diff --git a/pkg/helm/downloader.go b/pkg/helm/downloader.go index adc8fbd660..9cbe6ea8fe 100644 --- a/pkg/helm/downloader.go +++ b/pkg/helm/downloader.go @@ -17,6 +17,7 @@ import ( "helm.sh/helm/v3/pkg/repo" "github.com/open-component-model/ocm/pkg/common" + "github.com/open-component-model/ocm/pkg/contexts/credentials" "github.com/open-component-model/ocm/pkg/contexts/credentials/repositories/directcreds" "github.com/open-component-model/ocm/pkg/contexts/oci" ocihelm "github.com/open-component-model/ocm/pkg/contexts/ocm/download/handlers/helm" @@ -73,7 +74,12 @@ func DownloadChart(out common.Printer, ctx oci.ContextProvider, ref, version, re if registry.IsOCI(repourl) { fs := osfs.New() chart = vfs.Join(fs, dl.root, filepath.Base(ref)+".tgz") - creds := directcreds.NewCredentials(dl.creds) + + var creds credentials.CredentialsSource + if dl.creds != nil { + creds = directcreds.NewCredentials(dl.creds) + } + chart, prov, aset, err = ocihelm.Download2(out, ctx.OCIContext(), identity.OCIRepoURL(repourl, ref)+":"+version, chart, osfs.New(), true, creds) if prov != "" && dl.Verify > downloader.VerifyNever && dl.Verify != downloader.VerifyLater { _, err = downloader.VerifyChart(chart, dl.Keyring) diff --git a/pkg/helm/identity/identity.go b/pkg/helm/identity/identity.go index e6288895ee..758563b232 100644 --- a/pkg/helm/identity/identity.go +++ b/pkg/helm/identity/identity.go @@ -76,6 +76,10 @@ func OCIRepoURL(repourl string, chartname string) string { } func GetConsumerId(repourl string, chartname string) cpi.ConsumerIdentity { + i := strings.LastIndex(chartname, ":") + if i >= 0 { + chartname = chartname[:i] + } if registry.IsOCI(repourl) { repourl = strings.TrimSuffix(repourl, "/") return ociidentity.GetConsumerId(OCIRepoURL(repourl, ""), chartname) @@ -89,7 +93,7 @@ func GetCredentials(ctx credentials.ContextProvider, repourl string, chartname s if id == nil { return nil } - creds, err := credentials.CredentialsForConsumer(ctx.CredentialsContext(), id, identityMatcher) + creds, err := credentials.CredentialsForConsumer(ctx.CredentialsContext(), id) if creds == nil || err != nil { return nil } diff --git a/pkg/helm/identity/identity_test.go b/pkg/helm/identity/identity_test.go new file mode 100644 index 0000000000..a71fa7680b --- /dev/null +++ b/pkg/helm/identity/identity_test.go @@ -0,0 +1,80 @@ +// SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and Open Component Model contributors. +// +// SPDX-License-Identifier: Apache-2.0 + +package identity + +import ( + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + "github.com/open-component-model/ocm/pkg/common" + "github.com/open-component-model/ocm/pkg/contexts/credentials" + "github.com/open-component-model/ocm/pkg/contexts/datacontext" + "github.com/open-component-model/ocm/pkg/contexts/oci" + ociidentity "github.com/open-component-model/ocm/pkg/contexts/oci/identity" +) + +var _ = Describe("consumer id handling", func() { + Context("id deternation", func() { + It("handles helm repos", func() { + id := GetConsumerId("https://acme.org/charts", "demo:v1") + Expect(id).To(Equal(credentials.NewConsumerIdentity(CONSUMER_TYPE, + "pathprefix", "charts", + "port", "443", + "hostname", "acme.org", + "scheme", "https", + ))) + }) + + It("handles oci repos", func() { + id := GetConsumerId("oci://acme.org/charts", "demo:v1") + Expect(id).To(Equal(credentials.NewConsumerIdentity(ociidentity.CONSUMER_TYPE, + "pathprefix", "charts/demo", + "hostname", "acme.org", + ))) + }) + }) + + Context("query credentials", func() { + var ctx oci.Context + var credctx credentials.Context + + BeforeEach(func() { + ctx = oci.New(datacontext.MODE_EXTENDED) + credctx = ctx.CredentialsContext() + }) + + It("queries helm credentials", func() { + id := GetConsumerId("https://acme.org/charts", "demo:v1") + credctx.SetCredentialsForConsumer(id, + credentials.DirectCredentials{ + ATTR_USERNAME: "helm", + ATTR_PASSWORD: "helmpass", + }, + ) + + creds := GetCredentials(ctx, "https://acme.org/charts", "demo:v1") + Expect(creds).To(Equal(common.Properties{ + ATTR_USERNAME: "helm", + ATTR_PASSWORD: "helmpass", + })) + }) + + It("queries oci credentials", func() { + id := GetConsumerId("oci://acme.org/charts", "demo:v1") + credctx.SetCredentialsForConsumer(id, + credentials.DirectCredentials{ + ATTR_USERNAME: "oci", + ATTR_PASSWORD: "ocipass", + }, + ) + + creds := GetCredentials(ctx, "oci://acme.org/charts", "demo:v1") + Expect(creds).To(Equal(common.Properties{ + ATTR_USERNAME: "oci", + ATTR_PASSWORD: "ocipass", + })) + }) + }) +}) diff --git a/pkg/helm/identity/suite_test.go b/pkg/helm/identity/suite_test.go new file mode 100644 index 0000000000..51009f8b81 --- /dev/null +++ b/pkg/helm/identity/suite_test.go @@ -0,0 +1,17 @@ +// SPDX-FileCopyrightText: 2022 SAP SE or an SAP affiliate company and Open Component Model contributors. +// +// SPDX-License-Identifier: Apache-2.0 + +package identity_test + +import ( + "testing" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" +) + +func TestConfig(t *testing.T) { + RegisterFailHandler(Fail) + RunSpecs(t, "Helm Identity Suite") +}