From 16e4000f5d660e9ce83afc2792531c92aadaf83d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=A9=20Sch=C3=BCnemann?= <rene.schuenemann@sap.com>
Date: Mon, 4 Aug 2025 15:33:40 +0200
Subject: [PATCH] feat: check for unsupported OCM configuration type
 DockerConfig

---
 internal/ocm-cli/ocm.go                       | 58 +++++++++++++++++++
 internal/ocm-cli/ocm_test.go                  | 14 +++++
 internal/ocm-cli/testdata/ocm-config.yaml     | 15 +++--
 .../testdata/unsupported-ocm-config.yaml      |  7 +++
 4 files changed, 90 insertions(+), 4 deletions(-)
 create mode 100644 internal/ocm-cli/testdata/unsupported-ocm-config.yaml

diff --git a/internal/ocm-cli/ocm.go b/internal/ocm-cli/ocm.go
index b2fd4ad..761bf91 100644
--- a/internal/ocm-cli/ocm.go
+++ b/internal/ocm-cli/ocm.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"os"
 	"os/exec"
+	"strings"
 
 	"sigs.k8s.io/yaml"
 )
@@ -24,6 +25,10 @@ func Execute(ctx context.Context, commands []string, args []string, ocmConfig st
 
 	if ocmConfig != NoOcmConfig {
 		ocmArgs = append(ocmArgs, "--config", ocmConfig)
+
+		if err := verifyOCMConfig(ocmConfig); err != nil {
+			return fmt.Errorf("invalid OCM configuration: %w", err)
+		}
 	}
 
 	ocmArgs = append(ocmArgs, commands...)
@@ -122,6 +127,10 @@ func GetComponentVersion(ctx context.Context, componentReference string, ocmConf
 
 	if ocmConfig != NoOcmConfig {
 		ocmArgs = append(ocmArgs, "--config", ocmConfig)
+
+		if err := verifyOCMConfig(ocmConfig); err != nil {
+			return nil, fmt.Errorf("invalid OCM configuration: %w", err)
+		}
 	}
 
 	ocmArgs = append(ocmArgs, "get", "componentversion", "--output", "yaml", componentReference)
@@ -140,3 +149,52 @@ func GetComponentVersion(ctx context.Context, componentReference string, ocmConf
 
 	return &cv, nil
 }
+
+type OCMConfiguration struct {
+	Type           string                        `json:"type"`
+	Configurations []TypedOCMConfigConfiguration `json:"configurations"`
+}
+
+type TypedOCMConfigConfiguration struct {
+	Type         string                `json:"type"`
+	Repositories []OCMConfigRepository `json:"repositories"`
+}
+
+type OCMConfigRepository struct {
+	Repository *TypedOCMConfigRepository `json:"repository"`
+}
+
+type TypedOCMConfigRepository struct {
+	Type string `json:"type"`
+}
+
+const (
+	DockerConfigRepositoryType = "DockerConfig"
+)
+
+// verifyOCMConfig checks if the OCM configuration file exists and does not contain unsupported configuration.
+func verifyOCMConfig(ocmConfig string) error {
+	if _, err := os.Stat(ocmConfig); os.IsNotExist(err) {
+		return fmt.Errorf("OCM configuration file does not exist: %s", ocmConfig)
+	}
+
+	file, err := os.ReadFile(ocmConfig)
+	if err != nil {
+		return fmt.Errorf("error reading OCM configuration file: %w", err)
+	}
+
+	var config OCMConfiguration
+	if err = yaml.Unmarshal(file, &config); err != nil {
+		return fmt.Errorf("error unmarshalling OCM configuration file: %w", err)
+	}
+
+	for _, typedConfig := range config.Configurations {
+		for _, repo := range typedConfig.Repositories {
+			if repo.Repository != nil && strings.Contains(repo.Repository.Type, DockerConfigRepositoryType) {
+				return fmt.Errorf("unsupported repository type: %s", repo.Repository.Type)
+			}
+		}
+	}
+
+	return nil
+}
diff --git a/internal/ocm-cli/ocm_test.go b/internal/ocm-cli/ocm_test.go
index d6c4298..f42369c 100644
--- a/internal/ocm-cli/ocm_test.go
+++ b/internal/ocm-cli/ocm_test.go
@@ -46,6 +46,14 @@ func TestExecute(t *testing.T) {
 			ocmConfig:     "./testdata/ocm-config.yaml",
 			expectedError: nil,
 		},
+
+		{
+			desc:          "get componentversion with unsupported ocm config",
+			commands:      []string{"get", "componentversion"},
+			arguments:     []string{"--output", "yaml", ctfIn},
+			ocmConfig:     "./testdata/unsupported-ocm-config.yaml",
+			expectedError: expectError,
+		},
 	}
 
 	for _, tc := range testCases {
@@ -114,6 +122,12 @@ func TestGetComponentVersion(t *testing.T) {
 			ocmConfig:     "./testdata/ocm-config.yaml",
 			expectedError: nil,
 		},
+		{
+			desc:          "get component version with unsupported ocm config",
+			componentRef:  ctfIn,
+			ocmConfig:     "./testdata/unsupported-ocm-config.yaml",
+			expectedError: expectError,
+		},
 		{
 			desc:          "get component version with invalid reference",
 			componentRef:  "invalid-component-ref",
diff --git a/internal/ocm-cli/testdata/ocm-config.yaml b/internal/ocm-cli/testdata/ocm-config.yaml
index 9ee648d..78e95ca 100644
--- a/internal/ocm-cli/testdata/ocm-config.yaml
+++ b/internal/ocm-cli/testdata/ocm-config.yaml
@@ -1,7 +1,14 @@
 type: generic.config.ocm.software/v1
 configurations:
   - type: credentials.config.ocm.software
-    repositories:
-      - repository:
-          type: DockerConfig/v1
-          dockerConfigFile: "~/.docker/config.json"
\ No newline at end of file
+    consumers:
+      - identity:
+          type: OCIRegistry
+          scheme: https
+          hostname: ghcr.io
+          pathprefix: openmcp-project
+        credentials:
+          - type: Credentials
+            properties:
+              username: some-user
+              password: some-token
\ No newline at end of file
diff --git a/internal/ocm-cli/testdata/unsupported-ocm-config.yaml b/internal/ocm-cli/testdata/unsupported-ocm-config.yaml
new file mode 100644
index 0000000..9ee648d
--- /dev/null
+++ b/internal/ocm-cli/testdata/unsupported-ocm-config.yaml
@@ -0,0 +1,7 @@
+type: generic.config.ocm.software/v1
+configurations:
+  - type: credentials.config.ocm.software
+    repositories:
+      - repository:
+          type: DockerConfig/v1
+          dockerConfigFile: "~/.docker/config.json"
\ No newline at end of file