diff --git a/internal/builder/known_builder.go b/internal/builder/trusted_builder.go similarity index 85% rename from internal/builder/known_builder.go rename to internal/builder/trusted_builder.go index 4c164ac00..0edc8ddfe 100644 --- a/internal/builder/known_builder.go +++ b/internal/builder/trusted_builder.go @@ -1,5 +1,11 @@ package builder +import ( + "strings" + + "github.com/buildpacks/pack/internal/config" +) + type KnownBuilder struct { Vendor string Image string @@ -67,11 +73,22 @@ var KnownBuilders = []KnownBuilder{ }, } -var IsKnownTrustedBuilder = func(b string) bool { +func IsKnownTrustedBuilder(builderName string) bool { for _, knownBuilder := range KnownBuilders { - if b == knownBuilder.Image && knownBuilder.Trusted { + if builderName == knownBuilder.Image && knownBuilder.Trusted { return true } } return false } + +func IsTrustedBuilder(cfg config.Config, builderName string) bool { + nameAndTag := strings.Split(builderName, ":") + for _, trustedBuilder := range cfg.TrustedBuilders { + if nameAndTag[0] == trustedBuilder.Name { + return true + } + } + + return false +} diff --git a/internal/builder/trusted_builder_test.go b/internal/builder/trusted_builder_test.go new file mode 100644 index 000000000..8ddd890bb --- /dev/null +++ b/internal/builder/trusted_builder_test.go @@ -0,0 +1,55 @@ +package builder_test + +import ( + "testing" + + "github.com/heroku/color" + "github.com/sclevine/spec" + "github.com/sclevine/spec/report" + + bldr "github.com/buildpacks/pack/internal/builder" + "github.com/buildpacks/pack/internal/config" + + h "github.com/buildpacks/pack/testhelpers" +) + +func TestTrustedBuilder(t *testing.T) { + color.Disable(true) + defer color.Disable(false) + spec.Run(t, "Trusted Builder", trustedBuilder, spec.Parallel(), spec.Report(report.Terminal{})) +} + +func trustedBuilder(t *testing.T, when spec.G, it spec.S) { + when("IsKnownTrustedBuilder", func() { + it("matches exactly", func() { + h.AssertTrue(t, bldr.IsKnownTrustedBuilder("paketobuildpacks/builder-jammy-base")) + h.AssertFalse(t, bldr.IsKnownTrustedBuilder("paketobuildpacks/builder-jammy-base:latest")) + h.AssertFalse(t, bldr.IsKnownTrustedBuilder("paketobuildpacks/builder-jammy-base:1.2.3")) + h.AssertFalse(t, bldr.IsKnownTrustedBuilder("my/private/builder")) + }) + }) + + when("IsTrustedBuilder", func() { + it("matches partially", func() { + cfg := config.Config{ + TrustedBuilders: []config.TrustedBuilder{ + { + Name: "my/trusted/builder-jammy", + }, + }, + } + builders := []string{ + "my/trusted/builder-jammy", + "my/trusted/builder-jammy:latest", + "my/trusted/builder-jammy:1.2.3", + } + + for _, builder := range builders { + h.AssertTrue(t, bldr.IsTrustedBuilder(cfg, builder)) + } + h.AssertFalse(t, bldr.IsTrustedBuilder(cfg, "my/private/builder")) + h.AssertFalse(t, bldr.IsTrustedBuilder(cfg, "my/trusted/builder-jammy-base")) + h.AssertFalse(t, bldr.IsTrustedBuilder(cfg, "")) + }) + }) +} diff --git a/internal/commands/build.go b/internal/commands/build.go index c80123d77..2127cd83c 100644 --- a/internal/commands/build.go +++ b/internal/commands/build.go @@ -14,6 +14,8 @@ import ( "github.com/pkg/errors" "github.com/spf13/cobra" + bldr "github.com/buildpacks/pack/internal/builder" + "github.com/buildpacks/pack/internal/config" "github.com/buildpacks/pack/internal/style" "github.com/buildpacks/pack/pkg/client" @@ -111,7 +113,7 @@ func Build(logger logging.Logger, cfg config.Config, packClient PackClient) *cob return err } - trustBuilder := isTrustedBuilder(cfg, builder) || flags.TrustBuilder + trustBuilder := bldr.IsTrustedBuilder(cfg, builder) || bldr.IsKnownTrustedBuilder(builder) || flags.TrustBuilder if trustBuilder { logger.Debugf("Builder %s is trusted", style.Symbol(builder)) if flags.LifecycleImage != "" { diff --git a/internal/commands/builder_inspect.go b/internal/commands/builder_inspect.go index e86f91def..5d914358f 100644 --- a/internal/commands/builder_inspect.go +++ b/internal/commands/builder_inspect.go @@ -8,6 +8,8 @@ import ( "github.com/buildpacks/pack/internal/config" "github.com/buildpacks/pack/pkg/client" "github.com/buildpacks/pack/pkg/logging" + + bldr "github.com/buildpacks/pack/internal/builder" ) type BuilderInspector interface { @@ -64,7 +66,7 @@ func inspectBuilder( builderInfo := writer.SharedBuilderInfo{ Name: imageName, IsDefault: imageName == cfg.DefaultBuilder, - Trusted: isTrustedBuilder(cfg, imageName), + Trusted: bldr.IsTrustedBuilder(cfg, imageName), } localInfo, localErr := inspector.InspectBuilder(imageName, true, client.WithDetectionOrderDepth(flags.Depth)) diff --git a/internal/commands/commands.go b/internal/commands/commands.go index f322b1a43..8a3a37d5a 100644 --- a/internal/commands/commands.go +++ b/internal/commands/commands.go @@ -7,8 +7,6 @@ import ( "os/signal" "syscall" - "github.com/buildpacks/pack/internal/builder" - "github.com/google/go-containerregistry/pkg/v1/types" "github.com/pkg/errors" "github.com/spf13/cobra" @@ -107,16 +105,6 @@ func getMirrors(config config.Config) map[string][]string { return mirrors } -func isTrustedBuilder(cfg config.Config, builderName string) bool { - for _, trustedBuilder := range cfg.TrustedBuilders { - if builderName == trustedBuilder.Name { - return true - } - } - - return builder.IsKnownTrustedBuilder(builderName) -} - func deprecationWarning(logger logging.Logger, oldCmd, replacementCmd string) { logger.Warnf("Command %s has been deprecated, please use %s instead", style.Symbol("pack "+oldCmd), style.Symbol("pack "+replacementCmd)) } diff --git a/internal/commands/config_trusted_builder.go b/internal/commands/config_trusted_builder.go index 4ccc46924..14ecf82e1 100644 --- a/internal/commands/config_trusted_builder.go +++ b/internal/commands/config_trusted_builder.go @@ -51,7 +51,7 @@ func addTrustedBuilder(args []string, logger logging.Logger, cfg config.Config, imageName := args[0] builderToTrust := config.TrustedBuilder{Name: imageName} - if isTrustedBuilder(cfg, imageName) { + if bldr.IsTrustedBuilder(cfg, imageName) || bldr.IsKnownTrustedBuilder(imageName) { logger.Infof("Builder %s is already trusted", style.Symbol(imageName)) return nil }