Skip to content

Commit 1e79cc8

Browse files
colincaseycolincasey
committed
With the changes introduced in buildpacks#2043 for separating suggested builders and trusted builders, there were several places that still had logic referencing suggested builders in the trusted context. This PR updates those code paths to only consider trusted builders and extracts out a shared function IsKnownTrustedBuilder that can be used for "is this a trusted builder" checks.
Fixes buildpacks#2198 Signed-off-by: Colin Casey <casey.colin@gmail.com>
1 parent ce8db3c commit 1e79cc8

7 files changed

Lines changed: 21 additions & 29 deletions

File tree

internal/builder/known_builder.go

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -66,3 +66,12 @@ var KnownBuilders = []KnownBuilder{
6666
Trusted: true,
6767
},
6868
}
69+
70+
var IsKnownTrustedBuilder = func(b string) bool {
71+
for _, knownBuilder := range KnownBuilders {
72+
if b == knownBuilder.Image && knownBuilder.Trusted {
73+
return true
74+
}
75+
}
76+
return false
77+
}

internal/commands/commands.go

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,8 @@ import (
77
"os/signal"
88
"syscall"
99

10+
"github.com/buildpacks/pack/internal/builder"
11+
1012
"github.com/google/go-containerregistry/pkg/v1/types"
1113
"github.com/pkg/errors"
1214
"github.com/spf13/cobra"
@@ -105,14 +107,14 @@ func getMirrors(config config.Config) map[string][]string {
105107
return mirrors
106108
}
107109

108-
func isTrustedBuilder(cfg config.Config, builder string) bool {
110+
func isTrustedBuilder(cfg config.Config, builderName string) bool {
109111
for _, trustedBuilder := range cfg.TrustedBuilders {
110-
if builder == trustedBuilder.Name {
112+
if builderName == trustedBuilder.Name {
111113
return true
112114
}
113115
}
114116

115-
return isSuggestedBuilder(builder)
117+
return builder.IsKnownTrustedBuilder(builderName)
116118
}
117119

118120
func deprecationWarning(logger logging.Logger, oldCmd, replacementCmd string) {

internal/commands/config_trusted_builder.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -80,9 +80,9 @@ func removeTrustedBuilder(args []string, logger logging.Logger, cfg config.Confi
8080

8181
// Builder is not in the trusted builder list
8282
if len(existingTrustedBuilders) == len(cfg.TrustedBuilders) {
83-
if isSuggestedBuilder(builder) {
84-
// Attempted to untrust a suggested builder
85-
return errors.Errorf("Builder %s is a suggested builder, and is trusted by default. Currently pack doesn't support making these builders untrusted", style.Symbol(builder))
83+
if bldr.IsKnownTrustedBuilder(builder) {
84+
// Attempted to untrust a known trusted builder
85+
return errors.Errorf("Builder %s is a known trusted builder. Currently pack doesn't support making these builders untrusted", style.Symbol(builder))
8686
}
8787

8888
logger.Infof("Builder %s wasn't trusted", style.Symbol(builder))

internal/commands/config_trusted_builder_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -275,7 +275,7 @@ func testTrustedBuilderCommand(t *testing.T, when spec.G, it spec.S) {
275275
command.SetArgs(append(args, builder))
276276

277277
err := command.Execute()
278-
h.AssertError(t, err, fmt.Sprintf("Builder %s is a suggested builder, and is trusted by default", style.Symbol(builder)))
278+
h.AssertError(t, err, fmt.Sprintf("Builder %s is a known trusted builder. Currently pack doesn't support making these builders untrusted", style.Symbol(builder)))
279279
})
280280
})
281281
})

internal/commands/suggest_builders.go

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -92,13 +92,3 @@ func getBuilderDescription(builder bldr.KnownBuilder, inspector BuilderInspector
9292

9393
return builder.DefaultDescription
9494
}
95-
96-
func isSuggestedBuilder(builder string) bool {
97-
for _, knownBuilder := range bldr.KnownBuilders {
98-
if builder == knownBuilder.Image && knownBuilder.Suggested {
99-
return true
100-
}
101-
}
102-
103-
return false
104-
}

internal/commands/untrust_builder_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -129,7 +129,7 @@ func testUntrustBuilderCommand(t *testing.T, when spec.G, it spec.S) {
129129
command.SetArgs([]string{builder})
130130

131131
err := command.Execute()
132-
h.AssertError(t, err, fmt.Sprintf("Builder %s is a suggested builder, and is trusted by default", style.Symbol(builder)))
132+
h.AssertError(t, err, fmt.Sprintf("Builder %s is a known trusted builder. Currently pack doesn't support making these builders untrusted", style.Symbol(builder)))
133133
})
134134
})
135135
})

pkg/client/build.go

Lines changed: 2 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -277,15 +277,6 @@ type layoutPathConfig struct {
277277
targetRunImagePath string
278278
}
279279

280-
var IsTrustedBuilderFunc = func(b string) bool {
281-
for _, knownBuilder := range builder.KnownBuilders {
282-
if b == knownBuilder.Image && knownBuilder.Trusted {
283-
return true
284-
}
285-
}
286-
return false
287-
}
288-
289280
// Build configures settings for the build container(s) and lifecycle.
290281
// It then invokes the lifecycle to build an app image.
291282
// If any configuration is deemed invalid, or if any lifecycle phases fail,
@@ -409,9 +400,9 @@ func (c *Client) Build(ctx context.Context, opts BuildOptions) error {
409400
return err
410401
}
411402

412-
// Default mode: if the TrustBuilder option is not set, trust the suggested builders.
403+
// Default mode: if the TrustBuilder option is not set, trust the known trusted builders.
413404
if opts.TrustBuilder == nil {
414-
opts.TrustBuilder = IsTrustedBuilderFunc
405+
opts.TrustBuilder = builder.IsKnownTrustedBuilder
415406
}
416407

417408
// Ensure the builder's platform APIs are supported

0 commit comments

Comments
 (0)