From 440e5489011089a1df778b762e129e1694551556 Mon Sep 17 00:00:00 2001 From: Brandon Philips Date: Wed, 14 Sep 2016 20:06:44 -0700 Subject: [PATCH] feat(repo): use OCI style digest identifiers Use the same format as the Open Container Initiative for a digest string. https://github.com/opencontainers/image-spec/blob/master/descriptor.md#digests-and-verification Fixes #1166 --- docs/chart_repository.md | 4 ++-- pkg/repo/index.go | 2 +- pkg/repo/repo.go | 22 ++++++++++------------ pkg/repo/repo_test.go | 4 ++-- 4 files changed, 15 insertions(+), 17 deletions(-) diff --git a/docs/chart_repository.md b/docs/chart_repository.md index 0870a95e2..9e1748853 100644 --- a/docs/chart_repository.md +++ b/docs/chart_repository.md @@ -23,7 +23,7 @@ alpine-0.1.0: name: alpine url: https://storage.googleapis.com/kubernetes-charts/alpine-0.1.0.tgz created: 2016-05-26 11:23:44.086354411 +0000 UTC - checksum: a61575c2d3160e5e39abf2a5ec984d6119404b18 + digest: sha256:78e9a4282295184e8ce1496d23987993673f38e33e203c8bc18bc838a73e5864 chartfile: name: alpine description: Deploy a basic Alpine Linux pod @@ -33,7 +33,7 @@ redis-2.0.0: name: redis url: https://storage.googleapis.com/kubernetes-charts/redis-2.0.0.tgz created: 2016-05-26 11:23:44.087939192 +0000 UTC - checksum: 2cea3048cf85d588204e1b1cc0674472b4517919 + digest: sha256:bde9c2949e64d059c18d8f93566a64dafc6d2e8e259a70322fb804831dfd0b5b chartfile: name: redis description: Port of the replicatedservice template from kubernetes/charts diff --git a/pkg/repo/index.go b/pkg/repo/index.go index c0187fc69..5e9a08837 100644 --- a/pkg/repo/index.go +++ b/pkg/repo/index.go @@ -39,7 +39,7 @@ type ChartRef struct { URL string `yaml:"url"` Created string `yaml:"created,omitempty"` Removed bool `yaml:"removed,omitempty"` - Checksum string `yaml:"checksum,omitempty"` + Digest string `yaml:"digest,omitempty"` Chartfile *chart.Metadata `yaml:"chartfile"` } diff --git a/pkg/repo/repo.go b/pkg/repo/repo.go index c4ed13c52..e670bea44 100644 --- a/pkg/repo/repo.go +++ b/pkg/repo/repo.go @@ -17,9 +17,10 @@ limitations under the License. package repo // import "k8s.io/helm/pkg/repo" import ( - "crypto/sha1" + "crypto/sha256" + "encoding/hex" "errors" - "fmt" + "io" "io/ioutil" "net/url" "os" @@ -131,7 +132,7 @@ func (r *ChartRepository) Index() error { } chartfile := ch.Metadata - hash, err := generateChecksum(path) + digest, err := generateDigest(path) if err != nil { return err } @@ -152,7 +153,7 @@ func (r *ChartRepository) Index() error { url, _ := url.Parse(r.URL) url.Path = filepath.Join(url.Path, key+".tgz") - entry := &ChartRef{Chartfile: chartfile, Name: chartfile.Name, URL: url.String(), Created: created, Checksum: hash, Removed: false} + entry := &ChartRef{Chartfile: chartfile, Name: chartfile.Name, URL: url.String(), Created: created, Digest: digest, Removed: false} r.IndexFile.Entries[key] = entry @@ -170,18 +171,15 @@ func (r *ChartRepository) Index() error { return r.saveIndexFile() } -func generateChecksum(path string) (string, error) { +func generateDigest(path string) (string, error) { f, err := os.Open(path) if err != nil { return "", err } - b, err := ioutil.ReadAll(f) - if err != nil { - return "", err - } - - result := sha1.Sum(b) + h := sha256.New() + io.Copy(h, f) - return fmt.Sprintf("%x", result), nil + digest := h.Sum([]byte{}) + return "sha256:" + hex.EncodeToString(digest[:]), nil } diff --git a/pkg/repo/repo_test.go b/pkg/repo/repo_test.go index 9b88e238a..651f7fcae 100644 --- a/pkg/repo/repo_test.go +++ b/pkg/repo/repo_test.go @@ -85,8 +85,8 @@ func TestIndex(t *testing.T) { } timestamps[chartName] = details.Created - if details.Checksum == "" { - t.Errorf("Checksum was not set for %s", chartName) + if details.Digest == "" { + t.Errorf("Digest was not set for %s", chartName) } }