Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trusted builders fix #2205

Merged
merged 7 commits into from
Jul 9, 2024
Merged

Trusted builders fix #2205

merged 7 commits into from
Jul 9, 2024

Conversation

colincasey
Copy link
Contributor

@colincasey colincasey commented Jul 4, 2024
edited
Loading

Summary

With the changes introduced in #2043 for separating suggested builders and trusted builders, there were several places that still had logic referencing suggested builders in the trusted context. This PR updates those code paths to only consider trusted builders and extracts out a shared function IsKnownTrustedBuilder that can be used for "is this a trusted builder" checks.

Output

There is a small output change when calling pack config trusted-builders remove <x> with a builder in the known trusted list. The previous output gave the following message:

Builder <x> is a suggested builder, and is trusted by default. Currently pack doesn't support making these builders untrusted

Which now says:

Builder <x> is a known trusted builder. Currently pack doesn't support making these builders untrusted

Documentation

  • Should this change be documented?
    • Yes, see #___
    • No

Related

Resolves #2198

@colincasey
With the changes introduced in buildpacks#2043 for separating suggest…
1e79cc8 
…ed builders and trusted builders, there were several places that still had logic referencing suggested builders in the trusted context. This PR updates those code paths to only consider trusted builders and extracts out a shared function `IsKnownTrustedBuilder` that can be used for "is this a trusted builder" checks.

Fixes buildpacks#2198

Signed-off-by: Colin Casey <casey.colin@gmail.com>
@colincasey colincasey requested review from a team as code owners July 4, 2024 19:40
@github-actions github-actions bot added this to the 0.35.0 milestone Jul 4, 2024
@github-actions github-actions bot added the type/enhancement Issue that requests a new feature or improvement. label Jul 4, 2024
edmorley
edmorley reviewed Jul 4, 2024
View reviewed changes
Copy link
Contributor

@edmorley edmorley left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for fixing this! The changes look good to me to fix the issue, though it would be good to have a test for this. I presume something similar to the tests here?

pack/internal/commands/build_test.go

Lines 93 to 128 in ce8db3c

when("the builder is trusted", func() {
it.Before(func() {
mockClient.EXPECT().
Build(gomock.Any(), EqBuildOptionsWithTrustedBuilder(true)).
Return(nil)
cfg := config.Config{TrustedBuilders: []config.TrustedBuilder{{Name: "my-builder"}}}
command = commands.Build(logger, cfg, mockClient)
})
it("sets the trust builder option", func() {
logger.WantVerbose(true)
command.SetArgs([]string{"image", "--builder", "my-builder"})
h.AssertNil(t, command.Execute())
h.AssertContains(t, outBuf.String(), "Builder 'my-builder' is trusted")
})
when("a lifecycle-image is provided", func() {
it("ignoring the mentioned lifecycle image, going with default version", func() {
command.SetArgs([]string{"--builder", "my-builder", "image", "--lifecycle-image", "some-lifecycle-image"})
h.AssertNil(t, command.Execute())
h.AssertContains(t, outBuf.String(), "Warning: Ignoring the provided lifecycle image as the builder is trusted, running the creator in a single container using the provided builder")
})
})
})
when("the builder is suggested", func() {
it("sets the trust builder option", func() {
mockClient.EXPECT().
Build(gomock.Any(), EqBuildOptionsWithTrustedBuilder(true)).
Return(nil)
logger.WantVerbose(true)
command.SetArgs([]string{"image", "--builder", "heroku/builder:24"})
h.AssertNil(t, command.Execute())
h.AssertContains(t, outBuf.String(), "Builder 'heroku/builder:24' is trusted")
})
})

@colincasey
Added test for trusted/untrusted builders in build command
133833c 
Signed-off-by: Colin Casey <casey.colin@gmail.com>
@colincasey colincasey requested a review from edmorley July 6, 2024 13:55
@colincasey
Empty commit
a55703b 
Signed-off-by: Colin Casey <casey.colin@gmail.com>
@jjbustamante
Copy link
Member

I am ok with the change, I agree with Ed, add the missing test case

@colincasey
Added test for known trusted but not suggested builder
4d4dd5c 
Signed-off-by: Colin Casey <casey.colin@gmail.com>
edmorley
edmorley approved these changes Jul 8, 2024
View reviewed changes
Copy link
Contributor

@edmorley edmorley left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you - looks good to me :-)

internal/commands/build_test.go Outdated Show resolved Hide resolved
@natalieparellano natalieparellano merged commit 7d3a810 into buildpacks:main Jul 9, 2024
16 checks passed
@edmorley edmorley mentioned this pull request Jul 25, 2024
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@natalieparellano natalieparellano natalieparellano approved these changes

@edmorley edmorley edmorley approved these changes

Assignees
No one assigned
Labels
type/enhancement Issue that requests a new feature or improvement.
Projects
None yet
Milestone
0.35.0
Development

Successfully merging this pull request may close these issues.

pack build not correctly treating trusted builders as trusted
4 participants
@colincasey @jjbustamante @edmorley @natalieparellano