From 79299a2fa20955b8c7853e54e06b60a9ecb63a77 Mon Sep 17 00:00:00 2001 From: Django Cass Date: Sat, 23 Sep 2023 17:34:30 +1000 Subject: [PATCH] disabled alpine key verification added ability to set entrypoint/cmd added github actions config --- .github/workflows/release.yaml | 31 +++++++ .goreleaser.yaml | 14 +++ cmd/build.go | 1 + go.mod | 10 +-- go.sum | 20 ++--- pkg/api/v1/types.go | 2 + pkg/containerutil/append.go | 24 ++++- pkg/lockfile/lockfile.go | 11 --- pkg/lockfile/lockfile_test.go | 2 +- pkg/packages/alpine/alpine.go | 39 +------- tests/fixtures/apko-eg-wolfi-base-lock.json | 90 +++++++++++++++++++ tests/fixtures/apko-eg-wolfi-base.yaml | 13 +++ ...tlab-com-av1o-base-images-gradle-lock.json | 24 +++++ .../gitlab-com-av1o-base-images-gradle.yaml | 2 +- ...gitlab-com-av1o-base-images-node-lock.json | 24 +++++ .../gitlab-com-av1o-base-images-node.yaml | 6 +- 16 files changed, 241 insertions(+), 72 deletions(-) create mode 100644 .github/workflows/release.yaml create mode 100644 .goreleaser.yaml create mode 100644 tests/fixtures/apko-eg-wolfi-base-lock.json create mode 100644 tests/fixtures/apko-eg-wolfi-base.yaml diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..753c857 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,31 @@ +name: goreleaser + +on: + push: + # run only against tags + tags: + - '*' + +permissions: + contents: write + packages: write + +jobs: + goreleaser: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + - run: git fetch --force --tags + - uses: actions/setup-go@v3 + with: + go-version: '>=1.20.1' + cache: true + - uses: goreleaser/goreleaser-action@v4 + with: + distribution: goreleaser + version: latest + args: release --clean + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.goreleaser.yaml b/.goreleaser.yaml new file mode 100644 index 0000000..6eb5249 --- /dev/null +++ b/.goreleaser.yaml @@ -0,0 +1,14 @@ +project_name: ayb +builds: + - env: [CGO_ENABLED=0] + goos: + - linux + goarch: + - amd64 + - arm64 +archives: + - format: tar.gz + wrap_in_directory: false + files: + - LICENSE + - README.md \ No newline at end of file diff --git a/cmd/build.go b/cmd/build.go index 58ded99..a909b92 100644 --- a/cmd/build.go +++ b/cmd/build.go @@ -267,6 +267,7 @@ func build(cmd *cobra.Command, _ []string) error { imageBuilder := containerutil.NewImage( containerutil.WithBaseImage(baseImg), containerutil.WithEnv(expandedEnv...), + containerutil.WithEntrypoint(cfg.Spec.Entrypoint, cfg.Spec.Command), ) img, err := imageBuilder.Append(cmd.Context(), rootfs, imgPlatform) if err != nil { diff --git a/go.mod b/go.mod index 3505141..2176a54 100644 --- a/go.mod +++ b/go.mod @@ -2,8 +2,10 @@ module github.com/djcass44/all-your-base go 1.21 +replace github.com/chainguard-dev/go-apk => github.com/djcass44/go-apk v0.0.0-20230923070740-2370fdd5131b + require ( - github.com/chainguard-dev/go-apk v0.0.0-20230906161245-0728258ab917 + github.com/chainguard-dev/go-apk v0.0.0-20230916230430-4fe65c7320b6 github.com/djcass44/ci-tools v1.6.2 github.com/djcass44/go-utils/logging v0.2.3 github.com/go-logr/logr v1.2.4 @@ -11,7 +13,7 @@ require ( github.com/hashicorp/go-getter v1.7.2 github.com/spf13/cobra v1.7.0 github.com/stretchr/testify v1.8.4 - go.uber.org/zap v1.24.0 + go.uber.org/zap v1.26.0 k8s.io/apimachinery v0.28.2 ) @@ -81,7 +83,6 @@ require ( github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/klauspost/compress v1.16.7 // indirect - github.com/kr/text v0.2.0 // indirect github.com/levigross/grequests v0.0.0-20190908174114-253788527a1a // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect @@ -103,8 +104,7 @@ require ( go.opentelemetry.io/otel v1.17.0 // indirect go.opentelemetry.io/otel/metric v1.17.0 // indirect go.opentelemetry.io/otel/trace v1.17.0 // indirect - go.uber.org/atomic v1.10.0 // indirect - go.uber.org/multierr v1.9.0 // indirect + go.uber.org/multierr v1.10.0 // indirect golang.org/x/build v0.0.0-20220928220451-9294235e16f5 // indirect golang.org/x/crypto v0.11.0 // indirect golang.org/x/net v0.13.0 // indirect diff --git a/go.sum b/go.sum index f1bb2d0..c6bd994 100644 --- a/go.sum +++ b/go.sum @@ -265,7 +265,6 @@ github.com/aws/smithy-go v1.13.5 h1:hgz0X/DX0dGqTYpGALqXJoRKRj5oQ7150i5FdTePzO8= github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20220517224237-e6f29200ae04 h1:p2I85zYI9z5/c/3Q0LiO3RtNXcmXHTtJfml/hV16zNg= github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20220517224237-e6f29200ae04/go.mod h1:Z+bXnIbhKJYSvxNwsNnwde7pDKxuqlEZCbUBoTwAqf0= -github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= @@ -274,8 +273,6 @@ github.com/cenkalti/backoff/v4 v4.1.0/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInq github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/chainguard-dev/go-apk v0.0.0-20230906161245-0728258ab917 h1:/FvFggKayia7a3cA/UcD18Dtn53/be/EBhPpQla65g8= -github.com/chainguard-dev/go-apk v0.0.0-20230906161245-0728258ab917/go.mod h1:I7uFl3LBMG1UQONJRQN+3lzZE4tw8myh87FzkDEztHg= github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589 h1:krfRl01rzPzxSxyLyrChD+U+MzsBXbm0OwYYB67uF+4= github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589/go.mod h1:OuDyvmLnMCwa2ep4Jkm6nyA0ocJuZlGyk2gGseVzERM= @@ -295,7 +292,6 @@ github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWH github.com/containerd/stargz-snapshotter/estargz v0.14.3 h1:OqlDCK3ZVUO6C3B/5FSkDwbkEETK84kQgEeFwDC+62k= github.com/containerd/stargz-snapshotter/estargz v0.14.3/go.mod h1:KY//uOCIkSuNAHhJogcZtrNHdKrA99/FCCRjE3HD36o= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -303,6 +299,8 @@ github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= github.com/djcass44/ci-tools v1.6.2 h1:9qeYLIlr3IdNql+F+PWooqDnkHrkW1TU8c3kyCDC6Sg= github.com/djcass44/ci-tools v1.6.2/go.mod h1:l1sHZmEdd1PnNKb++S7AZMyCN6UZOh5eNtXF33qSWVE= +github.com/djcass44/go-apk v0.0.0-20230923070740-2370fdd5131b h1:EqTFDDZkNT6Rpv1RI5SBTlY1xXvRxEtjGtv+xDLERD0= +github.com/djcass44/go-apk v0.0.0-20230923070740-2370fdd5131b/go.mod h1:I7uFl3LBMG1UQONJRQN+3lzZE4tw8myh87FzkDEztHg= github.com/djcass44/go-tracer v0.2.0 h1:GGj11jtBQkujCwJGKlVe0Az/1AV7kEEly6aCAavm9jM= github.com/djcass44/go-tracer v0.2.0/go.mod h1:Wi40ekq6GA0GvtIV6iivGo65suou/1n94swDi/lAjEU= github.com/djcass44/go-utils v0.2.1-0.20210516001550-3d288882b7f4 h1:1JJm+Yy7RugSkdXye3dVqwB3lycWqnCUDHXX4yH3PpQ= @@ -586,17 +584,15 @@ go.opentelemetry.io/otel/trace v1.17.0 h1:/SWhSRHmDPOImIAetP1QAeMnZYiQXrTy4fMMYO go.opentelemetry.io/otel/trace v1.17.0/go.mod h1:I/4vKTgFclIsXRVucpH25X0mpFSczM7aHeaz0ZBLWjY= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= -go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/goleak v1.1.11 h1:wy28qYRKZgnJTxGxvye5/wgWr1EKjmUDGYox5mGlRlI= -go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= +go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk= +go.uber.org/goleak v1.2.0/go.mod h1:XJYK+MuIchqpmGmUSAzotztawfKvYLUIgg7guXrwVUo= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/multierr v1.9.0 h1:7fIwc/ZtS0q++VgcfqFDxSBZVv/Xo49/SYnDFupUwlI= -go.uber.org/multierr v1.9.0/go.mod h1:X2jQV1h+kxSjClGpnseKVIxpmcjrj7MNnI0bnlfKTVQ= +go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ= +go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= -go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= +go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= +go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/build v0.0.0-20220928220451-9294235e16f5 h1:g6/rDfRDvg9YmyUh+Gh15jXoboibZhuv+MiKh8uR8dU= golang.org/x/build v0.0.0-20220928220451-9294235e16f5/go.mod h1:09OhLJI8jZv4jqec7zqh+ZlRZKsSZgDyM5MV3pjurk4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= diff --git a/pkg/api/v1/types.go b/pkg/api/v1/types.go index ec6397f..c5933a1 100644 --- a/pkg/api/v1/types.go +++ b/pkg/api/v1/types.go @@ -14,6 +14,8 @@ const ( type BuildSpec struct { From string `json:"from,omitempty"` + Entrypoint []string `json:"entrypoint,omitempty"` + Command []string `json:"command,omitempty"` Packages []Package `json:"packages,omitempty"` Repositories map[string][]Repository `json:"repositories,omitempty"` Files []File `json:"files,omitempty"` diff --git a/pkg/containerutil/append.go b/pkg/containerutil/append.go index 7bae2c8..af13469 100644 --- a/pkg/containerutil/append.go +++ b/pkg/containerutil/append.go @@ -17,10 +17,12 @@ const DefaultPath = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bi const DefaultUsername = "somebody" type Image struct { - author string - username string - env []string - baseImage v1.Image + author string + username string + env []string + baseImage v1.Image + entrypoint []string + cmd []string } func NewImage(opts ...ImageOption) *Image { @@ -58,6 +60,13 @@ func WithUsername(s string) ImageOption { } } +func WithEntrypoint(ep, cmd []string) ImageOption { + return func(image *Image) { + image.entrypoint = ep + image.cmd = cmd + } +} + func (ib *Image) Append(ctx context.Context, fs fs.FullFS, platform *v1.Platform) (v1.Image, error) { log := logr.FromContextOrDiscard(ctx) @@ -94,6 +103,13 @@ func (ib *Image) Append(ctx context.Context, fs fs.FullFS, platform *v1.Platform cfg.Config.WorkingDir = filepath.Join("/home", ib.username) cfg.Config.User = ib.username + if ib.entrypoint != nil { + cfg.Config.Entrypoint = ib.entrypoint + } + if ib.cmd != nil { + cfg.Config.Cmd = ib.cmd + } + cfg.Config.Env = ib.env var found bool diff --git a/pkg/lockfile/lockfile.go b/pkg/lockfile/lockfile.go index 717549a..d740750 100644 --- a/pkg/lockfile/lockfile.go +++ b/pkg/lockfile/lockfile.go @@ -45,17 +45,6 @@ func (l *Lock) Validate(cfg v1.BuildSpec) error { } continue } - // check that the lock packages are all in the manifest - for _, p := range cfg.Packages { - for _, n := range p.Names { - if n == k { - found = true - } - } - } - if !found { - return fmt.Errorf("package found in lock, but not manifest: %s", k) - } } return nil diff --git a/pkg/lockfile/lockfile_test.go b/pkg/lockfile/lockfile_test.go index 4e060f3..ec5ea0c 100644 --- a/pkg/lockfile/lockfile_test.go +++ b/pkg/lockfile/lockfile_test.go @@ -42,7 +42,7 @@ func TestLock_Validate(t *testing.T) { }, }, }, - ok: false, + ok: true, }, { name: "extra file", diff --git a/pkg/packages/alpine/alpine.go b/pkg/packages/alpine/alpine.go index 8b722ab..b3f7e2f 100644 --- a/pkg/packages/alpine/alpine.go +++ b/pkg/packages/alpine/alpine.go @@ -11,53 +11,20 @@ import ( "os" ) -var testKeys = map[string][]byte{ - "alpine-devel@lists.alpinelinux.org-616ae350.rsa.pub": []byte(` ------BEGIN PUBLIC KEY----- -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyduVzi1mWm+lYo2Tqt/0 -XkCIWrDNP1QBMVPrE0/ZlU2bCGSoo2Z9FHQKz/mTyMRlhNqTfhJ5qU3U9XlyGOPJ -piM+b91g26pnpXJ2Q2kOypSgOMOPA4cQ42PkHBEqhuzssfj9t7x47ppS94bboh46 -xLSDRff/NAbtwTpvhStV3URYkxFG++cKGGa5MPXBrxIp+iZf9GnuxVdST5PGiVGP -ODL/b69sPJQNbJHVquqUTOh5Ry8uuD2WZuXfKf7/C0jC/ie9m2+0CttNu9tMciGM -EyKG1/Xhk5iIWO43m4SrrT2WkFlcZ1z2JSf9Pjm4C2+HovYpihwwdM/OdP8Xmsnr -DzVB4YvQiW+IHBjStHVuyiZWc+JsgEPJzisNY0Wyc/kNyNtqVKpX6dRhMLanLmy+ -f53cCSI05KPQAcGj6tdL+D60uKDkt+FsDa0BTAobZ31OsFVid0vCXtsbplNhW1IF -HwsGXBTVcfXg44RLyL8Lk/2dQxDHNHzAUslJXzPxaHBLmt++2COa2EI1iWlvtznk -Ok9WP8SOAIj+xdqoiHcC4j72BOVVgiITIJNHrbppZCq6qPR+fgXmXa+sDcGh30m6 -9Wpbr28kLMSHiENCWTdsFij+NQTd5S47H7XTROHnalYDuF1RpS+DpQidT5tUimaT -JZDr++FjKrnnijbyNF8b98UCAwEAAQ== ------END PUBLIC KEY-----`), - "alpine-devel@lists.alpinelinux.org-6165ee59.rsa.pub": []byte(` ------BEGIN PUBLIC KEY----- -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAutQkua2CAig4VFSJ7v54 -ALyu/J1WB3oni7qwCZD3veURw7HxpNAj9hR+S5N/pNeZgubQvJWyaPuQDm7PTs1+ -tFGiYNfAsiibX6Rv0wci3M+z2XEVAeR9Vzg6v4qoofDyoTbovn2LztaNEjTkB+oK -tlvpNhg1zhou0jDVYFniEXvzjckxswHVb8cT0OMTKHALyLPrPOJzVtM9C1ew2Nnc -3848xLiApMu3NBk0JqfcS3Bo5Y2b1FRVBvdt+2gFoKZix1MnZdAEZ8xQzL/a0YS5 -Hd0wj5+EEKHfOd3A75uPa/WQmA+o0cBFfrzm69QDcSJSwGpzWrD1ScH3AK8nWvoj -v7e9gukK/9yl1b4fQQ00vttwJPSgm9EnfPHLAtgXkRloI27H6/PuLoNvSAMQwuCD -hQRlyGLPBETKkHeodfLoULjhDi1K2gKJTMhtbnUcAA7nEphkMhPWkBpgFdrH+5z4 -Lxy+3ek0cqcI7K68EtrffU8jtUj9LFTUC8dERaIBs7NgQ/LfDbDfGh9g6qVj1hZl -k9aaIPTm/xsi8v3u+0qaq7KzIBc9s59JOoA8TlpOaYdVgSQhHHLBaahOuAigH+VI -isbC9vmqsThF2QdDtQt37keuqoda2E6sL7PUvIyVXDRfwX7uMDjlzTxHTymvq2Ck -htBqojBnThmjJQFgZXocHG8CAwEAAQ== ------END PUBLIC KEY-----`), -} - type PackageKeeper struct { indices []apk.NamedIndex } func NewPackageKeeper(ctx context.Context, repositories []string) (*PackageKeeper, error) { log := logr.FromContextOrDiscard(ctx) - indices, err := apk.GetRepositoryIndexes(ctx, repositories, testKeys, "x86_64", apk.WithIgnoreSignatures(false)) + indices, err := apk.GetRepositoryIndexes(ctx, repositories, map[string][]byte{}, "x86_64", apk.WithIgnoreSignatures(true)) if err != nil { return nil, err } - log.Info("loaded indices", "count", len(indices)) + log.V(2).Info("loaded indices", "count", len(indices)) for _, i := range indices { - log.Info("added index", "count", i.Count(), "name", i.Name(), "source", i.Source()) + log.V(1).Info("added index", "count", i.Count(), "name", i.Name(), "source", i.Source()) } return &PackageKeeper{ diff --git a/tests/fixtures/apko-eg-wolfi-base-lock.json b/tests/fixtures/apko-eg-wolfi-base-lock.json new file mode 100644 index 0000000..7c69dcd --- /dev/null +++ b/tests/fixtures/apko-eg-wolfi-base-lock.json @@ -0,0 +1,90 @@ +{ + "name": "apko-eg-nginx", + "lockfileVersion": 1, + "packages": { + "apk-tools": { + "type": "Alpine", + "version": "2.14.0-r0", + "resolved": "https://packages.wolfi.dev/os/x86_64/apk-tools-2.14.0-r0.apk", + "integrity": "Q15lEO4JohyDLUB0MMSqVgQor2Ug8=" + }, + "busybox": { + "type": "Alpine", + "version": "1.36.1-r2", + "resolved": "https://packages.wolfi.dev/os/x86_64/busybox-1.36.1-r2.apk", + "integrity": "Q1d2kYe9D3/7EJ+b9C6YkKqlSsU/M=" + }, + "ca-certificates-bundle": { + "type": "Alpine", + "version": "20230506-r0", + "resolved": "https://packages.wolfi.dev/os/x86_64/ca-certificates-bundle-20230506-r0.apk", + "integrity": "Q1/YGo3iUSdyF2/rk3tKR6MhtUEzg=" + }, + "glibc": { + "type": "Alpine", + "version": "2.38-r2", + "resolved": "https://packages.wolfi.dev/os/x86_64/glibc-2.38-r2.apk", + "integrity": "Q1k9e5NAH0GBM6W9/GARLSIDa3HV4=" + }, + "glibc-locale-posix": { + "type": "Alpine", + "version": "2.38-r2", + "resolved": "https://packages.wolfi.dev/os/x86_64/glibc-locale-posix-2.38-r2.apk", + "integrity": "Q1GyMxw4Su1WqAaaHhO6I7/sxSMAA=" + }, + "ld-linux": { + "type": "Alpine", + "version": "2.38-r2", + "resolved": "https://packages.wolfi.dev/os/x86_64/ld-linux-2.38-r2.apk", + "integrity": "Q14GpGTlRyZY+iYYxqnOvshsrGf8Q=" + }, + "libcrypt1": { + "type": "Alpine", + "version": "2.38-r2", + "resolved": "https://packages.wolfi.dev/os/x86_64/libcrypt1-2.38-r2.apk", + "integrity": "Q1lGWn9fktWmEmNdyqaXC0B1j7NIc=" + }, + "libcrypto3": { + "type": "Alpine", + "version": "3.1.3-r0", + "resolved": "https://packages.wolfi.dev/os/x86_64/libcrypto3-3.1.3-r0.apk", + "integrity": "Q16MModYE7dAtOLG3kDnIa/Jxbn7o=" + }, + "libssl3": { + "type": "Alpine", + "version": "3.1.3-r0", + "resolved": "https://packages.wolfi.dev/os/x86_64/libssl3-3.1.3-r0.apk", + "integrity": "Q1Iy4/pjMZ4WLOJ4BLVG3Pa3SJxY8=" + }, + "openssl-config": { + "type": "Alpine", + "version": "3.1.3-r0", + "resolved": "https://packages.wolfi.dev/os/x86_64/openssl-config-3.1.3-r0.apk", + "integrity": "Q1Hf1wTsCSVZNpng1bU87e+L17oXg=" + }, + "wolfi-base": { + "type": "Alpine", + "version": "1-r3", + "resolved": "https://packages.wolfi.dev/os/x86_64/wolfi-base-1-r3.apk", + "integrity": "Q1LrzTxq5MubwvQY3xCuDnXVIGJek=" + }, + "wolfi-baselayout": { + "type": "Alpine", + "version": "20230201-r6", + "resolved": "https://packages.wolfi.dev/os/x86_64/wolfi-baselayout-20230201-r6.apk", + "integrity": "Q17VhAhkjHFu8hi9j6VPHxlOX95sc=" + }, + "wolfi-keys": { + "type": "Alpine", + "version": "1-r5", + "resolved": "https://packages.wolfi.dev/os/x86_64/wolfi-keys-1-r5.apk", + "integrity": "Q10fpy9hX9x84izBkTlUFtNXLEeqk=" + }, + "zlib": { + "type": "Alpine", + "version": "1.3-r0", + "resolved": "https://packages.wolfi.dev/os/x86_64/zlib-1.3-r0.apk", + "integrity": "Q12c/3NY/o7FDtGM4k93d8nDACYWk=" + } + } +} diff --git a/tests/fixtures/apko-eg-wolfi-base.yaml b/tests/fixtures/apko-eg-wolfi-base.yaml new file mode 100644 index 0000000..44f8f4f --- /dev/null +++ b/tests/fixtures/apko-eg-wolfi-base.yaml @@ -0,0 +1,13 @@ +apiVersion: ayb.dcas.dev/v1 +kind: Build +metadata: + name: apko-eg-nginx +spec: + from: scratch + repositories: + alpine: + - url: https://packages.wolfi.dev/os + packages: + - type: Alpine + names: + - wolfi-base \ No newline at end of file diff --git a/tests/fixtures/gitlab-com-av1o-base-images-gradle-lock.json b/tests/fixtures/gitlab-com-av1o-base-images-gradle-lock.json index fbb9a8f..4878c24 100644 --- a/tests/fixtures/gitlab-com-av1o-base-images-gradle-lock.json +++ b/tests/fixtures/gitlab-com-av1o-base-images-gradle-lock.json @@ -116,6 +116,12 @@ "resolved": "https://mirror.aarnet.edu.au/pub/alpine/v3.18/main/x86_64/nghttp2-libs-1.55.1-r0.apk", "integrity": "Q11v9e1mzPbfY7PrJH8roan9CLkP8=" }, + "openssh": { + "type": "Alpine", + "version": "9.3_p2-r0", + "resolved": "https://mirror.aarnet.edu.au/pub/alpine/v3.18/main/x86_64/openssh-9.3_p2-r0.apk", + "integrity": "Q1Lwfxw5Oq5LBNXrbMJu3EHW+VQ+k=" + }, "openssh-client-common": { "type": "Alpine", "version": "9.3_p2-r0", @@ -134,6 +140,24 @@ "resolved": "https://mirror.aarnet.edu.au/pub/alpine/v3.18/main/x86_64/openssh-keygen-9.3_p2-r0.apk", "integrity": "Q18HKD+gemWeNLp/t5rGmx94P+gLY=" }, + "openssh-server": { + "type": "Alpine", + "version": "9.3_p2-r0", + "resolved": "https://mirror.aarnet.edu.au/pub/alpine/v3.18/main/x86_64/openssh-server-9.3_p2-r0.apk", + "integrity": "Q1bIRg9D8BLZyETSYR4878NZ1Jta4=" + }, + "openssh-server-common": { + "type": "Alpine", + "version": "9.3_p2-r0", + "resolved": "https://mirror.aarnet.edu.au/pub/alpine/v3.18/main/x86_64/openssh-server-common-9.3_p2-r0.apk", + "integrity": "Q1CHAO/mDZrnSkfFjO7WyckK20dB4=" + }, + "openssh-sftp-server": { + "type": "Alpine", + "version": "9.3_p2-r0", + "resolved": "https://mirror.aarnet.edu.au/pub/alpine/v3.18/main/x86_64/openssh-sftp-server-9.3_p2-r0.apk", + "integrity": "Q1dmqpX0Wavqwfyq+43N5r1o/poYM=" + }, "pcre2": { "type": "Alpine", "version": "10.42-r1", diff --git a/tests/fixtures/gitlab-com-av1o-base-images-gradle.yaml b/tests/fixtures/gitlab-com-av1o-base-images-gradle.yaml index c05c25f..3543a74 100644 --- a/tests/fixtures/gitlab-com-av1o-base-images-gradle.yaml +++ b/tests/fixtures/gitlab-com-av1o-base-images-gradle.yaml @@ -14,7 +14,7 @@ spec: - git - git-lfs - wget - - openssh-client + - openssh files: - uri: https://services.gradle.org/distributions/gradle-7.2-bin.zip?checksum=file:https://services.gradle.org/distributions/gradle-7.2-bin.zip.sha256 path: /opt/ diff --git a/tests/fixtures/gitlab-com-av1o-base-images-node-lock.json b/tests/fixtures/gitlab-com-av1o-base-images-node-lock.json index edbd0f5..607cd00 100644 --- a/tests/fixtures/gitlab-com-av1o-base-images-node-lock.json +++ b/tests/fixtures/gitlab-com-av1o-base-images-node-lock.json @@ -116,6 +116,12 @@ "resolved": "https://mirror.aarnet.edu.au/pub/alpine/v3.18/main/x86_64/nghttp2-libs-1.55.1-r0.apk", "integrity": "Q11v9e1mzPbfY7PrJH8roan9CLkP8=" }, + "openssh": { + "type": "Alpine", + "version": "9.3_p2-r0", + "resolved": "https://mirror.aarnet.edu.au/pub/alpine/v3.18/main/x86_64/openssh-9.3_p2-r0.apk", + "integrity": "Q1Lwfxw5Oq5LBNXrbMJu3EHW+VQ+k=" + }, "openssh-client-common": { "type": "Alpine", "version": "9.3_p2-r0", @@ -134,6 +140,24 @@ "resolved": "https://mirror.aarnet.edu.au/pub/alpine/v3.18/main/x86_64/openssh-keygen-9.3_p2-r0.apk", "integrity": "Q18HKD+gemWeNLp/t5rGmx94P+gLY=" }, + "openssh-server": { + "type": "Alpine", + "version": "9.3_p2-r0", + "resolved": "https://mirror.aarnet.edu.au/pub/alpine/v3.18/main/x86_64/openssh-server-9.3_p2-r0.apk", + "integrity": "Q1bIRg9D8BLZyETSYR4878NZ1Jta4=" + }, + "openssh-server-common": { + "type": "Alpine", + "version": "9.3_p2-r0", + "resolved": "https://mirror.aarnet.edu.au/pub/alpine/v3.18/main/x86_64/openssh-server-common-9.3_p2-r0.apk", + "integrity": "Q1CHAO/mDZrnSkfFjO7WyckK20dB4=" + }, + "openssh-sftp-server": { + "type": "Alpine", + "version": "9.3_p2-r0", + "resolved": "https://mirror.aarnet.edu.au/pub/alpine/v3.18/main/x86_64/openssh-sftp-server-9.3_p2-r0.apk", + "integrity": "Q1dmqpX0Wavqwfyq+43N5r1o/poYM=" + }, "pcre2": { "type": "Alpine", "version": "10.42-r1", diff --git a/tests/fixtures/gitlab-com-av1o-base-images-node.yaml b/tests/fixtures/gitlab-com-av1o-base-images-node.yaml index 7649583..b8645b2 100644 --- a/tests/fixtures/gitlab-com-av1o-base-images-node.yaml +++ b/tests/fixtures/gitlab-com-av1o-base-images-node.yaml @@ -13,7 +13,7 @@ spec: names: - git - git-lfs - - openssh-client + - openssh files: - uri: .npmrc path: $HOME/ @@ -23,4 +23,6 @@ spec: - name: NODE_PATH value: $HOME/.npm-packages/lib/node_modules - name: PATH - value: $HOME/.npm-packages/bin:$PATH \ No newline at end of file + value: $HOME/.npm-packages/bin:$PATH + entrypoint: + - /bin/sh \ No newline at end of file