particle-os/particle-os-cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: Upgrade comlexr to 1.3.0

Browse source
This commit is contained in:
Gerald Pinder 2025-01-31 18:03:53 -05:00
parent 276fcb1468
commit 6424bf3573
4 changed files with 227 additions and 216 deletions
Download patch file Download diff file Expand all files Collapse all files

18
Cargo.lock generated
View file

@ -745,7 +745,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "117725a109d387c937a1533ce01b450cbde6b88abceea8473c4d7a85853cda3c"
dependencies = [
"lazy_static",
"windows-sys 0.48.0",
"windows-sys 0.59.0",
]
[[package]]
@ -760,9 +760,19 @@ dependencies = [
[[package]]
name = "comlexr"
version = "1.2.0"
version = "1.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c52a48dde2c773a43dcb0129a244daa02486b23fab691b0dcfca3bd5e4967a90"
checksum = "83ea9f8823bb5c2a06db91ce3da3a33ef80fa263963f18dff19974d1111839e5"
dependencies = [
"comlexr_macro",
"thiserror 1.0.69",
]
[[package]]
name = "comlexr_macro"
version = "1.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "aa83196c671d0251387f7d1967623825f38ee2885e8a41d83ab63b56babc435c"
dependencies = [
"proc-macro2",
"quote",
@ -5306,7 +5316,7 @@ version = "0.1.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb"
dependencies = [
"windows-sys 0.48.0",
"windows-sys 0.59.0",
]
[[package]]

165
process/drivers/cosign_driver.rs
View file

@ -1,13 +1,13 @@
use std::{fmt::Debug, fs, io::Write, path::Path, process::Stdio};
use std::{fmt::Debug, fs, path::Path};
use blue_build_utils::{
constants::{COSIGN_PASSWORD, COSIGN_PUB_PATH, COSIGN_YES},
credentials::Credentials,
};
use colored::Colorize;
use comlexr::cmd;
use comlexr::{cmd, pipe};
use log::{debug, trace};
use miette::{bail, miette, Context, IntoDiagnostic, Result};
use miette::{bail, Context, IntoDiagnostic, Result};
use crate::drivers::opts::VerifyType;
@ -24,17 +24,21 @@ impl SigningDriver for CosignDriver {
fn generate_key_pair(opts: &GenerateKeyPairOpts) -> Result<()> {
let path = opts.dir.as_ref().map_or_else(|| Path::new("."), |dir| dir);
let mut command = cmd!(
cd path;
env {
COSIGN_PASSWORD: "",
COSIGN_YES: "true",
};
"cosign",
"generate-key-pair",
);
let status = command.status().into_diagnostic()?;
let status = {
let c = cmd!(
cd path;
env {
COSIGN_PASSWORD: "",
COSIGN_YES: "true",
};
"cosign",
"generate-key-pair",
);
trace!("{c:?}");
c
}
.status()
.into_diagnostic()?;
if !status.success() {
bail!("Failed to generate cosign key-pair!");
@ -47,18 +51,21 @@ impl SigningDriver for CosignDriver {
let path = opts.dir.as_ref().map_or_else(|| Path::new("."), |dir| dir);
let priv_key = get_private_key(path)?;
let mut command = cmd!(
env {
COSIGN_PASSWORD: "",
COSIGN_YES: "true"
};
"cosign",
"public-key",
format!("--key={priv_key}"),
);
trace!("{command:?}");
let output = command.output().into_diagnostic()?;
let output = {
let c = cmd!(
env {
COSIGN_PASSWORD: "",
COSIGN_YES: "true"
};
"cosign",
"public-key",
format!("--key={priv_key}"),
);
trace!("{c:?}");
c
}
.output()
.into_diagnostic()?;
if !output.status.success() {
bail!(
@ -90,33 +97,24 @@ impl SigningDriver for CosignDriver {
password,
}) = Credentials::get()
{
let mut command = cmd!(
"cosign",
"login",
"-u",
username,
"--password-stdin",
registry,
);
command
.stdin(Stdio::piped())
.stdout(Stdio::piped())
.stderr(Stdio::piped());
trace!("{command:?}");
let mut child = command.spawn().into_diagnostic()?;
write!(
child
.stdin
.as_mut()
.ok_or_else(|| miette!("Unable to open pipe to stdin"))?,
"{password}"
let output = pipe!(
stdin = password;
{
let c = cmd!(
"cosign",
"login",
"-u",
username,
"--password-stdin",
registry,
);
trace!("{c:?}");
c
}
)
.output()
.into_diagnostic()?;
let output = child.wait_with_output().into_diagnostic()?;
if !output.status.success() {
let err_out = String::from_utf8_lossy(&output.stderr);
bail!("Failed to login for cosign:\n{}", err_out.trim());
@ -134,19 +132,25 @@ impl SigningDriver for CosignDriver {
);
}
let mut command = cmd!(
"cosign",
"sign",
if let Some(ref key) = opts.key => format!("--key={key}"),
"--recursive",
opts.image.to_string(),
// COSIGN_PASSWORD => "",
// COSIGN_YES => "true",
);
command.env(COSIGN_PASSWORD, "").env(COSIGN_YES, "true");
let status = {
let c = cmd!(
env {
COSIGN_PASSWORD: "",
COSIGN_YES: "true",
};
"cosign",
"sign",
if let Some(ref key) = opts.key => format!("--key={key}"),
"--recursive",
opts.image.to_string(),
);
trace!("{c:?}");
c
}
.status()
.into_diagnostic()?;
trace!("{command:?}");
if !command.status().into_diagnostic()?.success() {
if !status.success() {
bail!("Failed to sign {}", opts.image.to_string().bold().red());
}
@ -154,23 +158,28 @@ impl SigningDriver for CosignDriver {
}
fn verify(opts: &VerifyOpts) -> Result<()> {
let mut command = cmd!(
"cosign",
"verify",
match &opts.verify_type {
VerifyType::File(path) => format!("--key={}", path.display()),
VerifyType::Keyless { issuer, identity } => [
"--certificate-identity-regexp",
&**identity,
"--certificate-oidc-issuer",
&**issuer,
],
},
opts.image.to_string(),
);
let status = {
let c = cmd!(
"cosign",
"verify",
match &opts.verify_type {
VerifyType::File(path) => format!("--key={}", path.display()),
VerifyType::Keyless { issuer, identity } => [
"--certificate-identity-regexp",
&**identity,
"--certificate-oidc-issuer",
&**issuer,
],
},
opts.image.to_string(),
);
trace!("{c:?}");
c
}
.status()
.into_diagnostic()?;
trace!("{command:?}");
if !command.status().into_diagnostic()?.success() {
if !status.success() {
bail!("Failed to verify {}", opts.image.to_string().bold().red());
}

158
process/drivers/docker_driver.rs
View file

@ -1,8 +1,7 @@
use std::{
env,
io::Write,
path::Path,
process::{Command, ExitStatus, Stdio},
process::{Command, ExitStatus},
sync::Mutex,
};
@ -13,7 +12,7 @@ use blue_build_utils::{
};
use cached::proc_macro::cached;
use colored::Colorize;
use comlexr::cmd;
use comlexr::{cmd, pipe};
use log::{debug, info, trace, warn};
use miette::{bail, miette, IntoDiagnostic, Result};
use oci_distribution::Reference;
@ -65,7 +64,6 @@ impl DockerDriver {
return Ok(());
}
trace!("docker buildx ls --format={}", "{{.Name}}");
let ls_out = {
let c = cmd!("docker", "buildx", "ls", "--format={{.Name}}");
trace!("{c:?}");
@ -217,33 +215,24 @@ impl BuildDriver for DockerDriver {
password,
}) = Credentials::get()
{
let mut command = cmd!(
"docker",
"login",
"-u",
username,
"--password-stdin",
registry,
);
command
.stdin(Stdio::piped())
.stdout(Stdio::piped())
.stderr(Stdio::piped());
trace!("{command:?}");
let mut child = command.spawn().into_diagnostic()?;
write!(
child
.stdin
.as_mut()
.ok_or_else(|| miette!("Unable to open pipe to stdin"))?,
"{password}"
let output = pipe!(
stdin = password;
{
let c = cmd!(
"docker",
"login",
"-u",
username,
"--password-stdin",
registry,
);
trace!("{c:?}");
c
}
)
.output()
.into_diagnostic()?;
let output = child.wait_with_output().into_diagnostic()?;
if !output.status.success() {
let err_out = String::from_utf8_lossy(&output.stderr);
bail!("Failed to login for docker:\n{}", err_out.trim());
@ -354,50 +343,50 @@ impl BuildDriver for DockerDriver {
let first_image = final_images.first().unwrap();
let command = cmd!(
"docker",
"buildx",
if run_setup => "--builder=bluebuild",
"build",
".",
match (opts.image, opts.archive_path.as_deref()) {
(Some(_), None) if opts.push => [
"--output",
format!(
"type=image,name={first_image},push=true,compression={},oci-mediatypes=true",
opts.compression
),
let status = {
let c = cmd!(
"docker",
"buildx",
if run_setup => "--builder=bluebuild",
"build",
".",
match (opts.image, opts.archive_path.as_deref()) {
(Some(_), None) if opts.push => [
"--output",
format!(
"type=image,name={first_image},push=true,compression={},oci-mediatypes=true",
opts.compression
),
],
(Some(_), None) if env::var(GITHUB_ACTIONS).is_err() => "--load",
(None, Some(archive_path)) => [
"--output",
format!("type=oci,dest={}", archive_path.display()),
],
_ => [],
},
"--pull",
if !matches!(opts.platform, Platform::Native) => [
"--platform",
opts.platform.to_string(),
],
(Some(_), None) if env::var(GITHUB_ACTIONS).is_err() => "--load",
(None, Some(archive_path)) => [
"--output",
format!("type=oci,dest={}", archive_path.display()),
],
_ => [],
},
"--pull",
if !matches!(opts.platform, Platform::Native) => [
"--platform",
opts.platform.to_string(),
],
"-f",
&*opts.containerfile,
// https://github.com/moby/buildkit?tab=readme-ov-file#github-actions-cache-experimental
if env::var(BB_BUILDKIT_CACHE_GHA)
.map_or_else(|_| false, |e| e == "true") => [
"--cache-from",
"type=gha",
"--cache-to",
"type=gha",
],
);
"-f",
&*opts.containerfile,
// https://github.com/moby/buildkit?tab=readme-ov-file#github-actions-cache-experimental
if env::var(BB_BUILDKIT_CACHE_GHA)
.map_or_else(|_| false, |e| e == "true") => [
"--cache-from",
"type=gha",
"--cache-to",
"type=gha",
],
);
trace!("{c:?}");
c
}
.build_status(first_image, "Building Image").into_diagnostic()?;
trace!("{command:?}");
if command
.build_status(first_image, "Building Image")
.into_diagnostic()?
.success()
{
if status.success() {
if opts.push {
info!("Successfully built and pushed image {}", first_image);
} else {
@ -432,19 +421,22 @@ fn get_metadata_cache(opts: &GetMetadataOpts) -> Result<ImageMetadata> {
DockerDriver::setup()?;
}
let mut command = cmd!(
"docker",
"buildx",
if run_setup => "--builder=bluebuild",
"imagetools",
"inspect",
"--format",
"{{json .}}",
&image_str,
);
trace!("{command:?}");
let output = command.output().into_diagnostic()?;
let output = {
let c = cmd!(
"docker",
"buildx",
if run_setup => "--builder=bluebuild",
"imagetools",
"inspect",
"--format",
"{{json .}}",
&image_str,
);
trace!("{c:?}");
c
}
.output()
.into_diagnostic()?;
if output.status.success() {
info!("Successfully inspected image {}!", image_str.bold().green());

102
process/drivers/podman_driver.rs
View file

@ -1,15 +1,14 @@
use std::{
collections::HashMap,
io::Write,
path::Path,
process::{Command, ExitStatus, Stdio},
process::{Command, ExitStatus},
time::Duration,
};
use blue_build_utils::credentials::Credentials;
use cached::proc_macro::cached;
use colored::Colorize;
use comlexr::cmd;
use comlexr::{cmd, pipe};
use indicatif::{ProgressBar, ProgressStyle};
use log::{debug, error, info, trace};
use miette::{bail, miette, IntoDiagnostic, Report, Result};
@ -218,33 +217,24 @@ impl BuildDriver for PodmanDriver {
password,
}) = Credentials::get()
{
let mut command = cmd!(
"podman",
"login",
"-u",
username,
"--password-stdin",
registry
);
command
.stdin(Stdio::piped())
.stdout(Stdio::piped())
.stderr(Stdio::piped());
trace!("{command:?}");
let mut child = command.spawn().into_diagnostic()?;
write!(
child
.stdin
.as_mut()
.ok_or_else(|| miette!("Unable to open pipe to stdin"))?,
"{password}"
let output = pipe!(
stdin = password;
{
let c = cmd!(
"podman",
"login",
"-u",
username,
"--password-stdin",
registry,
);
trace!("{c:?}");
c
}
)
.output()
.into_diagnostic()?;
let output = child.wait_with_output().into_diagnostic()?;
if !output.status.success() {
let err_out = String::from_utf8_lossy(&output.stderr);
bail!("Failed to login for podman:\n{}", err_out.trim());
@ -258,14 +248,18 @@ impl BuildDriver for PodmanDriver {
fn prune(opts: &super::opts::PruneOpts) -> Result<()> {
trace!("PodmanDriver::prune({opts:?})");
let status = cmd!(
"podman",
"system",
"prune",
"--force",
if opts.all => "--all",
if opts.volumes => "--volumes",
)
let status = {
let c = cmd!(
"podman",
"system",
"prune",
"--force",
if opts.all => "--all",
if opts.volumes => "--volumes",
);
trace!("{c:?}");
c
}
.message_status("podman system prune", "Pruning Podman System")
.into_diagnostic()?;
@ -304,27 +298,33 @@ fn get_metadata_cache(opts: &GetMetadataOpts) -> Result<ImageMetadata> {
);
progress.enable_steady_tick(Duration::from_millis(100));
let mut command = cmd!(
"podman",
"pull",
if !matches!(opts.platform, Platform::Native) => [
"--platform",
opts.platform.to_string(),
],
&image_str,
);
trace!("{command:?}");
let output = command.output().into_diagnostic()?;
let output = {
let c = cmd!(
"podman",
"pull",
if !matches!(opts.platform, Platform::Native) => [
"--platform",
opts.platform.to_string(),
],
&image_str,
);
trace!("{c:?}");
c
}
.output()
.into_diagnostic()?;
if !output.status.success() {
bail!("Failed to pull {} for inspection!", image_str.bold().red());
}
let mut command = cmd!("podman", "image", "inspect", "--format=json", &image_str);
trace!("{command:?}");
let output = command.output().into_diagnostic()?;
let output = {
let c = cmd!("podman", "image", "inspect", "--format=json", &image_str);
trace!("{c:?}");
c
}
.output()
.into_diagnostic()?;
progress.finish_and_clear();
Logger::multi_progress().remove(&progress);