diff --git a/go.mod b/go.mod index 8da5546f..c0dd88eb 100644 --- a/go.mod +++ b/go.mod @@ -28,7 +28,6 @@ require ( github.com/olekukonko/tablewriter v0.0.5 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.0 - github.com/oras-project/artifacts-spec v1.0.0-rc.2 github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 github.com/prometheus/client_golang v1.19.0 github.com/prometheus/client_model v0.6.0 diff --git a/go.sum b/go.sum index 840f49c5..4aa47c02 100644 --- a/go.sum +++ b/go.sum @@ -1251,8 +1251,6 @@ github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+ github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/openvex/go-vex v0.2.5 h1:41utdp2rHgAGCsG+UbjmfMG5CWQxs15nGqir1eRgSrQ= github.com/openvex/go-vex v0.2.5/go.mod h1:j+oadBxSUELkrKh4NfNb+BPo77U3q7gdKME88IO/0Wo= -github.com/oras-project/artifacts-spec v1.0.0-rc.2 h1:9SMCNSxkJEHqWGDiMCuy6TXHgvjgwXGdXZZGXLKQvVE= -github.com/oras-project/artifacts-spec v1.0.0-rc.2/go.mod h1:Xch2aLzSwtkhbFFN6LUzTfLtukYvMMdXJ4oZ8O7BOdc= github.com/otiai10/copy v1.14.0 h1:dCI/t1iTdYGtkvCuBG2BgR6KZa83PTclw4U5n2wAllU= github.com/otiai10/copy v1.14.0/go.mod h1:ECfuL02W+/FkTWZWgQqXPWZgW9oeKCSQ5qVfSc4qc4w= github.com/owenrumney/go-sarif v1.1.1/go.mod h1:dNDiPlF04ESR/6fHlPyq7gHKmrM0sHUvAGjsoh8ZH0U= diff --git a/pkg/api/constants/consts.go b/pkg/api/constants/consts.go index 7f9e9a2c..df3cec8e 100644 --- a/pkg/api/constants/consts.go +++ b/pkg/api/constants/consts.go @@ -3,7 +3,6 @@ package constants import "time" const ( - ArtifactSpecRoutePrefix = "/oras/artifacts/v1" RoutePrefix = "/v2" Blobs = "blobs" Uploads = "uploads" diff --git a/pkg/api/controller_test.go b/pkg/api/controller_test.go index 1f78dfa3..4d312cee 100644 --- a/pkg/api/controller_test.go +++ b/pkg/api/controller_test.go @@ -36,7 +36,6 @@ import ( distext "github.com/opencontainers/distribution-spec/specs-go/v1/extensions" godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" "github.com/project-zot/mockoidc" "github.com/sigstore/cosign/v2/cmd/cosign/cli/generate" "github.com/sigstore/cosign/v2/cmd/cosign/cli/options" @@ -6192,7 +6191,7 @@ func TestImageSignatures(t *testing.T) { So(resp.StatusCode(), ShouldEqual, http.StatusUnsupportedMediaType) // check invalid content with artifact media type - resp, err = resty.R().SetHeader("Content-Type", artifactspec.MediaTypeArtifactManifest). + resp, err = resty.R().SetHeader("Content-Type", ispec.MediaTypeImageManifest). SetBody([]byte("bogus")).Put(baseURL + fmt.Sprintf("/v2/%s/manifests/1.0", repoName)) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusBadRequest) @@ -6241,34 +6240,6 @@ func TestImageSignatures(t *testing.T) { So(err, ShouldNotBeNil) }) }) - - Convey("GetOrasReferrers", func() { - // cover error paths - resp, err := resty.R().Get( - fmt.Sprintf("%s/oras/artifacts/v1/%s/manifests/%s/referrers", baseURL, "badRepo", "badDigest")) - So(err, ShouldBeNil) - So(resp.StatusCode(), ShouldEqual, http.StatusNotFound) - - resp, err = resty.R().Get( - fmt.Sprintf("%s/oras/artifacts/v1/%s/manifests/%s/referrers", baseURL, repoName, "badDigest")) - So(err, ShouldBeNil) - So(resp.StatusCode(), ShouldEqual, http.StatusBadRequest) - - resp, err = resty.R().Get( - fmt.Sprintf("%s/oras/artifacts/v1/%s/manifests/%s/referrers", baseURL, repoName, digest.String())) - So(err, ShouldBeNil) - So(resp.StatusCode(), ShouldEqual, http.StatusNotFound) - - resp, err = resty.R().SetQueryParam("artifactType", "badArtifact").Get( - fmt.Sprintf("%s/oras/artifacts/v1/%s/manifests/%s/referrers", baseURL, repoName, digest.String())) - So(err, ShouldBeNil) - So(resp.StatusCode(), ShouldEqual, http.StatusNotFound) - - resp, err = resty.R().SetQueryParam("artifactType", notreg.ArtifactTypeNotation).Get( - fmt.Sprintf("%s/oras/artifacts/v1/%s/manifests/%s/referrers", baseURL, "badRepo", digest.String())) - So(err, ShouldBeNil) - So(resp.StatusCode(), ShouldEqual, http.StatusNotFound) - }) }) } @@ -7323,30 +7294,6 @@ func TestRouteFailures(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode, ShouldEqual, http.StatusNotFound) }) - - Convey("Get referrers", func() { - request, _ := http.NewRequestWithContext(context.TODO(), http.MethodGet, baseURL, nil) - request = mux.SetURLVars(request, map[string]string{}) - response := httptest.NewRecorder() - - rthdlr.GetOrasReferrers(response, request) - - resp := response.Result() - defer resp.Body.Close() - So(resp, ShouldNotBeNil) - So(resp.StatusCode, ShouldEqual, http.StatusNotFound) - - request, _ = http.NewRequestWithContext(context.TODO(), http.MethodGet, baseURL, nil) - request = mux.SetURLVars(request, map[string]string{"name": "foo"}) - response = httptest.NewRecorder() - - rthdlr.GetOrasReferrers(response, request) - - resp = response.Result() - defer resp.Body.Close() - So(resp, ShouldNotBeNil) - So(resp.StatusCode, ShouldEqual, http.StatusBadRequest) - }) }) } diff --git a/pkg/api/routes.go b/pkg/api/routes.go index f9277c92..340d5fd0 100644 --- a/pkg/api/routes.go +++ b/pkg/api/routes.go @@ -29,7 +29,6 @@ import ( "github.com/opencontainers/distribution-spec/specs-go/v1/extensions" godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" "github.com/zitadel/oidc/pkg/client/rp" "github.com/zitadel/oidc/pkg/oidc" @@ -173,10 +172,6 @@ func (rh *RouteHandler) SetupRoutes() { applyCORSHeaders(rh.CheckVersionSupport))).Methods(http.MethodGet, http.MethodOptions) } - // support for ORAS artifact reference types (alpha 1) - image signature use case - rh.c.Router.HandleFunc(fmt.Sprintf("%s/{name:%s}/manifests/{digest}/referrers", - constants.ArtifactSpecRoutePrefix, zreg.NameRegexp.String()), rh.GetOrasReferrers).Methods("GET") - // swagger debug.SetupSwaggerRoutes(rh.c.Config, rh.c.Router, authHandler, rh.c.Log) // gql playground @@ -1926,104 +1921,6 @@ func getImageManifest(ctx context.Context, routeHandler *RouteHandler, imgStore return imgStore.GetImageManifest(name, reference) } -// will sync referrers on demand if they are not found, in case sync extensions is enabled. -func getOrasReferrers(ctx context.Context, routeHandler *RouteHandler, - imgStore storageTypes.ImageStore, name string, digest godigest.Digest, - artifactType string, -) ([]artifactspec.Descriptor, error) { - refs, err := imgStore.GetOrasReferrers(name, digest, artifactType) - if err != nil { - if isSyncOnDemandEnabled(*routeHandler.c) { - routeHandler.c.Log.Info().Str("repository", name).Str("reference", digest.String()). - Msg("artifact not found, trying to get artifact by syncing on demand") - - if errSync := routeHandler.c.SyncOnDemand.SyncReference(ctx, name, digest.String(), - syncConstants.Oras); errSync != nil { - routeHandler.c.Log.Error().Err(err).Str("name", name).Str("digest", digest.String()). - Msg("failed to get references") - } - - refs, err = imgStore.GetOrasReferrers(name, digest, artifactType) - } - } - - return refs, err -} - -type ReferenceList struct { - References []artifactspec.Descriptor `json:"references"` -} - -// GetOrasReferrers godoc -// @Summary Get references for an image -// @Description Get references for an image given a digest and artifact type -// @Accept json -// @Produce json -// @Param name path string true "repository name" -// @Param digest path string true "image digest" -// @Param artifactType query string true "artifact type" -// @Success 200 {string} string "ok" -// @Failure 404 {string} string "not found" -// @Failure 500 {string} string "internal server error" -// @Router /oras/artifacts/v1/{name}/manifests/{digest}/referrers [get]. -func (rh *RouteHandler) GetOrasReferrers(response http.ResponseWriter, request *http.Request) { - vars := mux.Vars(request) - name, ok := vars["name"] - - if !ok || name == "" { - response.WriteHeader(http.StatusNotFound) - - return - } - - digestStr, ok := vars["digest"] - digest, err := godigest.Parse(digestStr) - - if !ok || digestStr == "" || err != nil { - response.WriteHeader(http.StatusBadRequest) - - return - } - - // filter by artifact type - artifactType := "" - - artifactTypes, ok := request.URL.Query()["artifactType"] - if ok { - if len(artifactTypes) != 1 { - rh.c.Log.Error().Msg("invalid artifact types") - response.WriteHeader(http.StatusBadRequest) - - return - } - - artifactType = artifactTypes[0] - } - - imgStore := rh.getImageStore(name) - - rh.c.Log.Info().Str("digest", digest.String()).Str("artifactType", artifactType).Msg("getting manifest") - - refs, err := getOrasReferrers(request.Context(), rh, imgStore, name, digest, artifactType) //nolint:contextcheck - if err != nil { - if errors.Is(err, zerr.ErrManifestNotFound) || errors.Is(err, zerr.ErrRepoNotFound) { - rh.c.Log.Error().Err(err).Str("name", name).Str("digest", digest.String()). - Msg("failed to get manifest") - response.WriteHeader(http.StatusNotFound) - } else { - rh.c.Log.Error().Err(err).Str("name", name).Str("digest", digest.String()). - Msg("failed to get references") - response.WriteHeader(http.StatusInternalServerError) - } - - return - } - - rs := ReferenceList{References: refs} - - zcommon.WriteJSON(response, http.StatusOK, rs) -} - type APIKeyPayload struct { //nolint:revive Label string `json:"label"` Scopes []string `json:"scopes"` diff --git a/pkg/extensions/sync/constants/consts.go b/pkg/extensions/sync/constants/consts.go index cd7247be..44ef18f5 100644 --- a/pkg/extensions/sync/constants/consts.go +++ b/pkg/extensions/sync/constants/consts.go @@ -2,7 +2,6 @@ package constants // references type. const ( - Oras = "OrasReference" Cosign = "CosignSignature" OCI = "OCIReference" Tag = "TagReference" diff --git a/pkg/extensions/sync/references/oras.go b/pkg/extensions/sync/references/oras.go deleted file mode 100644 index ccb361c5..00000000 --- a/pkg/extensions/sync/references/oras.go +++ /dev/null @@ -1,194 +0,0 @@ -//go:build sync -// +build sync - -package references - -import ( - "context" - "errors" - "fmt" - "net/http" - - godigest "github.com/opencontainers/go-digest" - oras "github.com/oras-project/artifacts-spec/specs-go/v1" - - zerr "zotregistry.dev/zot/errors" - apiConstants "zotregistry.dev/zot/pkg/api/constants" - "zotregistry.dev/zot/pkg/common" - "zotregistry.dev/zot/pkg/extensions/sync/constants" - client "zotregistry.dev/zot/pkg/extensions/sync/httpclient" - "zotregistry.dev/zot/pkg/log" - "zotregistry.dev/zot/pkg/meta" - mTypes "zotregistry.dev/zot/pkg/meta/types" - "zotregistry.dev/zot/pkg/storage" -) - -type ReferenceList struct { - References []oras.Descriptor `json:"references"` -} - -type ORASReferences struct { - client *client.Client - storeController storage.StoreController - metaDB mTypes.MetaDB - log log.Logger -} - -func NewORASReferences(httpClient *client.Client, storeController storage.StoreController, - metaDB mTypes.MetaDB, log log.Logger, -) ORASReferences { - return ORASReferences{ - client: httpClient, - storeController: storeController, - metaDB: metaDB, - log: log, - } -} - -func (ref ORASReferences) Name() string { - return constants.Oras -} - -func (ref ORASReferences) IsSigned(ctx context.Context, remoteRepo, subjectDigestStr string) bool { - return false -} - -func (ref ORASReferences) canSkipReferences(localRepo, subjectDigestStr string, referrers ReferenceList) (bool, error) { - imageStore := ref.storeController.GetImageStore(localRepo) - digest := godigest.Digest(subjectDigestStr) - - // check oras artifacts already synced - if len(referrers.References) > 0 { - localRefs, err := imageStore.GetOrasReferrers(localRepo, digest, "") - if err != nil { - if errors.Is(err, zerr.ErrManifestNotFound) { - return false, nil - } - - ref.log.Error().Str("errorType", common.TypeOf(err)).Str("repository", localRepo). - Str("subject", subjectDigestStr). - Err(err).Msg("couldn't get local ORAS artifact for image") - - return false, err - } - - if !artifactDescriptorsEqual(localRefs, referrers.References) { - ref.log.Info().Str("repository", localRepo).Str("subject", subjectDigestStr). - Msg("upstream ORAS artifacts for image changed, syncing again") - - return false, nil - } - } - - ref.log.Info().Str("repository", localRepo).Str("subject", subjectDigestStr). - Msg("skipping ORAS artifact for image, already synced") - - return true, nil -} - -func (ref ORASReferences) SyncReferences(ctx context.Context, localRepo, remoteRepo, subjectDigestStr string) ( - []godigest.Digest, error, -) { - refsDigests := make([]godigest.Digest, 0, 10) - - referrers, err := ref.getReferenceList(ctx, remoteRepo, subjectDigestStr) - if err != nil { - return refsDigests, err - } - - skipORASRefs, err := ref.canSkipReferences(localRepo, subjectDigestStr, referrers) - if err != nil { - ref.log.Error().Err(err).Str("repository", localRepo).Str("subject", subjectDigestStr). - Msg("couldn't check if ORAS artifact for image can be skipped") - } - - if skipORASRefs { - for _, man := range referrers.References { - refsDigests = append(refsDigests, man.Digest) - } - - return refsDigests, nil - } - - imageStore := ref.storeController.GetImageStore(localRepo) - - ref.log.Info().Str("repository", localRepo).Str("subject", subjectDigestStr). - Msg("syncing ORAS artifacts for image") - - for _, referrer := range referrers.References { - var artifactManifest oras.Manifest - - orasBuf, _, statusCode, err := ref.client.MakeGetRequest(ctx, &artifactManifest, oras.MediaTypeDescriptor, - "v2", remoteRepo, "manifests", referrer.Digest.String()) - if err != nil { - if statusCode == http.StatusNotFound { - return refsDigests, zerr.ErrSyncReferrerNotFound - } - - ref.log.Error().Str("errorType", common.TypeOf(err)). - Str("repository", localRepo).Str("subject", subjectDigestStr). - Err(err).Msg("couldn't get ORAS artifact for image") - - return refsDigests, err - } - - for _, blob := range artifactManifest.Blobs { - if err := syncBlob(ctx, ref.client, imageStore, localRepo, remoteRepo, blob.Digest, ref.log); err != nil { - return refsDigests, err - } - } - - referenceDigest, _, err := imageStore.PutImageManifest(localRepo, referrer.Digest.String(), - oras.MediaTypeArtifactManifest, orasBuf) - if err != nil { - ref.log.Error().Str("errorType", common.TypeOf(err)). - Str("repository", localRepo).Str("subject", subjectDigestStr). - Err(err).Msg("couldn't upload ORAS artifact for image") - - return refsDigests, err - } - - refsDigests = append(refsDigests, referenceDigest) - - if ref.metaDB != nil { - ref.log.Debug().Str("repository", localRepo).Str("subject", subjectDigestStr).Str("component", "metadb"). - Msg("trying to sync oras artifact for image") - - err := meta.SetImageMetaFromInput(context.Background(), localRepo, //nolint:contextcheck - referenceDigest.String(), referrer.MediaType, - referenceDigest, orasBuf, ref.storeController.GetImageStore(localRepo), - ref.metaDB, ref.log) - if err != nil { - return refsDigests, fmt.Errorf("failed to set metadata in db for oras artifact '%s@%s': %w", - localRepo, subjectDigestStr, err) - } - - ref.log.Info().Str("repository", localRepo).Str("subject", subjectDigestStr).Str("component", "metadb"). - Msg("successfully added oras artifacts to MetaDB for image") - } - } - - ref.log.Info().Str("repository", localRepo).Str("subject", subjectDigestStr). - Msg("successfully synced oras artifacts for image") - - return refsDigests, nil -} - -func (ref ORASReferences) getReferenceList(ctx context.Context, repo, subjectDigestStr string) (ReferenceList, error) { - var referrers ReferenceList - - _, _, statusCode, err := ref.client.MakeGetRequest(ctx, &referrers, "application/json", - apiConstants.ArtifactSpecRoutePrefix, repo, "manifests", subjectDigestStr, "referrers") - if err != nil { - if statusCode == http.StatusNotFound || statusCode == http.StatusBadRequest { - ref.log.Debug().Str("repository", repo).Str("subject", subjectDigestStr).Err(err). - Msg("couldn't find any ORAS artifact for image") - - return referrers, zerr.ErrSyncReferrerNotFound - } - - return referrers, err - } - - return referrers, nil -} diff --git a/pkg/extensions/sync/references/references.go b/pkg/extensions/sync/references/references.go index 99be3c9d..3e7ec274 100644 --- a/pkg/extensions/sync/references/references.go +++ b/pkg/extensions/sync/references/references.go @@ -12,7 +12,6 @@ import ( godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" "github.com/sigstore/cosign/v2/pkg/oci/static" zerr "zotregistry.dev/zot/errors" @@ -27,7 +26,7 @@ import ( ) type Reference interface { - // Returns name of reference (OCIReference/CosignReference/OrasReference) + // Returns name of reference (OCIReference/CosignReference) Name() string // Returns whether or not image is signed IsSigned(ctx context.Context, upstreamRepo, subjectDigestStr string) bool @@ -49,7 +48,6 @@ func NewReferences(httpClient *client.Client, storeController storage.StoreContr refs.referenceList = append(refs.referenceList, NewCosignReference(httpClient, storeController, metaDB, log)) refs.referenceList = append(refs.referenceList, NewTagReferences(httpClient, storeController, metaDB, log)) refs.referenceList = append(refs.referenceList, NewOciReferences(httpClient, storeController, metaDB, log)) - refs.referenceList = append(refs.referenceList, NewORASReferences(httpClient, storeController, metaDB, log)) return refs } @@ -81,7 +79,7 @@ func (refs References) syncAll(ctx context.Context, localRepo, upstreamRepo, // mark subject digest as seen as soon as it comes in *seen = append(*seen, godigest.Digest(subjectDigestStr)) - // for each reference type(cosign/oci/oras reference) + // for each reference type(cosign/oci reference) for _, ref := range refs.referenceList { supported, ok := refs.features.Get(ref.Name(), upstreamRepo) if !supported && ok { @@ -186,23 +184,6 @@ func manifestsEqual(manifest1, manifest2 ispec.Manifest) bool { return false } -func artifactDescriptorsEqual(desc1, desc2 []artifactspec.Descriptor) bool { - if len(desc1) != len(desc2) { - return false - } - - for id, desc := range desc1 { - if desc.Digest != desc2[id].Digest || - desc.Size != desc2[id].Size || - desc.MediaType != desc2[id].MediaType || - desc.ArtifactType != desc2[id].ArtifactType { - return false - } - } - - return true -} - func descriptorsEqual(desc1, desc2 []ispec.Descriptor) bool { if len(desc1) != len(desc2) { return false diff --git a/pkg/extensions/sync/references/references_internal_test.go b/pkg/extensions/sync/references/references_internal_test.go index daec7aa0..a17020ce 100644 --- a/pkg/extensions/sync/references/references_internal_test.go +++ b/pkg/extensions/sync/references/references_internal_test.go @@ -10,7 +10,6 @@ import ( godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" . "github.com/smartystreets/goconvey/convey" zerr "zotregistry.dev/zot/errors" @@ -134,45 +133,6 @@ func TestReferrersTag(t *testing.T) { }) } -func TestORAS(t *testing.T) { - Convey("trigger errors", t, func() { - cfg := client.Config{ - URL: "url", - TLSVerify: false, - } - - client, err := client.New(cfg, log.NewLogger("debug", "")) - So(err, ShouldBeNil) - - orasRefs := []artifactspec.Descriptor{ - { - MediaType: "oras", - ArtifactType: "oras", - Digest: "digest1", - }, - } - - oras := NewORASReferences(client, storage.StoreController{DefaultStore: mocks.MockedImageStore{ - GetOrasReferrersFn: func(repo string, digest godigest.Digest, artifactType string) ( - []artifactspec.Descriptor, error, - ) { - return orasRefs, nil - }, - }}, nil, log.NewLogger("debug", "")) - - // trigger artifactDescriptors not equal - ok, err := oras.canSkipReferences("repo", "tag", ReferenceList{[]artifactspec.Descriptor{ - { - MediaType: "oras", - ArtifactType: "oras", - Digest: "digest2", - }, - }}) - So(err, ShouldBeNil) - So(ok, ShouldBeFalse) - }) -} - func TestSyncManifest(t *testing.T) { Convey("sync manifest not found err", t, func() { cfg := client.Config{ @@ -344,99 +304,3 @@ func TestCompareManifest(t *testing.T) { } }) } - -func TestCompareArtifactRefs(t *testing.T) { - testCases := []struct { - refs1 []artifactspec.Descriptor - refs2 []artifactspec.Descriptor - expected bool - }{ - { - refs1: []artifactspec.Descriptor{ - { - Digest: "digest1", - }, - }, - refs2: []artifactspec.Descriptor{ - { - Digest: "digest2", - }, - }, - expected: false, - }, - { - refs1: []artifactspec.Descriptor{ - { - Digest: "digest", - }, - }, - refs2: []artifactspec.Descriptor{ - { - Digest: "digest", - }, - }, - expected: true, - }, - { - refs1: []artifactspec.Descriptor{ - { - Digest: "digest", - }, - { - Digest: "digest2", - }, - }, - refs2: []artifactspec.Descriptor{ - { - Digest: "digest", - }, - }, - expected: false, - }, - { - refs1: []artifactspec.Descriptor{ - { - Digest: "digest1", - }, - { - Digest: "digest2", - }, - }, - refs2: []artifactspec.Descriptor{ - { - Digest: "digest1", - }, - { - Digest: "digest2", - }, - }, - expected: true, - }, - { - refs1: []artifactspec.Descriptor{ - { - Digest: "digest", - }, - { - Digest: "digest1", - }, - }, - refs2: []artifactspec.Descriptor{ - { - Digest: "digest1", - }, - { - Digest: "digest2", - }, - }, - expected: false, - }, - } - - Convey("Test manifestsEqual()", t, func() { - for _, test := range testCases { - actualResult := artifactDescriptorsEqual(test.refs1, test.refs2) - So(actualResult, ShouldEqual, test.expected) - } - }) -} diff --git a/pkg/extensions/sync/sync_test.go b/pkg/extensions/sync/sync_test.go index b93dd53a..d11265f0 100644 --- a/pkg/extensions/sync/sync_test.go +++ b/pkg/extensions/sync/sync_test.go @@ -13,7 +13,6 @@ import ( "net/http" "net/url" "os" - "os/exec" "path" "reflect" "strings" @@ -26,7 +25,6 @@ import ( godigest "github.com/opencontainers/go-digest" "github.com/opencontainers/image-spec/specs-go" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" "github.com/sigstore/cosign/v2/cmd/cosign/cli/attach" "github.com/sigstore/cosign/v2/cmd/cosign/cli/generate" "github.com/sigstore/cosign/v2/cmd/cosign/cli/options" @@ -229,297 +227,6 @@ func makeDownstreamServer( return dctlr, destBaseURL, destDir, client } -func TestORAS(t *testing.T) { - Convey("Verify sync on demand for oras objects", t, func() { - sctlr, srcBaseURL, _, _, srcClient := makeUpstreamServer(t, false, false) - - scm := test.NewControllerManager(sctlr) - scm.StartAndWait(sctlr.Config.HTTP.Port) - defer scm.StopServer() - - content := []byte("{\"name\":\"foo\",\"value\":\"bar\"}") - - fileDir := t.TempDir() - - err := os.WriteFile(path.Join(fileDir, "config.json"), content, 0o600) - if err != nil { - panic(err) - } - - content = []byte("helloworld") - - err = os.WriteFile(path.Join(fileDir, "artifact.txt"), content, 0o600) - if err != nil { - panic(err) - } - - cmd := exec.Command("oras", "version") - - err = cmd.Run() - if err != nil { - panic(err) - } - - srcURL := strings.Join([]string{sctlr.Server.Addr, "/oras-artifact:v2"}, "") - - cmd = exec.Command("oras", "push", "--plain-http", srcURL, "--config", - "config.json:application/vnd.acme.rocket.config.v1+json", "artifact.txt:text/plain", "-d", "-v") - cmd.Dir = fileDir - - // Pushing ORAS artifact to upstream - err = cmd.Run() - So(err, ShouldBeNil) - - var tlsVerify bool - - regex := ".*" - - syncRegistryConfig := syncconf.RegistryConfig{ - Content: []syncconf.Content{ - { - Prefix: "oras-artifact", - Tags: &syncconf.Tags{ - Regex: ®ex, - }, - }, - }, - URLs: []string{srcBaseURL}, - TLSVerify: &tlsVerify, - CertDir: "", - OnDemand: true, - } - - defaultVal := true - syncConfig := &syncconf.Config{ - Enable: &defaultVal, - Registries: []syncconf.RegistryConfig{syncRegistryConfig}, - } - - dctlr, destBaseURL, _, destClient := makeDownstreamServer(t, false, syncConfig) - - dcm := test.NewControllerManager(dctlr) - dcm.StartAndWait(dctlr.Config.HTTP.Port) - defer dcm.StopServer() - - resp, _ := srcClient.R().Get(srcBaseURL + "/v2/" + "oras-artifact" + "/manifests/v2") - So(resp, ShouldNotBeNil) - So(resp.StatusCode(), ShouldEqual, http.StatusOK) - - resp, err = destClient.R().Get(destBaseURL + "/v2/" + "oras-artifact" + "/manifests/v2") - So(err, ShouldBeNil) - So(resp.StatusCode(), ShouldEqual, http.StatusOK) - - destURL := strings.Join([]string{dctlr.Server.Addr, "/oras-artifact:v2"}, "") - cmd = exec.Command("oras", "pull", "--plain-http", destURL, "-d", "-v") - destDir := t.TempDir() - cmd.Dir = destDir - // pulling oras artifact from dest server - err = cmd.Run() - So(err, ShouldBeNil) - - cmd = exec.Command("grep", "helloworld", "artifact.txt") - cmd.Dir = destDir - output, err := cmd.CombinedOutput() - - So(err, ShouldBeNil) - So(string(output), ShouldContainSubstring, "helloworld") - }) - - Convey("Verify get and sync oras refs", t, func() { - updateDuration, _ := time.ParseDuration("30m") - - sctlr, srcBaseURL, srcDir, _, _ := makeUpstreamServer(t, false, false) - scm := test.NewControllerManager(sctlr) - scm.StartAndWait(sctlr.Config.HTTP.Port) - defer scm.StopServer() - - repoName := testImage - var digest godigest.Digest - So(func() { digest = pushRepo(srcBaseURL, repoName) }, ShouldNotPanic) - - regex := ".*" - var semver bool - var tlsVerify bool - - syncRegistryConfig := syncconf.RegistryConfig{ - Content: []syncconf.Content{ - { - Prefix: repoName, - Tags: &syncconf.Tags{ - Regex: ®ex, - Semver: &semver, - }, - }, - }, - URLs: []string{srcBaseURL}, - PollInterval: updateDuration, - TLSVerify: &tlsVerify, - CertDir: "", - OnDemand: true, - } - - defaultVal := true - syncConfig := &syncconf.Config{ - Enable: &defaultVal, - Registries: []syncconf.RegistryConfig{syncRegistryConfig}, - } - - dctlr, destBaseURL, destDir, destClient := makeDownstreamServer(t, false, syncConfig) - - dcm := test.NewControllerManager(dctlr) - dcm.StartAndWait(dctlr.Config.HTTP.Port) - defer dcm.StopServer() - - // wait for sync - var destTagsList TagsList - - for { - resp, err := destClient.R().Get(destBaseURL + "/v2/" + repoName + "/tags/list") - if err != nil { - panic(err) - } - - err = json.Unmarshal(resp.Body(), &destTagsList) - if err != nil { - panic(err) - } - - if len(destTagsList.Tags) > 0 { - break - } - - time.Sleep(500 * time.Millisecond) - } - - time.Sleep(1 * time.Second) - - // get oras refs from downstream, should be synced - getORASReferrersURL := destBaseURL + path.Join("/oras/artifacts/v1/", repoName, "manifests", digest.String(), "referrers") //nolint:lll - - resp, err := resty.R().Get(getORASReferrersURL) - - So(err, ShouldBeNil) - So(resp, ShouldNotBeEmpty) - So(resp.StatusCode(), ShouldEqual, http.StatusNotFound) - - err = os.Chmod(path.Join(destDir, testImage, "index.json"), 0o000) - So(err, ShouldBeNil) - - resp, err = resty.R().Get(getORASReferrersURL) - - So(err, ShouldBeNil) - So(resp, ShouldNotBeEmpty) - So(resp.StatusCode(), ShouldEqual, http.StatusInternalServerError) - - err = os.Chmod(path.Join(destDir, testImage, "index.json"), 0o755) - So(err, ShouldBeNil) - - // get manifest digest from source - resp, err = destClient.R().Get(srcBaseURL + "/v2/" + testImage + "/manifests/" + digest.String()) - So(err, ShouldBeNil) - So(resp.StatusCode(), ShouldEqual, http.StatusOK) - - digest = godigest.FromBytes(resp.Body()) - - // layer - layer := []byte("blob content") - blobDigest := pushBlob(srcBaseURL, repoName, layer) - - // config - _ = pushBlob(srcBaseURL, repoName, ispec.DescriptorEmptyJSON.Data) - - artifactManifest := ispec.Manifest{ - Versioned: specs.Versioned{ - SchemaVersion: 2, - }, - MediaType: artifactspec.MediaTypeArtifactManifest, - ArtifactType: "application/vnd.oras.artifact", - Layers: []ispec.Descriptor{ - { - MediaType: "application/octet-stream", - Digest: blobDigest, - Size: int64(len(layer)), - }, - }, - Config: ispec.DescriptorEmptyJSON, - Subject: &ispec.Descriptor{ - MediaType: "application/vnd.oci.image.manifest.v1+json", - Digest: digest, - Size: int64(len(resp.Body())), - }, - } - - artManifestBlob, err := json.Marshal(artifactManifest) - So(err, ShouldBeNil) - - artifactDigest := godigest.FromBytes(artManifestBlob) - - // put OCI reference artifact mediaType artifact - _, err = resty.R().SetHeader("Content-Type", artifactspec.MediaTypeArtifactManifest). - SetBody(artManifestBlob).Put(srcBaseURL + fmt.Sprintf("/v2/%s/manifests/%s", repoName, artifactDigest.String())) - So(err, ShouldBeNil) - - err = os.Chmod(path.Join(destDir, testImage, "index.json"), 0o000) - So(err, ShouldBeNil) - - resp, err = resty.R().Get(getORASReferrersURL) - So(err, ShouldBeNil) - So(resp, ShouldNotBeEmpty) - So(resp.StatusCode(), ShouldEqual, http.StatusInternalServerError) - - err = os.Chmod(path.Join(destDir, testImage, "index.json"), 0o755) - So(err, ShouldBeNil) - - // trigger getORASRefs err - err = os.Chmod(path.Join(srcDir, testImage, "blobs/sha256", artifactDigest.Encoded()), 0o000) - So(err, ShouldBeNil) - - err = os.RemoveAll(path.Join(destDir, testImage)) - So(err, ShouldBeNil) - - resp, err = resty.R().Get(destBaseURL + "/v2/" + testImage + "/manifests/" + digest.String()) - So(err, ShouldBeNil) - So(resp, ShouldNotBeEmpty) - So(resp.StatusCode(), ShouldEqual, http.StatusOK) - - err = os.Chmod(path.Join(srcDir, testImage, "blobs/sha256", artifactDigest.Encoded()), 0o755) - So(err, ShouldBeNil) - - resp, err = resty.R().Get(getORASReferrersURL) - So(err, ShouldBeNil) - So(resp, ShouldNotBeEmpty) - So(resp.StatusCode(), ShouldEqual, http.StatusOK) - - var refs ReferenceList - - err = json.Unmarshal(resp.Body(), &refs) - So(err, ShouldBeNil) - - So(len(refs.References), ShouldEqual, 1) - - err = os.RemoveAll(path.Join(destDir, repoName)) - So(err, ShouldBeNil) - - err = os.WriteFile(path.Join(srcDir, repoName, "blobs", "sha256", artifactDigest.Encoded()), - []byte("wrong content"), 0o600) - So(err, ShouldBeNil) - - _, err = resty.R().SetHeader("Content-Type", artifactspec.MediaTypeArtifactManifest). - SetBody(artManifestBlob).Put(srcBaseURL + fmt.Sprintf("/v2/%s/manifests/%s", repoName, artifactDigest.String())) - if err != nil { - panic(err) - } - - resp, err = resty.R().Get(getORASReferrersURL) - - So(err, ShouldBeNil) - So(resp, ShouldNotBeEmpty) - So(resp.StatusCode(), ShouldEqual, http.StatusNotFound) - - waitSyncFinish(dctlr.Config.Log.Output) - }) -} - func TestOnDemand(t *testing.T) { Convey("Verify sync on demand feature", t, func() { sctlr, srcBaseURL, _, _, srcClient := makeUpstreamServer(t, false, false) @@ -792,27 +499,6 @@ func TestOnDemand(t *testing.T) { So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusCreated) - // add ORAS Ref - ORASRefManifest := artifactspec.Manifest{ - Subject: &artifactspec.Descriptor{ - MediaType: ispec.MediaTypeImageManifest, - Digest: manifestDigest, - }, - Blobs: []artifactspec.Descriptor{}, - MediaType: artifactspec.MediaTypeArtifactManifest, - } - - ORASRefManifestBlob, err := json.Marshal(ORASRefManifest) - So(err, ShouldBeNil) - - resp, err = resty.R(). - SetHeader("Content-type", artifactspec.MediaTypeArtifactManifest). - SetBody(ORASRefManifestBlob). - Put(srcBaseURL + "/v2/remote-repo/manifests/oras.ref") - - So(err, ShouldBeNil) - So(resp.StatusCode(), ShouldEqual, http.StatusCreated) - //------- Start downstream server var tlsVerify bool @@ -4463,29 +4149,6 @@ func TestSignatures(t *testing.T) { So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusCreated) - // add ORAS Ref to oci ref which points to sbom which points to image - ORASRefManifest := artifactspec.Manifest{ - Subject: &artifactspec.Descriptor{ - MediaType: ispec.MediaTypeImageManifest, - Digest: ociRefDigest, - Size: int64(len(OCIRefManifestBlob)), - }, - Blobs: []artifactspec.Descriptor{}, - MediaType: artifactspec.MediaTypeArtifactManifest, - } - - ORASRefManifestBlob, err := json.Marshal(ORASRefManifest) - So(err, ShouldBeNil) - - ORASRefManifestDigest := godigest.FromBytes(ORASRefManifestBlob) - - resp, err = resty.R(). - SetHeader("Content-type", artifactspec.MediaTypeArtifactManifest). - SetBody(ORASRefManifestBlob). - Put(srcBaseURL + fmt.Sprintf("/v2/%s/manifests/%s", repoName, ORASRefManifestDigest)) - So(err, ShouldBeNil) - So(resp.StatusCode(), ShouldEqual, http.StatusCreated) - regex := ".*" var semver bool var tlsVerify bool @@ -4621,22 +4284,6 @@ func TestSignatures(t *testing.T) { So(len(index.Manifests), ShouldEqual, 2) So(index.Manifests[1].Digest, ShouldEqual, ociRefDigest) - // get oras ref pointing to oci ref - - getORASReferrersURL := destBaseURL + path.Join("/oras/artifacts/v1/", repoName, "manifests", ociRefDigest.String(), "referrers") //nolint:lll - resp, err = resty.R().Get(getORASReferrersURL) - So(err, ShouldBeNil) - So(resp, ShouldNotBeEmpty) - So(resp.StatusCode(), ShouldEqual, http.StatusOK) - - var refs ReferenceList - - err = json.Unmarshal(resp.Body(), &refs) - So(err, ShouldBeNil) - - So(len(refs.References), ShouldEqual, 1) - So(refs.References[0].Digest, ShouldEqual, ORASRefManifestDigest) - // test negative cases (trigger errors) // test notary signatures errors diff --git a/pkg/storage/common/common.go b/pkg/storage/common/common.go index 506fbb37..34386b38 100644 --- a/pkg/storage/common/common.go +++ b/pkg/storage/common/common.go @@ -16,7 +16,6 @@ import ( "github.com/opencontainers/image-spec/schema" imeta "github.com/opencontainers/image-spec/specs-go" ispec "github.com/opencontainers/image-spec/specs-go/v1" - oras "github.com/oras-project/artifacts-spec/specs-go/v1" zerr "zotregistry.dev/zot/errors" zcommon "zotregistry.dev/zot/pkg/common" @@ -126,13 +125,6 @@ func ValidateManifest(imgStore storageTypes.ImageStore, repo, reference, mediaTy } } } - case oras.MediaTypeArtifactManifest: - var m oras.Descriptor - if err := json.Unmarshal(body, &m); err != nil { - log.Error().Err(err).Msg("failed to unmarshal JSON") - - return "", zerr.ErrBadManifest - } case ispec.MediaTypeImageIndex: // validate manifest if err := ValidateImageIndexSchema(body); err != nil { @@ -505,30 +497,6 @@ func isBlobReferencedInImageManifest(imgStore storageTypes.ImageStore, repo stri return false, nil } -func isBlobReferencedInORASManifest(imgStore storageTypes.ImageStore, repo string, - bdigest, mdigest godigest.Digest, log zlog.Logger, -) (bool, error) { - if bdigest == mdigest { - return true, nil - } - - manifestContent, err := GetOrasManifestByDigest(imgStore, repo, mdigest, log) - if err != nil { - log.Error().Err(err).Str("repo", repo).Str("digest", mdigest.String()).Str("component", "gc"). - Msg("failed to read manifest image") - - return false, err - } - - for _, blob := range manifestContent.Blobs { - if bdigest == blob.Digest { - return true, nil - } - } - - return false, nil -} - func IsBlobReferencedInImageIndex(imgStore storageTypes.ImageStore, repo string, digest godigest.Digest, index ispec.Index, log zlog.Logger, ) (bool, error) { @@ -548,8 +516,6 @@ func IsBlobReferencedInImageIndex(imgStore storageTypes.ImageStore, repo string, found, _ = IsBlobReferencedInImageIndex(imgStore, repo, digest, indexImage, log) case ispec.MediaTypeImageManifest: found, _ = isBlobReferencedInImageManifest(imgStore, repo, digest, desc.Digest, log) - case oras.MediaTypeArtifactManifest: - found, _ = isBlobReferencedInORASManifest(imgStore, repo, digest, desc.Digest, log) default: log.Warn().Str("mediatype", desc.MediaType).Msg("unknown media-type") // should return true for digests found in index.json even if we don't know it's mediatype @@ -632,64 +598,6 @@ func IsSignature(descriptor ispec.Descriptor) bool { return false } -func GetOrasReferrers(imgStore storageTypes.ImageStore, repo string, gdigest godigest.Digest, artifactType string, - log zlog.Logger, -) ([]oras.Descriptor, error) { - if err := gdigest.Validate(); err != nil { - return nil, err - } - - dir := path.Join(imgStore.RootDir(), repo) - if !imgStore.DirExists(dir) { - return nil, zerr.ErrRepoNotFound - } - - index, err := GetIndex(imgStore, repo, log) - if err != nil { - return nil, err - } - - found := false - - result := []oras.Descriptor{} - - for _, manifest := range index.Manifests { - if manifest.MediaType != oras.MediaTypeArtifactManifest { - continue - } - - artManifest, err := GetOrasManifestByDigest(imgStore, repo, manifest.Digest, log) - if err != nil { - return nil, err - } - - if artManifest.Subject.Digest != gdigest { - continue - } - - // filter by artifact type - if artifactType != "" && artManifest.ArtifactType != artifactType { - continue - } - - result = append(result, oras.Descriptor{ - MediaType: manifest.MediaType, - ArtifactType: artManifest.ArtifactType, - Digest: manifest.Digest, - Size: manifest.Size, - Annotations: manifest.Annotations, - }) - - found = true - } - - if !found { - return nil, zerr.ErrManifestNotFound - } - - return result, nil -} - func GetReferrers(imgStore storageTypes.ImageStore, repo string, gdigest godigest.Digest, artifactTypes []string, log zlog.Logger, ) (ispec.Index, error) { @@ -794,32 +702,6 @@ func GetReferrers(imgStore storageTypes.ImageStore, repo string, gdigest godiges return index, nil } -func GetOrasManifestByDigest(imgStore storageTypes.ImageStore, repo string, digest godigest.Digest, log zlog.Logger, -) (oras.Manifest, error) { - var artManifest oras.Manifest - - blobPath := imgStore.BlobPath(repo, digest) - - buf, err := imgStore.GetBlobContent(repo, digest) - if err != nil { - log.Error().Err(err).Str("blob", blobPath).Msg("failed to read manifest") - - if errors.Is(err, zerr.ErrBlobNotFound) { - return artManifest, zerr.ErrManifestNotFound - } - - return artManifest, err - } - - if err := json.Unmarshal(buf, &artManifest); err != nil { - log.Error().Err(err).Str("blob", blobPath).Msg("invalid JSON") - - return artManifest, err - } - - return artManifest, nil -} - // Get blob descriptor from it's manifest contents, if blob can not be found it will return error. func GetBlobDescriptorFromRepo(imgStore storageTypes.ImageStore, repo string, blobDigest godigest.Digest, log zlog.Logger, @@ -854,10 +736,6 @@ func GetBlobDescriptorFromIndex(imgStore storageTypes.ImageStore, index ispec.In if foundDescriptor, err := GetBlobDescriptorFromIndex(imgStore, indexImage, repo, blobDigest, log); err == nil { return foundDescriptor, nil } - case oras.MediaTypeArtifactManifest: - if foundDescriptor, err := getBlobDescriptorFromORASManifest(imgStore, repo, blobDigest, desc, log); err == nil { - return foundDescriptor, nil - } } } @@ -885,33 +763,9 @@ func getBlobDescriptorFromManifest(imgStore storageTypes.ImageStore, repo string return ispec.Descriptor{}, zerr.ErrBlobNotFound } -func getBlobDescriptorFromORASManifest(imgStore storageTypes.ImageStore, repo string, blobDigest godigest.Digest, - desc ispec.Descriptor, log zlog.Logger, -) (ispec.Descriptor, error) { - manifest, err := GetOrasManifestByDigest(imgStore, repo, desc.Digest, log) - if err != nil { - return ispec.Descriptor{}, err - } - - for _, layer := range manifest.Blobs { - if layer.Digest == blobDigest { - return ispec.Descriptor{ - MediaType: layer.MediaType, - Size: layer.Size, - Digest: layer.Digest, - ArtifactType: layer.ArtifactType, - Annotations: layer.Annotations, - }, nil - } - } - - return ispec.Descriptor{}, zerr.ErrBlobNotFound -} - func IsSupportedMediaType(mediaType string) bool { return mediaType == ispec.MediaTypeImageIndex || - mediaType == ispec.MediaTypeImageManifest || - mediaType == oras.MediaTypeArtifactManifest + mediaType == ispec.MediaTypeImageManifest } func IsNonDistributable(mediaType string) bool { diff --git a/pkg/storage/common/common_test.go b/pkg/storage/common/common_test.go index e8ef700b..d81df018 100644 --- a/pkg/storage/common/common_test.go +++ b/pkg/storage/common/common_test.go @@ -9,7 +9,6 @@ import ( godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" "github.com/rs/zerolog" . "github.com/smartystreets/goconvey/convey" @@ -165,20 +164,12 @@ func TestGetReferrersErrors(t *testing.T) { _, err := common.GetReferrers(imgStore, "zot-test", "invalidDigest", []string{artifactType}, log) So(err, ShouldNotBeNil) - - _, err = common.GetOrasReferrers(imgStore, "zot-test", "invalidDigest", - artifactType, log) - So(err, ShouldNotBeNil) }) Convey("Trigger repo not found error", func(c C) { _, err := common.GetReferrers(imgStore, "zot-test", validDigest, []string{artifactType}, log) So(err, ShouldNotBeNil) - - _, err = common.GetOrasReferrers(imgStore, "zot-test", validDigest, - artifactType, log) - So(err, ShouldNotBeNil) }) storageCtlr := storage.StoreController{DefaultStore: imgStore} @@ -190,7 +181,7 @@ func TestGetReferrersErrors(t *testing.T) { index := ispec.Index{ Manifests: []ispec.Descriptor{ { - MediaType: artifactspec.MediaTypeArtifactManifest, + MediaType: "application/vnd.example.invalid.v1", Digest: digest, }, }, @@ -212,10 +203,6 @@ func TestGetReferrersErrors(t *testing.T) { _, err = common.GetReferrers(imgStore, "zot-test", validDigest, []string{artifactType}, log) So(err, ShouldNotBeNil) - - _, err = common.GetOrasReferrers(imgStore, "zot-test", validDigest, - artifactType, log) - So(err, ShouldNotBeNil) }) Convey("Trigger GetBlobContent() generic error", func(c C) { @@ -231,53 +218,6 @@ func TestGetReferrersErrors(t *testing.T) { _, err = common.GetReferrers(imgStore, "zot-test", validDigest, []string{artifactType}, log) So(err, ShouldNotBeNil) - - _, err = common.GetOrasReferrers(imgStore, "zot-test", validDigest, - artifactType, log) - So(err, ShouldNotBeNil) - }) - - Convey("Trigger continue on different artifactType", func(c C) { - orasManifest := artifactspec.Manifest{ - Subject: &artifactspec.Descriptor{ - Digest: digest, - ArtifactType: "unknown", - }, - } - - orasBuf, err := json.Marshal(orasManifest) - So(err, ShouldBeNil) - - imgStore = &mocks.MockedImageStore{ - GetIndexContentFn: func(repo string) ([]byte, error) { - return indexBuf, nil - }, - GetBlobContentFn: func(repo string, digest godigest.Digest) ([]byte, error) { - return orasBuf, nil - }, - } - - _, err = common.GetOrasReferrers(imgStore, "zot-test", validDigest, - artifactType, log) - So(err, ShouldNotBeNil) - - _, err = common.GetOrasReferrers(imgStore, "zot-test", digest, - artifactType, log) - So(err, ShouldNotBeNil) - }) - - Convey("Unmarshal oras artifact error", func(c C) { - imgStore = &mocks.MockedImageStore{ - GetIndexContentFn: func(repo string) ([]byte, error) { - return indexBuf, nil - }, - GetBlobContentFn: func(repo string, digest godigest.Digest) ([]byte, error) { - return []byte("wrong content"), nil - }, - } - - _, err = common.GetOrasReferrers(imgStore, "zot-test", validDigest, artifactType, log) - So(err, ShouldNotBeNil) }) Convey("Trigger unmarshal error on manifest image mediaType", func(c C) { diff --git a/pkg/storage/gc/gc.go b/pkg/storage/gc/gc.go index a0cfdbb7..c2a9e3e3 100644 --- a/pkg/storage/gc/gc.go +++ b/pkg/storage/gc/gc.go @@ -12,7 +12,6 @@ import ( "github.com/docker/distribution/registry/storage/driver" godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - oras "github.com/oras-project/artifacts-spec/specs-go/v1" zerr "zotregistry.dev/zot/errors" "zotregistry.dev/zot/pkg/api/config" @@ -244,7 +243,7 @@ func (gc GarbageCollect) removeIndexReferrers(repo string, rootIndex *ispec.Inde if gced { count++ } - case ispec.MediaTypeImageManifest, oras.MediaTypeArtifactManifest: + case ispec.MediaTypeImageManifest: image, err := common.GetImageManifest(gc.imgStore, repo, desc.Digest, gc.log) if err != nil { gc.log.Error().Err(err).Str("module", "gc").Str("repo", repo).Str("digest", desc.Digest.String()). @@ -529,7 +528,7 @@ func (gc GarbageCollect) identifyManifestsReferencedInIndex(index ispec.Index, r if err := gc.identifyManifestsReferencedInIndex(indexImage, repo, referenced); err != nil { return err } - case ispec.MediaTypeImageManifest, oras.MediaTypeArtifactManifest: + case ispec.MediaTypeImageManifest: image, err := common.GetImageManifest(gc.imgStore, repo, desc.Digest, gc.log) if err != nil { gc.log.Error().Err(err).Str("module", "gc").Str("repo", repo). @@ -638,13 +637,6 @@ func (gc GarbageCollect) addIndexBlobsToReferences(repo string, index ispec.Inde gc.log.Error().Err(err).Str("module", "gc").Str("repository", repo). Str("digest", desc.Digest.String()).Msg("failed to read blobs in image manifest") - return err - } - case oras.MediaTypeArtifactManifest: - if err := gc.addORASImageManifestBlobsToReferences(repo, desc.Digest, refBlobs); err != nil { - gc.log.Error().Err(err).Str("module", "gc").Str("repository", repo). - Str("digest", desc.Digest.String()).Msg("failed to read blobs in ORAS image manifest") - return err } } @@ -703,31 +695,6 @@ func (gc GarbageCollect) addImageManifestBlobsToReferences(repo string, mdigest return nil } -func (gc GarbageCollect) addORASImageManifestBlobsToReferences(repo string, mdigest godigest.Digest, - refBlobs map[string]bool, -) error { - manifestContent, err := common.GetOrasManifestByDigest(gc.imgStore, repo, mdigest, gc.log) - if err != nil { - gc.log.Error().Err(err).Str("module", "gc").Str("repository", repo). - Str("digest", mdigest.String()).Msg("failed to read manifest image") - - return err - } - - refBlobs[mdigest.String()] = true - - // if there is a Subject, it may not exist yet and that is ok - if manifestContent.Subject != nil { - refBlobs[manifestContent.Subject.Digest.String()] = true - } - - for _, blob := range manifestContent.Blobs { - refBlobs[blob.Digest.String()] = true - } - - return nil -} - func isManifestReferencedInIndex(index *ispec.Index, digest godigest.Digest) bool { for _, manifest := range index.Manifests { if manifest.Digest == digest { diff --git a/pkg/storage/gc/gc_internal_test.go b/pkg/storage/gc/gc_internal_test.go index 6e127b28..a83412ce 100644 --- a/pkg/storage/gc/gc_internal_test.go +++ b/pkg/storage/gc/gc_internal_test.go @@ -12,7 +12,6 @@ import ( godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" . "github.com/smartystreets/goconvey/convey" "zotregistry.dev/zot/pkg/api/config" @@ -87,18 +86,6 @@ func TestGarbageCollectManifestErrors(t *testing.T) { So(err, ShouldNotBeNil) }) - Convey("trigger repo not found in addORASImageManifestBlobsToReferences()", func() { - err := gc.addIndexBlobsToReferences(repoName, ispec.Index{ - Manifests: []ispec.Descriptor{ - { - Digest: godigest.FromString("miss"), - MediaType: artifactspec.MediaTypeArtifactManifest, - }, - }, - }, map[string]bool{}) - So(err, ShouldNotBeNil) - }) - content := []byte("this is a blob") digest := godigest.FromBytes(content) So(digest, ShouldNotBeNil) diff --git a/pkg/storage/imagestore/imagestore.go b/pkg/storage/imagestore/imagestore.go index f11ac60d..69708b22 100644 --- a/pkg/storage/imagestore/imagestore.go +++ b/pkg/storage/imagestore/imagestore.go @@ -18,7 +18,6 @@ import ( guuid "github.com/gofrs/uuid" godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" zerr "zotregistry.dev/zot/errors" zcommon "zotregistry.dev/zot/pkg/common" @@ -1450,16 +1449,6 @@ func (is *ImageStore) GetReferrers(repo string, gdigest godigest.Digest, artifac return common.GetReferrers(is, repo, gdigest, artifactTypes, is.log) } -func (is *ImageStore) GetOrasReferrers(repo string, gdigest godigest.Digest, artifactType string, -) ([]artifactspec.Descriptor, error) { - var lockLatency time.Time - - is.RLock(&lockLatency) - defer is.RUnlock(&lockLatency) - - return common.GetOrasReferrers(is, repo, gdigest, artifactType, is.log) -} - // GetIndexContent returns index.json contents, the caller function MUST lock from outside. func (is *ImageStore) GetIndexContent(repo string) ([]byte, error) { dir := path.Join(is.rootDir, repo) diff --git a/pkg/storage/local/local_test.go b/pkg/storage/local/local_test.go index adfbbb4a..3c3c1101 100644 --- a/pkg/storage/local/local_test.go +++ b/pkg/storage/local/local_test.go @@ -21,7 +21,6 @@ import ( godigest "github.com/opencontainers/go-digest" imeta "github.com/opencontainers/image-spec/specs-go" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" "github.com/rs/zerolog" . "github.com/smartystreets/goconvey/convey" @@ -182,16 +181,6 @@ func TestStorageFSAPIs(t *testing.T) { panic(err) } - // invalid GetOrasReferrers - _, err = imgStore.GetOrasReferrers("invalid", "invalid", "invalid") - So(err, ShouldNotBeNil) - - _, err = imgStore.GetOrasReferrers(repoName, "invalid", "invalid") - So(err, ShouldNotBeNil) - - _, err = imgStore.GetOrasReferrers(repoName, digest, "invalid") - So(err, ShouldNotBeNil) - // invalid DeleteImageManifest indexPath := path.Join(imgStore.RootDir(), repoName, "index.json") err = os.Chmod(indexPath, 0o000) @@ -210,63 +199,6 @@ func TestStorageFSAPIs(t *testing.T) { }) } -func TestGetOrasReferrers(t *testing.T) { - dir := t.TempDir() - - log := zlog.Logger{Logger: zerolog.New(os.Stdout)} - metrics := monitoring.NewMetricsServer(false, log) - cacheDriver, _ := storage.Create("boltdb", cache.BoltDBDriverParameters{ - RootDir: dir, - Name: "cache", - UseRelPaths: true, - }, log) - - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) - - Convey("Get referrers", t, func(c C) { - err := WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storage.StoreController{ - DefaultStore: imgStore, - }) - So(err, ShouldBeNil) - - body := []byte("this is a blob") - digest := godigest.FromBytes(body) - buf := bytes.NewBuffer(body) - buflen := buf.Len() - err = os.WriteFile(path.Join(imgStore.RootDir(), //nolint: gosec - "zot-test", "blobs", digest.Algorithm().String(), digest.Encoded()), - buf.Bytes(), 0o644) - So(err, ShouldBeNil) - _, n, err := imgStore.FullBlobUpload("zot-test", buf, digest) - So(err, ShouldBeNil) - So(n, ShouldEqual, buflen) - - artifactManifest := artifactspec.Manifest{} - artifactManifest.ArtifactType = "signature-example" - artifactManifest.Subject = &artifactspec.Descriptor{ - MediaType: ispec.MediaTypeImageManifest, - Digest: digest, - Size: int64(buflen), - } - artifactManifest.Blobs = []artifactspec.Descriptor{} - manBuf, err := json.Marshal(artifactManifest) - manBufLen := len(manBuf) - So(err, ShouldBeNil) - manDigest := godigest.FromBytes(manBuf) - _, _, err = imgStore.PutImageManifest("zot-test", manDigest.Encoded(), artifactspec.MediaTypeArtifactManifest, manBuf) - So(err, ShouldBeNil) - - So(err, ShouldBeNil) - descriptors, err := imgStore.GetOrasReferrers("zot-test", digest, "signature-example") - So(err, ShouldBeNil) - So(descriptors, ShouldNotBeEmpty) - So(descriptors[0].ArtifactType, ShouldEqual, "signature-example") - So(descriptors[0].MediaType, ShouldEqual, artifactspec.MediaTypeArtifactManifest) - So(descriptors[0].Size, ShouldEqual, manBufLen) - So(descriptors[0].Digest, ShouldEqual, manDigest) - }) -} - func FuzzNewBlobUpload(f *testing.F) { f.Fuzz(func(t *testing.T, data string) { dir := t.TempDir() @@ -1066,69 +998,6 @@ func FuzzGetBlobContent(f *testing.F) { }) } -func FuzzGetOrasReferrers(f *testing.F) { - f.Fuzz(func(t *testing.T, data string) { - log := &zlog.Logger{Logger: zerolog.New(os.Stdout)} - metrics := monitoring.NewMetricsServer(false, *log) - - dir := t.TempDir() - defer os.RemoveAll(dir) - - cacheDriver, _ := storage.Create("boltdb", cache.BoltDBDriverParameters{ - RootDir: dir, - Name: "cache", - UseRelPaths: true, - }, *log) - - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) - - storageCtlr := storage.StoreController{DefaultStore: imgStore} - err := WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storageCtlr) - if err != nil { - t.Error(err) - } - digest := godigest.FromBytes([]byte(data)) - buf := bytes.NewBufferString(data) - buflen := buf.Len() - err = os.WriteFile(path.Join(imgStore.RootDir(), //nolint: gosec - "zot-test", "blobs", digest.Algorithm().String(), digest.Encoded()), - buf.Bytes(), 0o644) - if err != nil { - t.Error(err) - } - _, _, err = imgStore.FullBlobUpload("zot-test", buf, digest) - if err != nil { - t.Error(err) - } - - artifactManifest := artifactspec.Manifest{} - artifactManifest.ArtifactType = data - artifactManifest.Subject = &artifactspec.Descriptor{ - MediaType: ispec.MediaTypeImageManifest, - Digest: digest, - Size: int64(buflen), - } - artifactManifest.Blobs = []artifactspec.Descriptor{} - - manBuf, err := json.Marshal(artifactManifest) - if err != nil { - t.Error(err) - } - manDigest := godigest.FromBytes(manBuf) - _, _, err = imgStore.PutImageManifest("zot-test", manDigest.Encoded(), artifactspec.MediaTypeArtifactManifest, manBuf) - if err != nil { - t.Error(err) - } - _, err = imgStore.GetOrasReferrers("zot-test", digest, data) - if err != nil { - if errors.Is(err, zerr.ErrManifestNotFound) || isKnownErr(err) { - return - } - t.Error(err) - } - }) -} - func FuzzRunGCRepo(f *testing.F) { f.Fuzz(func(t *testing.T, data string) { log := zlog.NewLogger("debug", "") diff --git a/pkg/storage/s3/s3_test.go b/pkg/storage/s3/s3_test.go index c2fff606..07634305 100644 --- a/pkg/storage/s3/s3_test.go +++ b/pkg/storage/s3/s3_test.go @@ -20,7 +20,6 @@ import ( guuid "github.com/gofrs/uuid" godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" "github.com/rs/zerolog" . "github.com/smartystreets/goconvey/convey" "gopkg.in/resty.v1" @@ -450,7 +449,7 @@ func TestStorageDriverStatFunction(t *testing.T) { }) } -func TestGetOrasAndOCIReferrers(t *testing.T) { +func TestGetOCIReferrers(t *testing.T) { tskip.SkipS3(t) repo := "zot-test" @@ -577,40 +576,6 @@ func TestGetOrasAndOCIReferrers(t *testing.T) { So(index.Manifests[0].Size, ShouldEqual, manBufLen) So(index.Manifests[0].Digest, ShouldEqual, manDigest) }) - - Convey("Get oras referrers", func(c C) { - artifactManifest := artifactspec.Manifest{} - artifactManifest.ArtifactType = "signature-example" - artifactManifest.Subject = &artifactspec.Descriptor{ - MediaType: ispec.MediaTypeImageManifest, - Digest: mdigest, - Size: int64(mbuflen), - } - artifactManifest.Blobs = []artifactspec.Descriptor{ - { - Size: int64(buflen), - Digest: digest, - MediaType: "application/octet-stream", - }, - } - - manBuf, err := json.Marshal(artifactManifest) - So(err, ShouldBeNil) - - manBufLen := len(manBuf) - manDigest := godigest.FromBytes(manBuf) - - _, _, err = imgStore.PutImageManifest(repo, manDigest.Encoded(), artifactspec.MediaTypeArtifactManifest, manBuf) - So(err, ShouldBeNil) - - descriptors, err := imgStore.GetOrasReferrers(repo, mdigest, "signature-example") - So(err, ShouldBeNil) - So(descriptors, ShouldNotBeEmpty) - So(descriptors[0].ArtifactType, ShouldEqual, "signature-example") - So(descriptors[0].MediaType, ShouldEqual, artifactspec.MediaTypeArtifactManifest) - So(descriptors[0].Size, ShouldEqual, manBufLen) - So(descriptors[0].Digest, ShouldEqual, manDigest) - }) }) } @@ -1219,14 +1184,6 @@ func TestNegativeCasesObjectsStorage(t *testing.T) { So(err, ShouldNotBeNil) So(err, ShouldEqual, zerr.ErrRepoBadVersion) }) - - Convey("Test GetOrasReferrers", func(c C) { - imgStore = createMockStorage(testDir, tdir, false, &StorageDriverMock{}) - d := godigest.FromBytes([]byte("")) - _, err := imgStore.GetOrasReferrers(testImage, d, "application/image") - So(err, ShouldNotBeNil) - So(err, ShouldEqual, zerr.ErrRepoBadVersion) - }) }) } diff --git a/pkg/storage/scrub.go b/pkg/storage/scrub.go index fbaeebb1..f00c9c0e 100644 --- a/pkg/storage/scrub.go +++ b/pkg/storage/scrub.go @@ -296,7 +296,6 @@ func scrubManifest( func CheckManifestAndConfig( imageName string, manifestDesc ispec.Descriptor, manifestContent []byte, imgStore storageTypes.ImageStore, ) (godigest.Digest, ispec.Manifest, error) { - // Q oras artifacts? if manifestDesc.MediaType != ispec.MediaTypeImageManifest { return manifestDesc.Digest, ispec.Manifest{}, zerr.ErrBadManifest } diff --git a/pkg/storage/storage_test.go b/pkg/storage/storage_test.go index 96bda64e..22ae5015 100644 --- a/pkg/storage/storage_test.go +++ b/pkg/storage/storage_test.go @@ -22,7 +22,6 @@ import ( guuid "github.com/gofrs/uuid" godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" "github.com/rs/zerolog" . "github.com/smartystreets/goconvey/convey" "gopkg.in/resty.v1" @@ -1389,87 +1388,6 @@ func TestReuploadCorruptedBlob(t *testing.T) { So(size, ShouldEqual, blobSize) So(err, ShouldBeNil) }) - - Convey("Test reupload repair corrupted oras artifact", t, func() { - storeController := storage.StoreController{DefaultStore: imgStore} - - image := CreateRandomImage() - - tag := "oras-artifact" - err := WriteImageToFileSystem(image, repoName, tag, storeController) - So(err, ShouldBeNil) - - body := []byte("this is a blob") - blobDigest := godigest.FromBytes(body) - blobPath := imgStore.BlobPath(repoName, blobDigest) - buf := bytes.NewBuffer(body) - blobSize := int64(buf.Len()) - - _, size, err := imgStore.FullBlobUpload(repoName, buf, blobDigest) - So(err, ShouldBeNil) - So(size, ShouldEqual, blobSize) - - artifactManifest := artifactspec.Manifest{} - artifactType := "signature" - artifactManifest.ArtifactType = artifactType - artifactManifest.Subject = &artifactspec.Descriptor{ - MediaType: ispec.MediaTypeImageManifest, - Digest: image.Digest(), - Size: image.ManifestDescriptor.Size, - } - - artifactManifest.Blobs = []artifactspec.Descriptor{ - { - Digest: blobDigest, - Size: blobSize, - }, - } - - manBuf, err := json.Marshal(artifactManifest) - So(err, ShouldBeNil) - - manBufLen := len(manBuf) - manDigest := godigest.FromBytes(manBuf) - - _, _, err = imgStore.PutImageManifest(repoName, manDigest.String(), artifactspec.MediaTypeArtifactManifest, manBuf) - So(err, ShouldBeNil) - - descriptors, err := imgStore.GetOrasReferrers(repoName, image.Digest(), artifactType) - So(err, ShouldBeNil) - So(descriptors, ShouldNotBeEmpty) - So(descriptors[0].ArtifactType, ShouldEqual, artifactType) - So(descriptors[0].MediaType, ShouldEqual, artifactspec.MediaTypeArtifactManifest) - So(descriptors[0].Size, ShouldEqual, manBufLen) - So(descriptors[0].Digest, ShouldEqual, manDigest) - - ok, size, err := imgStore.CheckBlob(repoName, blobDigest) - So(ok, ShouldBeTrue) - So(size, ShouldEqual, blobSize) - So(err, ShouldBeNil) - - _, err = driver.WriteFile(blobPath, []byte("corrupted")) - So(err, ShouldBeNil) - - ok, size, err = imgStore.CheckBlob(repoName, blobDigest) - So(ok, ShouldBeFalse) - So(size, ShouldNotEqual, blobSize) - So(err, ShouldEqual, zerr.ErrBlobNotFound) - - buf = bytes.NewBuffer(body) - _, size, err = imgStore.FullBlobUpload(repoName, buf, blobDigest) - So(err, ShouldBeNil) - So(size, ShouldEqual, blobSize) - - ok, size, _, err = imgStore.StatBlob(repoName, blobDigest) - So(ok, ShouldBeTrue) - So(blobSize, ShouldEqual, size) - So(err, ShouldBeNil) - - ok, size, err = imgStore.CheckBlob(repoName, blobDigest) - So(ok, ShouldBeTrue) - So(size, ShouldEqual, blobSize) - So(err, ShouldBeNil) - }) }) } } @@ -1937,35 +1855,6 @@ func TestGarbageCollectImageManifest(t *testing.T) { ispec.MediaTypeImageManifest, artifactManifestBuf) So(err, ShouldBeNil) - // push oras manifest pointing to manifest - orasArtifactManifest := artifactspec.Manifest{} - orasArtifactManifest.ArtifactType = "signature-example" //nolint: goconst - orasArtifactManifest.Subject = &artifactspec.Descriptor{ - MediaType: ispec.MediaTypeImageManifest, - Digest: digest, - Size: int64(len(manifestBuf)), - } - orasArtifactManifest.Blobs = []artifactspec.Descriptor{ - { - Digest: artifactBlobDigest, - MediaType: "application/vnd.oci.image.layer.v1.tar", - Size: int64(len(artifactBlob)), - }, - } - - orasArtifactManifestBuf, err := json.Marshal(orasArtifactManifest) - So(err, ShouldBeNil) - - orasDigest := godigest.FromBytes(orasArtifactManifestBuf) - - // push oras manifest - _, _, err = imgStore.PutImageManifest(repoName, orasDigest.Encoded(), - artifactspec.MediaTypeArtifactManifest, orasArtifactManifestBuf) - So(err, ShouldBeNil) - - _, _, _, err = imgStore.GetImageManifest(repoName, orasDigest.String()) - So(err, ShouldBeNil) - err = gc.CleanRepo(ctx, repoName) So(err, ShouldBeNil) @@ -2007,9 +1896,6 @@ func TestGarbageCollectImageManifest(t *testing.T) { _, _, _, err := imgStore.GetImageManifest(repoName, artifactDigest.String()) So(err, ShouldNotBeNil) - _, _, _, err = imgStore.GetImageManifest(repoName, orasDigest.String()) - So(err, ShouldNotBeNil) - _, _, _, err = imgStore.GetImageManifest(repoName, artifactOfArtifactManifestDigest.String()) So(err, ShouldNotBeNil) @@ -2052,9 +1938,6 @@ func TestGarbageCollectImageManifest(t *testing.T) { _, _, _, err := imgStore.GetImageManifest(repoName, artifactDigest.String()) So(err, ShouldBeNil) - _, _, _, err = imgStore.GetImageManifest(repoName, orasDigest.String()) - So(err, ShouldBeNil) - _, _, _, err = imgStore.GetImageManifest(repoName, artifactOfArtifactManifestDigest.String()) So(err, ShouldBeNil) }) @@ -2590,35 +2473,6 @@ func TestGarbageCollectImageIndex(t *testing.T) { ispec.MediaTypeImageManifest, artifactManifestBuf) So(err, ShouldBeNil) - // push oras manifest pointing to index image - orasArtifactManifest := artifactspec.Manifest{} - orasArtifactManifest.ArtifactType = "signature-example" - orasArtifactManifest.Subject = &artifactspec.Descriptor{ - MediaType: ispec.MediaTypeImageIndex, - Digest: indexDigest, - Size: indexSize, - } - orasArtifactManifest.Blobs = []artifactspec.Descriptor{} - - orasArtifactManifestBuf, err := json.Marshal(orasArtifactManifest) - So(err, ShouldBeNil) - - orasDigest := godigest.FromBytes(orasArtifactManifestBuf) - - // push oras manifest - _, _, err = imgStore.PutImageManifest(repoName, orasDigest.Encoded(), - artifactspec.MediaTypeArtifactManifest, orasArtifactManifestBuf) - So(err, ShouldBeNil) - - _, _, _, err = imgStore.GetImageManifest(repoName, orasDigest.String()) - So(err, ShouldBeNil) - - err = gc.CleanRepo(ctx, repoName) - So(err, ShouldBeNil) - - _, _, _, err = imgStore.GetImageManifest(repoName, orasDigest.String()) - So(err, ShouldBeNil) - hasBlob, _, err := imgStore.CheckBlob(repoName, bdgst) So(err, ShouldBeNil) So(hasBlob, ShouldEqual, true) @@ -2659,9 +2513,6 @@ func TestGarbageCollectImageIndex(t *testing.T) { _, _, _, err = imgStore.GetImageManifest(repoName, artifactOfArtifactManifestDigest.String()) So(err, ShouldNotBeNil) - _, _, _, err = imgStore.GetImageManifest(repoName, orasDigest.String()) - So(err, ShouldBeNil) - _, _, _, err = imgStore.GetImageManifest(repoName, artifactManifestIndexDigest.String()) So(err, ShouldBeNil) }) @@ -2692,9 +2543,6 @@ func TestGarbageCollectImageIndex(t *testing.T) { _, _, _, err = imgStore.GetImageManifest(repoName, artifactDigest.String()) So(err, ShouldNotBeNil) - _, _, _, err = imgStore.GetImageManifest(repoName, orasDigest.String()) - So(err, ShouldNotBeNil) - _, _, _, err = imgStore.GetImageManifest(repoName, artifactOfArtifactManifestDigest.String()) So(err, ShouldNotBeNil) @@ -3096,35 +2944,6 @@ func TestGarbageCollectChainedImageIndexes(t *testing.T) { ispec.MediaTypeImageManifest, artifactManifestBuf) So(err, ShouldBeNil) - // push oras manifest pointing to index image - orasArtifactManifest := artifactspec.Manifest{} - orasArtifactManifest.ArtifactType = "signature-example" - orasArtifactManifest.Subject = &artifactspec.Descriptor{ - MediaType: ispec.MediaTypeImageIndex, - Digest: indexDigest, - Size: int64(len(indexContent)), - } - orasArtifactManifest.Blobs = []artifactspec.Descriptor{} - - orasArtifactManifestBuf, err := json.Marshal(orasArtifactManifest) - So(err, ShouldBeNil) - - orasDigest := godigest.FromBytes(orasArtifactManifestBuf) - - // push oras manifest - _, _, err = imgStore.PutImageManifest(repoName, orasDigest.Encoded(), - artifactspec.MediaTypeArtifactManifest, orasArtifactManifestBuf) - So(err, ShouldBeNil) - - _, _, _, err = imgStore.GetImageManifest(repoName, orasDigest.String()) - So(err, ShouldBeNil) - - err = gc.CleanRepo(ctx, repoName) - So(err, ShouldBeNil) - - _, _, _, err = imgStore.GetImageManifest(repoName, orasDigest.String()) - So(err, ShouldBeNil) - hasBlob, _, err := imgStore.CheckBlob(repoName, bdgst) So(err, ShouldBeNil) So(hasBlob, ShouldEqual, true) @@ -3165,9 +2984,6 @@ func TestGarbageCollectChainedImageIndexes(t *testing.T) { _, _, _, err = imgStore.GetImageManifest(repoName, artifactOfArtifactManifestDigest.String()) So(err, ShouldNotBeNil) - _, _, _, err = imgStore.GetImageManifest(repoName, orasDigest.String()) - So(err, ShouldBeNil) - _, _, _, err = imgStore.GetImageManifest(repoName, artifactManifestIndexDigest.String()) So(err, ShouldBeNil) }) @@ -3198,9 +3014,6 @@ func TestGarbageCollectChainedImageIndexes(t *testing.T) { _, _, _, err = imgStore.GetImageManifest(repoName, artifactDigest.String()) So(err, ShouldNotBeNil) - _, _, _, err = imgStore.GetImageManifest(repoName, orasDigest.String()) - So(err, ShouldNotBeNil) - _, _, _, err = imgStore.GetImageManifest(repoName, artifactOfArtifactManifestDigest.String()) So(err, ShouldNotBeNil) diff --git a/pkg/storage/types/types.go b/pkg/storage/types/types.go index 625d5a1e..39539ffa 100644 --- a/pkg/storage/types/types.go +++ b/pkg/storage/types/types.go @@ -8,7 +8,6 @@ import ( storagedriver "github.com/docker/distribution/registry/storage/driver" godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" "zotregistry.dev/zot/pkg/scheduler" ) @@ -58,7 +57,6 @@ type ImageStore interface { //nolint:interfacebloat StatIndex(repo string) (bool, int64, time.Time, error) GetBlobContent(repo string, digest godigest.Digest) ([]byte, error) GetReferrers(repo string, digest godigest.Digest, artifactTypes []string) (ispec.Index, error) - GetOrasReferrers(repo string, digest godigest.Digest, artifactType string) ([]artifactspec.Descriptor, error) RunDedupeBlobs(interval time.Duration, sch *scheduler.Scheduler) RunDedupeForDigest(ctx context.Context, digest godigest.Digest, dedupe bool, duplicateBlobs []string) error GetNextDigestWithBlobPaths(repos []string, lastDigests []godigest.Digest) (godigest.Digest, []string, error) diff --git a/pkg/test/mocks/image_store_mock.go b/pkg/test/mocks/image_store_mock.go index a31220b1..03e939b7 100644 --- a/pkg/test/mocks/image_store_mock.go +++ b/pkg/test/mocks/image_store_mock.go @@ -7,7 +7,6 @@ import ( godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1" "zotregistry.dev/zot/pkg/scheduler" ) @@ -40,13 +39,11 @@ type MockedImageStore struct { StatBlobFn func(repo string, digest godigest.Digest) (bool, int64, time.Time, error) GetBlobPartialFn func(repo string, digest godigest.Digest, mediaType string, from, to int64, ) (io.ReadCloser, int64, int64, error) - GetBlobFn func(repo string, digest godigest.Digest, mediaType string) (io.ReadCloser, int64, error) - DeleteBlobFn func(repo string, digest godigest.Digest) error - GetIndexContentFn func(repo string) ([]byte, error) - GetBlobContentFn func(repo string, digest godigest.Digest) ([]byte, error) - GetReferrersFn func(repo string, digest godigest.Digest, artifactTypes []string) (ispec.Index, error) - GetOrasReferrersFn func(repo string, digest godigest.Digest, artifactType string, - ) ([]artifactspec.Descriptor, error) + GetBlobFn func(repo string, digest godigest.Digest, mediaType string) (io.ReadCloser, int64, error) + DeleteBlobFn func(repo string, digest godigest.Digest) error + GetIndexContentFn func(repo string) ([]byte, error) + GetBlobContentFn func(repo string, digest godigest.Digest) ([]byte, error) + GetReferrersFn func(repo string, digest godigest.Digest, artifactTypes []string) (ispec.Index, error) URLForPathFn func(path string) (string, error) RunGCRepoFn func(repo string) error RunGCPeriodicallyFn func(interval time.Duration, sch *scheduler.Scheduler) @@ -346,18 +343,6 @@ func (is MockedImageStore) GetReferrers( return ispec.Index{}, nil } -func (is MockedImageStore) GetOrasReferrers( - repo string, - digest godigest.Digest, - artifactType string, -) ([]artifactspec.Descriptor, error) { - if is.GetOrasReferrersFn != nil { - return is.GetOrasReferrersFn(repo, digest, artifactType) - } - - return []artifactspec.Descriptor{}, nil -} - func (is MockedImageStore) URLForPath(path string) (string, error) { if is.URLForPathFn != nil { return is.URLForPathFn(path) diff --git a/swagger/docs.go b/swagger/docs.go index 7f9a8a90..95e6089c 100644 --- a/swagger/docs.go +++ b/swagger/docs.go @@ -19,61 +19,6 @@ const docTemplate = `{ "host": "{{.Host}}", "basePath": "{{.BasePath}}", "paths": { - "/oras/artifacts/v1/{name}/manifests/{digest}/referrers": { - "get": { - "description": "Get references for an image given a digest and artifact type", - "consumes": [ - "application/json" - ], - "produces": [ - "application/json" - ], - "summary": "Get references for an image", - "parameters": [ - { - "type": "string", - "description": "repository name", - "name": "name", - "in": "path", - "required": true - }, - { - "type": "string", - "description": "image digest", - "name": "digest", - "in": "path", - "required": true - }, - { - "type": "string", - "description": "artifact type", - "name": "artifactType", - "in": "query", - "required": true - } - ], - "responses": { - "200": { - "description": "ok", - "schema": { - "type": "string" - } - }, - "404": { - "description": "not found", - "schema": { - "type": "string" - } - }, - "500": { - "description": "internal server error", - "schema": { - "type": "string" - } - } - } - } - }, "/v2/": { "get": { "description": "Check if this API version is supported", @@ -1211,7 +1156,7 @@ const docTemplate = `{ "description": "Manifests references platform specific manifests.", "type": "array", "items": { - "$ref": "#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor" + "$ref": "#/definitions/v1.Descriptor" } }, "mediaType": { @@ -1226,7 +1171,7 @@ const docTemplate = `{ "description": "Subject is an optional link from the image manifest to another manifest forming an association between the image manifest and the other manifest.", "allOf": [ { - "$ref": "#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor" + "$ref": "#/definitions/v1.Descriptor" } ] } @@ -1250,7 +1195,7 @@ const docTemplate = `{ "description": "Config references a configuration object for a container, by digest.\nThe referenced configuration object is a JSON blob that the runtime uses to set up the container.", "allOf": [ { - "$ref": "#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor" + "$ref": "#/definitions/v1.Descriptor" } ] }, @@ -1258,7 +1203,7 @@ const docTemplate = `{ "description": "Layers is an indexed list of layers referenced by the manifest.", "type": "array", "items": { - "$ref": "#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor" + "$ref": "#/definitions/v1.Descriptor" } }, "mediaType": { @@ -1273,7 +1218,7 @@ const docTemplate = `{ "description": "Subject is an optional link from the image manifest to another manifest forming an association between the image manifest and the other manifest.", "allOf": [ { - "$ref": "#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor" + "$ref": "#/definitions/v1.Descriptor" } ] } @@ -1412,7 +1357,7 @@ const docTemplate = `{ } } }, - "github_com_opencontainers_image-spec_specs-go_v1.Descriptor": { + "v1.Descriptor": { "type": "object", "properties": { "annotations": { diff --git a/swagger/swagger.json b/swagger/swagger.json index 451527d2..dee00015 100644 --- a/swagger/swagger.json +++ b/swagger/swagger.json @@ -11,61 +11,6 @@ "version": "v1.1.0" }, "paths": { - "/oras/artifacts/v1/{name}/manifests/{digest}/referrers": { - "get": { - "description": "Get references for an image given a digest and artifact type", - "consumes": [ - "application/json" - ], - "produces": [ - "application/json" - ], - "summary": "Get references for an image", - "parameters": [ - { - "type": "string", - "description": "repository name", - "name": "name", - "in": "path", - "required": true - }, - { - "type": "string", - "description": "image digest", - "name": "digest", - "in": "path", - "required": true - }, - { - "type": "string", - "description": "artifact type", - "name": "artifactType", - "in": "query", - "required": true - } - ], - "responses": { - "200": { - "description": "ok", - "schema": { - "type": "string" - } - }, - "404": { - "description": "not found", - "schema": { - "type": "string" - } - }, - "500": { - "description": "internal server error", - "schema": { - "type": "string" - } - } - } - } - }, "/v2/": { "get": { "description": "Check if this API version is supported", @@ -1203,7 +1148,7 @@ "description": "Manifests references platform specific manifests.", "type": "array", "items": { - "$ref": "#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor" + "$ref": "#/definitions/v1.Descriptor" } }, "mediaType": { @@ -1218,7 +1163,7 @@ "description": "Subject is an optional link from the image manifest to another manifest forming an association between the image manifest and the other manifest.", "allOf": [ { - "$ref": "#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor" + "$ref": "#/definitions/v1.Descriptor" } ] } @@ -1242,7 +1187,7 @@ "description": "Config references a configuration object for a container, by digest.\nThe referenced configuration object is a JSON blob that the runtime uses to set up the container.", "allOf": [ { - "$ref": "#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor" + "$ref": "#/definitions/v1.Descriptor" } ] }, @@ -1250,7 +1195,7 @@ "description": "Layers is an indexed list of layers referenced by the manifest.", "type": "array", "items": { - "$ref": "#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor" + "$ref": "#/definitions/v1.Descriptor" } }, "mediaType": { @@ -1265,7 +1210,7 @@ "description": "Subject is an optional link from the image manifest to another manifest forming an association between the image manifest and the other manifest.", "allOf": [ { - "$ref": "#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor" + "$ref": "#/definitions/v1.Descriptor" } ] } @@ -1404,7 +1349,7 @@ } } }, - "github_com_opencontainers_image-spec_specs-go_v1.Descriptor": { + "v1.Descriptor": { "type": "object", "properties": { "annotations": { diff --git a/swagger/swagger.yaml b/swagger/swagger.yaml index 49aec135..15e46c19 100644 --- a/swagger/swagger.yaml +++ b/swagger/swagger.yaml @@ -31,7 +31,7 @@ definitions: manifests: description: Manifests references platform specific manifests. items: - $ref: '#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor' + $ref: '#/definitions/v1.Descriptor' type: array mediaType: description: MediaType specifies the type of this document data structure @@ -42,7 +42,7 @@ definitions: type: integer subject: allOf: - - $ref: '#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor' + - $ref: '#/definitions/v1.Descriptor' description: Subject is an optional link from the image manifest to another manifest forming an association between the image manifest and the other manifest. @@ -60,14 +60,14 @@ definitions: type: string config: allOf: - - $ref: '#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor' + - $ref: '#/definitions/v1.Descriptor' description: |- Config references a configuration object for a container, by digest. The referenced configuration object is a JSON blob that the runtime uses to set up the container. layers: description: Layers is an indexed list of layers referenced by the manifest. items: - $ref: '#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor' + $ref: '#/definitions/v1.Descriptor' type: array mediaType: description: MediaType specifies the type of this document data structure @@ -78,7 +78,7 @@ definitions: type: integer subject: allOf: - - $ref: '#/definitions/github_com_opencontainers_image-spec_specs-go_v1.Descriptor' + - $ref: '#/definitions/v1.Descriptor' description: Subject is an optional link from the image manifest to another manifest forming an association between the image manifest and the other manifest. @@ -168,7 +168,7 @@ definitions: releaseTag: type: string type: object - github_com_opencontainers_image-spec_specs-go_v1.Descriptor: + v1.Descriptor: properties: annotations: additionalProperties: @@ -247,43 +247,6 @@ info: title: Open Container Initiative Distribution Specification version: v1.1.0 paths: - /oras/artifacts/v1/{name}/manifests/{digest}/referrers: - get: - consumes: - - application/json - description: Get references for an image given a digest and artifact type - parameters: - - description: repository name - in: path - name: name - required: true - type: string - - description: image digest - in: path - name: digest - required: true - type: string - - description: artifact type - in: query - name: artifactType - required: true - type: string - produces: - - application/json - responses: - "200": - description: ok - schema: - type: string - "404": - description: not found - schema: - type: string - "500": - description: internal server error - schema: - type: string - summary: Get references for an image /v2/: get: consumes: diff --git a/test/blackbox/sync_docker.bats b/test/blackbox/sync_docker.bats index 172efe9c..f2addb43 100644 --- a/test/blackbox/sync_docker.bats +++ b/test/blackbox/sync_docker.bats @@ -332,7 +332,7 @@ function teardown_file() { @test "sync image on demand from ghcr.io" { zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port` - run skopeo copy docker://127.0.0.1:${zot_port}/project-zot/zot-linux-amd64:v2.0.0-rc5 oci:${TEST_DATA_DIR} --src-tls-verify=false + run skopeo copy docker://127.0.0.1:${zot_port}/project-zot/zot-linux-amd64:v2.0.1 oci:${TEST_DATA_DIR} --src-tls-verify=false [ "$status" -eq 0 ] run curl http://127.0.0.1:${zot_port}/v2/_catalog @@ -340,7 +340,7 @@ function teardown_file() { [ $(echo "${lines[-1]}"| jq '.repositories | map(select(. == "project-zot/zot-linux-amd64"))' | jq '.[]') = '"project-zot/zot-linux-amd64"' ] run curl http://127.0.0.1:${zot_port}/v2/project-zot/zot-linux-amd64/tags/list [ "$status" -eq 0 ] - [ $(echo "${lines[-1]}" | jq '.tags[]') = '"v2.0.0-rc5"' ] + [ $(echo "${lines[-1]}" | jq '.tags[]') = '"v2.0.1"' ] } @test "run docker with image synced from docker.io" { @@ -450,7 +450,7 @@ function teardown_file() { @test "run docker with image synced from ghcr.io" { zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port` - run docker run -d 127.0.0.1:${zot_port}/project-zot/zot-linux-amd64:v2.0.0-rc5 + run docker run -d 127.0.0.1:${zot_port}/project-zot/zot-linux-amd64:v2.0.1 [ "$status" -eq 0 ] run curl http://127.0.0.1:${zot_port}/v2/_catalog @@ -458,5 +458,5 @@ function teardown_file() { [ $(echo "${lines[-1]}"| jq '.repositories | map(select(. == "project-zot/zot-linux-amd64"))' | jq '.[]') = '"project-zot/zot-linux-amd64"' ] run curl http://127.0.0.1:${zot_port}/v2/project-zot/zot-linux-amd64/tags/list [ "$status" -eq 0 ] - [ $(echo "${lines[-1]}" | jq '.tags[]') = '"v2.0.0-rc5"' ] + [ $(echo "${lines[-1]}" | jq '.tags[]') = '"v2.0.1"' ] }