@@ -20,20 +20,17 @@ import (
2020 "bytes"
2121 "context"
2222 "fmt"
23- "sort"
2423 "strings"
2524 "time"
2625
2726 "github.com/google/go-containerregistry/pkg/name"
2827 log "github.com/sirupsen/logrus"
2928 "github.com/stuart-warren/yamlfmt"
30- "k8s.io/apimachinery/pkg/util/sets"
3129 "sigs.k8s.io/yaml"
3230
3331 "github.com/enterprise-contract/ec-cli/internal/image"
3432)
3533
36- const taskCollection = "task-bundles"
3734const ociPrefix = "oci://"
3835
3936type taskRecord struct {
@@ -46,20 +43,8 @@ type taskRecord struct {
4643 Repository string `json:"-"`
4744}
4845
49- type bundleRecord struct {
50- Digest string `json:"digest"`
51- EffectiveOn time.Time `json:"effective_on"`
52- // ExpiresOn should be omitted if there isn't a value. Not using a pointer means it will always
53- // have a value, e.g. 0001-01-01T00:00:00Z.
54- ExpiresOn * time.Time `json:"expires_on,omitempty"`
55- Tag string `json:"tag"`
56- Repository string `json:"-"`
57- }
58-
5946type Tracker struct {
60- // TaskBundles is deprecated and will be removed in the future. Use TrustedTasks instead.
61- TaskBundles map [string ][]bundleRecord `json:"task-bundles,omitempty"`
62- TrustedTasks map [string ][]taskRecord `json:"trusted_tasks,omitempty"`
47+ TrustedTasks map [string ][]taskRecord `json:"trusted_tasks,omitempty"`
6348}
6449
6550// newTracker returns a new initialized instance of Tracker. If path
@@ -83,9 +68,6 @@ func (t *Tracker) setDefaults() {
8368 if t .TrustedTasks == nil {
8469 t .TrustedTasks = map [string ][]taskRecord {}
8570 }
86- if t .TaskBundles == nil {
87- t .TaskBundles = map [string ][]bundleRecord {}
88- }
8971}
9072
9173// addTrustedTaskRecord includes the given Tekton bundle Task record in the tracker.
@@ -104,18 +86,6 @@ func (t *Tracker) addTrustedTaskRecord(prefix string, record taskRecord) {
10486 }
10587}
10688
107- // addBundleRecord includes the given bundle record to the tracker.
108- func (t * Tracker ) addBundleRecord (record bundleRecord ) {
109- collection := t .TaskBundles
110-
111- newRecords := []bundleRecord {record }
112- if _ , ok := collection [record .Repository ]; ! ok {
113- collection [record .Repository ] = newRecords
114- } else {
115- collection [record .Repository ] = append (newRecords , collection [record .Repository ]... )
116- }
117- }
118-
11989// Output serializes the Tracker state as YAML
12090func (t Tracker ) Output () ([]byte , error ) {
12191 out , err := yaml .Marshal (t )
@@ -137,23 +107,6 @@ func Track(ctx context.Context, urls []string, input []byte, prune bool, freshen
137107 return nil , err
138108 }
139109
140- if len (t .TrustedTasks ) == 0 && len (t .TaskBundles ) > 0 {
141- log .Debug ("converting deprecated task-bundles format to trusted_tasks" )
142- for repo , bundles := range t .TaskBundles {
143- for i := len (bundles ) - 1 ; i >= 0 ; i -- {
144- bundle := bundles [i ]
145- t .addTrustedTaskRecord (ociPrefix , taskRecord {
146- Ref : bundle .Digest ,
147- Tag : bundle .Tag ,
148- EffectiveOn : bundle .EffectiveOn ,
149- ExpiresOn : bundle .ExpiresOn ,
150- Repository : repo ,
151- })
152- }
153- }
154- }
155- t .TaskBundles = map [string ][]bundleRecord {}
156-
157110 imageUrls , gitUrls := groupUrls (urls )
158111
159112 if err := t .trackImageReferences (ctx , imageUrls , freshen ); err != nil {
@@ -168,10 +121,6 @@ func Track(ctx context.Context, urls []string, input []byte, prune bool, freshen
168121
169122 t .setExpiration ()
170123
171- if err := t .convertToOldFormat (); err != nil {
172- return nil , err
173- }
174-
175124 return t .Output ()
176125}
177126
@@ -208,12 +157,12 @@ func (t *Tracker) trackImageReferences(ctx context.Context, urls []string, fresh
208157 effective_on := effectiveOn ()
209158 for _ , ref := range refs {
210159 log .Debugf ("Processing bundle %q" , ref .String ())
211- info , err := newBundleInfo (ctx , ref )
160+ hasTask , err := containsTask (ctx , ref )
212161 if err != nil {
213162 return err
214163 }
215164
216- for range sets . List ( info . collections ) {
165+ if hasTask {
217166 t .addTrustedTaskRecord (ociPrefix , taskRecord {
218167 Ref : ref .Digest ,
219168 Tag : ref .Tag ,
@@ -392,57 +341,6 @@ func (t *Tracker) setExpiration() {
392341 }
393342}
394343
395- func (t * Tracker ) convertToOldFormat () error {
396- for group , tasks := range t .TrustedTasks {
397- repo := ociRefFromGroup (group )
398- if repo == "" {
399- // Not an OCI group
400- continue
401- }
402- for _ , task := range tasks {
403- ref , err := name .NewTag (repo )
404- if err != nil {
405- return fmt .Errorf ("cannot parse existing repo as a tag ref: %w" , err )
406- }
407- t .addBundleRecord (bundleRecord {
408- Digest : task .Ref ,
409- Tag : ref .TagStr (),
410- Repository : ref .Repository .Name (),
411- EffectiveOn : task .EffectiveOn ,
412- ExpiresOn : task .ExpiresOn ,
413- })
414- }
415- }
416-
417- for _ , bundles := range t .TaskBundles {
418- // Sort the task bundles in reverse order. The first bundle being the most recent one. The
419- // sorting function returns true if the bundle at "i" is considered newer than the bundle at
420- // "j". It is assumed that every bundle has an EffectiveOn date and a Tag, but some bundles
421- // may not have an ExpiresOn date.
422- sort .SliceStable (bundles , func (i , j int ) bool {
423- if ! bundles [i ].EffectiveOn .Equal (bundles [j ].EffectiveOn ) {
424- return bundles [i ].EffectiveOn .After (bundles [j ].EffectiveOn )
425- }
426-
427- iExpiresOn := bundles [i ].ExpiresOn
428- jExpiresOn := bundles [j ].ExpiresOn
429- // A missing ExpiresOn value is always considered to be newer than an explicit value.
430- // Only one defines an expiration date. "i" is newer if it is the one that is null.
431- if (iExpiresOn == nil || jExpiresOn == nil ) && iExpiresOn != jExpiresOn {
432- return iExpiresOn == nil
433- }
434- if iExpiresOn != nil && jExpiresOn != nil && ! iExpiresOn .Equal (* jExpiresOn ) {
435- return iExpiresOn .After (* jExpiresOn )
436- }
437-
438- // Records are pretty similar. Use the tag as a tie breaker to produce a stable order.
439- return bundles [i ].Tag > bundles [j ].Tag
440- })
441- }
442-
443- return nil
444- }
445-
446344// ociRefFromGroup returns the OCI image reference from the given group, e.g.
447345// oci://registry.local/spam:latest -> registry.local/spam:latest
448346// If the group does not represent an OCI image reference, an empty string is returned.
0 commit comments