diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml index b6c1491ddc..8527e6f39a 100644 --- a/.github/dependabot.yaml +++ b/.github/dependabot.yaml @@ -13,6 +13,9 @@ updates: cosign-providers: patterns: - "github.com/sigstore/sigstore/pkg/signature/kms/*" + golang: + patterns: + - "golang.org/x/*" - package-ecosystem: github-actions directory: / schedule: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c19ef4268b..2af42067de 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -185,7 +185,7 @@ jobs: - name: Get Brew tap repo token id: brew-tap-token - uses: actions/create-github-app-token@136412a57a7081aa63c935a2cc2918f76c34f514 # v1.11.2 + uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3 with: app-id: ${{ secrets.HOMEBREW_TAP_WORKFLOW_GITHUB_APP_ID }} private-key: ${{ secrets.HOMEBREW_TAP_WORKFLOW_GITHUB_APP_SECRET }} diff --git a/.github/workflows/scan-lint.yml b/.github/workflows/scan-lint.yml index b5a8286786..babe2c830d 100644 --- a/.github/workflows/scan-lint.yml +++ b/.github/workflows/scan-lint.yml @@ -13,4 +13,4 @@ jobs: - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run golangci-lint - uses: golangci/golangci-lint-action@ec5d18412c0aeab7936cb16880d708ba2a64e1ae # v6.2.0 + uses: golangci/golangci-lint-action@e60da84bfae8c7920a47be973d75e15710aa8bd7 # v6.3.0 diff --git a/go.mod b/go.mod index 7ad08852d8..5c39f6ff2a 100644 --- a/go.mod +++ b/go.mod @@ -52,8 +52,8 @@ require ( github.com/stretchr/testify v1.10.0 github.com/xeipuuv/gojsonschema v1.2.0 golang.org/x/crypto v0.32.0 - golang.org/x/sync v0.10.0 - golang.org/x/term v0.28.0 + golang.org/x/sync v0.11.0 + golang.org/x/term v0.29.0 helm.sh/helm/v3 v3.17.0 k8s.io/api v0.32.1 k8s.io/apimachinery v0.32.1 @@ -550,7 +550,7 @@ require ( golang.org/x/mod v0.22.0 // indirect golang.org/x/net v0.34.0 // indirect golang.org/x/oauth2 v0.25.0 // indirect - golang.org/x/sys v0.29.0 // indirect + golang.org/x/sys v0.30.0 // indirect golang.org/x/text v0.21.0 // indirect golang.org/x/time v0.8.0 // indirect golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect diff --git a/go.sum b/go.sum index a0662394e6..91edb5c2d7 100644 --- a/go.sum +++ b/go.sum @@ -2068,8 +2068,8 @@ golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= -golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w= +golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -2172,8 +2172,8 @@ golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= -golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= +golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -2185,8 +2185,8 @@ golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.9.0/go.mod h1:M6DEAAIenWoTxdKrOltXcmDY3rSplQUkrvaDU5FcQyo= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg= -golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= +golang.org/x/term v0.29.0 h1:L6pJp37ocefwRRtYPKSWOWzOtWSxVajvz2ldH/xi3iU= +golang.org/x/term v0.29.0/go.mod h1:6bl4lRlvVuDgSf3179VpIxBF0o10JUpXWOnI7nErv7s= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= diff --git a/src/internal/packager2/layout/create_test.go b/src/internal/packager2/layout/create_test.go index 58205b9344..7a1b9a7d3c 100644 --- a/src/internal/packager2/layout/create_test.go +++ b/src/internal/packager2/layout/create_test.go @@ -217,3 +217,10 @@ func TestCreateReproducibleTarballFromDir(t *testing.T) { require.NoError(t, err) require.Equal(t, "c09d17f612f241cdf549e5fb97c9e063a8ad18ae7a9f3af066332ed6b38556ad", shaSum) } + +func TestLoadPackageErrorWithoutCompatibleFlavor(t *testing.T) { + t.Parallel() + lint.ZarfSchema = testutil.LoadSchema(t, "../../../../zarf.schema.json") + _, err := LoadPackage(context.Background(), filepath.Join("testdata", "package-with-flavors"), "non-existent-flavor", map[string]string{}) + require.EqualError(t, err, fmt.Sprintf("package validation failed: %s", lint.PkgValidateErrNoComponents)) +} diff --git a/src/internal/packager2/layout/testdata/package-with-flavors/zarf.yaml b/src/internal/packager2/layout/testdata/package-with-flavors/zarf.yaml new file mode 100644 index 0000000000..b8add2de34 --- /dev/null +++ b/src/internal/packager2/layout/testdata/package-with-flavors/zarf.yaml @@ -0,0 +1,11 @@ +kind: ZarfPackageConfig +metadata: + name: test +components: + - name: test-flavor + only: + flavor: pistachio + + - name: test-flavor + only: + flavor: cashew diff --git a/src/pkg/lint/validate.go b/src/pkg/lint/validate.go index 0083c8a6b7..80b35b3ad7 100644 --- a/src/pkg/lint/validate.go +++ b/src/pkg/lint/validate.go @@ -65,11 +65,15 @@ const ( PkgValidateErrManifestFileOrKustomize = "manifest %q must have at least one file or kustomization" PkgValidateErrManifestNameLength = "manifest %q exceed the maximum length of %d characters" PkgValidateErrVariable = "invalid package variable: %w" + PkgValidateErrNoComponents = "package does not contain any compatible components" ) // ValidatePackage runs all validation checks on the package. func ValidatePackage(pkg v1alpha1.ZarfPackage) error { var err error + if len(pkg.Components) == 0 { + err = errors.Join(err, errors.New(PkgValidateErrNoComponents)) + } if pkg.Kind == v1alpha1.ZarfInitConfig && pkg.Metadata.YOLO { err = errors.Join(err, errors.New(PkgValidateErrInitNoYOLO)) } diff --git a/src/pkg/lint/validate_test.go b/src/pkg/lint/validate_test.go index 4e0abeda96..4b5612f189 100644 --- a/src/pkg/lint/validate_test.go +++ b/src/pkg/lint/validate_test.go @@ -36,6 +36,16 @@ func TestZarfPackageValidate(t *testing.T) { }, expectedErrs: nil, }, + { + name: "no components", + pkg: v1alpha1.ZarfPackage{ + Kind: v1alpha1.ZarfPackageConfig, + Metadata: v1alpha1.ZarfMetadata{ + Name: "valid-package", + }, + }, + expectedErrs: []string{PkgValidateErrNoComponents}, + }, { name: "invalid package", pkg: v1alpha1.ZarfPackage{ diff --git a/src/pkg/packager/creator/creator_test.go b/src/pkg/packager/creator/creator_test.go index 6d87d09aac..8f23a80eaa 100644 --- a/src/pkg/packager/creator/creator_test.go +++ b/src/pkg/packager/creator/creator_test.go @@ -35,7 +35,7 @@ func TestLoadPackageDefinition(t *testing.T) { { name: "invalid package definition", testDir: "invalid", - expectedErr: "linting error found 1 instance(s)", + expectedErr: "package validation failed: package does not contain any compatible components", creator: NewPackageCreator(types.ZarfCreateOptions{}, ""), }, { @@ -47,7 +47,7 @@ func TestLoadPackageDefinition(t *testing.T) { { name: "invalid package definition", testDir: "invalid", - expectedErr: "linting error found 1 instance(s)", + expectedErr: "package validation failed: package does not contain any compatible components", creator: NewSkeletonCreator(types.ZarfCreateOptions{}, types.ZarfPublishOptions{}), }, } diff --git a/src/test/e2e/10_component_flavor_test.go b/src/test/e2e/10_component_flavor_test.go index 5bf12ed335..3ff5485c06 100644 --- a/src/test/e2e/10_component_flavor_test.go +++ b/src/test/e2e/10_component_flavor_test.go @@ -15,25 +15,6 @@ import ( layout2 "github.com/zarf-dev/zarf/src/internal/packager2/layout" ) -func TestFlavorExample(t *testing.T) { - t.Parallel() - - tmpDir := t.TempDir() - flavorExample := filepath.Join("examples", "package-flavors") - _, _, err := e2e.Zarf(t, "package", "create", flavorExample, "-o", tmpDir, "--flavor", "oracle-cookie-crunch", "--no-color", "--confirm") - require.NoError(t, err) - - tarPath := filepath.Join(tmpDir, fmt.Sprintf("zarf-package-package-flavors-%s-1.0.0.tar.zst", e2e.Arch)) - pkgLayout, err := layout2.LoadFromTar(context.Background(), tarPath, layout2.PackageLayoutOptions{}) - require.NoError(t, err) - pkgLayout.Pkg.Metadata.Description = "The pod that runs the specified flavor of Enterprise Linux" - imgs := []string{} - for _, comp := range pkgLayout.Pkg.Components { - imgs = append(imgs, comp.Images...) - } - require.ElementsMatch(t, imgs, []string{"oraclelinux:9-slim"}) -} - func TestFlavorArchFiltering(t *testing.T) { t.Parallel()