osbuild-worker: use the new ostree resolver API

2024-10-31 15:31:16 +01:00 · 2024-10-31 15:31:16 +01:00 · 64f479092d
commit 64f479092d
parent f291f41dbc
27 changed files with 318 additions and 136 deletions
--- a/cmd/osbuild-koji-tests/main_test.go
+++ b/cmd/osbuild-koji-tests/main_test.go
@ -23,7 +23,7 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

-	"github.com/osbuild/images/pkg/distro"
+	"github.com/osbuild/images/pkg/platform"
 	"github.com/osbuild/images/pkg/rpmmd"
 	"github.com/osbuild/osbuild-composer/internal/upload/koji"
 )
@ -182,7 +182,7 @@ func TestKojiImport(t *testing.T) {
 			Extra: &koji.BuildOutputExtra{
 				ImageOutput: koji.ImageExtraInfo{
 					Arch:     "noarch",
-					BootMode: distro.BOOT_LEGACY.String(),
+					BootMode: platform.BOOT_LEGACY.String(),
 				},
 			},
 		},
--- a/cmd/osbuild-koji/main.go
+++ b/cmd/osbuild-koji/main.go
@ -8,7 +8,7 @@ import (
 	"time"

 	"github.com/google/uuid"
-	"github.com/osbuild/images/pkg/distro"
+	"github.com/osbuild/images/pkg/platform"
 	"github.com/osbuild/images/pkg/rpmmd"
 	"github.com/osbuild/osbuild-composer/internal/upload/koji"
 	"github.com/sirupsen/logrus"
@ -101,7 +101,7 @@ func main() {
 			Extra: &koji.BuildOutputExtra{
 				ImageOutput: koji.ImageExtraInfo{
 					Arch:     arch,
-					BootMode: distro.BOOT_NONE.String(), // TODO: put the correct boot mode here
+					BootMode: platform.BOOT_NONE.String(), // TODO: put the correct boot mode here
 				},
 			},
 		},
--- a/cmd/osbuild-worker/jobimpl-osbuild.go
+++ b/cmd/osbuild-worker/jobimpl-osbuild.go
@ -516,14 +516,19 @@ func (impl *OSBuildJobImpl) Run(job worker.Job) error {
 		}
 	}

+	// Both curl and ostree input share the same MTLS config
 	if impl.RepositoryMTLSConfig != nil {
 		if impl.RepositoryMTLSConfig.CA != "" {
 			extraEnv = append(extraEnv, fmt.Sprintf("OSBUILD_SOURCES_CURL_SSL_CA_CERT=%s", impl.RepositoryMTLSConfig.CA))
+			extraEnv = append(extraEnv, fmt.Sprintf("OSBUILD_SOURCES_OSTREE_SSL_CA_CERT=%s", impl.RepositoryMTLSConfig.CA))
 		}
 		extraEnv = append(extraEnv, fmt.Sprintf("OSBUILD_SOURCES_CURL_SSL_CLIENT_KEY=%s", impl.RepositoryMTLSConfig.MTLSClientKey))
 		extraEnv = append(extraEnv, fmt.Sprintf("OSBUILD_SOURCES_CURL_SSL_CLIENT_CERT=%s", impl.RepositoryMTLSConfig.MTLSClientCert))
+		extraEnv = append(extraEnv, fmt.Sprintf("OSBUILD_SOURCES_OSTREE_SSL_CLIENT_KEY=%s", impl.RepositoryMTLSConfig.MTLSClientKey))
+		extraEnv = append(extraEnv, fmt.Sprintf("OSBUILD_SOURCES_OSTREE_SSL_CLIENT_CERT=%s", impl.RepositoryMTLSConfig.MTLSClientCert))
 		if impl.RepositoryMTLSConfig.Proxy != nil {
 			extraEnv = append(extraEnv, fmt.Sprintf("OSBUILD_SOURCES_CURL_PROXY=%s", impl.RepositoryMTLSConfig.Proxy.String()))
+			extraEnv = append(extraEnv, fmt.Sprintf("OSBUILD_SOURCES_OSTREE_PROXY=%s", impl.RepositoryMTLSConfig.Proxy.String()))
 		}
 	}

--- a/cmd/osbuild-worker/jobimpl-ostree-resolve.go
+++ b/cmd/osbuild-worker/jobimpl-ostree-resolve.go
@ -2,6 +2,8 @@ package main

 import (
 	"fmt"
+	"net/url"
+	"strings"

 	"github.com/sirupsen/logrus"

@ -11,6 +13,26 @@ import (
 )

 type OSTreeResolveJobImpl struct {
+	RepositoryMTLSConfig *RepositoryMTLSConfig
+}
+
+func (job *OSTreeResolveJobImpl) CompareBaseURL(baseURLStr string) (bool, error) {
+	baseURL, err := url.Parse(baseURLStr)
+	if err != nil {
+		return false, err
+	}
+
+	if baseURL.Scheme != job.RepositoryMTLSConfig.BaseURL.Scheme {
+		return false, nil
+	}
+	if baseURL.Host != job.RepositoryMTLSConfig.BaseURL.Host {
+		return false, nil
+	}
+	if !strings.HasPrefix(baseURL.Path, job.RepositoryMTLSConfig.BaseURL.Path) {
+		return false, nil
+	}
+
+	return true, nil
 }

 func setError(err error, result *worker.OSTreeResolveJobResult) {
@ -51,7 +73,25 @@ func (impl *OSTreeResolveJobImpl) Run(job worker.Job) error {
 	logWithId.Infof("Resolving (%d) ostree commits", len(args.Specs))

 	for i, s := range args.Specs {
-		reqParams := ostree.SourceSpec(s)
+		reqParams := ostree.SourceSpec{}
+		reqParams.URL = s.URL
+		reqParams.Ref = s.Ref
+		if match, err := impl.CompareBaseURL(s.URL); match && err == nil {
+			reqParams.Proxy = impl.RepositoryMTLSConfig.Proxy.String()
+			reqParams.MTLS = &ostree.MTLS{
+				CA:         impl.RepositoryMTLSConfig.CA,
+				ClientCert: impl.RepositoryMTLSConfig.MTLSClientCert,
+				ClientKey:  impl.RepositoryMTLSConfig.MTLSClientKey,
+			}
+		} else if err != nil {
+			logWithId.Errorf("Error comparing base URL: %v", err)
+			result.JobError = clienterrors.New(
+				clienterrors.ErrorInvalidRepositoryURL,
+				"Repository URL is malformed",
+				err.Error(),
+			)
+			break
+		}
 		commitSpec, err := ostree.Resolve(reqParams)
 		if err != nil {
 			logWithId.Infof("Resolving ostree params failed: %v", err)
--- a/cmd/osbuild-worker/main.go
+++ b/cmd/osbuild-worker/main.go
@ -7,13 +7,14 @@ import (
 	"errors"
 	"flag"
 	"fmt"
-	slogger "github.com/osbuild/osbuild-composer/pkg/splunk_logger"
 	"net/url"
 	"os"
 	"path"
 	"strings"
 	"time"

+	slogger "github.com/osbuild/osbuild-composer/pkg/splunk_logger"
+
 	"github.com/BurntSushi/toml"
 	"github.com/sirupsen/logrus"

@ -508,8 +509,10 @@ func main() {
 		worker.JobTypeContainerResolve: &ContainerResolveJobImpl{
 			AuthFilePath: containersAuthFilePath,
 		},
-		worker.JobTypeOSTreeResolve: &OSTreeResolveJobImpl{},
-		worker.JobTypeFileResolve:   &FileResolveJobImpl{},
+		worker.JobTypeOSTreeResolve: &OSTreeResolveJobImpl{
+			RepositoryMTLSConfig: repositoryMTLSConfig,
+		},
+		worker.JobTypeFileResolve: &FileResolveJobImpl{},
 		worker.JobTypeAWSEC2Copy: &AWSEC2CopyJobImpl{
 			AWSCreds: awsCredentials,
 		},