James Carnegie
@@ -56,13 +56,15 @@ func TestRegistryFetcher(t *testing.T) {
|
||||
delegatedDir := CreateTempDir(t, dir, delegatedRole)
|
||||
delegatedTargetFile := fmt.Sprintf("%s/%s", delegatedRole, targetFile)
|
||||
|
||||
cfg, err := config.New(metadataRepo, DockerTUFRootDev.Data)
|
||||
// note - url is ignored here - needed to make http url parsing happy even when using oci
|
||||
cfg, err := config.New("", DockerTUFRootDev.Data)
|
||||
require.NoError(t, err)
|
||||
|
||||
cfg.Fetcher = NewRegistryFetcher(metadataRepo, metadataImgTag, targetsRepo)
|
||||
cfg.LocalMetadataDir = dir
|
||||
cfg.LocalTargetsDir = dir
|
||||
cfg.RemoteTargetsURL = targetsRepo
|
||||
cfg.RemoteMetadataURL = metadataRepo
|
||||
|
||||
// create a new Updater instance
|
||||
up, err := updater.New(cfg)
|
||||
@@ -356,9 +358,6 @@ func RunTestRegistry(t *testing.T) (*registry.RegistryContainer, *url.URL) {
|
||||
if err != nil {
|
||||
t.Fatalf("failed to parse container address: %s", err)
|
||||
}
|
||||
if addr.Hostname() == "127.0.0.1" {
|
||||
addr.Host = "localhost:" + addr.Port()
|
||||
}
|
||||
return registryContainer, addr
|
||||
}
|
||||
|
||||
|
||||
@@ -11,6 +11,7 @@ import (
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/distribution/reference"
|
||||
"github.com/docker/attest/internal/embed"
|
||||
"github.com/docker/attest/internal/util"
|
||||
"github.com/theupdateframework/go-tuf/v2/metadata"
|
||||
@@ -107,20 +108,28 @@ func NewClient(opts *ClientOptions) (*Client, error) {
|
||||
}
|
||||
|
||||
// create updater configuration
|
||||
cfg, err := config.New(opts.MetadataSource, rootBytes) // default config
|
||||
// this is parsed as an HTTP url (which doesn't work for OCI). We're setting this to make TUF happy
|
||||
// and overwriding the configuration below
|
||||
cfg, err := config.New("", rootBytes) // default config
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create TUF updater configuration: %w", err)
|
||||
}
|
||||
cfg.LocalMetadataDir = metadataPath
|
||||
cfg.LocalTargetsDir = filepath.Join(metadataPath, "download")
|
||||
cfg.RemoteMetadataURL = opts.MetadataSource
|
||||
cfg.RemoteTargetsURL = opts.TargetsSource
|
||||
|
||||
if tufSource == OCISource {
|
||||
metadataRepo, metadataTag, found := strings.Cut(opts.MetadataSource, ":")
|
||||
if !found {
|
||||
fmt.Printf("metadata tag not found in URL, using latest\n")
|
||||
metadataTag = LatestTag
|
||||
ref, err := reference.ParseNormalizedNamed(opts.MetadataSource)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to parse metadata source: %w", err)
|
||||
}
|
||||
// add latest tag
|
||||
metadataTag := LatestTag
|
||||
if tag, ok := ref.(reference.Tagged); ok {
|
||||
metadataTag = tag.Tag()
|
||||
}
|
||||
metadataRepo := ref.Name()
|
||||
cfg.Fetcher = NewRegistryFetcher(metadataRepo, metadataTag, opts.TargetsSource)
|
||||
}
|
||||
|
||||
|
||||
@@ -130,7 +130,7 @@ func TestDownloadTarget(t *testing.T) {
|
||||
|
||||
// download delegated target
|
||||
targetInfo, err := tufClient.updater.GetTargetInfo(delegatedTargetFile)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
_, err = tufClient.DownloadTarget(targetInfo.Path, filepath.Join(tufPath, targetInfo.Path))
|
||||
assert.NoError(t, err)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user