-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Ignore tls when pull image #449
Conversation
Signed-off-by: Manoramsharma <[email protected]>
Pull Request Test Coverage Report for Build 10662945577Warning: This coverage report may be inaccurate.This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.
Details
💛 - Coveralls |
You need to add a option for the OCI client users to control the tls flag. cc @zong-zhe |
Hi @
Hi @Peefy in order to add an additional option or flag to allow users to control the downloading with or without tls cert. I tried to explore func KpmPull(c *cli.Context, kpmcli *client.KpmClient) error {
return kpmcli.PullFromOci(c.Args().Get(1), c.Args().Get(0), c.String(FLAG_TAG))
} As we have modified the pkg/client/client.go
// pullTarFromOci will pull a kcl package tar file from oci registry.
func (c *KpmClient) pullTarFromOci(localPath string, ociOpts *opt.OciOptions) error {
absPullPath, err := filepath.Abs(localPath)
if err != nil {
return reporter.NewErrorEvent(reporter.Bug, err)
}
repoPath := utils.JoinPath(ociOpts.Reg, ociOpts.Repo)
cred, err := c.GetCredentials(ociOpts.Reg)
if err != nil {
return err
}
ociCli, err := oci.NewOciClientWithOpts(
oci.WithCredential(cred),
oci.WithRepoPath(repoPath),
oci.WithSettings(c.GetSettings()),
)
if err != nil {
return err
}
ociCli.SetLogWriter(c.logWriter)
var tagSelected string
if len(ociOpts.Tag) == 0 {
tagSelected, err = ociCli.TheLatestTag()
if err != nil {
return err
}
reporter.ReportMsgTo(
fmt.Sprintf("the lastest version '%s' will be pulled", tagSelected),
c.logWriter,
)
} else {
tagSelected = ociOpts.Tag
}
full_repo := utils.JoinPath(ociOpts.Reg, ociOpts.Repo)
reporter.ReportMsgTo(
fmt.Sprintf("pulling '%s:%s' from '%s'", ociOpts.Repo, tagSelected, full_repo),
c.logWriter,
)
err = ociCli.Pull(absPullPath, tagSelected)
if err != nil {
return err
}
return nil
} |
Signed-off-by: Manoramsharma <[email protected]>
Hi @zong-zhe made the changes accordingly, but there is this function: // CompileOciPkg will compile the kcl package from the OCI reference or url.
func (c *KpmClient) CompileOciPkg(ociSource, version string, opts *opt.CompileOptions) (*kcl.KCLResultList, error) {
ociOpts, err := c.ParseOciOptionFromString(ociSource, version)
if err != nil {
return nil, err
}
// 1. Create the temporary directory to pull the tar.
tmpDir, err := os.MkdirTemp("", "")
if err != nil {
return nil, reporter.NewErrorEvent(reporter.Bug, err, "internal bugs, please contact us to fix it.")
}
// clean the temp dir.
defer os.RemoveAll(tmpDir)
localPath := ociOpts.SanitizePathWithSuffix(tmpDir)
// 2. Pull the tar.
err = c.pullTarFromOci(localPath, ociOpts)
if err != nil {
return nil, err
}
// 3.Get the (*.tar) file path.
matches, err := filepath.Glob(filepath.Join(localPath, constants.KCL_PKG_TAR))
if err != nil || len(matches) != 1 {
if err != nil {
return nil, reporter.NewErrorEvent(reporter.FailedGetPkg, err, "failed to pull kcl package")
} else {
return nil, errors.FailedPull
}
}
return c.CompileTarPkg(matches[0], opts)
} Also using the pullTarFromOci(), how to include the arguments here to handle the tls flag? Because of which my tests are failing else I feel the overall direction of the changes are good 👍 . @Peefy please assign this to me, I think I have made a good progress now. |
Signed-off-by: Manoramsharma <[email protected]>
Hi @Manoramsharma 😄 This part of the work also includes the content here, the https://github.com/kcl-lang/kpm/blob/main/pkg/client/pull.go |
pkg/client/client.go
Outdated
@@ -663,7 +663,7 @@ func (c *KpmClient) CompileGitPkg(gitOpts *git.CloneOptions, compileOpts *opt.Co | |||
} | |||
|
|||
// CompileOciPkg will compile the kcl package from the OCI reference or url. | |||
func (c *KpmClient) CompileOciPkg(ociSource, version string, opts *opt.CompileOptions) (*kcl.KCLResultList, error) { | |||
func (c *KpmClient) CompileOciPkg(ociSource, version string, opts *opt.CompileOptions, skipTLSVerify bool) (*kcl.KCLResultList, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Try to move skipTLSVerify
to CompileOptions
. Do not add method parameters directly, which is a public method. This breaks compatibility.
pkg/oci/oci.go
Outdated
@@ -99,13 +100,22 @@ type OciClient struct { | |||
logWriter io.Writer | |||
settings *settings.Settings | |||
isPlainHttp *bool | |||
isTLSVerify *bool |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/isTLSVerify/skipTLSVerify
@Manoramsharma Can you fix the issue mentioned in the comment? I will prepare to merge it. |
Hi @Peefy I will complete it today. |
@Manoramsharma have you worked on this PR? We are planing release a new version with this feature. |
Hi @Peefy @zong-zhe I need some more context on how Pull command is working? where it fetches user CLI input and detect the flag ultimately executing the function defined against the CLI implementation. |
Hi @Manoramsharma 😄 The Line 60 in a4e3061
|
I have one more confusion, issue talks about the removal of tls certificate while downloading the package specifically the Also I can see the cc: @zong-zhe |
OCI package |
Line 2 in a4e3061
|
…est cases Signed-off-by: zongz <[email protected]>
Signed-off-by: zongz <[email protected]>
1. Does this PR affect any open issues?(Y/N) and add issue references (e.g. "fix #123", "re #123".):
fix #408
2. What is the scope of this PR (e.g. component or file name):
pkg/oci/oci.go
3. Provide a description of the PR(e.g. more details, effects, motivations or doc link):
Custom HTTP client is created using custom transport to ignore the tls while pulling a package image.
4. Are there any breaking changes?(Y/N) and describe the breaking changes(e.g. more details, motivations or doc link):
5. Are there test cases for these changes?(Y/N) select and add more details, references or doc links: