feat: configurable preference for relative access creation for uploader #1412
Conversation
github-actions
bot
added
area/documentation
- use relative access methods for OCI upload to local OCM repository - make preference configurable for repos
There was a problem hiding this comment.
In general, relativeOciAccesses are not nicely specified and theyre already not part of the spec anymore. Nevertheless I recognize the value this gives for local debugging.
For me this PR is acceptable, but only if we mark the type as experimental somehow. I think relativeOciAccesses should be avoided because most tools will only know how to deal with ociArtifact / ociImage. Introducing yet another type that is only resolvable if a context is known is very dangerous.
| // to a configuration struct of type T. | ||
| // A pointer to the configured struct is returned. | ||
| // Attention: T must be a struct type. | ||
| func GetConfigured[T any](ctxp ContextProvider) (*T, error) { |
There was a problem hiding this comment.
There is exactly one usage of this method, so I would like to keep it an internal helper
| type RepositorySpec interface { | ||
| runtime.VersionedTypedObject | ||
| UniformRepositorySpecProvider |
There was a problem hiding this comment.
Why is every Repository Spec now a Uniform Spec Provider?
| ) | ||
|
|
||
| const ( | ||
| ATTR_KEY = "github.com/mandelsoft/ocm/preferrelativeaccess" |
There was a problem hiding this comment.
This attribute key should be changed.
| ATTR_KEY = "github.com/mandelsoft/ocm/preferrelativeaccess" | |
| ATTR_KEY = "ocm.software/ocm/oci/" + ATTR_SHORT |
| @@ -168,6 +168,27 @@ The following configuration types are supported: | |||
|
|
|||
| At least the given values must be present in the certificate | |||
| to be accepted for a successful signature validation. | |||
| - <code>local.oci.uploader.config.ocm.software</code> | |||
| The config type <code>local.oci.uploader.config.ocm.software</code> can be used to set some | |||
There was a problem hiding this comment.
This should become part of the generic oci uploader configuration, e.g. oci.uploader.config.ocm.software because there is no semantic relationship between a "local.oci.uploader" and the relative access setup. (localhost is only used in the given examples and in tests but it could be any repository).
What this PR does / why we need it
By default the OCI uploader used to handle the implicit OCI uploads for OCI based OCM repositories
creates an absolute access method.
A new global attribute
preferrelativeaccess(bool) can be used now to switch this behaviorto prefer a relative access method.
With the new config object
local.oci.uploader.config.ocm.softwareit is possible to configurehost/port combinations for which the relative access should be preferred. (For example
localhost).Which issue(s) this PR fixes
Fixes #1410