def test_validate_helm_oci_manifest(): manifest_bytes = """{ "schemaVersion":2, "config":{ "mediaType":"application/vnd.cncf.helm.config.v1+json", "digest":"sha256:65a07b841ece031e6d0ec5eb948eacb17aa6d7294cdeb01d5348e86242951487", "size":141 }, "layers": [ { "mediaType":"application/tar+gzip", "digest":"sha256:d84c9c29e0899862a0fa0f73da4d9f8c8c38e2da5d3258764aa7ba74bb914718", "size":3562 } ] }""" HELM_CHART_CONFIG_TYPE = "application/vnd.cncf.helm.config.v1+json" HELM_CHART_LAYER_TYPES = ["application/tar+gzip"] register_artifact_type(HELM_CHART_CONFIG_TYPE, HELM_CHART_LAYER_TYPES) manifest = OCIManifest(Bytes.for_string_or_unicode(manifest_bytes))
def test_artifact_registratioon(): # Register helm register_artifact_type("application/vnd.cncf.helm.config.v1+json", ["application/tar+gzip"]) assert "application/vnd.cncf.helm.config.v1+json" in ALLOWED_ARTIFACT_TYPES assert "application/tar+gzip" in ADDITIONAL_LAYER_CONTENT_TYPES # Register a new layer type to an existing config type register_artifact_type(OCI_IMAGE_CONFIG_CONTENT_TYPE, ["application/vnd.oci.image.layer.v1.tar+zstd"]) assert (OCI_IMAGE_CONFIG_CONTENT_TYPE in ALLOWED_ARTIFACT_TYPES and ALLOWED_ARTIFACT_TYPES.count(OCI_IMAGE_CONFIG_CONTENT_TYPE) == 1) assert "application/vnd.oci.image.layer.v1.tar+zstd" in ADDITIONAL_LAYER_CONTENT_TYPES # Attempt to register existing helm type register_artifact_type("application/vnd.cncf.helm.config.v1+json", ["application/tar+gzip"]) assert ("application/vnd.cncf.helm.config.v1+json" in ALLOWED_ARTIFACT_TYPES and ALLOWED_ARTIFACT_TYPES.count( "application/vnd.cncf.helm.config.v1+json") == 1) assert ("application/tar+gzip" in ADDITIONAL_LAYER_CONTENT_TYPES and ADDITIONAL_LAYER_CONTENT_TYPES.count("application/tar+gzip") == 1)
# If the "preferred" scheme is https, then http is not allowed. Therefore, ensure we have a secure # session cookie. if app.config["PREFERRED_URL_SCHEME"] == "https" and not app.config.get( "FORCE_NONSECURE_SESSION_COOKIE", False): app.config["SESSION_COOKIE_SECURE"] = True # Load features from config. features.import_features(app.config) # Register additional experimental artifact types. # TODO: extract this into a real, dynamic registration system. if features.EXPERIMENTAL_HELM_OCI_SUPPORT: HELM_CHART_CONFIG_TYPE = "application/vnd.cncf.helm.config.v1+json" HELM_CHART_LAYER_TYPES = ["application/tar+gzip"] register_artifact_type(HELM_CHART_CONFIG_TYPE, HELM_CHART_LAYER_TYPES) CONFIG_DIGEST = hashlib.sha256(json.dumps(app.config, default=str)).hexdigest()[0:8] logger.debug("Loaded config", extra={"config": app.config}) class RequestWithId(Request): request_gen = staticmethod(urn_generator(["request"])) def __init__(self, *args, **kwargs): super(RequestWithId, self).__init__(*args, **kwargs) self.request_id = self.request_gen()
# If the "preferred" scheme is https, then http is not allowed. Therefore, ensure we have a secure # session cookie. if app.config["PREFERRED_URL_SCHEME"] == "https" and not app.config.get( "FORCE_NONSECURE_SESSION_COOKIE", False): app.config["SESSION_COOKIE_SECURE"] = True # Load features from config. features.import_features(app.config) # Register additional experimental artifact types. # TODO: extract this into a real, dynamic registration system. if features.GENERAL_OCI_SUPPORT: for media_type, layer_types in app.config.get( "ALLOWED_OCI_ARTIFACT_TYPES").items(): register_artifact_type(media_type, layer_types) if features.HELM_OCI_SUPPORT: HELM_CHART_CONFIG_TYPE = "application/vnd.cncf.helm.config.v1+json" HELM_CHART_LAYER_TYPES = ["application/tar+gzip"] register_artifact_type(HELM_CHART_CONFIG_TYPE, HELM_CHART_LAYER_TYPES) CONFIG_DIGEST = hashlib.sha256( json.dumps(app.config, default=str).encode("utf-8")).hexdigest()[0:8] logger.debug("Loaded config", extra={"config": app.config}) class RequestWithId(Request): request_gen = staticmethod(urn_generator(["request"]))