Skip to content

Commit

Permalink
Add: oci-info (#1013)
Browse files Browse the repository at this point in the history
  • Loading branch information
@pascalholthaus
pascalholthaus committed Feb 14, 2024
1 parent 8aa4a30 commit 2ecad25
Show file tree
Hide file tree
Showing 14 changed files with 2,319 additions and 0 deletions.
57 changes: 57 additions & 0 deletions oci-info/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
# OCI Info

GitHub Action to interacting with OCI (Open Container Initiative) registries.

## Example

```yml

name: oci-info
on:
workflow_dispatch:
jobs:
oci-info:
name: list-tags
runs-on: ubuntu-latest
steps:
- name: get tags
id: tags
uses: greenbone/actions/oci-info@v3
with:
repository: opensight-postgres
namespace: greenbone
- name: Print tags
run: echo "${{ steps.tags.outputs.output }}"
```
## Action Configuration

| Input Variable | Description | |
| ------------------------- | -------------------------------------------------------------------------------------------------------------- | -------- |
| command | Available commands are list-tags, compare-tag-annotation. Default is list-tags . | Optional |
| repository | Repository name. | Required |
| namespace | Namespace for the registry. | Required |
| user | User for the registry login. | Optional |
| password | Password/token for the registry login. | Optional |
| reg-domain | Registry domain. Default is ghcr.io . | Optional |
| reg-auth-domain | Registry authentication domain. Default is ghcr.io . | Optional |
| reg-auth-service | Registry authentication service. Default is ghcr.io . | Optional |
| tag | Tag to compare. Required if command is compare-tag-annotation. | Optional |
| architecture | Annotation from architecture to compare. Default is amd64 . | Optional |
| compare-repository | Compare repository name. Required if command is compare-tag-annotation. | Optional |
| annotation | Annotation to compare. Default is org.opencontainers.image.created . | Optional |
| mode | Compare mode. Available commands are eq, lt and gt. Default is eq . | Optional |
| compare-namespace | Compare registry Namespace. Default is library . | Optional |
| compare-reg-domain | Compare registry domain. Default is registry-1.docker.io . | Optional |
| compare-reg-auth-domain | Compare registry authentication domain. Default is auth.docker.io . | Optional |
| compare-reg-auth-service | Compare registry authentication service. Default is registry.docker.io . | Optional |
| compare-user | User for the compare registry login. | Optional |
| compare-password | Password for the compare registry login. | Optional |
| python-version | Python version to use for running the action. Default is 3.11 . | Optional |
| poetry-version | Use a specific poetry version. By default the latest release is used. | Optional |
| cache-poetry-installation | Cache poetry and its dependencies. Default is 'true'. Set to an other string then 'true' to disable the cache. | Optional |

## Action Output

| Output Variable | Description |
| --------------- | --------------------------- |
| output | The oci-info stdout output. |
161 changes: 161 additions & 0 deletions oci-info/action.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,161 @@
name: "OCI Info"
description: "GitHub Action to interacting with OCI (Open Container Initiative) registries."

inputs:
command:
description: "Available commands are list-tags, compare-tag-annotation. Default is list-tags ."
required: true
default: "list-tags"
options: ["list-tags", "compare-tag-annotation"]
repository:
description: "Repository name."
required: true
namespace:
description: "Namespace for the registry."
required: true
user:
description: "User for the registry login."
password:
description: "Password/token for the registry login."
reg-domain:
description: "Registry domain. Default is ghcr.io ."
reg-auth-domain:
description: "Registry authentication domain. Default is ghcr.io ."
reg-auth-service:
description: "Registry authentication service. Default is ghcr.io ."
tag:
description: "Tag to compare. Required if command is compare-tag-annotation."
architecture:
description: "Annotation from architecture to compare. Default is amd64 ."
compare-repository:
description: "Compare repository name. Required if command is compare-tag-annotation."
annotation:
description: "Annotation to compare. Default is org.opencontainers.image.created ."
mode:
description: "Compare mode. Available commands are eq, lt and gt. Default is eq ."
options: ["eq", "lt", "gt"]
compare-namespace:
description: "Compare registry Namespace. Default is library ."
compare-reg-domain:
description: "Compare registry domain. Default is registry-1.docker.io ."
compare-reg-auth-domain:
description: "Compare registry authentication domain. Default is auth.docker.io ."
compare-reg-auth-service:
description: "Compare registry authentication service. Default is registry.docker.io ."
compare-user:
description: "User for the compare registry login."
compare-password:
description: "Password for the compare registry login."
python-version:
description: "Python version to use for running the action. Default is 3.11 ."
default: "3.11"
poetry-version:
description: "Use a specific poetry version. By default the latest release is used."
cache-poetry-installation:
description: "Cache poetry and its dependencies. Default is 'true'. Set to an other string then 'true' to disable the cache."
default: "true"

outputs:
output:
description: "The oci-info stdout output."
value: ${{ steps.oci-info.outputs.output }}

runs:
using: "composite"
steps:
- name: Set up Python and Poetry
uses: greenbone/actions/poetry@v3
with:
python-version: ${{ inputs.python-version }}
working-directory: ${{ github.action_path }}
without-dev: "true"
poetry-version: ${{ inputs.poetry-version }}
cache-dependency-path: ${{ github.action_path }}/poetry.lock
cache-poetry-installation: ${{ inputs.cache-poetry-installation }}

- name: Run oci-info
working-directory: ${{ github.action_path }}
shell: bash
id: oci-info
run: |
cmd=()
if [ "${{ inputs.repository }}" ]; then
cmd+=(--repository "${{ inputs.repository }}")
fi
if [ "${{ inputs.namespace }}" ]; then
cmd+=(--namespace "${{ inputs.namespace }}")
fi
if [ "${{ inputs.user }}" ]; then
cmd+=(--user "${{ inputs.user }}")
fi
if [ "${{ inputs.password }}" ]; then
cmd+=(--password "${{ inputs.password }}")
fi
if [ "${{ inputs.reg-domain }}" ]; then
cmd+=(--reg-domain "${{ inputs.reg-domain }}")
fi
if [ "${{ inputs.reg-auth-domain }}" ]; then
cmd+=(--reg-auth-domain "${{ inputs.reg-auth-domain }}")
fi
if [ "${{ inputs.reg-auth-service }}" ]; then
cmd+=(--reg-auth-service "${{ inputs.reg-auth-service }}")
fi
if [ "${{ inputs.command }}" ]; then
cmd+=("${{ inputs.command }}")
fi
if [ "${{ inputs.tag }}" ]; then
cmd+=(--tag "${{ inputs.tag }}")
fi
if [ "${{ inputs.architecture }}" ]; then
cmd+=(--architecture "${{ inputs.architecture }}")
fi
if [ "${{ inputs.mode }}" ]; then
cmd+=(--mode "${{ inputs.mode }}")
fi
if [ "${{ inputs.compare-repository }}" ]; then
cmd+=(--compare-repository "${{ inputs.compare-repository }}")
fi
if [ "${{ inputs.annotation }}" ]; then
cmd+=(--annotation "${{ inputs.annotation }}")
fi
if [ "${{ inputs.compare-namespace }}" ]; then
cmd+=(--compare-namespace "${{ inputs.compare-namespace }}")
fi
if [ "${{ inputs.compare-reg-domain }}" ]; then
cmd+=(--compare-reg-domain "${{ inputs.compare-reg-domain }}")
fi
if [ "${{ inputs.compare-reg-auth-domain }}" ]; then
cmd+=(--compare-reg-auth-domain "${{ inputs.compare-reg-auth-domain }}")
fi
if [ "${{ inputs.compare-reg-auth-service }}" ]; then
cmd+=(--compare-reg-auth-service "${{ inputs.compare-reg-auth-service }}")
fi
if [ "${{ inputs.compare-user }}" ]; then
cmd+=(--compare-user "${{ inputs.compare-user }}")
fi
if [ "${{ inputs.compare-password }}" ]; then
cmd+=(--compare-password "${{ inputs.compare-password }}")
fi
# We need a clear exit code
output=$(poetry run oci-info "${cmd[@]}")
echo "output=$output" >> "$GITHUB_OUTPUT"
3 changes: 3 additions & 0 deletions oci-info/action/__init__.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# SPDX-FileCopyrightText: 2024 Greenbone AG
#
# SPDX-License-Identifier: AGPL-3.0-or-later
5 changes: 5 additions & 0 deletions oci-info/action/__version__.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# pylint: disable=invalid-name

# THIS IS AN AUTOGENERATED FILE. DO NOT TOUCH!

__version__ = "0.1.0"
130 changes: 130 additions & 0 deletions oci-info/action/args.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,130 @@
# SPDX-FileCopyrightText: 2024 Greenbone AG
#
# SPDX-License-Identifier: AGPL-3.0-or-later

"""
Module to parse command-line arguments.
"""

from argparse import ArgumentParser, Namespace
from typing import Optional, Sequence

import shtab


def parse_args(args: Optional[Sequence[str]] = None) -> Namespace:
"""
Parse command-line arguments.
Args:
args: List of command-line arguments.
Returns:
Parsed arguments.
"""

parser = ArgumentParser(
description="Interact with OCI (Open Container Initiative) compliant registries."
)
subparsers = parser.add_subparsers(
dest="command", help="Available commands", required=True
)
shtab.add_argument_to(parser)

parser.add_argument("--repository", help="Repository name", required=True)
parser.add_argument(
"--namespace",
help="Namespace for the registry",
required=True,
)
parser.add_argument(
"--user",
help="User for the registry login",
)
parser.add_argument(
"--password",
help="Password for the registry login",
)
parser.add_argument(
"--reg-domain",
help="Registry domain",
default="ghcr.io",
)
parser.add_argument(
"--reg-auth-domain",
help="Registry authentication domain",
default="ghcr.io",
)
parser.add_argument(
"--reg-auth-service",
help="Registry authentication service",
default="ghcr.io",
)

# list_tags_parser
list_tags_parser = subparsers.add_parser(
"list-tags",
help="List tags of an repository in an OCI compliant registry",
)

# compare_annotations_parser
compare_annotations_parser = subparsers.add_parser(
"compare-tag-annotation",
help="Compare repository annotations in different registries",
)
compare_annotations_parser.add_argument(
"--tag", help="Tag to compare", required=True
)
compare_annotations_parser.add_argument(
"--architecture",
help="Annotation from architecture to compare",
default="amd64",
)
compare_annotations_parser.add_argument(
"--compare-repository",
help="Compare repository name",
required=True,
)
compare_annotations_parser.add_argument(
"--annotation",
help="Annotation to compare",
default="org.opencontainers.image.created",
)
compare_annotations_parser.add_argument(
"--mode",
help="Annotation to compare",
default="eq",
choices=["eq", "lt", "gt"],
)
compare_annotations_parser.add_argument(
"--compare-namespace",
help="Compare registry Namespace",
default="library",
)
compare_annotations_parser.add_argument(
"--compare-reg-domain",
help="Compare registry domain",
default="registry-1.docker.io",
)
compare_annotations_parser.add_argument(
"--compare-reg-auth-domain",
help="Compare registry authentication domain",
default="auth.docker.io",
)
compare_annotations_parser.add_argument(
"--compare-reg-auth-service",
help="Compare registry authentication service",
default="registry.docker.io",
)
compare_annotations_parser.add_argument(
"--compare-user",
help="User for the compare registry login",
default=None,
)
compare_annotations_parser.add_argument(
"--compare-password",
help="Password for the compare registry login",
default=None,
)

return parser.parse_args(args)
Loading

0 comments on commit 2ecad25

Please sign in to comment.