move reading zarf.yaml into sources where it belongs so we can do fil…

…ters Signed-off-by: razzle <harry@razzle.cloud>
zarf-dev · Mar 13, 2024 · f8fdd57 · f8fdd57
1 parent 8337c90
commit f8fdd57
Show file tree

Hide file tree

Showing 12 changed files with 91 additions and 110 deletions.
diff --git a/src/pkg/packager/creator/differential.go b/src/pkg/packager/creator/differential.go
@@ -35,15 +35,11 @@ func loadDifferentialData(diffPkgPath string) (diffData *types.DifferentialData,
 		return nil, err
 	}
 
-	if err := src.LoadPackageMetadata(diffLayout, false, false); err != nil {
+	diffPkg, _, err := src.LoadPackageMetadata(diffLayout, false, false)
+	if err != nil {
 		return nil, err
 	}
 
-	var diffPkg types.ZarfPackage
-	if err := utils.ReadYaml(diffLayout.ZarfYAML, &diffPkg); err != nil {
-		return nil, fmt.Errorf("error reading the differential Zarf package: %w", err)
-	}
-
 	allIncludedImagesMap := map[string]bool{}
 	allIncludedReposMap := map[string]bool{}
 

diff --git a/src/pkg/packager/deploy.go b/src/pkg/packager/deploy.go
@@ -49,13 +49,9 @@ func (p *Packager) Deploy() (err error) {
 		filters.ByLocalOS(),
 	)
 
-	if err = p.source.LoadPackage(p.layout, filter, true); err != nil {
-		return fmt.Errorf("unable to load the package: %w", err)
-	}
-
-	p.cfg.Pkg, p.warnings, err = p.layout.ReadZarfYAML()
+	p.cfg.Pkg, p.warnings, err = p.source.LoadPackage(p.layout, filter, true)
 	if err != nil {
-		return err
+		return fmt.Errorf("unable to load the package: %w", err)
 	}
 
 	if err := p.validateLastNonBreakingVersion(); err != nil {

diff --git a/src/pkg/packager/inspect.go b/src/pkg/packager/inspect.go
@@ -13,11 +13,7 @@ import (
 func (p *Packager) Inspect() (err error) {
 	wantSBOM := p.cfg.InspectOpts.ViewSBOM || p.cfg.InspectOpts.SBOMOutputDir != ""
 
-	if err = p.source.LoadPackageMetadata(p.layout, wantSBOM, true); err != nil {
-		return err
-	}
-
-	p.cfg.Pkg, p.warnings, err = p.layout.ReadZarfYAML()
+	p.cfg.Pkg, p.warnings, err = p.source.LoadPackageMetadata(p.layout, wantSBOM, true)
 	if err != nil {
 		return err
 	}

diff --git a/src/pkg/packager/mirror.go b/src/pkg/packager/mirror.go
@@ -24,13 +24,9 @@ func (p *Packager) Mirror() (err error) {
 		filters.ByLocalOS(),
 	)
 
-	if err = p.source.LoadPackage(p.layout, filter, true); err != nil {
-		return fmt.Errorf("unable to load the package: %w", err)
-	}
-
-	p.cfg.Pkg, p.warnings, err = p.layout.ReadZarfYAML()
+	p.cfg.Pkg, p.warnings, err = p.source.LoadPackage(p.layout, filter, true)
 	if err != nil {
-		return err
+		return fmt.Errorf("unable to load the package: %w", err)
 	}
 
 	sbomWarnings, err := p.layout.SBOMs.StageSBOMViewFiles()

diff --git a/src/pkg/packager/publish.go b/src/pkg/packager/publish.go
@@ -73,13 +73,9 @@ func (p *Packager) Publish() (err error) {
 		}
 	} else {
 		filter := filters.Empty()
-		if err = p.source.LoadPackage(p.layout, filter, false); err != nil {
-			return fmt.Errorf("unable to load the package: %w", err)
-		}
-		var err error
-		p.cfg.Pkg, p.warnings, err = p.layout.ReadZarfYAML()
+		p.cfg.Pkg, p.warnings, err = p.source.LoadPackage(p.layout, filter, false)
 		if err != nil {
-			return err
+			return fmt.Errorf("unable to load the package: %w", err)
 		}
 
 		// Sign the package if a key has been provided

diff --git a/src/pkg/packager/remove.go b/src/pkg/packager/remove.go
@@ -37,10 +37,7 @@ func (p *Packager) Remove() (err error) {
 
 	// we do not want to allow removal of signed packages without a signature if there are remove actions
 	// as this is arbitrary code execution from an untrusted source
-	if err = p.source.LoadPackageMetadata(p.layout, false, false); err != nil {
-		return err
-	}
-	p.cfg.Pkg, p.warnings, err = p.layout.ReadZarfYAML()
+	p.cfg.Pkg, p.warnings, err = p.source.LoadPackageMetadata(p.layout, false, false)
 	if err != nil {
 		return err
 	}

diff --git a/src/pkg/packager/sources/cluster.go b/src/pkg/packager/sources/cluster.go
@@ -6,7 +6,6 @@ package sources
 
 import (
 	"fmt"
-	"path/filepath"
 
 	"github.com/defenseunicorns/zarf/src/internal/packager/validate"
 	"github.com/defenseunicorns/zarf/src/pkg/cluster"
@@ -43,8 +42,8 @@ type ClusterSource struct {
 // LoadPackage loads a package from a cluster.
 //
 // This is not implemented.
-func (s *ClusterSource) LoadPackage(_ *layout.PackagePaths, _ filters.ComponentFilterStrategy, _ bool) error {
-	return fmt.Errorf("not implemented")
+func (s *ClusterSource) LoadPackage(_ *layout.PackagePaths, _ filters.ComponentFilterStrategy, _ bool) (types.ZarfPackage, []string, error) {
+	return types.ZarfPackage{}, nil, fmt.Errorf("not implemented")
 }
 
 // Collect collects a package from a cluster.
@@ -55,13 +54,15 @@ func (s *ClusterSource) Collect(_ string) (string, error) {
 }
 
 // LoadPackageMetadata loads package metadata from a cluster.
-func (s *ClusterSource) LoadPackageMetadata(dst *layout.PackagePaths, _ bool, _ bool) (err error) {
+func (s *ClusterSource) LoadPackageMetadata(dst *layout.PackagePaths, _ bool, _ bool) (types.ZarfPackage, []string, error) {
 	dpkg, err := s.GetDeployedPackage(s.PackageSource)
 	if err != nil {
-		return err
+		return types.ZarfPackage{}, nil, err
 	}
 
-	dst.ZarfYAML = filepath.Join(dst.Base, layout.ZarfYAML)
+	if err := utils.WriteYaml(dst.ZarfYAML, dpkg.Data, helpers.ReadUser); err != nil {
+		return types.ZarfPackage{}, nil, err
+	}
 
-	return utils.WriteYaml(dst.ZarfYAML, dpkg.Data, helpers.ReadExecuteAllWriteUser)
+	return dpkg.Data, nil, nil
 }
diff --git a/src/pkg/packager/sources/new.go b/src/pkg/packager/sources/new.go
@@ -30,10 +30,10 @@ import (
 //	`sources.ValidatePackageSignature` and `sources.ValidatePackageIntegrity` can be leveraged for this purpose.
 type PackageSource interface {
 	// LoadPackage loads a package from a source.
-	LoadPackage(dst *layout.PackagePaths, filter filters.ComponentFilterStrategy, unarchiveAll bool) error
+	LoadPackage(dst *layout.PackagePaths, filter filters.ComponentFilterStrategy, unarchiveAll bool) (pkg types.ZarfPackage, warnings []string, err error)
 
 	// LoadPackageMetadata loads a package's metadata from a source.
-	LoadPackageMetadata(dst *layout.PackagePaths, wantSBOM bool, skipValidation bool) error
+	LoadPackageMetadata(dst *layout.PackagePaths, wantSBOM bool, skipValidation bool) (pkg types.ZarfPackage, warnings []string, err error)
 
 	// Collect relocates a package from its source to a tarball in a given destination directory.
 	Collect(destinationDirectory string) (tarball string, err error)

diff --git a/src/pkg/packager/sources/oci.go b/src/pkg/packager/sources/oci.go
@@ -35,9 +35,8 @@ type OCISource struct {
 }
 
 // LoadPackage loads a package from an OCI registry.
-func (s *OCISource) LoadPackage(dst *layout.PackagePaths, filter filters.ComponentFilterStrategy, unarchiveAll bool) (err error) {
+func (s *OCISource) LoadPackage(dst *layout.PackagePaths, filter filters.ComponentFilterStrategy, unarchiveAll bool) (pkg types.ZarfPackage, warnings []string, err error) {
 	ctx := context.TODO()
-	var pkg types.ZarfPackage
 	layersToPull := []ocispec.Descriptor{}
 
 	message.Debugf("Loading package from %q", s.PackageSource)
@@ -46,58 +45,59 @@ func (s *OCISource) LoadPackage(dst *layout.PackagePaths, filter filters.Compone
 	if config.CommonOptions.Confirm {
 		pkg, err = s.FetchZarfYAML(ctx)
 		if err != nil {
-			return err
+			return pkg, nil, err
 		}
-		var requested []types.ZarfComponent
 		if filter != nil {
-			requested, err = filter.Apply(pkg)
+			pkg.Components, err = filter.Apply(pkg)
 			if err != nil {
-				return err
+				return pkg, nil, err
 			}
-		} else {
-			requested = pkg.Components
 		}
-		layersToPull, err = s.LayersFromRequestedComponents(ctx, requested)
+		layersToPull, err = s.LayersFromRequestedComponents(ctx, pkg.Components)
 		if err != nil {
-			return fmt.Errorf("unable to get published component image layers: %s", err.Error())
+			return pkg, nil, fmt.Errorf("unable to get published component image layers: %s", err.Error())
 		}
 	}
 
 	isPartial := true
 	root, err := s.FetchRoot(ctx)
 	if err != nil {
-		return err
+		return pkg, nil, err
 	}
 	if len(root.Layers) == len(layersToPull) {
 		isPartial = false
 	}
 
 	layersFetched, err := s.PullPackage(ctx, dst.Base, config.CommonOptions.OCIConcurrency, layersToPull...)
 	if err != nil {
-		return fmt.Errorf("unable to pull the package: %w", err)
+		return pkg, nil, fmt.Errorf("unable to pull the package: %w", err)
 	}
 	dst.SetFromLayers(layersFetched)
 
-	if err := utils.ReadYaml(dst.ZarfYAML, &pkg); err != nil {
-		return err
+	// if --confirm is not set, read the zarf.yaml that was pulled
+	if !config.CommonOptions.Confirm {
+		pkg, warnings, err = dst.ReadZarfYAML()
+		if err != nil {
+			return pkg, nil, err
+		}
 	}
 
 	if err := dst.MigrateLegacy(); err != nil {
-		return err
+		return pkg, nil, err
 	}
 
 	if !dst.IsLegacyLayout() {
 		spinner := message.NewProgressSpinner("Validating pulled layer checksums")
 		defer spinner.Stop()
 
 		if err := ValidatePackageIntegrity(dst, pkg.Metadata.AggregateChecksum, isPartial); err != nil {
-			return err
+			return pkg, nil, err
 		}
 
 		spinner.Success()
 
 		if err := ValidatePackageSignature(dst, s.PublicKeyPath); err != nil {
-			return err
+			return pkg, nil, err
 		}
 	}
 
@@ -107,45 +107,44 @@ func (s *OCISource) LoadPackage(dst *layout.PackagePaths, filter filters.Compone
 				if layout.IsNotLoaded(err) {
 					_, err := dst.Components.Create(component)
 					if err != nil {
-						return err
+						return pkg, nil, err
 					}
 				} else {
-					return err
+					return pkg, nil, err
 				}
 			}
 		}
 
 		if dst.SBOMs.Path != "" {
 			if err := dst.SBOMs.Unarchive(); err != nil {
-				return err
+				return pkg, nil, err
 			}
 		}
 	}
 
-	return nil
+	return pkg, warnings, nil
 }
 
 // LoadPackageMetadata loads a package's metadata from an OCI registry.
-func (s *OCISource) LoadPackageMetadata(dst *layout.PackagePaths, wantSBOM bool, skipValidation bool) (err error) {
-	var pkg types.ZarfPackage
-
+func (s *OCISource) LoadPackageMetadata(dst *layout.PackagePaths, wantSBOM bool, skipValidation bool) (pkg types.ZarfPackage, warnings []string, err error) {
 	toPull := zoci.PackageAlwaysPull
 	if wantSBOM {
 		toPull = append(toPull, layout.SBOMTar)
 	}
 	ctx := context.TODO()
 	layersFetched, err := s.PullPaths(ctx, dst.Base, toPull)
 	if err != nil {
-		return err
+		return pkg, nil, err
 	}
 	dst.SetFromLayers(layersFetched)
 
-	if err := utils.ReadYaml(dst.ZarfYAML, &pkg); err != nil {
-		return err
+	pkg, warnings, err = dst.ReadZarfYAML()
+	if err != nil {
+		return pkg, nil, err
 	}
 
 	if err := dst.MigrateLegacy(); err != nil {
-		return err
+		return pkg, nil, err
 	}
 
 	if !dst.IsLegacyLayout() {
@@ -154,7 +153,7 @@ func (s *OCISource) LoadPackageMetadata(dst *layout.PackagePaths, wantSBOM bool,
 			defer spinner.Stop()
 
 			if err := ValidatePackageIntegrity(dst, pkg.Metadata.AggregateChecksum, true); err != nil {
-				return err
+				return pkg, nil, err
 			}
 
 			spinner.Success()
@@ -164,19 +163,19 @@ func (s *OCISource) LoadPackageMetadata(dst *layout.PackagePaths, wantSBOM bool,
 			if errors.Is(err, ErrPkgSigButNoKey) && skipValidation {
 				message.Warn("The package was signed but no public key was provided, skipping signature validation")
 			} else {
-				return err
+				return pkg, nil, err
 			}
 		}
 	}
 
 	// unpack sboms.tar
 	if wantSBOM {
 		if err := dst.SBOMs.Unarchive(); err != nil {
-			return err
+			return pkg, nil, err
 		}
 	}
 
-	return nil
+	return pkg, warnings, nil
 }
 
 // Collect pulls a package from an OCI registry and writes it to a tarball.

diff --git a/src/pkg/packager/sources/split.go b/src/pkg/packager/sources/split.go
@@ -109,10 +109,10 @@ func (s *SplitTarballSource) Collect(dir string) (string, error) {
 }
 
 // LoadPackage loads a package from a split tarball.
-func (s *SplitTarballSource) LoadPackage(dst *layout.PackagePaths, filter filters.ComponentFilterStrategy, unarchiveAll bool) (err error) {
+func (s *SplitTarballSource) LoadPackage(dst *layout.PackagePaths, filter filters.ComponentFilterStrategy, unarchiveAll bool) (pkg types.ZarfPackage, warnings []string, err error) {
 	tb, err := s.Collect(filepath.Dir(s.PackageSource))
 	if err != nil {
-		return err
+		return pkg, nil, err
 	}
 
 	// Update the package source to the reassembled tarball
@@ -127,10 +127,10 @@ func (s *SplitTarballSource) LoadPackage(dst *layout.PackagePaths, filter filter
 }
 
 // LoadPackageMetadata loads a package's metadata from a split tarball.
-func (s *SplitTarballSource) LoadPackageMetadata(dst *layout.PackagePaths, wantSBOM bool, skipValidation bool) (err error) {
+func (s *SplitTarballSource) LoadPackageMetadata(dst *layout.PackagePaths, wantSBOM bool, skipValidation bool) (pkg types.ZarfPackage, warnings []string, err error) {
 	tb, err := s.Collect(filepath.Dir(s.PackageSource))
 	if err != nil {
-		return err
+		return pkg, nil, err
 	}
 
 	// Update the package source to the reassembled tarball