Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add option to skip cosign lookup during find images #2427

Merged
merged 2 commits into from
Apr 9, 2024
Merged

feat: add option to skip cosign lookup during find images #2427

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c99c661
feat: add option to skip cosign lookup during find images
Racer159 Apr 9, 2024
7d7977b
Merge branch 'main' into hotfix-add-skip-cosign-find-images
AustinAbro321 Apr 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docs/2-the-zarf-cli/100-cli-commands/zarf_dev_find-images.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ zarf dev find-images [ PACKAGE ] [flags]
--kube-version string Override the default helm template KubeVersion when performing a package chart template
--registry-url string Override the ###ZARF_REGISTRY### value (default "127.0.0.1:31999")
-p, --repo-chart-path string If git repos hold helm charts, often found with gitops tools, specify the chart path, e.g. "/" or "/chart"
--skip-cosign Skip searching for cosign artifacts related to discovered images
--why string Prints the source manifest for the specified image
```

Expand Down
2 changes: 2 additions & 0 deletions src/cmd/dev.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -301,6 +301,8 @@ func init() {
devFindImagesCmd.Flags().StringVar(&pkgConfig.FindImagesOpts.KubeVersionOverride, "kube-version", "", lang.CmdDevFlagKubeVersion)
// check which manifests are using this particular image
devFindImagesCmd.Flags().StringVar(&pkgConfig.FindImagesOpts.Why, "why", "", lang.CmdDevFlagFindImagesWhy)
// skip searching cosign artifacts in find images
devFindImagesCmd.Flags().BoolVar(&pkgConfig.FindImagesOpts.SkipCosign, "skip-cosign", false, lang.CmdDevFlagFindImagesSkipCosign)

defaultRegistry := fmt.Sprintf("%s:%d", helpers.IPV4Localhost, types.ZarfInClusterContainerRegistryNodePort)
devFindImagesCmd.Flags().StringVar(&pkgConfig.FindImagesOpts.RegistryURL, "registry-url", defaultRegistry, lang.CmdDevFlagFindImagesRegistry)
Expand Down
17 changes: 9 additions & 8 deletions src/config/lang/english.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -385,13 +385,14 @@ $ zarf package pull oci://ghcr.io/defenseunicorns/packages/dos-games:1.0.0 -a sk
"NOTE: This file must not already exist. If no filename is provided, the config will be written to the current working directory as zarf-config.toml."
CmdDevGenerateConfigErr = "Unable to write the config file %s, make sure the file doesn't already exist"

CmdDevFlagExtractPath = `The path inside of an archive to use to calculate the sha256sum (i.e. for use with "files.extractPath")`
CmdDevFlagSet = "Specify package variables to set on the command line (KEY=value). Note, if using a config file, this will be set by [package.create.set]."
CmdDevFlagRepoChartPath = `If git repos hold helm charts, often found with gitops tools, specify the chart path, e.g. "/" or "/chart"`
CmdDevFlagGitAccount = "User or organization name for the git account that the repos are created under."
CmdDevFlagKubeVersion = "Override the default helm template KubeVersion when performing a package chart template"
CmdDevFlagFindImagesRegistry = "Override the ###ZARF_REGISTRY### value"
CmdDevFlagFindImagesWhy = "Prints the source manifest for the specified image"
CmdDevFlagExtractPath = `The path inside of an archive to use to calculate the sha256sum (i.e. for use with "files.extractPath")`
CmdDevFlagSet = "Specify package variables to set on the command line (KEY=value). Note, if using a config file, this will be set by [package.create.set]."
CmdDevFlagRepoChartPath = `If git repos hold helm charts, often found with gitops tools, specify the chart path, e.g. "/" or "/chart"`
CmdDevFlagGitAccount = "User or organization name for the git account that the repos are created under."
CmdDevFlagKubeVersion = "Override the default helm template KubeVersion when performing a package chart template"
CmdDevFlagFindImagesRegistry = "Override the ###ZARF_REGISTRY### value"
CmdDevFlagFindImagesWhy = "Prints the source manifest for the specified image"
CmdDevFlagFindImagesSkipCosign = "Skip searching for cosign artifacts related to discovered images"

CmdDevLintShort = "Lints the given package for valid schema and recommended practices"
CmdDevLintLong = "Verifies the package schema, checks if any variables won't be evaluated, and checks for unpinned images/repos/files"
Expand Down Expand Up @@ -477,7 +478,7 @@ $ zarf tools registry digest reg.example.com/stefanprodan/podinfo:6.4.0
CmdToolsGetGitPasswdShort = "[Deprecated] Returns the push user's password for the Git server"
CmdToolsGetGitPasswdLong = "[Deprecated] Reads the password for a user with push access to the configured Git server in Zarf State. Note that this command has been replaced by 'zarf tools get-creds git' and will be removed in Zarf v1.0.0."
CmdToolsGetGitPasswdDeprecation = "Deprecated: This command has been replaced by 'zarf tools get-creds git' and will be removed in Zarf v1.0.0."
CmdToolsYqExample = `
CmdToolsYqExample = `
# yq defaults to 'eval' command if no command is specified. See "zarf tools yq eval --help" for more examples.

# read the "stuff" node from "myfile.yml"
Expand Down
42 changes: 22 additions & 20 deletions src/pkg/packager/prepare.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -313,29 +313,31 @@ func (p *Packager) findImages() (imgMap map[string][]string, err error) {

spinner.Success()

// Handle cosign artifact lookups
if len(imagesMap[component.Name]) > 0 {
var cosignArtifactList []string
spinner := message.NewProgressSpinner("Looking up cosign artifacts for discovered images (0/%d)", len(imagesMap[component.Name]))
defer spinner.Stop()

for idx, image := range imagesMap[component.Name] {
spinner.Updatef("Looking up cosign artifacts for discovered images (%d/%d)", idx+1, len(imagesMap[component.Name]))
cosignArtifacts, err := utils.GetCosignArtifacts(image)
if err != nil {
message.WarnErrf(err, "Problem looking up cosign artifacts for %s: %s", image, err.Error())
erroredCosignLookups = append(erroredCosignLookups, image)
if !p.cfg.FindImagesOpts.SkipCosign {
// Handle cosign artifact lookups
if len(imagesMap[component.Name]) > 0 {
var cosignArtifactList []string
spinner := message.NewProgressSpinner("Looking up cosign artifacts for discovered images (0/%d)", len(imagesMap[component.Name]))
defer spinner.Stop()

for idx, image := range imagesMap[component.Name] {
spinner.Updatef("Looking up cosign artifacts for discovered images (%d/%d)", idx+1, len(imagesMap[component.Name]))
cosignArtifacts, err := utils.GetCosignArtifacts(image)
if err != nil {
message.WarnErrf(err, "Problem looking up cosign artifacts for %s: %s", image, err.Error())
erroredCosignLookups = append(erroredCosignLookups, image)
}
cosignArtifactList = append(cosignArtifactList, cosignArtifacts...)
}
cosignArtifactList = append(cosignArtifactList, cosignArtifacts...)
}

spinner.Success()
spinner.Success()

if len(cosignArtifactList) > 0 {
imagesMap[component.Name] = append(imagesMap[component.Name], cosignArtifactList...)
componentDefinition += fmt.Sprintf(" # Cosign artifacts for images - %s - %s\n", p.cfg.Pkg.Metadata.Name, component.Name)
for _, cosignArtifact := range cosignArtifactList {
componentDefinition += fmt.Sprintf(" - %s\n", cosignArtifact)
if len(cosignArtifactList) > 0 {
imagesMap[component.Name] = append(imagesMap[component.Name], cosignArtifactList...)
componentDefinition += fmt.Sprintf(" # Cosign artifacts for images - %s - %s\n", p.cfg.Pkg.Metadata.Name, component.Name)
for _, cosignArtifact := range cosignArtifactList {
componentDefinition += fmt.Sprintf(" - %s\n", cosignArtifact)
}
}
}
}
Expand Down
3 changes: 2 additions & 1 deletion src/types/runtime.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,8 @@ type ZarfFindImagesOptions struct {
RepoHelmChartPath string `json:"repoHelmChartPath" jsonschema:"description=Path to the helm chart directory"`
KubeVersionOverride string `json:"kubeVersionOverride" jsonschema:"description=Kubernetes version to use for the helm chart"`
RegistryURL string `json:"registryURL" jsonschema:"description=Manual override for ###ZARF_REGISTRY###"`
Why string `json:"why" jsonschema:"description=Find the location of the image given as an argument and print it to the console."`
Why string `json:"why" jsonschema:"description=Find the location of the image given as an argument and print it to the console"`
SkipCosign bool `json:"skip-cosign" jsonschema:"description=Optionally skip lookup of cosign artifacts when finding images"`
}

// ZarfDeployOptions tracks the user-defined preferences during a package deploy.
Expand Down
Loading