-
Notifications
You must be signed in to change notification settings - Fork 171
/
url.go
98 lines (79 loc) · 2.78 KB
/
url.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
// SPDX-License-Identifier: Apache-2.0
// SPDX-FileCopyrightText: 2021-Present The Zarf Authors
// Package sources contains core implementations of the PackageSource interface.
package sources
import (
"context"
"fmt"
"os"
"path/filepath"
"strings"
"github.com/defenseunicorns/pkg/helpers/v2"
"github.com/zarf-dev/zarf/src/api/v1alpha1"
"github.com/zarf-dev/zarf/src/config"
"github.com/zarf-dev/zarf/src/pkg/layout"
"github.com/zarf-dev/zarf/src/pkg/packager/filters"
"github.com/zarf-dev/zarf/src/pkg/utils"
"github.com/zarf-dev/zarf/src/types"
)
var (
// verify that URLSource implements PackageSource
_ PackageSource = (*URLSource)(nil)
)
// URLSource is a package source for http, https and sget URLs.
type URLSource struct {
*types.ZarfPackageOptions
}
// Collect downloads a package from the source URL.
func (s *URLSource) Collect(ctx context.Context, dir string) (string, error) {
if !config.CommonOptions.Insecure && s.Shasum == "" && !strings.HasPrefix(s.PackageSource, helpers.SGETURLPrefix) {
return "", fmt.Errorf("remote package provided without a shasum, use --insecure to ignore, or provide one w/ --shasum")
}
var packageURL string
if s.Shasum != "" {
packageURL = fmt.Sprintf("%s@%s", s.PackageSource, s.Shasum)
} else {
packageURL = s.PackageSource
}
dstTarball := filepath.Join(dir, "zarf-package-url-unknown")
if err := utils.DownloadToFile(ctx, packageURL, dstTarball, s.SGetKeyPath); err != nil {
return "", err
}
return RenameFromMetadata(dstTarball)
}
// LoadPackage loads a package from an http, https or sget URL.
func (s *URLSource) LoadPackage(ctx context.Context, dst *layout.PackagePaths, filter filters.ComponentFilterStrategy, unarchiveAll bool) (pkg v1alpha1.ZarfPackage, warnings []string, err error) {
tmp, err := utils.MakeTempDir(config.CommonOptions.TempDirectory)
if err != nil {
return pkg, nil, err
}
defer os.Remove(tmp)
dstTarball, err := s.Collect(ctx, tmp)
if err != nil {
return pkg, nil, err
}
s.PackageSource = dstTarball
// Clear the shasum so that it doesn't get used again
s.Shasum = ""
ts := &TarballSource{
s.ZarfPackageOptions,
}
return ts.LoadPackage(ctx, dst, filter, unarchiveAll)
}
// LoadPackageMetadata loads a package's metadata from an http, https or sget URL.
func (s *URLSource) LoadPackageMetadata(ctx context.Context, dst *layout.PackagePaths, wantSBOM bool, skipValidation bool) (pkg v1alpha1.ZarfPackage, warnings []string, err error) {
tmp, err := utils.MakeTempDir(config.CommonOptions.TempDirectory)
if err != nil {
return pkg, nil, err
}
defer os.Remove(tmp)
dstTarball, err := s.Collect(ctx, tmp)
if err != nil {
return pkg, nil, err
}
s.PackageSource = dstTarball
ts := &TarballSource{
s.ZarfPackageOptions,
}
return ts.LoadPackageMetadata(ctx, dst, wantSBOM, skipValidation)
}