def test_validate_helm_oci_manifest():
manifest_bytes = """{
"schemaVersion":2,
"config":{
"mediaType":"application/vnd.cncf.helm.config.v1+json",
"digest":"sha256:65a07b841ece031e6d0ec5eb948eacb17aa6d7294cdeb01d5348e86242951487",
"size":141
},
"layers": [
{
"mediaType":"application/tar+gzip",
"digest":"sha256:d84c9c29e0899862a0fa0f73da4d9f8c8c38e2da5d3258764aa7ba74bb914718",
"size":3562
}
]
}"""
HELM_CHART_CONFIG_TYPE = "application/vnd.cncf.helm.config.v1+json"
HELM_CHART_LAYER_TYPES = ["application/tar+gzip"]
register_artifact_type(HELM_CHART_CONFIG_TYPE, HELM_CHART_LAYER_TYPES)
manifest = OCIManifest(Bytes.for_string_or_unicode(manifest_bytes))
def test_artifact_registratioon():
# Register helm
register_artifact_type("application/vnd.cncf.helm.config.v1+json",
["application/tar+gzip"])
assert "application/vnd.cncf.helm.config.v1+json" in ALLOWED_ARTIFACT_TYPES
assert "application/tar+gzip" in ADDITIONAL_LAYER_CONTENT_TYPES
# Register a new layer type to an existing config type
register_artifact_type(OCI_IMAGE_CONFIG_CONTENT_TYPE,
["application/vnd.oci.image.layer.v1.tar+zstd"])
assert (OCI_IMAGE_CONFIG_CONTENT_TYPE in ALLOWED_ARTIFACT_TYPES and
ALLOWED_ARTIFACT_TYPES.count(OCI_IMAGE_CONFIG_CONTENT_TYPE) == 1)
assert "application/vnd.oci.image.layer.v1.tar+zstd" in ADDITIONAL_LAYER_CONTENT_TYPES
# Attempt to register existing helm type
register_artifact_type("application/vnd.cncf.helm.config.v1+json",
["application/tar+gzip"])
assert ("application/vnd.cncf.helm.config.v1+json"
in ALLOWED_ARTIFACT_TYPES and ALLOWED_ARTIFACT_TYPES.count(
"application/vnd.cncf.helm.config.v1+json") == 1)
assert ("application/tar+gzip" in ADDITIONAL_LAYER_CONTENT_TYPES and
ADDITIONAL_LAYER_CONTENT_TYPES.count("application/tar+gzip") == 1)
# If the "preferred" scheme is https, then http is not allowed. Therefore, ensure we have a secure
# session cookie.
if app.config["PREFERRED_URL_SCHEME"] == "https" and not app.config.get(
"FORCE_NONSECURE_SESSION_COOKIE", False):
app.config["SESSION_COOKIE_SECURE"] = True
# Load features from config.
features.import_features(app.config)
# Register additional experimental artifact types.
# TODO: extract this into a real, dynamic registration system.
if features.EXPERIMENTAL_HELM_OCI_SUPPORT:
HELM_CHART_CONFIG_TYPE = "application/vnd.cncf.helm.config.v1+json"
HELM_CHART_LAYER_TYPES = ["application/tar+gzip"]
register_artifact_type(HELM_CHART_CONFIG_TYPE, HELM_CHART_LAYER_TYPES)
CONFIG_DIGEST = hashlib.sha256(json.dumps(app.config,
default=str)).hexdigest()[0:8]
logger.debug("Loaded config", extra={"config": app.config})
class RequestWithId(Request):
request_gen = staticmethod(urn_generator(["request"]))
def __init__(self, *args, **kwargs):
super(RequestWithId, self).__init__(*args, **kwargs)
self.request_id = self.request_gen()
# If the "preferred" scheme is https, then http is not allowed. Therefore, ensure we have a secure
# session cookie.
if app.config["PREFERRED_URL_SCHEME"] == "https" and not app.config.get(
"FORCE_NONSECURE_SESSION_COOKIE", False):
app.config["SESSION_COOKIE_SECURE"] = True
# Load features from config.
features.import_features(app.config)
# Register additional experimental artifact types.
# TODO: extract this into a real, dynamic registration system.
if features.GENERAL_OCI_SUPPORT:
for media_type, layer_types in app.config.get(
"ALLOWED_OCI_ARTIFACT_TYPES").items():
register_artifact_type(media_type, layer_types)
if features.HELM_OCI_SUPPORT:
HELM_CHART_CONFIG_TYPE = "application/vnd.cncf.helm.config.v1+json"
HELM_CHART_LAYER_TYPES = ["application/tar+gzip"]
register_artifact_type(HELM_CHART_CONFIG_TYPE, HELM_CHART_LAYER_TYPES)
CONFIG_DIGEST = hashlib.sha256(
json.dumps(app.config, default=str).encode("utf-8")).hexdigest()[0:8]
logger.debug("Loaded config", extra={"config": app.config})
class RequestWithId(Request):
request_gen = staticmethod(urn_generator(["request"]))
