From 8720957f458cd71d1fa1c017c0dbd4d5f8f4311c Mon Sep 17 00:00:00 2001 From: Fabian Burth Date: Fri, 19 Jul 2024 09:44:17 +0200 Subject: [PATCH 1/6] Extend version regexp to support semver (#834) #### What this PR does / why we need it: Users created components with complex semver versions (e.g. 0.2.3+2024.T06b). This lead to problems, for example when calling `ocm get references ./registry//github.com/acme.org/helloworld:0.2.3+2024.T06b`. This PR extends the version regex used by ocm to also support such complex semver version numbers. --------- Co-authored-by: Uwe Krueger --- cmds/demoplugin/valuesets/check_test.go | 1 - pkg/cobrautils/logopts/options_test.go | 5 +-- .../ocm/accessmethods/plugin/cmd_test.go | 2 +- pkg/contexts/ocm/grammar/grammar.go | 2 +- pkg/contexts/ocm/grammar/grammar_test.go | 34 +++++++++++++++---- pkg/contexts/ocm/grammar/suite_test.go | 13 +++++++ pkg/filelock/lock_test.go | 3 +- 7 files changed, 47 insertions(+), 13 deletions(-) create mode 100644 pkg/contexts/ocm/grammar/suite_test.go diff --git a/cmds/demoplugin/valuesets/check_test.go b/cmds/demoplugin/valuesets/check_test.go index aaa601a62..e4a414d8b 100644 --- a/cmds/demoplugin/valuesets/check_test.go +++ b/cmds/demoplugin/valuesets/check_test.go @@ -32,7 +32,6 @@ var _ = Describe("demoplugin", func() { var plugins TempPluginDir BeforeEach(func() { - env = NewBuilder(TestData()) plugins = Must(ConfigureTestPlugins(env, "testdata")) diff --git a/pkg/cobrautils/logopts/options_test.go b/pkg/cobrautils/logopts/options_test.go index da67262d0..13c914c90 100644 --- a/pkg/cobrautils/logopts/options_test.go +++ b/pkg/cobrautils/logopts/options_test.go @@ -5,10 +5,11 @@ import ( "fmt" . "github.com/mandelsoft/goutils/testutils" - "github.com/mandelsoft/logging" - "github.com/mandelsoft/logging/config" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + + "github.com/mandelsoft/logging" + "github.com/mandelsoft/logging/config" "sigs.k8s.io/yaml" "github.com/open-component-model/ocm/pkg/contexts/clictx" diff --git a/pkg/contexts/ocm/accessmethods/plugin/cmd_test.go b/pkg/contexts/ocm/accessmethods/plugin/cmd_test.go index feffe5ab9..2c2ccc035 100644 --- a/pkg/contexts/ocm/accessmethods/plugin/cmd_test.go +++ b/pkg/contexts/ocm/accessmethods/plugin/cmd_test.go @@ -4,7 +4,6 @@ import ( . "github.com/mandelsoft/goutils/testutils" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/open-component-model/ocm/pkg/contexts/ocm/plugin/plugins" . "github.com/open-component-model/ocm/pkg/contexts/ocm/plugin/testutils" . "github.com/open-component-model/ocm/pkg/env" @@ -15,6 +14,7 @@ import ( "github.com/open-component-model/ocm/pkg/cobrautils/flagsets" "github.com/open-component-model/ocm/pkg/contexts/ocm" "github.com/open-component-model/ocm/pkg/contexts/ocm/accessmethods/options" + "github.com/open-component-model/ocm/pkg/contexts/ocm/plugin/plugins" "github.com/open-component-model/ocm/pkg/contexts/ocm/registration" ) diff --git a/pkg/contexts/ocm/grammar/grammar.go b/pkg/contexts/ocm/grammar/grammar.go index ca5e8ddb8..1fa9e872d 100644 --- a/pkg/contexts/ocm/grammar/grammar.go +++ b/pkg/contexts/ocm/grammar/grammar.go @@ -20,7 +20,7 @@ var ( VersionRegexp = Sequence(Optional(Literal("v")), Numeric, Repetition(0, 2, Literal("."), Numeric), Optional(Literal("-"), Repeated(CharSet("0-9A-Za-z-")), OptionalRepeated(Literal("."), Repeated(CharSet("0-9A-Za-z-")))), - Optional(Literal("+"), Repeated(CharSet("0-9A-Za-z-"))), + Optional(Literal("+"), Repeated(CharSet("0-9A-Za-z-"))), OptionalRepeated(Literal("."), Repeated(CharSet("0-9A-Za-z-"))), ) // AnchoredRepositoryRegexp parses a uniform repository spec. diff --git a/pkg/contexts/ocm/grammar/grammar_test.go b/pkg/contexts/ocm/grammar/grammar_test.go index d0a09de98..ad9caf829 100644 --- a/pkg/contexts/ocm/grammar/grammar_test.go +++ b/pkg/contexts/ocm/grammar/grammar_test.go @@ -1,20 +1,17 @@ package grammar import ( + "fmt" "regexp" - "testing" + . "github.com/mandelsoft/goutils/testutils" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "github.com/Masterminds/semver/v3" gr "github.com/mandelsoft/goutils/regexutils" ) -func TestConfig(t *testing.T) { - RegisterFailHandler(Fail) - RunSpecs(t, "OCI Test Suite") -} - func CheckRef(ref string, parts ...string) { CheckWithOffset(1, ref, AnchoredReferenceRegexp, parts...) } @@ -91,6 +88,31 @@ var _ = Describe("ref matching", func() { Expect(VersionRegexp.MatchString("v1-rc.1")).To(BeTrue()) Expect(VersionRegexp.MatchString("1.1.1-rc.1")).To(BeTrue()) }) + + It("matches complex semver", func() { + Expect(VersionRegexp.MatchString("0.2.3+2024.T06b")).To(BeTrue()) + }) + + It("matches complex semver with v prefix", func() { + Expect(VersionRegexp.MatchString("v0.2.3+2024.T06b")).To(BeTrue()) + }) + + for _, pre := range []string{"", "alpha1", "alpha.1.2", "alpha-1"} { + for _, build := range []string{"", "2024", "2024.1.T2b", "2024.1-T2b"} { + suf := "" + if pre != "" { + suf += "-" + pre + } + if build != "" { + suf += "+" + build + } + It(fmt.Sprintf("handles semver %s", suf), func() { + v := "v0.2.3" + suf + Must(semver.NewVersion(v)) + Expect(VersionRegexp.MatchString(v)).To(BeTrue()) + }) + } + } }) Context("complete refs", func() { diff --git a/pkg/contexts/ocm/grammar/suite_test.go b/pkg/contexts/ocm/grammar/suite_test.go new file mode 100644 index 000000000..bcf403b87 --- /dev/null +++ b/pkg/contexts/ocm/grammar/suite_test.go @@ -0,0 +1,13 @@ +package grammar + +import ( + "testing" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" +) + +func TestConfig(t *testing.T) { + RegisterFailHandler(Fail) + RunSpecs(t, "OCM grammar Test Suite") +} diff --git a/pkg/filelock/lock_test.go b/pkg/filelock/lock_test.go index 0471adc20..5d9bdd5e1 100644 --- a/pkg/filelock/lock_test.go +++ b/pkg/filelock/lock_test.go @@ -8,12 +8,12 @@ import ( . "github.com/onsi/gomega" "github.com/mandelsoft/filepath/pkg/filepath" + "github.com/open-component-model/ocm/pkg/filelock" ) var _ = Describe("lock identity", func() { It("identity", func() { - l1 := Must(filelock.MutexFor("testdata/lock")) l2 := Must(filelock.MutexFor("testdata/../testdata/lock")) Expect(l1).To(BeIdenticalTo(l2)) @@ -32,5 +32,4 @@ var _ = Describe("lock identity", func() { Expect(c).NotTo(BeNil()) c.Close() }) - }) From ab4db46a725a7fb1873729715c86b6d50cd7428e Mon Sep 17 00:00:00 2001 From: GitHub Actions Bot <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 19 Jul 2024 14:21:11 +0000 Subject: [PATCH 2/6] ReleaseNotes for v0.12.0 --- docs/releasenotes/v0.12.0.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 docs/releasenotes/v0.12.0.md diff --git a/docs/releasenotes/v0.12.0.md b/docs/releasenotes/v0.12.0.md new file mode 100644 index 000000000..dbdd6ddad --- /dev/null +++ b/docs/releasenotes/v0.12.0.md @@ -0,0 +1,24 @@ +Release v0.12.0 + +- Extend version regexp to support semver (#834) +- fix broken links (#837) +- fix duplicate command argument for plugin command execution (#831) +- fix plugin error propagation (#830) +- rework source info access for plugin clients (#829) +- Bump github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 in the go\_modules group (#827) +- Support for CLI Extensions by OCM Plugins (#815) +- Bump github.com/docker/docker from 26.1.4+incompatible to 27.0.0+incompatible (#817) +- cleanup unused (#828) +- close() writer, before trying to rename (#824) +- enhance the auto update of the flake vendor hash (#826) +- Bump the go group with 7 updates (#825) +- Update README.md (#822) +- fix https://github.com/open-component-model/ocm-project/issues/196 (#819) +- Bump the go group with 8 updates (#816) +- Fix make cmds (#810) +- Adjust action (#813) +- adjust github action definition (#811) +- restruct blobaccess (#804) +- auto update \`flake.nix\` vendor hash incl. singed commit (#809) +- Simplify Pull Request Template (#808) + From e5ca3001323b75ee5793a786089f1f410e9e8db3 Mon Sep 17 00:00:00 2001 From: GitHub Actions Bot <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 19 Jul 2024 14:21:12 +0000 Subject: [PATCH 3/6] Release v0.12.0 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 20c48e996..d33c3a212 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.12.0-dev +0.12.0 \ No newline at end of file From 7afe8f01b28e82e3fbc78b153a70ce3987298fd7 Mon Sep 17 00:00:00 2001 From: GitHub Actions Bot <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 19 Jul 2024 14:39:15 +0000 Subject: [PATCH 4/6] Update version file to 0.13.0-dev --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index d33c3a212..6be20912f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.12.0 \ No newline at end of file +0.13.0-dev From 6643f5e095de91499d350d7092acacc88c3bbb2b Mon Sep 17 00:00:00 2001 From: Uwe Krueger Date: Tue, 23 Jul 2024 09:29:20 +0200 Subject: [PATCH 5/6] forward error message from OCI registry (#848) #### What this PR does / why we need it: the used containerd lib extracts a potential error from the response body of an OCI rest call, but the error object does not report this content with its Error method. The error object has been copied into this library and fixed accordingly. #### Which issue(s) this PR fixes: --- pkg/docker/errors/errors.go | 58 +++++++++++++++++++++++++++++++++++++ pkg/docker/pusher.go | 2 +- 2 files changed, 59 insertions(+), 1 deletion(-) create mode 100644 pkg/docker/errors/errors.go diff --git a/pkg/docker/errors/errors.go b/pkg/docker/errors/errors.go new file mode 100644 index 000000000..a158f75b5 --- /dev/null +++ b/pkg/docker/errors/errors.go @@ -0,0 +1,58 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package errors + +import ( + "fmt" + "io" + "net/http" +) + +var _ error = ErrUnexpectedStatus{} + +// ErrUnexpectedStatus is returned if a registry API request returned with unexpected HTTP status +type ErrUnexpectedStatus struct { + Status string + StatusCode int + Body []byte + RequestURL, RequestMethod string +} + +func (e ErrUnexpectedStatus) Error() string { + if len(e.Body) > 0 { + return fmt.Sprintf("unexpected status from %s request to %s: %s: %s", e.RequestMethod, e.RequestURL, e.Status, string(e.Body)) + } + return fmt.Sprintf("unexpected status from %s request to %s: %s", e.RequestMethod, e.RequestURL, e.Status) +} + +// NewUnexpectedStatusErr creates an ErrUnexpectedStatus from HTTP response +func NewUnexpectedStatusErr(resp *http.Response) error { + var b []byte + if resp.Body != nil { + b, _ = io.ReadAll(io.LimitReader(resp.Body, 64000)) // 64KB + } + err := ErrUnexpectedStatus{ + Body: b, + Status: resp.Status, + StatusCode: resp.StatusCode, + RequestMethod: resp.Request.Method, + } + if resp.Request.URL != nil { + err.RequestURL = resp.Request.URL.String() + } + return err +} diff --git a/pkg/docker/pusher.go b/pkg/docker/pusher.go index e4bb72032..7d31c59f7 100644 --- a/pkg/docker/pusher.go +++ b/pkg/docker/pusher.go @@ -13,13 +13,13 @@ import ( "github.com/containerd/containerd/images" "github.com/containerd/containerd/log" "github.com/containerd/containerd/remotes" - remoteserrors "github.com/containerd/containerd/remotes/errors" "github.com/opencontainers/go-digest" ocispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" "github.com/sirupsen/logrus" "github.com/open-component-model/ocm/pkg/common/accessio" + remoteserrors "github.com/open-component-model/ocm/pkg/docker/errors" "github.com/open-component-model/ocm/pkg/docker/resolve" ) From 91d5ed51f7085cd3fedd8f3921e77f7b1a371653 Mon Sep 17 00:00:00 2001 From: Fabian Burth Date: Thu, 25 Jul 2024 12:17:22 +0200 Subject: [PATCH 6/6] Exchange Algorithm constant in polymorphic handler method (#852) #### What this PR does / why we need it: This fixes a bug that caused verification of rsassa-pss signatures to fail. #### Which issue(s) this PR fixes: --- pkg/signing/handlers/rsa/handler.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkg/signing/handlers/rsa/handler.go b/pkg/signing/handlers/rsa/handler.go index 7092b654f..6b925096a 100644 --- a/pkg/signing/handlers/rsa/handler.go +++ b/pkg/signing/handlers/rsa/handler.go @@ -97,7 +97,7 @@ func (h *Handler) Sign(cctx credentials.Context, digest string, sctx signing.Sig return nil, errors.Wrapf(err, "public key certificate") } media = MediaTypePEM - value = string(signutils.SignatureBytesToPem(Algorithm, sig, certs...)) + value = string(signutils.SignatureBytesToPem(h.Algorithm(), sig, certs...)) iss = certs[0].Subject.String() } else { pubKey, _, err = GetPublicKey(pub) @@ -113,7 +113,7 @@ func (h *Handler) Sign(cctx credentials.Context, digest string, sctx signing.Sig return &signing.Signature{ Value: value, MediaType: media, - Algorithm: Algorithm, + Algorithm: h.Algorithm(), Issuer: iss, }, nil } @@ -138,7 +138,7 @@ func (h *Handler) Verify(digest string, signature *signing.Signature, sctx signi if err != nil { return fmt.Errorf("unable to get signature from pem: %w", err) } - if algo != "" && algo != Algorithm { + if algo != "" && algo != h.Algorithm() { return errors.ErrInvalid(signutils.KIND_SIGN_ALGORITHM, algo) } signatureBytes = sig