Large diffs are not rendered by default.

2,141 changes: 2,141 additions & 0 deletions internal/testing/testdata/exampledata/oci-kubectl-linux-arm64-spdx.json

Large diffs are not rendered by default.

Large diffs are not rendered by default.

27 changes: 27 additions & 0 deletions internal/testing/testdata/testdata.go
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,33 @@ var (
//go:embed exampledata/certify-novuln.json
ITE6NoVulnExample []byte

//go:embed exampledata/oci-kubectl-linux-amd64-in-toto.json
OCIKubectlLinuxAMD64ITE6 []byte

//go:embed exampledata/oci-kubectl-linux-amd64-spdx.json
OCIKubectlLinuxAMD64SPDX []byte

//go:embed exampledata/oci-kubectl-linux-amd64-spdx-1.json
OCIKubectlLinuxAMD64SPDX1 []byte

//go:embed exampledata/oci-kubectl-linux-arm-v7-in-toto.json
OCIKubectlLinuxARMV7ITE6 []byte

//go:embed exampledata/oci-kubectl-linux-arm-v7-spdx.json
OCIKubectlLinuxARMV7SPDX []byte

//go:embed exampledata/oci-kubectl-linux-arm64-in-toto.json
OCIKubectlLinuxARM64ITE6 []byte

//go:embed exampledata/oci-kubectl-linux-arm64-spdx.json
OCIKubectlLinuxARM64SPDX []byte

//go:embed exampledata/oci-kubectl-linux-arm64-spdx-1.json
OCIKubectlLinuxARM64SPDX1 []byte

//go:embed exampledata/oci-kubectl-windows-amd64-in-toto.json
OCIKubectlWindowsAMD64ITE6 []byte

//go:embed exampledata/oci-dsse-att.json
OCIDsseAttExample []byte

Expand Down
Loading

0 comments on commit a4faf80

Please sign in to comment.