From e564e2649f2806e6c55e7331e1721630646e12af Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Tue, 21 Jan 2025 19:55:12 +0000 Subject: [PATCH 01/15] introduce new commands Signed-off-by: Austin Abro --- src/cmd/package.go | 181 +++++++++++++++++++++++++--- src/config/lang/english.go | 1 - src/internal/packager2/inspect.go | 2 +- src/internal/packager2/load.go | 2 +- src/internal/packager2/load_test.go | 6 +- src/internal/packager2/remove.go | 5 +- 6 files changed, 173 insertions(+), 24 deletions(-) diff --git a/src/cmd/package.go b/src/cmd/package.go index 3ab6cdfee4..8f003af9af 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -52,7 +52,7 @@ func NewPackageCommand() *cobra.Command { cmd.AddCommand(NewPackageCreateCommand(v)) cmd.AddCommand(NewPackageDeployCommand(v)) cmd.AddCommand(NewPackageMirrorResourcesCommand(v)) - cmd.AddCommand(NewPackageInspectCommand()) + cmd.AddCommand(NewPackageInspectCommand(v)) cmd.AddCommand(NewPackageRemoveCommand(v)) cmd.AddCommand(NewPackageListCommand()) cmd.AddCommand(NewPackagePublishCommand(v)) @@ -345,7 +345,7 @@ func (o *PackageMirrorResourcesOptions) Run(cmd *cobra.Command, args []string) ( type PackageInspectOptions struct{} // NewPackageInspectCommand creates the `package inspect` sub-command. -func NewPackageInspectCommand() *cobra.Command { +func NewPackageInspectCommand(v *viper.Viper) *cobra.Command { o := &PackageInspectOptions{} cmd := &cobra.Command{ Use: "inspect [ PACKAGE_SOURCE ]", @@ -357,7 +357,10 @@ func NewPackageInspectCommand() *cobra.Command { RunE: o.Run, } - cmd.Flags().BoolVarP(&pkgConfig.InspectOpts.ViewSBOM, "sbom", "s", false, lang.CmdPackageInspectFlagSbom) + cmd.AddCommand(NewPackageInspectSBOMCommand(v)) + cmd.AddCommand(NewPackageInspectListImagesCommand()) + cmd.AddCommand(NewPackageInspectDefinitionCommand()) + cmd.Flags().StringVar(&pkgConfig.InspectOpts.SBOMOutputDir, "sbom-out", "", lang.CmdPackageInspectFlagSbomOut) cmd.Flags().BoolVar(&pkgConfig.InspectOpts.ListImages, "list-images", false, lang.CmdPackageInspectFlagListImages) cmd.Flags().BoolVar(&pkgConfig.PkgOpts.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) @@ -381,6 +384,21 @@ func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { return fmt.Errorf("cannot use --sbom or --sbom-out and --list-images at the same time") } + if pkgConfig.InspectOpts.SBOMOutputDir != "" { + sbomOpts := PackageInspectSBOMOptions{ + SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, + SBOMOutputDir: pkgConfig.InspectOpts.SBOMOutputDir, + } + return sbomOpts.Run(cmd, args) + } + + if pkgConfig.InspectOpts.ListImages { + listImagesOpts := PackageInspectListImagesOptions{ + SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, + } + return listImagesOpts.Run(cmd, args) + } + // NOTE(mkcp): Gets user input with message src, err := choosePackage(ctx, args) if err != nil { @@ -398,25 +416,156 @@ func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { PublicKeyPath: pkgConfig.PkgOpts.PublicKeyPath, } - if pkgConfig.InspectOpts.ListImages { - output, err := packager2.InspectList(ctx, inspectOpt) + output, err := packager2.Inspect(ctx, inspectOpt) + if err != nil { + return fmt.Errorf("failed to inspect package: %w", err) + } + err = utils.ColorPrintYAML(output, nil, false) + if err != nil { + return err + } + return nil +} + +// PackageInspectSBOMOptions holds the command-line options for 'package inspect sbom' sub-command. +type PackageInspectSBOMOptions struct { + SkipSignatureValidation bool + SBOMOutputDir string +} + +// NewPackageInspectSBOMCommand creates the `inspect sbom` sub-command. +func NewPackageInspectSBOMCommand(v *viper.Viper) *cobra.Command { + o := &PackageInspectSBOMOptions{} + cmd := &cobra.Command{ + Use: "sbom [ PACKAGE ]", + Short: "Output the package SBOM (Software Bill Of Materials) to the specified directory", + Args: cobra.MaximumNArgs(1), + RunE: o.Run, + } + + cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().StringVar(&o.SBOMOutputDir, "output", v.GetString(common.VPkgCreateSbomOutput), lang.CmdPackageCreateFlagSbomOut) + + return cmd +} + +// Run performs the execution of 'package inspect sbom' sub-command. +func (o *PackageInspectSBOMOptions) Run(cmd *cobra.Command, args []string) error { + ctx := cmd.Context() + src, err := choosePackage(ctx, args) + if err != nil { + return err + } + loadOpt := packager2.LoadOptions{ + Source: src, + SkipSignatureValidation: o.SkipSignatureValidation, + Filter: filters.Empty(), + PublicKeyPath: pkgConfig.PkgOpts.PublicKeyPath, + } + layout, err := packager2.LoadPackage(ctx, loadOpt) + if err != nil { + return err + } + outputPath, err := layout.GetSBOM(o.SBOMOutputDir) + if err != nil { + return err + } + outputPath, err = filepath.Abs(outputPath) + if err != nil { + logger.From(ctx).Warn("SBOM successfully extracted, couldn't get output path", "error", err) + } + logger.From(ctx).Info("SBOM successfully extracted", "path", outputPath) + return nil +} + +// PackageInspectListImagesOptions holds the command-line options for 'package inspect list-images' sub-command. +type PackageInspectListImagesOptions struct { + SkipSignatureValidation bool +} + +// NewPackageInspectListImagesCommand creates the `inspect list-images` sub-command. +func NewPackageInspectListImagesCommand() *cobra.Command { + o := PackageInspectListImagesOptions{} + cmd := &cobra.Command{ + Use: "list-images [ PACKAGE_SOURCE ]", + Short: "List all container images contained in the package", + Long: "Inspect a package and list all container images that it contains.", + Args: cobra.MaximumNArgs(1), + RunE: o.Run, + } + + cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) + + return cmd +} + +// Run performs the execution of 'package inspect list-images' sub-command. +func (o *PackageInspectListImagesOptions) Run(cmd *cobra.Command, args []string) error { + ctx := cmd.Context() + + // NOTE(mkcp): Gets user input with message + src, err := choosePackage(ctx, args) + if err != nil { + return err + } + + cluster, _ := cluster.NewCluster() //nolint:errcheck + inspectOpt := packager2.ZarfInspectOptions{ + Source: src, + SkipSignatureValidation: o.SkipSignatureValidation, + Cluster: cluster, + } + + output, err := packager2.InspectList(ctx, inspectOpt) + if err != nil { + return fmt.Errorf("failed to inspect package: %w", err) + } + for _, image := range output { + _, err := fmt.Fprintln(os.Stdout, "-", image) if err != nil { - return fmt.Errorf("failed to inspect package: %w", err) - } - for _, image := range output { - _, err := fmt.Fprintln(os.Stdout, "-", image) - if err != nil { - return err - } + return err } - return nil } + return nil +} - output, err := packager2.Inspect(ctx, inspectOpt) +// PackageInspectDefinitionOptions holds the command-line options for 'package inspect' sub-command. +type PackageInspectDefinitionOptions struct { + SkipSignatureValidation bool +} + +// NewPackageInspectDefinitionCommand creates the `inspect definition` sub-command. +func NewPackageInspectDefinitionCommand() *cobra.Command { + o := PackageInspectDefinitionOptions{} + cmd := &cobra.Command{ + Use: "definition [ PACKAGE_SOURCE ]", + Short: "Show the package definition", + Long: "Inspect a package and display its definition details.", + Args: cobra.MaximumNArgs(1), + RunE: o.Run, + } + + cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) + + return cmd +} + +// Run performs the execution of 'package inspect definition' sub-command. +func (o *PackageInspectDefinitionOptions) Run(cmd *cobra.Command, args []string) error { + ctx := cmd.Context() + + src, err := choosePackage(ctx, args) if err != nil { - return fmt.Errorf("failed to inspect package: %w", err) + return err } - err = utils.ColorPrintYAML(output, nil, false) + + cluster, _ := cluster.NewCluster() //nolint:errcheck + + pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.SkipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) + if err != nil { + return err + } + err = utils.ColorPrintYAML(pkg, nil, false) if err != nil { return err } diff --git a/src/config/lang/english.go b/src/config/lang/english.go index dfd9ee9c44..8ee7edaa88 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -282,7 +282,6 @@ $ zarf package mirror-resources \ CmdPackageMirrorFlagComponents = "Comma-separated list of components to mirror. This list will be respected regardless of a component's 'required' or 'default' status. Globbing component names with '*' and deselecting components with a leading '-' are also supported." CmdPackageMirrorFlagNoChecksum = "Turns off the addition of a checksum to image tags (as would be used by the Zarf Agent) while mirroring images." - CmdPackageInspectFlagSbom = "View SBOM contents while inspecting the package" CmdPackageInspectFlagSbomOut = "Specify an output directory for the SBOMs from the inspected Zarf package" CmdPackageInspectFlagListImages = "List images in the package (prints to stdout)" diff --git a/src/internal/packager2/inspect.go b/src/internal/packager2/inspect.go index d6c952474f..36bc94bfa3 100644 --- a/src/internal/packager2/inspect.go +++ b/src/internal/packager2/inspect.go @@ -65,7 +65,7 @@ func InspectList(ctx context.Context, opt ZarfInspectOptions) ([]string, error) } func getPackageMetadata(ctx context.Context, opt ZarfInspectOptions) (v1alpha1.ZarfPackage, error) { - pkg, err := packageFromSourceOrCluster(ctx, opt.Cluster, opt.Source, opt.SkipSignatureValidation, opt.PublicKeyPath) + pkg, err := GetPackageFromSourceOrCluster(ctx, opt.Cluster, opt.Source, opt.SkipSignatureValidation, opt.PublicKeyPath) if err != nil { return pkg, err } diff --git a/src/internal/packager2/load.go b/src/internal/packager2/load.go index b757315173..39e416963a 100644 --- a/src/internal/packager2/load.go +++ b/src/internal/packager2/load.go @@ -152,7 +152,7 @@ func assembleSplitTar(src, tarPath string) error { return nil } -func packageFromSourceOrCluster(ctx context.Context, cluster *cluster.Cluster, src string, skipSignatureValidation bool, publicKeyPath string) (v1alpha1.ZarfPackage, error) { +func GetPackageFromSourceOrCluster(ctx context.Context, cluster *cluster.Cluster, src string, skipSignatureValidation bool, publicKeyPath string) (v1alpha1.ZarfPackage, error) { _, err := identifySource(src) if err != nil { if cluster == nil { diff --git a/src/internal/packager2/load_test.go b/src/internal/packager2/load_test.go index 98069a0032..26dd4cfeb9 100644 --- a/src/internal/packager2/load_test.go +++ b/src/internal/packager2/load_test.go @@ -140,10 +140,10 @@ func TestPackageFromSourceOrCluster(t *testing.T) { ctx := testutil.TestContext(t) - _, err := packageFromSourceOrCluster(ctx, nil, "test", false, "") + _, err := GetPackageFromSourceOrCluster(ctx, nil, "test", false, "") require.EqualError(t, err, "cannot get Zarf package from Kubernetes without configuration") - pkg, err := packageFromSourceOrCluster(ctx, nil, "./testdata/zarf-package-test-amd64-0.0.1.tar.zst", false, "") + pkg, err := GetPackageFromSourceOrCluster(ctx, nil, "./testdata/zarf-package-test-amd64-0.0.1.tar.zst", false, "") require.NoError(t, err) require.Equal(t, "test", pkg.Metadata.Name) @@ -152,7 +152,7 @@ func TestPackageFromSourceOrCluster(t *testing.T) { } _, err = c.RecordPackageDeployment(ctx, pkg, nil) require.NoError(t, err) - pkg, err = packageFromSourceOrCluster(ctx, c, "test", false, "") + pkg, err = GetPackageFromSourceOrCluster(ctx, c, "test", false, "") require.NoError(t, err) require.Equal(t, "test", pkg.Metadata.Name) } diff --git a/src/internal/packager2/remove.go b/src/internal/packager2/remove.go index 2d1365b1f8..088755f035 100644 --- a/src/internal/packager2/remove.go +++ b/src/internal/packager2/remove.go @@ -7,9 +7,10 @@ import ( "context" "errors" "fmt" - "github.com/zarf-dev/zarf/src/pkg/logger" "slices" + "github.com/zarf-dev/zarf/src/pkg/logger" + "helm.sh/helm/v3/pkg/action" "helm.sh/helm/v3/pkg/cli" "helm.sh/helm/v3/pkg/storage/driver" @@ -35,7 +36,7 @@ type RemoveOptions struct { // Remove removes a package that was already deployed onto a cluster, uninstalling all installed helm charts. func Remove(ctx context.Context, opt RemoveOptions) error { l := logger.From(ctx) - pkg, err := packageFromSourceOrCluster(ctx, opt.Cluster, opt.Source, opt.SkipSignatureValidation, opt.PublicKeyPath) + pkg, err := GetPackageFromSourceOrCluster(ctx, opt.Cluster, opt.Source, opt.SkipSignatureValidation, opt.PublicKeyPath) if err != nil { return err } From 4bb004df2982113e778b75ec6999d19e2fe65336 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Tue, 21 Jan 2025 19:56:28 +0000 Subject: [PATCH 02/15] exporting Signed-off-by: Austin Abro --- src/cmd/package.go | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/src/cmd/package.go b/src/cmd/package.go index 8f003af9af..f74b0b5283 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -386,15 +386,15 @@ func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { if pkgConfig.InspectOpts.SBOMOutputDir != "" { sbomOpts := PackageInspectSBOMOptions{ - SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, - SBOMOutputDir: pkgConfig.InspectOpts.SBOMOutputDir, + skipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, + sbomOutputDir: pkgConfig.InspectOpts.SBOMOutputDir, } return sbomOpts.Run(cmd, args) } if pkgConfig.InspectOpts.ListImages { listImagesOpts := PackageInspectListImagesOptions{ - SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, + skipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, } return listImagesOpts.Run(cmd, args) } @@ -429,8 +429,8 @@ func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { // PackageInspectSBOMOptions holds the command-line options for 'package inspect sbom' sub-command. type PackageInspectSBOMOptions struct { - SkipSignatureValidation bool - SBOMOutputDir string + skipSignatureValidation bool + sbomOutputDir string } // NewPackageInspectSBOMCommand creates the `inspect sbom` sub-command. @@ -443,8 +443,8 @@ func NewPackageInspectSBOMCommand(v *viper.Viper) *cobra.Command { RunE: o.Run, } - cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) - cmd.Flags().StringVar(&o.SBOMOutputDir, "output", v.GetString(common.VPkgCreateSbomOutput), lang.CmdPackageCreateFlagSbomOut) + cmd.Flags().BoolVar(&o.skipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().StringVar(&o.sbomOutputDir, "output", v.GetString(common.VPkgCreateSbomOutput), lang.CmdPackageCreateFlagSbomOut) return cmd } @@ -458,7 +458,7 @@ func (o *PackageInspectSBOMOptions) Run(cmd *cobra.Command, args []string) error } loadOpt := packager2.LoadOptions{ Source: src, - SkipSignatureValidation: o.SkipSignatureValidation, + SkipSignatureValidation: o.skipSignatureValidation, Filter: filters.Empty(), PublicKeyPath: pkgConfig.PkgOpts.PublicKeyPath, } @@ -466,7 +466,7 @@ func (o *PackageInspectSBOMOptions) Run(cmd *cobra.Command, args []string) error if err != nil { return err } - outputPath, err := layout.GetSBOM(o.SBOMOutputDir) + outputPath, err := layout.GetSBOM(o.sbomOutputDir) if err != nil { return err } @@ -480,7 +480,7 @@ func (o *PackageInspectSBOMOptions) Run(cmd *cobra.Command, args []string) error // PackageInspectListImagesOptions holds the command-line options for 'package inspect list-images' sub-command. type PackageInspectListImagesOptions struct { - SkipSignatureValidation bool + skipSignatureValidation bool } // NewPackageInspectListImagesCommand creates the `inspect list-images` sub-command. @@ -494,7 +494,7 @@ func NewPackageInspectListImagesCommand() *cobra.Command { RunE: o.Run, } - cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().BoolVar(&o.skipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) return cmd } @@ -512,7 +512,7 @@ func (o *PackageInspectListImagesOptions) Run(cmd *cobra.Command, args []string) cluster, _ := cluster.NewCluster() //nolint:errcheck inspectOpt := packager2.ZarfInspectOptions{ Source: src, - SkipSignatureValidation: o.SkipSignatureValidation, + SkipSignatureValidation: o.skipSignatureValidation, Cluster: cluster, } @@ -531,7 +531,7 @@ func (o *PackageInspectListImagesOptions) Run(cmd *cobra.Command, args []string) // PackageInspectDefinitionOptions holds the command-line options for 'package inspect' sub-command. type PackageInspectDefinitionOptions struct { - SkipSignatureValidation bool + skipSignatureValidation bool } // NewPackageInspectDefinitionCommand creates the `inspect definition` sub-command. @@ -545,7 +545,7 @@ func NewPackageInspectDefinitionCommand() *cobra.Command { RunE: o.Run, } - cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().BoolVar(&o.skipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) return cmd } @@ -561,7 +561,7 @@ func (o *PackageInspectDefinitionOptions) Run(cmd *cobra.Command, args []string) cluster, _ := cluster.NewCluster() //nolint:errcheck - pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.SkipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) + pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.skipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) if err != nil { return err } From 0535c458c6c738ae45acda7d12724ee677dd20a7 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Tue, 21 Jan 2025 20:07:36 +0000 Subject: [PATCH 03/15] inspect images Signed-off-by: Austin Abro --- src/cmd/package.go | 44 +++++++++++++++++++++++--------------------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/src/cmd/package.go b/src/cmd/package.go index f74b0b5283..cddeb2edc7 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -358,7 +358,7 @@ func NewPackageInspectCommand(v *viper.Viper) *cobra.Command { } cmd.AddCommand(NewPackageInspectSBOMCommand(v)) - cmd.AddCommand(NewPackageInspectListImagesCommand()) + cmd.AddCommand(NewPackageInspectImagesCommand()) cmd.AddCommand(NewPackageInspectDefinitionCommand()) cmd.Flags().StringVar(&pkgConfig.InspectOpts.SBOMOutputDir, "sbom-out", "", lang.CmdPackageInspectFlagSbomOut) @@ -379,8 +379,9 @@ func (o *PackageInspectOptions) PreRun(_ *cobra.Command, _ []string) { // Run performs the execution of 'package inspect' sub-command. func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { ctx := cmd.Context() + logger.From(ctx).Warn("Direct usage of inspect is deprecated and will be removed in a future release. Inspect is now a parent command. Use 'zarf package inspect definition|sbom|images' instead.") - if pkgConfig.InspectOpts.ListImages && (pkgConfig.InspectOpts.SBOMOutputDir != "" || pkgConfig.InspectOpts.ViewSBOM) { + if pkgConfig.InspectOpts.ListImages && (pkgConfig.InspectOpts.SBOMOutputDir != "") { return fmt.Errorf("cannot use --sbom or --sbom-out and --list-images at the same time") } @@ -393,10 +394,10 @@ func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { } if pkgConfig.InspectOpts.ListImages { - listImagesOpts := PackageInspectListImagesOptions{ + imagesOpts := PackageInspectImagesOptions{ skipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, } - return listImagesOpts.Run(cmd, args) + return imagesOpts.Run(cmd, args) } // NOTE(mkcp): Gets user input with message @@ -411,7 +412,6 @@ func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, Cluster: cluster, ListImages: pkgConfig.InspectOpts.ListImages, - ViewSBOM: pkgConfig.InspectOpts.ViewSBOM, SBOMOutputDir: pkgConfig.InspectOpts.SBOMOutputDir, PublicKeyPath: pkgConfig.PkgOpts.PublicKeyPath, } @@ -478,18 +478,17 @@ func (o *PackageInspectSBOMOptions) Run(cmd *cobra.Command, args []string) error return nil } -// PackageInspectListImagesOptions holds the command-line options for 'package inspect list-images' sub-command. -type PackageInspectListImagesOptions struct { +// PackageInspectImagesOptions holds the command-line options for 'package inspect list-images' sub-command. +type PackageInspectImagesOptions struct { skipSignatureValidation bool } -// NewPackageInspectListImagesCommand creates the `inspect list-images` sub-command. -func NewPackageInspectListImagesCommand() *cobra.Command { - o := PackageInspectListImagesOptions{} +// NewPackageInspectImagesCommand creates the `inspect list-images` sub-command. +func NewPackageInspectImagesCommand() *cobra.Command { + o := PackageInspectImagesOptions{} cmd := &cobra.Command{ - Use: "list-images [ PACKAGE_SOURCE ]", + Use: "images [ PACKAGE_SOURCE ]", Short: "List all container images contained in the package", - Long: "Inspect a package and list all container images that it contains.", Args: cobra.MaximumNArgs(1), RunE: o.Run, } @@ -500,7 +499,7 @@ func NewPackageInspectListImagesCommand() *cobra.Command { } // Run performs the execution of 'package inspect list-images' sub-command. -func (o *PackageInspectListImagesOptions) Run(cmd *cobra.Command, args []string) error { +func (o *PackageInspectImagesOptions) Run(cmd *cobra.Command, args []string) error { ctx := cmd.Context() // NOTE(mkcp): Gets user input with message @@ -510,17 +509,20 @@ func (o *PackageInspectListImagesOptions) Run(cmd *cobra.Command, args []string) } cluster, _ := cluster.NewCluster() //nolint:errcheck - inspectOpt := packager2.ZarfInspectOptions{ - Source: src, - SkipSignatureValidation: o.skipSignatureValidation, - Cluster: cluster, - } - output, err := packager2.InspectList(ctx, inspectOpt) + pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.skipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) if err != nil { - return fmt.Errorf("failed to inspect package: %w", err) + return err + } + var imageList []string + for _, component := range pkg.Components { + imageList = append(imageList, component.Images...) + } + if imageList == nil { + return fmt.Errorf("failed listing images: 0 images found in package") } - for _, image := range output { + imageList = helpers.Unique(imageList) + for _, image := range imageList { _, err := fmt.Fprintln(os.Stdout, "-", image) if err != nil { return err From 380c23e15483a1bb7b9cae8bf9688b2b12aabfb8 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Tue, 21 Jan 2025 20:14:13 +0000 Subject: [PATCH 04/15] update e2e tests Signed-off-by: Austin Abro --- src/test/e2e/06_create_sbom_test.go | 6 +++--- src/test/e2e/11_oci_pull_inspect_test.go | 8 ++++---- src/test/e2e/14_oci_compose_test.go | 4 ++-- src/test/e2e/23_data_injection_test.go | 2 +- src/test/e2e/31_checksum_and_signature_test.go | 4 ++-- src/test/e2e/34_custom_init_package_test.go | 4 ++-- src/test/e2e/50_oci_publish_deploy_test.go | 4 ++-- src/test/nightly/ecr_publish_test.go | 8 ++------ 8 files changed, 18 insertions(+), 22 deletions(-) diff --git a/src/test/e2e/06_create_sbom_test.go b/src/test/e2e/06_create_sbom_test.go index d8e9d5eabc..fe4ae746c6 100644 --- a/src/test/e2e/06_create_sbom_test.go +++ b/src/test/e2e/06_create_sbom_test.go @@ -46,14 +46,14 @@ func TestCreateSBOM(t *testing.T) { err = os.RemoveAll(outSbomPath) require.NoError(t, err) - _, _, err = e2e.Zarf(t, "package", "inspect", tarPath, "--sbom-out", outSbomPath) + _, _, err = e2e.Zarf(t, "package", "inspect", "sbom", tarPath, "--output", outSbomPath) require.NoError(t, err) for _, expectedFile := range expectedFiles { require.FileExists(t, filepath.Join(outSbomPath, "dos-games", expectedFile)) } - stdOut, _, err := e2e.Zarf(t, "package", "inspect", tarPath, "--list-images") + stdOut, _, err := e2e.Zarf(t, "package", "inspect", "images", tarPath, "--list-images") require.NoError(t, err) require.Contains(t, stdOut, "- ghcr.io/zarf-dev/doom-game:0.0.1\n") @@ -62,7 +62,7 @@ func TestCreateSBOM(t *testing.T) { require.NoError(t, err) initName := fmt.Sprintf("build/zarf-init-%s-%s.tar.zst", e2e.Arch, strings.TrimSpace(version)) - _, _, err = e2e.Zarf(t, "package", "inspect", initName, "--sbom-out", outSbomPath) + _, _, err = e2e.Zarf(t, "package", "inspect", "sbom", initName, "--output", outSbomPath) require.NoError(t, err) // Test that we preserve the filepath diff --git a/src/test/e2e/11_oci_pull_inspect_test.go b/src/test/e2e/11_oci_pull_inspect_test.go index 2ad374d238..627ef85bcf 100644 --- a/src/test/e2e/11_oci_pull_inspect_test.go +++ b/src/test/e2e/11_oci_pull_inspect_test.go @@ -58,10 +58,10 @@ func (suite *PullInspectTestSuite) Test_0_Pull() { stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "pull", simplePackageRef, "--plain-http", "--skip-signature-validation", "-o", outputPath) suite.NoError(err, stdOut, stdErr) - stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", simplePackageRef, "--plain-http") + stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", "definition", simplePackageRef, "--plain-http") suite.Error(err, stdOut, stdErr) - stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", simplePackageRef, "--plain-http", publicKeyFlag, "--sbom-out", suite.T().TempDir()) + stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", "definition", simplePackageRef, "--plain-http", publicKeyFlag, "--sbom-out", suite.T().TempDir()) suite.NoError(err, stdOut, stdErr) stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "pull", "oci://"+badPullInspectRef.String(), "--plain-http") @@ -72,13 +72,13 @@ func (suite *PullInspectTestSuite) Test_1_Remote_Inspect() { suite.T().Log("E2E: Package Inspect oci://") // Test inspect w/ bad ref. - _, stdErr, err := e2e.Zarf(suite.T(), "package", "inspect", "oci://"+badPullInspectRef.String(), "--plain-http") + _, stdErr, err := e2e.Zarf(suite.T(), "package", "inspect", "definition", "oci://"+badPullInspectRef.String(), "--plain-http") suite.Error(err, stdErr) // Test inspect on a public package. // NOTE: This also makes sure that Zarf does not attempt auth when inspecting a public package. ref := fmt.Sprintf("oci://ghcr.io/zarf-dev/packages/dos-games:1.0.0-%s", e2e.Arch) - _, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", ref, "--skip-signature-validation") + _, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", "definition", ref, "--skip-signature-validation") suite.NoError(err, stdErr) } diff --git a/src/test/e2e/14_oci_compose_test.go b/src/test/e2e/14_oci_compose_test.go index 9f1a949e67..d597283279 100644 --- a/src/test/e2e/14_oci_compose_test.go +++ b/src/test/e2e/14_oci_compose_test.go @@ -77,7 +77,7 @@ func (suite *PublishCopySkeletonSuite) Test_0_Publish_Skeletons() { _, _, err = e2e.Zarf(suite.T(), "package", "publish", importEverything, "oci://"+ref, "--plain-http") suite.NoError(err) - _, _, err = e2e.Zarf(suite.T(), "package", "inspect", "oci://"+ref+"/import-everything:0.0.1", "--plain-http", "-a", "skeleton") + _, _, err = e2e.Zarf(suite.T(), "package", "inspect", "definition", "oci://"+ref+"/import-everything:0.0.1", "--plain-http", "-a", "skeleton") suite.NoError(err) _, _, err = e2e.Zarf(suite.T(), "package", "pull", "oci://"+ref+"/import-everything:0.0.1", "-o", "build", "--plain-http", "-a", "skeleton") @@ -99,7 +99,7 @@ func (suite *PublishCopySkeletonSuite) Test_1_Compose_Everything_Inception() { _, _, err = e2e.Zarf(suite.T(), "package", "create", importception, "-o", "build", "--plain-http", "--confirm") suite.NoError(err) - stdOut, _, err := e2e.Zarf(suite.T(), "package", "inspect", importEverythingPath) + stdOut, _, err := e2e.Zarf(suite.T(), "package", "inspect", "definition", importEverythingPath) suite.NoError(err) targets := []string{ diff --git a/src/test/e2e/23_data_injection_test.go b/src/test/e2e/23_data_injection_test.go index 4e07723744..39f0ba4f67 100644 --- a/src/test/e2e/23_data_injection_test.go +++ b/src/test/e2e/23_data_injection_test.go @@ -56,7 +56,7 @@ func TestDataInjection(t *testing.T) { require.NoError(t, err, stdOut, stdErr) // Ensure that the `requirements.txt` file is discovered correctly - stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", path, "--sbom-out", sbomPath) + stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", "sbom", path, "output", sbomPath) require.NoError(t, err, stdOut, stdErr) require.FileExists(t, filepath.Join(sbomPath, "kiwix", "compare.html"), "A compare.html file should have been made") diff --git a/src/test/e2e/31_checksum_and_signature_test.go b/src/test/e2e/31_checksum_and_signature_test.go index 3e8d0060a6..bf2e16cb94 100644 --- a/src/test/e2e/31_checksum_and_signature_test.go +++ b/src/test/e2e/31_checksum_and_signature_test.go @@ -24,12 +24,12 @@ func TestChecksumAndSignature(t *testing.T) { defer e2e.CleanFiles(t, pkgName) // Test that we don't get an error when we remember to provide the public key - stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", pkgName, publicKeyFlag) + stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", "definition", pkgName, publicKeyFlag) require.NoError(t, err, stdOut, stdErr) /* Test operations during package inspect */ // Test that we can inspect the yaml of the package without the private key - stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", pkgName, "--skip-signature-validation") + stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", "definition", pkgName, "--skip-signature-validation") require.NoError(t, err, stdOut, stdErr) /* Test operations during package deploy */ diff --git a/src/test/e2e/34_custom_init_package_test.go b/src/test/e2e/34_custom_init_package_test.go index 1dc30479d6..7e00b38fca 100644 --- a/src/test/e2e/34_custom_init_package_test.go +++ b/src/test/e2e/34_custom_init_package_test.go @@ -26,11 +26,11 @@ func TestCustomInit(t *testing.T) { /* Test operations during package inspect */ // Test that we can inspect the yaml of the package without the private key - stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", pkgName, "--skip-signature-validation") + stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", "definition", pkgName, "--skip-signature-validation") require.NoError(t, err, stdOut, stdErr) // Test that we don't get an error when we remember to provide the public key - stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", pkgName, publicKeyFlag) + stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", "definition", pkgName, publicKeyFlag) require.NoError(t, err, stdOut, stdErr) require.Contains(t, stdErr, "Verified OK") diff --git a/src/test/e2e/50_oci_publish_deploy_test.go b/src/test/e2e/50_oci_publish_deploy_test.go index 921c127deb..b7384b2328 100644 --- a/src/test/e2e/50_oci_publish_deploy_test.go +++ b/src/test/e2e/50_oci_publish_deploy_test.go @@ -69,11 +69,11 @@ func (suite *PublishDeploySuiteTestSuite) Test_0_Publish() { suite.NoError(err, stdOut, stdErr) // Inspect published flavor. - stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", "oci://"+ref+"/package-flavors:1.0.0-oracle-cookie-crunch", "--plain-http") + stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", "definition", "oci://"+ref+"/package-flavors:1.0.0-oracle-cookie-crunch", "--plain-http") suite.NoError(err, stdOut, stdErr) // Inspect the published package. - stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", "oci://"+ref+"/helm-charts:0.0.1", "--plain-http") + stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", "definition", "oci://"+ref+"/helm-charts:0.0.1", "--plain-http") suite.NoError(err, stdOut, stdErr) } diff --git a/src/test/nightly/ecr_publish_test.go b/src/test/nightly/ecr_publish_test.go index 8c35dde0e4..cbc77a5dd7 100644 --- a/src/test/nightly/ecr_publish_test.go +++ b/src/test/nightly/ecr_publish_test.go @@ -58,10 +58,6 @@ func TestECRPublishing(t *testing.T) { stdOut, stdErr, err = e2e.Zarf(t, "package", "publish", testPackageLocation, registryURL, keyFlag) require.NoError(t, err, stdOut, stdErr) - // Ensure we get a warning when trying to inspect the online published package - stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", upstreamPackageURL, keyFlag, "--sbom-out", tmpDir, "--skip-signature-validation") - require.NoError(t, err, stdOut, stdErr) - // Validate that we can pull the package down from ECR pullTempDir := t.TempDir() stdOut, stdErr, err = e2e.Zarf(t, "package", "pull", upstreamPackageURL, keyFlag, fmt.Sprintf("-o=%s", pullTempDir)) @@ -69,9 +65,9 @@ func TestECRPublishing(t *testing.T) { pulledPackagePath := filepath.Join(pullTempDir, testPackageFileName) - stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", pulledPackagePath, "--skip-signature-validation") + stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", "definition", pulledPackagePath, "--skip-signature-validation") require.NoError(t, err, stdOut, stdErr) - stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", pulledPackagePath, keyFlag) + stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", "definition", pulledPackagePath, keyFlag) require.NoError(t, err, stdOut, stdErr) } From ab7df9725488af40d5b615469a691329b65184a7 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Tue, 21 Jan 2025 20:15:30 +0000 Subject: [PATCH 05/15] replace command Signed-off-by: Austin Abro --- src/cmd/package.go | 26 +++----------------------- 1 file changed, 3 insertions(+), 23 deletions(-) diff --git a/src/cmd/package.go b/src/cmd/package.go index cddeb2edc7..f9d74532de 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -400,31 +400,11 @@ func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { return imagesOpts.Run(cmd, args) } - // NOTE(mkcp): Gets user input with message - src, err := choosePackage(ctx, args) - if err != nil { - return err + definitionOpts := PackageInspectDefinitionOptions{ + skipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, } - cluster, _ := cluster.NewCluster() //nolint:errcheck - inspectOpt := packager2.ZarfInspectOptions{ - Source: src, - SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, - Cluster: cluster, - ListImages: pkgConfig.InspectOpts.ListImages, - SBOMOutputDir: pkgConfig.InspectOpts.SBOMOutputDir, - PublicKeyPath: pkgConfig.PkgOpts.PublicKeyPath, - } - - output, err := packager2.Inspect(ctx, inspectOpt) - if err != nil { - return fmt.Errorf("failed to inspect package: %w", err) - } - err = utils.ColorPrintYAML(output, nil, false) - if err != nil { - return err - } - return nil + return definitionOpts.Run(cmd, args) } // PackageInspectSBOMOptions holds the command-line options for 'package inspect sbom' sub-command. From 0e2df07c95f52cebb6a77184b57285e75f8f9068 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Tue, 21 Jan 2025 20:33:29 +0000 Subject: [PATCH 06/15] delete inspect Signed-off-by: Austin Abro --- src/cmd/package.go | 11 ++- src/internal/packager2/inspect.go | 115 ------------------------------ 2 files changed, 4 insertions(+), 122 deletions(-) delete mode 100644 src/internal/packager2/inspect.go diff --git a/src/cmd/package.go b/src/cmd/package.go index f9d74532de..b8b47b1c26 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -403,7 +403,6 @@ func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { definitionOpts := PackageInspectDefinitionOptions{ skipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, } - return definitionOpts.Run(cmd, args) } @@ -458,12 +457,12 @@ func (o *PackageInspectSBOMOptions) Run(cmd *cobra.Command, args []string) error return nil } -// PackageInspectImagesOptions holds the command-line options for 'package inspect list-images' sub-command. +// PackageInspectImagesOptions holds the command-line options for 'package inspect images' sub-command. type PackageInspectImagesOptions struct { skipSignatureValidation bool } -// NewPackageInspectImagesCommand creates the `inspect list-images` sub-command. +// NewPackageInspectImagesCommand creates the `inspect images` sub-command. func NewPackageInspectImagesCommand() *cobra.Command { o := PackageInspectImagesOptions{} cmd := &cobra.Command{ @@ -478,11 +477,10 @@ func NewPackageInspectImagesCommand() *cobra.Command { return cmd } -// Run performs the execution of 'package inspect list-images' sub-command. +// Run performs the execution of 'package inspect images' sub-command. func (o *PackageInspectImagesOptions) Run(cmd *cobra.Command, args []string) error { ctx := cmd.Context() - // NOTE(mkcp): Gets user input with message src, err := choosePackage(ctx, args) if err != nil { return err @@ -521,8 +519,7 @@ func NewPackageInspectDefinitionCommand() *cobra.Command { o := PackageInspectDefinitionOptions{} cmd := &cobra.Command{ Use: "definition [ PACKAGE_SOURCE ]", - Short: "Show the package definition", - Long: "Inspect a package and display its definition details.", + Short: "Displays the 'zarf.yaml' definition for the specified package", Args: cobra.MaximumNArgs(1), RunE: o.Run, } diff --git a/src/internal/packager2/inspect.go b/src/internal/packager2/inspect.go deleted file mode 100644 index 36bc94bfa3..0000000000 --- a/src/internal/packager2/inspect.go +++ /dev/null @@ -1,115 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package packager2 contains functions for inspecting packages. -package packager2 - -import ( - "context" - "fmt" - "os" - - "github.com/defenseunicorns/pkg/helpers/v2" - "github.com/zarf-dev/zarf/src/api/v1alpha1" - "github.com/zarf-dev/zarf/src/config" - "github.com/zarf-dev/zarf/src/internal/packager/sbom" - "github.com/zarf-dev/zarf/src/pkg/cluster" - "github.com/zarf-dev/zarf/src/pkg/packager/filters" - "github.com/zarf-dev/zarf/src/pkg/utils" -) - -// ZarfInspectOptions tracks the user-defined preferences during a package inspection. -type ZarfInspectOptions struct { - Source string - Cluster *cluster.Cluster - ViewSBOM bool - SBOMOutputDir string - ListImages bool - SkipSignatureValidation bool - PublicKeyPath string -} - -// Inspect list the contents of a package. -func Inspect(ctx context.Context, opt ZarfInspectOptions) (v1alpha1.ZarfPackage, error) { - var err error - pkg, err := getPackageMetadata(ctx, opt) - if err != nil { - return pkg, err - } - - if getSBOM(opt.ViewSBOM, opt.SBOMOutputDir) { - err = handleSBOMOptions(ctx, opt) - if err != nil { - return pkg, err - } - return pkg, nil - } - return pkg, nil -} - -// InspectList lists the images in a component action -func InspectList(ctx context.Context, opt ZarfInspectOptions) ([]string, error) { - var imageList []string - pkg, err := getPackageMetadata(ctx, opt) - if err != nil { - return nil, err - } - for _, component := range pkg.Components { - imageList = append(imageList, component.Images...) - } - if imageList == nil { - return nil, fmt.Errorf("failed listing images: 0 images found in package") - } - imageList = helpers.Unique(imageList) - return imageList, nil -} - -func getPackageMetadata(ctx context.Context, opt ZarfInspectOptions) (v1alpha1.ZarfPackage, error) { - pkg, err := GetPackageFromSourceOrCluster(ctx, opt.Cluster, opt.Source, opt.SkipSignatureValidation, opt.PublicKeyPath) - if err != nil { - return pkg, err - } - - return pkg, nil -} - -func handleSBOMOptions(ctx context.Context, opt ZarfInspectOptions) error { - loadOpt := LoadOptions{ - Source: opt.Source, - SkipSignatureValidation: opt.SkipSignatureValidation, - Filter: filters.Empty(), - PublicKeyPath: opt.PublicKeyPath, - } - layout, err := LoadPackage(ctx, loadOpt) - if err != nil { - return err - } - - sbomDirPath := opt.SBOMOutputDir - if sbomDirPath == "" { - tmpDir, err := utils.MakeTempDir(config.CommonOptions.TempDirectory) - if err != nil { - return err - } - defer os.RemoveAll(tmpDir) - sbomDirPath = tmpDir - } - sbomPath, err := layout.GetSBOM(sbomDirPath) - if err != nil { - return err - } - if opt.ViewSBOM { - err := sbom.ViewSBOMFiles(ctx, sbomPath) - if err != nil { - return err - } - } - return nil -} - -func getSBOM(viewSBOM bool, SBOMOutputDir string) bool { - if viewSBOM || SBOMOutputDir != "" { - return true - } - return false -} From 249cd7c61cd00d8a4c4ebd7f818d05dc127ffb21 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Tue, 21 Jan 2025 20:35:52 +0000 Subject: [PATCH 07/15] test fix Signed-off-by: Austin Abro --- src/cmd/package.go | 6 +++--- src/test/e2e/06_create_sbom_test.go | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/cmd/package.go b/src/cmd/package.go index b8b47b1c26..df2a265527 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -412,7 +412,7 @@ type PackageInspectSBOMOptions struct { sbomOutputDir string } -// NewPackageInspectSBOMCommand creates the `inspect sbom` sub-command. +// NewPackageInspectSBOMCommand creates the `package inspect sbom` sub-command. func NewPackageInspectSBOMCommand(v *viper.Viper) *cobra.Command { o := &PackageInspectSBOMOptions{} cmd := &cobra.Command{ @@ -509,12 +509,12 @@ func (o *PackageInspectImagesOptions) Run(cmd *cobra.Command, args []string) err return nil } -// PackageInspectDefinitionOptions holds the command-line options for 'package inspect' sub-command. +// PackageInspectDefinitionOptions holds the command-line options for 'package inspect definition' sub-command. type PackageInspectDefinitionOptions struct { skipSignatureValidation bool } -// NewPackageInspectDefinitionCommand creates the `inspect definition` sub-command. +// NewPackageInspectDefinitionCommand creates the `package inspect definition` sub-command. func NewPackageInspectDefinitionCommand() *cobra.Command { o := PackageInspectDefinitionOptions{} cmd := &cobra.Command{ diff --git a/src/test/e2e/06_create_sbom_test.go b/src/test/e2e/06_create_sbom_test.go index fe4ae746c6..80f65ce719 100644 --- a/src/test/e2e/06_create_sbom_test.go +++ b/src/test/e2e/06_create_sbom_test.go @@ -53,7 +53,7 @@ func TestCreateSBOM(t *testing.T) { require.FileExists(t, filepath.Join(outSbomPath, "dos-games", expectedFile)) } - stdOut, _, err := e2e.Zarf(t, "package", "inspect", "images", tarPath, "--list-images") + stdOut, _, err := e2e.Zarf(t, "package", "inspect", "images", tarPath) require.NoError(t, err) require.Contains(t, stdOut, "- ghcr.io/zarf-dev/doom-game:0.0.1\n") From 5d200b3d206d71d2ab37cc479f2f9c64ea84b20b Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Tue, 21 Jan 2025 20:36:36 +0000 Subject: [PATCH 08/15] output flag Signed-off-by: Austin Abro --- src/test/e2e/23_data_injection_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/e2e/23_data_injection_test.go b/src/test/e2e/23_data_injection_test.go index 39f0ba4f67..26fbd71007 100644 --- a/src/test/e2e/23_data_injection_test.go +++ b/src/test/e2e/23_data_injection_test.go @@ -56,7 +56,7 @@ func TestDataInjection(t *testing.T) { require.NoError(t, err, stdOut, stdErr) // Ensure that the `requirements.txt` file is discovered correctly - stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", "sbom", path, "output", sbomPath) + stdOut, stdErr, err = e2e.Zarf(t, "package", "inspect", "sbom", path, "--output", sbomPath) require.NoError(t, err, stdOut, stdErr) require.FileExists(t, filepath.Join(sbomPath, "kiwix", "compare.html"), "A compare.html file should have been made") From 8ebe803aa124f58cc0c25eb0be9873052c1f3941 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Tue, 21 Jan 2025 20:37:43 +0000 Subject: [PATCH 09/15] make docs and schema Signed-off-by: Austin Abro --- site/src/content/docs/commands/zarf_package_inspect.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/site/src/content/docs/commands/zarf_package_inspect.md b/site/src/content/docs/commands/zarf_package_inspect.md index 9f896f4902..0abfe63160 100644 --- a/site/src/content/docs/commands/zarf_package_inspect.md +++ b/site/src/content/docs/commands/zarf_package_inspect.md @@ -23,7 +23,6 @@ zarf package inspect [ PACKAGE_SOURCE ] [flags] ``` -h, --help help for inspect --list-images List images in the package (prints to stdout) - -s, --sbom View SBOM contents while inspecting the package --sbom-out string Specify an output directory for the SBOMs from the inspected Zarf package --skip-signature-validation Skip validating the signature of the Zarf package ``` @@ -48,4 +47,7 @@ zarf package inspect [ PACKAGE_SOURCE ] [flags] ### SEE ALSO * [zarf package](/commands/zarf_package/) - Zarf package commands for creating, deploying, and inspecting packages +* [zarf package inspect definition](/commands/zarf_package_inspect_definition/) - Displays the 'zarf.yaml' definition for the specified package +* [zarf package inspect images](/commands/zarf_package_inspect_images/) - List all container images contained in the package +* [zarf package inspect sbom](/commands/zarf_package_inspect_sbom/) - Output the package SBOM (Software Bill Of Materials) to the specified directory From 1d07ab963ec0b9847453ba5b4233d8e4dbf10304 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Tue, 21 Jan 2025 20:38:48 +0000 Subject: [PATCH 10/15] case Signed-off-by: Austin Abro --- src/cmd/package.go | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/src/cmd/package.go b/src/cmd/package.go index df2a265527..d24d6e1b56 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -387,29 +387,29 @@ func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { if pkgConfig.InspectOpts.SBOMOutputDir != "" { sbomOpts := PackageInspectSBOMOptions{ - skipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, - sbomOutputDir: pkgConfig.InspectOpts.SBOMOutputDir, + SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, + SBOMOutputDir: pkgConfig.InspectOpts.SBOMOutputDir, } return sbomOpts.Run(cmd, args) } if pkgConfig.InspectOpts.ListImages { imagesOpts := PackageInspectImagesOptions{ - skipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, + SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, } return imagesOpts.Run(cmd, args) } definitionOpts := PackageInspectDefinitionOptions{ - skipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, + SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, } return definitionOpts.Run(cmd, args) } // PackageInspectSBOMOptions holds the command-line options for 'package inspect sbom' sub-command. type PackageInspectSBOMOptions struct { - skipSignatureValidation bool - sbomOutputDir string + SkipSignatureValidation bool + SBOMOutputDir string } // NewPackageInspectSBOMCommand creates the `package inspect sbom` sub-command. @@ -422,8 +422,8 @@ func NewPackageInspectSBOMCommand(v *viper.Viper) *cobra.Command { RunE: o.Run, } - cmd.Flags().BoolVar(&o.skipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) - cmd.Flags().StringVar(&o.sbomOutputDir, "output", v.GetString(common.VPkgCreateSbomOutput), lang.CmdPackageCreateFlagSbomOut) + cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().StringVar(&o.SBOMOutputDir, "output", v.GetString(common.VPkgCreateSbomOutput), lang.CmdPackageCreateFlagSbomOut) return cmd } @@ -437,7 +437,7 @@ func (o *PackageInspectSBOMOptions) Run(cmd *cobra.Command, args []string) error } loadOpt := packager2.LoadOptions{ Source: src, - SkipSignatureValidation: o.skipSignatureValidation, + SkipSignatureValidation: o.SkipSignatureValidation, Filter: filters.Empty(), PublicKeyPath: pkgConfig.PkgOpts.PublicKeyPath, } @@ -445,7 +445,7 @@ func (o *PackageInspectSBOMOptions) Run(cmd *cobra.Command, args []string) error if err != nil { return err } - outputPath, err := layout.GetSBOM(o.sbomOutputDir) + outputPath, err := layout.GetSBOM(o.SBOMOutputDir) if err != nil { return err } @@ -459,7 +459,7 @@ func (o *PackageInspectSBOMOptions) Run(cmd *cobra.Command, args []string) error // PackageInspectImagesOptions holds the command-line options for 'package inspect images' sub-command. type PackageInspectImagesOptions struct { - skipSignatureValidation bool + SkipSignatureValidation bool } // NewPackageInspectImagesCommand creates the `inspect images` sub-command. @@ -472,7 +472,7 @@ func NewPackageInspectImagesCommand() *cobra.Command { RunE: o.Run, } - cmd.Flags().BoolVar(&o.skipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) return cmd } @@ -488,7 +488,7 @@ func (o *PackageInspectImagesOptions) Run(cmd *cobra.Command, args []string) err cluster, _ := cluster.NewCluster() //nolint:errcheck - pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.skipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) + pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.SkipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) if err != nil { return err } @@ -511,7 +511,7 @@ func (o *PackageInspectImagesOptions) Run(cmd *cobra.Command, args []string) err // PackageInspectDefinitionOptions holds the command-line options for 'package inspect definition' sub-command. type PackageInspectDefinitionOptions struct { - skipSignatureValidation bool + SkipSignatureValidation bool } // NewPackageInspectDefinitionCommand creates the `package inspect definition` sub-command. @@ -524,7 +524,7 @@ func NewPackageInspectDefinitionCommand() *cobra.Command { RunE: o.Run, } - cmd.Flags().BoolVar(&o.skipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) return cmd } @@ -540,7 +540,7 @@ func (o *PackageInspectDefinitionOptions) Run(cmd *cobra.Command, args []string) cluster, _ := cluster.NewCluster() //nolint:errcheck - pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.skipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) + pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.SkipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) if err != nil { return err } From 59b50f132709c739ba598f38e6906345c643e939 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Tue, 21 Jan 2025 20:48:33 +0000 Subject: [PATCH 11/15] make docs and schema Signed-off-by: Austin Abro --- .../zarf_package_inspect_definition.md | 44 ++++++++++++++++++ .../commands/zarf_package_inspect_images.md | 44 ++++++++++++++++++ .../commands/zarf_package_inspect_sbom.md | 45 +++++++++++++++++++ 3 files changed, 133 insertions(+) create mode 100644 site/src/content/docs/commands/zarf_package_inspect_definition.md create mode 100644 site/src/content/docs/commands/zarf_package_inspect_images.md create mode 100644 site/src/content/docs/commands/zarf_package_inspect_sbom.md diff --git a/site/src/content/docs/commands/zarf_package_inspect_definition.md b/site/src/content/docs/commands/zarf_package_inspect_definition.md new file mode 100644 index 0000000000..8e05f0695b --- /dev/null +++ b/site/src/content/docs/commands/zarf_package_inspect_definition.md @@ -0,0 +1,44 @@ +--- +title: zarf package inspect definition +description: Zarf CLI command reference for zarf package inspect definition. +tableOfContents: false +--- + + + +## zarf package inspect definition + +Displays the 'zarf.yaml' definition for the specified package + +``` +zarf package inspect definition [ PACKAGE_SOURCE ] [flags] +``` + +### Options + +``` + -h, --help help for definition + --skip-signature-validation Skip validating the signature of the Zarf package +``` + +### Options inherited from parent commands + +``` + -a, --architecture string Architecture for OCI images and Zarf packages + --insecure-skip-tls-verify Skip checking server's certificate for validity. This flag should only be used if you have a specific reason and accept the reduced security posture. + -k, --key string Path to public key file for validating signed packages + --log-format string [beta] Select a logging format. Defaults to 'console'. Valid options are: 'console', 'json', 'dev' + -l, --log-level string Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info") + --no-color Disable colors in output + --no-log-file Disable log file creation + --no-progress Disable fancy UI progress bars, spinners, logos, etc + --oci-concurrency int Number of concurrent layer operations to perform when interacting with a remote package. (default 3) + --plain-http Force the connections over HTTP instead of HTTPS. This flag should only be used if you have a specific reason and accept the reduced security posture. + --tmpdir string Specify the temporary directory to use for intermediate files + --zarf-cache string Specify the location of the Zarf cache directory (default "~/.zarf-cache") +``` + +### SEE ALSO + +* [zarf package inspect](/commands/zarf_package_inspect/) - Displays the definition of a Zarf package (runs offline) + diff --git a/site/src/content/docs/commands/zarf_package_inspect_images.md b/site/src/content/docs/commands/zarf_package_inspect_images.md new file mode 100644 index 0000000000..166464825b --- /dev/null +++ b/site/src/content/docs/commands/zarf_package_inspect_images.md @@ -0,0 +1,44 @@ +--- +title: zarf package inspect images +description: Zarf CLI command reference for zarf package inspect images. +tableOfContents: false +--- + + + +## zarf package inspect images + +List all container images contained in the package + +``` +zarf package inspect images [ PACKAGE_SOURCE ] [flags] +``` + +### Options + +``` + -h, --help help for images + --skip-signature-validation Skip validating the signature of the Zarf package +``` + +### Options inherited from parent commands + +``` + -a, --architecture string Architecture for OCI images and Zarf packages + --insecure-skip-tls-verify Skip checking server's certificate for validity. This flag should only be used if you have a specific reason and accept the reduced security posture. + -k, --key string Path to public key file for validating signed packages + --log-format string [beta] Select a logging format. Defaults to 'console'. Valid options are: 'console', 'json', 'dev' + -l, --log-level string Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info") + --no-color Disable colors in output + --no-log-file Disable log file creation + --no-progress Disable fancy UI progress bars, spinners, logos, etc + --oci-concurrency int Number of concurrent layer operations to perform when interacting with a remote package. (default 3) + --plain-http Force the connections over HTTP instead of HTTPS. This flag should only be used if you have a specific reason and accept the reduced security posture. + --tmpdir string Specify the temporary directory to use for intermediate files + --zarf-cache string Specify the location of the Zarf cache directory (default "~/.zarf-cache") +``` + +### SEE ALSO + +* [zarf package inspect](/commands/zarf_package_inspect/) - Displays the definition of a Zarf package (runs offline) + diff --git a/site/src/content/docs/commands/zarf_package_inspect_sbom.md b/site/src/content/docs/commands/zarf_package_inspect_sbom.md new file mode 100644 index 0000000000..846214ef70 --- /dev/null +++ b/site/src/content/docs/commands/zarf_package_inspect_sbom.md @@ -0,0 +1,45 @@ +--- +title: zarf package inspect sbom +description: Zarf CLI command reference for zarf package inspect sbom. +tableOfContents: false +--- + + + +## zarf package inspect sbom + +Output the package SBOM (Software Bill Of Materials) to the specified directory + +``` +zarf package inspect sbom [ PACKAGE ] [flags] +``` + +### Options + +``` + -h, --help help for sbom + --output string Specify an output directory for the SBOMs from the created Zarf package + --skip-signature-validation Skip validating the signature of the Zarf package +``` + +### Options inherited from parent commands + +``` + -a, --architecture string Architecture for OCI images and Zarf packages + --insecure-skip-tls-verify Skip checking server's certificate for validity. This flag should only be used if you have a specific reason and accept the reduced security posture. + -k, --key string Path to public key file for validating signed packages + --log-format string [beta] Select a logging format. Defaults to 'console'. Valid options are: 'console', 'json', 'dev' + -l, --log-level string Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info") + --no-color Disable colors in output + --no-log-file Disable log file creation + --no-progress Disable fancy UI progress bars, spinners, logos, etc + --oci-concurrency int Number of concurrent layer operations to perform when interacting with a remote package. (default 3) + --plain-http Force the connections over HTTP instead of HTTPS. This flag should only be used if you have a specific reason and accept the reduced security posture. + --tmpdir string Specify the temporary directory to use for intermediate files + --zarf-cache string Specify the location of the Zarf cache directory (default "~/.zarf-cache") +``` + +### SEE ALSO + +* [zarf package inspect](/commands/zarf_package_inspect/) - Displays the definition of a Zarf package (runs offline) + From ffa438a98e9f7beedc0d2ea81cb561df8ffbd45d Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Wed, 22 Jan 2025 13:35:26 +0000 Subject: [PATCH 12/15] fix test Signed-off-by: Austin Abro --- src/test/e2e/11_oci_pull_inspect_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/e2e/11_oci_pull_inspect_test.go b/src/test/e2e/11_oci_pull_inspect_test.go index 627ef85bcf..6f99fc5406 100644 --- a/src/test/e2e/11_oci_pull_inspect_test.go +++ b/src/test/e2e/11_oci_pull_inspect_test.go @@ -61,7 +61,7 @@ func (suite *PullInspectTestSuite) Test_0_Pull() { stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", "definition", simplePackageRef, "--plain-http") suite.Error(err, stdOut, stdErr) - stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", "definition", simplePackageRef, "--plain-http", publicKeyFlag, "--sbom-out", suite.T().TempDir()) + stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "inspect", "sbom", simplePackageRef, "--plain-http", publicKeyFlag, "--output", suite.T().TempDir()) suite.NoError(err, stdOut, stdErr) stdOut, stdErr, err = e2e.Zarf(suite.T(), "package", "pull", "oci://"+badPullInspectRef.String(), "--plain-http") From 836dc6178fcb361ee0b814a616c3b339a0d94944 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Wed, 22 Jan 2025 16:41:06 +0000 Subject: [PATCH 13/15] NewOpts functions Signed-off-by: Austin Abro --- src/cmd/package.go | 67 ++++++++++++++++++++++++++++++---------------- 1 file changed, 44 insertions(+), 23 deletions(-) diff --git a/src/cmd/package.go b/src/cmd/package.go index d24d6e1b56..ff8fb906b6 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -52,7 +52,7 @@ func NewPackageCommand() *cobra.Command { cmd.AddCommand(NewPackageCreateCommand(v)) cmd.AddCommand(NewPackageDeployCommand(v)) cmd.AddCommand(NewPackageMirrorResourcesCommand(v)) - cmd.AddCommand(NewPackageInspectCommand(v)) + cmd.AddCommand(NewPackageInspectCommand()) cmd.AddCommand(NewPackageRemoveCommand(v)) cmd.AddCommand(NewPackageListCommand()) cmd.AddCommand(NewPackagePublishCommand(v)) @@ -345,7 +345,7 @@ func (o *PackageMirrorResourcesOptions) Run(cmd *cobra.Command, args []string) ( type PackageInspectOptions struct{} // NewPackageInspectCommand creates the `package inspect` sub-command. -func NewPackageInspectCommand(v *viper.Viper) *cobra.Command { +func NewPackageInspectCommand() *cobra.Command { o := &PackageInspectOptions{} cmd := &cobra.Command{ Use: "inspect [ PACKAGE_SOURCE ]", @@ -357,7 +357,7 @@ func NewPackageInspectCommand(v *viper.Viper) *cobra.Command { RunE: o.Run, } - cmd.AddCommand(NewPackageInspectSBOMCommand(v)) + cmd.AddCommand(NewPackageInspectSBOMCommand()) cmd.AddCommand(NewPackageInspectImagesCommand()) cmd.AddCommand(NewPackageInspectDefinitionCommand()) @@ -381,14 +381,14 @@ func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { ctx := cmd.Context() logger.From(ctx).Warn("Direct usage of inspect is deprecated and will be removed in a future release. Inspect is now a parent command. Use 'zarf package inspect definition|sbom|images' instead.") - if pkgConfig.InspectOpts.ListImages && (pkgConfig.InspectOpts.SBOMOutputDir != "") { - return fmt.Errorf("cannot use --sbom or --sbom-out and --list-images at the same time") + if pkgConfig.InspectOpts.ListImages && pkgConfig.InspectOpts.SBOMOutputDir != "" { + return fmt.Errorf("cannot use --sbom-out and --list-images at the same time") } if pkgConfig.InspectOpts.SBOMOutputDir != "" { sbomOpts := PackageInspectSBOMOptions{ - SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, - SBOMOutputDir: pkgConfig.InspectOpts.SBOMOutputDir, + skipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, + outputDir: pkgConfig.InspectOpts.SBOMOutputDir, } return sbomOpts.Run(cmd, args) } @@ -408,13 +408,20 @@ func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { // PackageInspectSBOMOptions holds the command-line options for 'package inspect sbom' sub-command. type PackageInspectSBOMOptions struct { - SkipSignatureValidation bool - SBOMOutputDir string + skipSignatureValidation bool + outputDir string +} + +func newPackageInspectSBOMOptions() *PackageInspectSBOMOptions { + return &PackageInspectSBOMOptions{ + outputDir: "", + skipSignatureValidation: false, + } } // NewPackageInspectSBOMCommand creates the `package inspect sbom` sub-command. -func NewPackageInspectSBOMCommand(v *viper.Viper) *cobra.Command { - o := &PackageInspectSBOMOptions{} +func NewPackageInspectSBOMCommand() *cobra.Command { + o := newPackageInspectSBOMOptions() cmd := &cobra.Command{ Use: "sbom [ PACKAGE ]", Short: "Output the package SBOM (Software Bill Of Materials) to the specified directory", @@ -422,8 +429,8 @@ func NewPackageInspectSBOMCommand(v *viper.Viper) *cobra.Command { RunE: o.Run, } - cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) - cmd.Flags().StringVar(&o.SBOMOutputDir, "output", v.GetString(common.VPkgCreateSbomOutput), lang.CmdPackageCreateFlagSbomOut) + cmd.Flags().BoolVar(&o.skipSignatureValidation, "skip-signature-validation", o.skipSignatureValidation, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().StringVar(&o.outputDir, "output", o.outputDir, lang.CmdPackageCreateFlagSbomOut) return cmd } @@ -437,7 +444,7 @@ func (o *PackageInspectSBOMOptions) Run(cmd *cobra.Command, args []string) error } loadOpt := packager2.LoadOptions{ Source: src, - SkipSignatureValidation: o.SkipSignatureValidation, + SkipSignatureValidation: o.skipSignatureValidation, Filter: filters.Empty(), PublicKeyPath: pkgConfig.PkgOpts.PublicKeyPath, } @@ -445,13 +452,14 @@ func (o *PackageInspectSBOMOptions) Run(cmd *cobra.Command, args []string) error if err != nil { return err } - outputPath, err := layout.GetSBOM(o.SBOMOutputDir) + outputPath, err := layout.GetSBOM(o.outputDir) if err != nil { return err } outputPath, err = filepath.Abs(outputPath) if err != nil { logger.From(ctx).Warn("SBOM successfully extracted, couldn't get output path", "error", err) + return nil } logger.From(ctx).Info("SBOM successfully extracted", "path", outputPath) return nil @@ -462,9 +470,15 @@ type PackageInspectImagesOptions struct { SkipSignatureValidation bool } +func newPackageInspectImagesOptions() *PackageInspectImagesOptions { + return &PackageInspectImagesOptions{ + SkipSignatureValidation: false, + } +} + // NewPackageInspectImagesCommand creates the `inspect images` sub-command. func NewPackageInspectImagesCommand() *cobra.Command { - o := PackageInspectImagesOptions{} + o := newPackageInspectImagesOptions() cmd := &cobra.Command{ Use: "images [ PACKAGE_SOURCE ]", Short: "List all container images contained in the package", @@ -472,7 +486,7 @@ func NewPackageInspectImagesCommand() *cobra.Command { RunE: o.Run, } - cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", o.SkipSignatureValidation, lang.CmdPackageFlagSkipSignatureValidation) return cmd } @@ -486,6 +500,8 @@ func (o *PackageInspectImagesOptions) Run(cmd *cobra.Command, args []string) err return err } + // The user may be pulling the package from the cluster or using a built package + // since we don't know we don't check this error cluster, _ := cluster.NewCluster() //nolint:errcheck pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.SkipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) @@ -501,10 +517,7 @@ func (o *PackageInspectImagesOptions) Run(cmd *cobra.Command, args []string) err } imageList = helpers.Unique(imageList) for _, image := range imageList { - _, err := fmt.Fprintln(os.Stdout, "-", image) - if err != nil { - return err - } + fmt.Println("-", image) } return nil } @@ -514,9 +527,15 @@ type PackageInspectDefinitionOptions struct { SkipSignatureValidation bool } +func newPackageInspectDefinitionOptions() *PackageInspectDefinitionOptions { + return &PackageInspectDefinitionOptions{ + SkipSignatureValidation: false, + } +} + // NewPackageInspectDefinitionCommand creates the `package inspect definition` sub-command. func NewPackageInspectDefinitionCommand() *cobra.Command { - o := PackageInspectDefinitionOptions{} + o := newPackageInspectDefinitionOptions() cmd := &cobra.Command{ Use: "definition [ PACKAGE_SOURCE ]", Short: "Displays the 'zarf.yaml' definition for the specified package", @@ -524,7 +543,7 @@ func NewPackageInspectDefinitionCommand() *cobra.Command { RunE: o.Run, } - cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", false, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", o.SkipSignatureValidation, lang.CmdPackageFlagSkipSignatureValidation) return cmd } @@ -538,6 +557,8 @@ func (o *PackageInspectDefinitionOptions) Run(cmd *cobra.Command, args []string) return err } + // The user may be pulling the package from the cluster or using a built package + // since we don't know we don't check this error cluster, _ := cluster.NewCluster() //nolint:errcheck pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.SkipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) From 40581dca8aa0b56b2d00e57ec926f8ab143498d2 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Wed, 22 Jan 2025 18:24:21 +0000 Subject: [PATCH 14/15] package inspect Signed-off-by: Austin Abro --- src/cmd/package.go | 68 +++++++++++++++++++++------------------------- 1 file changed, 31 insertions(+), 37 deletions(-) diff --git a/src/cmd/package.go b/src/cmd/package.go index ff8fb906b6..222a7aa541 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -357,9 +357,9 @@ func NewPackageInspectCommand() *cobra.Command { RunE: o.Run, } - cmd.AddCommand(NewPackageInspectSBOMCommand()) - cmd.AddCommand(NewPackageInspectImagesCommand()) - cmd.AddCommand(NewPackageInspectDefinitionCommand()) + cmd.AddCommand(newPackageInspectSBOMCommand()) + cmd.AddCommand(newPackageInspectImagesCommand()) + cmd.AddCommand(newPackageInspectDefinitionCommand()) cmd.Flags().StringVar(&pkgConfig.InspectOpts.SBOMOutputDir, "sbom-out", "", lang.CmdPackageInspectFlagSbomOut) cmd.Flags().BoolVar(&pkgConfig.InspectOpts.ListImages, "list-images", false, lang.CmdPackageInspectFlagListImages) @@ -394,16 +394,16 @@ func (o *PackageInspectOptions) Run(cmd *cobra.Command, args []string) error { } if pkgConfig.InspectOpts.ListImages { - imagesOpts := PackageInspectImagesOptions{ - SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, + imagesOpts := packageInspectImagesOptions{ + skipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, } - return imagesOpts.Run(cmd, args) + return imagesOpts.run(cmd, args) } - definitionOpts := PackageInspectDefinitionOptions{ - SkipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, + definitionOpts := packageInspectDefinitionOptions{ + skipSignatureValidation: pkgConfig.PkgOpts.SkipSignatureValidation, } - return definitionOpts.Run(cmd, args) + return definitionOpts.run(cmd, args) } // PackageInspectSBOMOptions holds the command-line options for 'package inspect sbom' sub-command. @@ -419,8 +419,8 @@ func newPackageInspectSBOMOptions() *PackageInspectSBOMOptions { } } -// NewPackageInspectSBOMCommand creates the `package inspect sbom` sub-command. -func NewPackageInspectSBOMCommand() *cobra.Command { +// newPackageInspectSBOMCommand creates the `package inspect sbom` sub-command. +func newPackageInspectSBOMCommand() *cobra.Command { o := newPackageInspectSBOMOptions() cmd := &cobra.Command{ Use: "sbom [ PACKAGE ]", @@ -465,34 +465,31 @@ func (o *PackageInspectSBOMOptions) Run(cmd *cobra.Command, args []string) error return nil } -// PackageInspectImagesOptions holds the command-line options for 'package inspect images' sub-command. -type PackageInspectImagesOptions struct { - SkipSignatureValidation bool +type packageInspectImagesOptions struct { + skipSignatureValidation bool } -func newPackageInspectImagesOptions() *PackageInspectImagesOptions { - return &PackageInspectImagesOptions{ - SkipSignatureValidation: false, +func newPackageInspectImagesOptions() *packageInspectImagesOptions { + return &packageInspectImagesOptions{ + skipSignatureValidation: false, } } -// NewPackageInspectImagesCommand creates the `inspect images` sub-command. -func NewPackageInspectImagesCommand() *cobra.Command { +func newPackageInspectImagesCommand() *cobra.Command { o := newPackageInspectImagesOptions() cmd := &cobra.Command{ Use: "images [ PACKAGE_SOURCE ]", Short: "List all container images contained in the package", Args: cobra.MaximumNArgs(1), - RunE: o.Run, + RunE: o.run, } - cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", o.SkipSignatureValidation, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().BoolVar(&o.skipSignatureValidation, "skip-signature-validation", o.skipSignatureValidation, lang.CmdPackageFlagSkipSignatureValidation) return cmd } -// Run performs the execution of 'package inspect images' sub-command. -func (o *PackageInspectImagesOptions) Run(cmd *cobra.Command, args []string) error { +func (o *packageInspectImagesOptions) run(cmd *cobra.Command, args []string) error { ctx := cmd.Context() src, err := choosePackage(ctx, args) @@ -504,7 +501,7 @@ func (o *PackageInspectImagesOptions) Run(cmd *cobra.Command, args []string) err // since we don't know we don't check this error cluster, _ := cluster.NewCluster() //nolint:errcheck - pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.SkipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) + pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.skipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) if err != nil { return err } @@ -522,34 +519,31 @@ func (o *PackageInspectImagesOptions) Run(cmd *cobra.Command, args []string) err return nil } -// PackageInspectDefinitionOptions holds the command-line options for 'package inspect definition' sub-command. -type PackageInspectDefinitionOptions struct { - SkipSignatureValidation bool +type packageInspectDefinitionOptions struct { + skipSignatureValidation bool } -func newPackageInspectDefinitionOptions() *PackageInspectDefinitionOptions { - return &PackageInspectDefinitionOptions{ - SkipSignatureValidation: false, +func newPackageInspectDefinitionOptions() *packageInspectDefinitionOptions { + return &packageInspectDefinitionOptions{ + skipSignatureValidation: false, } } -// NewPackageInspectDefinitionCommand creates the `package inspect definition` sub-command. -func NewPackageInspectDefinitionCommand() *cobra.Command { +func newPackageInspectDefinitionCommand() *cobra.Command { o := newPackageInspectDefinitionOptions() cmd := &cobra.Command{ Use: "definition [ PACKAGE_SOURCE ]", Short: "Displays the 'zarf.yaml' definition for the specified package", Args: cobra.MaximumNArgs(1), - RunE: o.Run, + RunE: o.run, } - cmd.Flags().BoolVar(&o.SkipSignatureValidation, "skip-signature-validation", o.SkipSignatureValidation, lang.CmdPackageFlagSkipSignatureValidation) + cmd.Flags().BoolVar(&o.skipSignatureValidation, "skip-signature-validation", o.skipSignatureValidation, lang.CmdPackageFlagSkipSignatureValidation) return cmd } -// Run performs the execution of 'package inspect definition' sub-command. -func (o *PackageInspectDefinitionOptions) Run(cmd *cobra.Command, args []string) error { +func (o *packageInspectDefinitionOptions) run(cmd *cobra.Command, args []string) error { ctx := cmd.Context() src, err := choosePackage(ctx, args) @@ -561,7 +555,7 @@ func (o *PackageInspectDefinitionOptions) Run(cmd *cobra.Command, args []string) // since we don't know we don't check this error cluster, _ := cluster.NewCluster() //nolint:errcheck - pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.SkipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) + pkg, err := packager2.GetPackageFromSourceOrCluster(ctx, cluster, src, o.skipSignatureValidation, pkgConfig.PkgOpts.PublicKeyPath) if err != nil { return err } From 960dc9fbf50e2d047d6282abe9d073c0533ed967 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Tue, 28 Jan 2025 14:26:00 +0000 Subject: [PATCH 15/15] update docs Signed-off-by: Austin Abro --- .../content/docs/commands/zarf_package_inspect_definition.md | 2 +- site/src/content/docs/commands/zarf_package_inspect_images.md | 2 +- site/src/content/docs/commands/zarf_package_inspect_sbom.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/site/src/content/docs/commands/zarf_package_inspect_definition.md b/site/src/content/docs/commands/zarf_package_inspect_definition.md index 8e05f0695b..140f1a0cc8 100644 --- a/site/src/content/docs/commands/zarf_package_inspect_definition.md +++ b/site/src/content/docs/commands/zarf_package_inspect_definition.md @@ -27,7 +27,7 @@ zarf package inspect definition [ PACKAGE_SOURCE ] [flags] -a, --architecture string Architecture for OCI images and Zarf packages --insecure-skip-tls-verify Skip checking server's certificate for validity. This flag should only be used if you have a specific reason and accept the reduced security posture. -k, --key string Path to public key file for validating signed packages - --log-format string [beta] Select a logging format. Defaults to 'console'. Valid options are: 'console', 'json', 'dev' + --log-format string [beta] Select a logging format. Defaults to 'console'. Valid options are: 'console', 'json', 'dev', 'legacy'. The legacy option will be removed in a coming release (default "console") -l, --log-level string Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info") --no-color Disable colors in output --no-log-file Disable log file creation diff --git a/site/src/content/docs/commands/zarf_package_inspect_images.md b/site/src/content/docs/commands/zarf_package_inspect_images.md index 166464825b..d79b7527fd 100644 --- a/site/src/content/docs/commands/zarf_package_inspect_images.md +++ b/site/src/content/docs/commands/zarf_package_inspect_images.md @@ -27,7 +27,7 @@ zarf package inspect images [ PACKAGE_SOURCE ] [flags] -a, --architecture string Architecture for OCI images and Zarf packages --insecure-skip-tls-verify Skip checking server's certificate for validity. This flag should only be used if you have a specific reason and accept the reduced security posture. -k, --key string Path to public key file for validating signed packages - --log-format string [beta] Select a logging format. Defaults to 'console'. Valid options are: 'console', 'json', 'dev' + --log-format string [beta] Select a logging format. Defaults to 'console'. Valid options are: 'console', 'json', 'dev', 'legacy'. The legacy option will be removed in a coming release (default "console") -l, --log-level string Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info") --no-color Disable colors in output --no-log-file Disable log file creation diff --git a/site/src/content/docs/commands/zarf_package_inspect_sbom.md b/site/src/content/docs/commands/zarf_package_inspect_sbom.md index 846214ef70..b2a0b5c1e2 100644 --- a/site/src/content/docs/commands/zarf_package_inspect_sbom.md +++ b/site/src/content/docs/commands/zarf_package_inspect_sbom.md @@ -28,7 +28,7 @@ zarf package inspect sbom [ PACKAGE ] [flags] -a, --architecture string Architecture for OCI images and Zarf packages --insecure-skip-tls-verify Skip checking server's certificate for validity. This flag should only be used if you have a specific reason and accept the reduced security posture. -k, --key string Path to public key file for validating signed packages - --log-format string [beta] Select a logging format. Defaults to 'console'. Valid options are: 'console', 'json', 'dev' + --log-format string [beta] Select a logging format. Defaults to 'console'. Valid options are: 'console', 'json', 'dev', 'legacy'. The legacy option will be removed in a coming release (default "console") -l, --log-level string Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info") --no-color Disable colors in output --no-log-file Disable log file creation