From 92e4d21ad79f9258a71dd10913e00e0cbbbe9e2f Mon Sep 17 00:00:00 2001 From: Hristo Gyulev Date: Tue, 23 May 2023 22:21:25 +0200 Subject: [PATCH] Improved version taking into account the last PR comments --- charts-syncer.yaml | 9 +--- examples/sync-deps.yaml | 34 +++++++------ internal/chart/dependency.go | 81 +++++++++++++++++++++++-------- internal/chart/dependency_test.go | 9 +++- internal/utils/utils.go | 41 ++++++++++++++++ pkg/syncer/index.go | 18 ++++--- pkg/syncer/index_internal_test.go | 24 ++++++--- pkg/syncer/sync.go | 17 ++++--- pkg/syncer/syncer.go | 39 +++++++++------ 9 files changed, 191 insertions(+), 81 deletions(-) diff --git a/charts-syncer.yaml b/charts-syncer.yaml index a301b26b..99ad2b20 100644 --- a/charts-syncer.yaml +++ b/charts-syncer.yaml @@ -4,11 +4,6 @@ # source includes relevant information about the source chart repository source: - # Dependencies located in repos from this list will be considered as trusted, and also synced. - # The entry format is the same as "repo" (see below) - trustedSourceDeps: - - kind: HELM - url: https://grafana.github.io/helm-charts repo: # Kind specify the chart repository kind. Valid values are HELM, CHARTMUSEUM, and HARBOR kind: HELM @@ -27,9 +22,7 @@ source: # chartsIndex: my-oci-registry.io/my-project/my-custom-index:prod # target includes relevant information about the target chart repository target: - # In case there is a need to mirror dependencies (from trustedSourceDeps list, see above) - this must be set to true - replaceDependencyRepo: true -# repoName is used to modify the README of the chart. Default value: `myrepo` + # repoName is used to modify the README of the chart. Default value: `myrepo` repoName: myrepo # containerRegistry is used to update the image registry section of the values.yaml file # NOTE: If containerRegistry is not set (or not present), the registry sections won't be updated diff --git a/examples/sync-deps.yaml b/examples/sync-deps.yaml index 1531e515..f07a14ad 100644 --- a/examples/sync-deps.yaml +++ b/examples/sync-deps.yaml @@ -4,33 +4,35 @@ # source includes relevant information about the source chart repository source: - # Dependencies located in repos from this list will be considered as trusted, and also synced. - # The entry format is the same as "repo" (see below) - trustedSourceDeps: - - kind: HELM - url: https://grafana.github.io/helm-charts + # Optional: Dependencies located in repos from this list will be considered as trusted and maintained as is + # if there is a need to work with external repositories different from the source - they must be included here + ignoreTrustedRepos: + - kind: HELM + url: https://grafana.github.io/helm-charts repo: # Kind specify the chart repository kind. Valid values are HELM, CHARTMUSEUM, and HARBOR kind: HELM # url is the url of the chart repository - url: https://prometheus-community.github.io/helm-charts # local test source repo + url: https://prometheus-community.github.io/helm-charts # local test source repo + # target includes relevant information about the target chart repository target: - # In case there is a need to mirror dependencies (from trustedSourceDeps list, see above) - this must be set to true - replaceDependencyRepo: true + # repoName is used to modify the README of the chart. Default value: `myrepo` + repoName: myrepo + + # Optional: Dependencies located in repos from this list will be considered as trusted and also synced to the target. + # This setting takes precedence of source.ignoreTrustedRepos for the same entry. + # If there is a need to work with external repositories different from the source - they must be included here + syncTrustedRepos: + - kind: HELM + url: https://grafana.github.io/helm-charts repo: # Kind specify the chart repository kind. Valid values are HELM, CHARTMUSEUM, and HARBOR kind: LOCAL - path: localrepo -# charts is an OPTIONAL list to specify a subset of charts to be synchronized -# It is mandatory if the source repo is OCI and not autodiscovery is supported in that repository -# More info here https://github.com/bitnami-labs/charts-syncer#charts-index-for-oci-based-repositories + # url is the url of the chart repository + path: localrepo # local test target repo charts: - kube-prometheus-stack -# opt-out counterpart of "charts" property that explicit list the Helm charts to be skipped -# either "charts" or "skipCharts" can be used at once -# skipCharts: -# - mariadb # Whether to also relocate the container images referenced by the Helm Chart # Note that this requires the Helm Chart to be compatible with relok8s tool by containing a .relok8s-images.yaml file diff --git a/internal/chart/dependency.go b/internal/chart/dependency.go index d02e2ba2..5b76fdd9 100644 --- a/internal/chart/dependency.go +++ b/internal/chart/dependency.go @@ -4,16 +4,15 @@ import ( "bytes" "encoding/json" "fmt" - "io/ioutil" - "net/url" - "os" - "path" - "github.com/juju/errors" "github.com/mkmik/multierror" "helm.sh/helm/v3/pkg/chart" "helm.sh/helm/v3/pkg/provenance" + "io/ioutil" "k8s.io/klog" + "net/url" + "os" + "path" "sigs.k8s.io/yaml" "github.com/bitnami-labs/charts-syncer/api" @@ -65,7 +64,7 @@ func GetChartLock(chartPath string) (*chart.Lock, error) { return lock, nil } -// GetChartDependencies returns the chart chart.Dependencies from a chart in tgz format. +// GetChartDependencies returns the chart dependencies from a chart in tgz format. func GetChartDependencies(filepath string, name string) ([]*chart.Dependency, error) { // Create temporary working directory chartPath, err := ioutil.TempDir("", "charts-syncer") @@ -112,9 +111,9 @@ func GetLockAPIVersion(chartPath string) (string, error) { // BuildDependencies updates the chart dependencies and their repository references in the provided chart path // -// It reads the lock file to download the versions from the target -// chart repository (it assumes all charts are stored in a single repo). -func BuildDependencies(chartPath string, r client.ChartsReader, sourceRepo, targetRepo *api.Repo, replaceDependencyRepo bool) error { +// It reads the lock file to download the versions from the target chart repository +func BuildDependencies(chartPath string, r client.ChartsReader, sourceRepo, targetRepo *api.Repo, t map[uint32]client.ChartsReaderWriter, syncTrusted, ignoreTrusted []*api.Repo) error { + // Build deps manually for OCI as helm does not support it yet if err := os.RemoveAll(path.Join(chartPath, "charts")); err != nil { return errors.Trace(err) @@ -138,13 +137,14 @@ func BuildDependencies(chartPath string, r client.ChartsReader, sourceRepo, targ if apiVersion == "" { return nil } + switch apiVersion { case APIV1: - if err := updateRequirementsFile(chartPath, lock, sourceRepo, targetRepo, replaceDependencyRepo); err != nil { + if err := updateRequirementsFile(chartPath, lock, sourceRepo, targetRepo, syncTrusted, ignoreTrusted); err != nil { return errors.Trace(err) } case APIV2: - if err := updateChartMetadataFile(chartPath, lock, sourceRepo, targetRepo, replaceDependencyRepo); err != nil { + if err := updateChartMetadataFile(chartPath, lock, sourceRepo, targetRepo, syncTrusted, ignoreTrusted); err != nil { return errors.Trace(err) } default: @@ -158,7 +158,22 @@ func BuildDependencies(chartPath string, r client.ChartsReader, sourceRepo, targ id := fmt.Sprintf("%s-%s", dep.Name, dep.Version) klog.V(4).Infof("Building %q chart dependency", id) - depTgz, err := r.Fetch(dep.Name, dep.Version) + var repoClient client.ChartsReader = nil + + depRepo := api.Repo{ + Url: dep.Repository, + } + + //if the repo is trusted and won't be synced - we download the dependency from it (source) + if utils.ShouldIgnoreRepo(depRepo, syncTrusted, ignoreTrusted) { + repoClient = t[utils.GetRepoLocationId(dep.Repository)] + } else { + //otherwise we download it from the destination repo + repoClient = r + } + + depTgz, err := repoClient.Fetch(dep.Name, dep.Version) + if err != nil { klog.Warningf("Failed fetching %q chart. The dependencies processing will remain incomplete.", id) errs = multierror.Append(errs, errors.Annotatef(err, "fetching %q chart", id)) @@ -179,7 +194,7 @@ func BuildDependencies(chartPath string, r client.ChartsReader, sourceRepo, targ // updateChartMetadataFile updates the dependencies in Chart.yaml // For helm v3 dependency management -func updateChartMetadataFile(chartPath string, lock *chart.Lock, sourceRepo, targetRepo *api.Repo, replaceDependencyRepo bool) error { +func updateChartMetadataFile(chartPath string, lock *chart.Lock, sourceRepo, targetRepo *api.Repo, syncTrusted, ignoreTrusted []*api.Repo) error { chartFile := path.Join(chartPath, ChartFilename) chartYamlContent, err := ioutil.ReadFile(chartFile) if err != nil { @@ -191,8 +206,15 @@ func updateChartMetadataFile(chartPath string, lock *chart.Lock, sourceRepo, tar return errors.Annotatef(err, "error unmarshaling %s file", chartFile) } for _, dep := range chartMetadata.Dependencies { - // Maybe there are dependencies from other chart repos. In this case we don't want to replace - // the repository. + // Maybe there are dependencies from other chart repos. We replace them or not depending on what we have in + // source.ignoreTrustedRepos and target.syncTrustedRepos (the logic can be found in utils.ShouldIgnoreRepo) + r := api.Repo{ + Url: dep.Repository, + } + + //ignore repo means don't replace it, don't ignore - means "replace it" - use negation to achieve it + replaceDependencyRepo := !utils.ShouldIgnoreRepo(r, syncTrusted, ignoreTrusted) + if dep.Repository == sourceRepo.GetUrl() || replaceDependencyRepo { repoUrl, err := getDependencyRepoURL(targetRepo) if err != nil { @@ -206,7 +228,7 @@ func updateChartMetadataFile(chartPath string, lock *chart.Lock, sourceRepo, tar if err := writeChartFile(dest, chartMetadata); err != nil { return errors.Trace(err) } - if err := updateLockFile(chartPath, lock, chartMetadata.Dependencies, sourceRepo, targetRepo, false, replaceDependencyRepo); err != nil { + if err := updateLockFile(chartPath, lock, chartMetadata.Dependencies, sourceRepo, targetRepo, false, syncTrusted, ignoreTrusted); err != nil { return errors.Trace(err) } return nil @@ -214,7 +236,7 @@ func updateChartMetadataFile(chartPath string, lock *chart.Lock, sourceRepo, tar // updateRequirementsFile returns the full list of dependencies and the list of missing dependencies. // For helm v2 dependency management -func updateRequirementsFile(chartPath string, lock *chart.Lock, sourceRepo, targetRepo *api.Repo, replaceDependencyRepo bool) error { +func updateRequirementsFile(chartPath string, lock *chart.Lock, sourceRepo, targetRepo *api.Repo, syncTrusted, ignoreTrusted []*api.Repo) error { requirementsFile := path.Join(chartPath, RequirementsFilename) requirements, err := ioutil.ReadFile(requirementsFile) if err != nil { @@ -227,8 +249,15 @@ func updateRequirementsFile(chartPath string, lock *chart.Lock, sourceRepo, targ return errors.Annotatef(err, "error unmarshaling %s file", requirementsFile) } for _, dep := range deps.Dependencies { - // Maybe there are dependencies from other chart repos. In this case we don't want to replace - // the repository. + // Maybe there are dependencies from other chart repos. We replace them or not depending on what we have in + // source.ignoreTrustedRepos and target.syncTrustedRepos (the logic can be found in utils.ShouldIgnoreRepo) + r := api.Repo{ + Url: dep.Repository, + } + + //ignore repo means don't replace it, don't ignore - means "replace it" - use negation to achieve it + replaceDependencyRepo := !utils.ShouldIgnoreRepo(r, syncTrusted, ignoreTrusted) + // For example, old charts pointing to helm/charts repo if dep.Repository == sourceRepo.GetUrl() || replaceDependencyRepo { repoUrl, err := getDependencyRepoURL(targetRepo) @@ -243,15 +272,25 @@ func updateRequirementsFile(chartPath string, lock *chart.Lock, sourceRepo, targ if err := writeChartFile(dest, deps); err != nil { return errors.Trace(err) } - if err := updateLockFile(chartPath, lock, deps.Dependencies, sourceRepo, targetRepo, true, replaceDependencyRepo); err != nil { + if err := updateLockFile(chartPath, lock, deps.Dependencies, sourceRepo, targetRepo, true, syncTrusted, ignoreTrusted); err != nil { return errors.Trace(err) } return nil } // updateLockFile updates the lock file with the new registry -func updateLockFile(chartPath string, lock *chart.Lock, deps []*chart.Dependency, sourceRepo *api.Repo, targetRepo *api.Repo, legacyLockfile, replaceDependencyRepo bool) error { +func updateLockFile(chartPath string, lock *chart.Lock, deps []*chart.Dependency, sourceRepo *api.Repo, targetRepo *api.Repo, legacyLockfile bool, syncTrusted, ignoreTrusted []*api.Repo) error { for _, dep := range lock.Dependencies { + + // Maybe there are dependencies from other chart repos. We replace them or not depending on what we have in + // source.ignoreTrustedRepos and target.syncTrustedRepos (the logic can be found in utils.ShouldIgnoreRepo) + r := api.Repo{ + Url: dep.Repository, + } + + //ignore repo means don't replace it, don't ignore - means "replace it" - use negation to achieve it + replaceDependencyRepo := !utils.ShouldIgnoreRepo(r, syncTrusted, ignoreTrusted) + if dep.Repository == sourceRepo.GetUrl() || replaceDependencyRepo { repoUrl, err := getDependencyRepoURL(targetRepo) if err != nil { diff --git a/internal/chart/dependency_test.go b/internal/chart/dependency_test.go index 0a856b60..3fa92c79 100644 --- a/internal/chart/dependency_test.go +++ b/internal/chart/dependency_test.go @@ -89,7 +89,10 @@ func TestUpdateRequirementsFile(t *testing.T) { chartPath := newChartPath(t, "../../testdata/kafka-10.3.3.tgz", "kafka") requirementsFile := path.Join(chartPath, RequirementsFilename) - if err := updateRequirementsFile(chartPath, lock, source.GetRepo(), target.GetRepo(), false); err != nil { + + var ignoreTrusted, syncTrusted []*api.Repo + + if err := updateRequirementsFile(chartPath, lock, source.GetRepo(), target.GetRepo(), syncTrusted, ignoreTrusted); err != nil { t.Fatal(err) } @@ -163,7 +166,9 @@ func TestUpdateChartMetadataFile(t *testing.T) { t.Fatal(err) } - if err := updateChartMetadataFile(chartPath, lock, source.GetRepo(), target.GetRepo(), false); err != nil { + var ignoreTrusted, syncTrusted []*api.Repo + + if err := updateChartMetadataFile(chartPath, lock, source.GetRepo(), target.GetRepo(), syncTrusted, ignoreTrusted); err != nil { t.Fatal(err) } diff --git a/internal/utils/utils.go b/internal/utils/utils.go index 98f8abff..6773ab20 100644 --- a/internal/utils/utils.go +++ b/internal/utils/utils.go @@ -6,6 +6,7 @@ import ( "crypto/sha1" "crypto/tls" "fmt" + "hash/fnv" "io" "io/ioutil" "net" @@ -445,3 +446,43 @@ func FetchAndCache(name, version string, cache cache.Cacher, fopts ...FetchOptio return cache.Path(id), nil } + +func ShouldIgnoreRepo(repo api.Repo, syncTrusted, ignoreTrusted []*api.Repo) bool { + + repoLocationId := GetRepoLocationId(GetRepoLocation(&repo)) + + for _, trRepo := range syncTrusted { + if GetRepoLocationId(GetRepoLocation(trRepo)) == repoLocationId { + return false + } + } + + for _, ignoreTrRepo := range ignoreTrusted { + if GetRepoLocationId(GetRepoLocation(ignoreTrRepo)) == repoLocationId { + return true + } + } + + return false +} + +// GetRepoLocationId returns a unique id for a repo based on the repo url or path +func GetRepoLocationId(l string) uint32 { + h := fnv.New32a() + + //@todo trim whitespaces from the values used ?! + h.Write([]byte(strings.ToLower(l))) + + return h.Sum32() +} + +// GetRepoLocation returns the repo url or path +func GetRepoLocation(repo *api.Repo) string { + if repo.Url != "" { + //remote repo + return repo.Url + } + + //local repo + return repo.Path +} diff --git a/pkg/syncer/index.go b/pkg/syncer/index.go index b907e23c..c524bea0 100644 --- a/pkg/syncer/index.go +++ b/pkg/syncer/index.go @@ -2,6 +2,7 @@ package syncer import ( "fmt" + "github.com/bitnami-labs/charts-syncer/api" "sort" "time" @@ -20,6 +21,7 @@ type Chart struct { Name string Version string Dependencies []string + Repo api.Repo TgzPath string } @@ -161,7 +163,6 @@ func (s *Syncer) processVersion(name, version string, publishingThreshold time.T klog.V(5).Infof("Skipping %q chart: Already indexed", id) return nil } - if err := s.loadChart(name, version, "", false); err != nil { klog.Errorf("unable to load %q chart: %v", id, err) return err @@ -199,15 +200,17 @@ func (s *Syncer) loadChart(name string, version string, repository string, isDep return nil } - //main source repo client - client := s.cli.src + var tgz string + var err error + + repoKey := utils.GetRepoLocationId(repository) - //in case of dependency - switch to deps client, but only if there is a valid entry for the current repo - if isDep && len(s.cli.deps) > 0 && s.cli.deps[repository] != nil { - client = s.cli.deps[repository] + if isDep && s.cli.trusted[repoKey] != nil { + tgz, err = s.cli.trusted[repoKey].Fetch(name, version) + } else { + tgz, err = s.cli.src.Fetch(name, version) } - tgz, err := client.Fetch(name, version) if err != nil { return errors.Trace(err) } @@ -216,6 +219,7 @@ func (s *Syncer) loadChart(name string, version string, repository string, isDep Name: name, Version: version, TgzPath: tgz, + Repo: api.Repo{Url: repository}, } if !s.skipDependencies { diff --git a/pkg/syncer/index_internal_test.go b/pkg/syncer/index_internal_test.go index 16e1653e..f12f2651 100644 --- a/pkg/syncer/index_internal_test.go +++ b/pkg/syncer/index_internal_test.go @@ -1,6 +1,8 @@ package syncer import ( + "github.com/bitnami-labs/charts-syncer/api" + "github.com/google/go-cmp/cmp/cmpopts" "testing" "github.com/google/go-cmp/cmp" @@ -13,6 +15,16 @@ func removeTgzPath(i ChartIndex) { } func TestLoadCharts(t *testing.T) { + + repo := api.Repo{ + Kind: api.Kind_UNKNOWN, + } + + repoZooKeeper := api.Repo{ + Kind: api.Kind_UNKNOWN, + Url: "https://charts.bitnami.com/bitnami", + } + testCases := []struct { desc string entries []string @@ -23,9 +35,9 @@ func TestLoadCharts(t *testing.T) { desc: "load apache and kafka", entries: []string{"apache", "kafka"}, want: ChartIndex{ - "apache-7.3.15": &Chart{Name: "apache", Version: "7.3.15"}, - "kafka-10.3.3": &Chart{Name: "kafka", Version: "10.3.3", Dependencies: []string{"zookeeper-5.14.3"}}, - "zookeeper-5.14.3": &Chart{Name: "zookeeper", Version: "5.14.3"}, + "apache-7.3.15": &Chart{Name: "apache", Version: "7.3.15", Repo: repo}, + "kafka-10.3.3": &Chart{Name: "kafka", Version: "10.3.3", Dependencies: []string{"zookeeper-5.14.3"}, Repo: repo}, + "zookeeper-5.14.3": &Chart{Name: "zookeeper", Version: "5.14.3", Repo: repoZooKeeper}, }, }, { @@ -33,7 +45,7 @@ func TestLoadCharts(t *testing.T) { entries: []string{"apache", "kafka", "zookeeper"}, skippedEntries: []string{"apache", "kafka"}, want: ChartIndex{ - "zookeeper-5.14.3": &Chart{Name: "zookeeper", Version: "5.14.3"}, + "zookeeper-5.14.3": &Chart{Name: "zookeeper", Version: "5.14.3", Repo: repo}, }, }, } @@ -48,7 +60,7 @@ func TestLoadCharts(t *testing.T) { // Remove TgzPath values from the computed index removeTgzPath(s.getIndex()) - if diff := cmp.Diff(tc.want, s.getIndex()); diff != "" { + if diff := cmp.Diff(tc.want, s.getIndex(), cmpopts.IgnoreUnexported(api.Repo{})); diff != "" { t.Errorf("want vs got diff:\n %+v", diff) } }) @@ -83,7 +95,7 @@ func TestTopologicalSortCharts(t *testing.T) { t.Fatal(err) } - if diff := cmp.Diff(tc.want, got); diff != "" { + if diff := cmp.Diff(tc.want, got, cmpopts.IgnoreUnexported(api.Repo{})); diff != "" { t.Errorf("want vs got diff:\n %+v", diff) } }) diff --git a/pkg/syncer/sync.go b/pkg/syncer/sync.go index 195aa109..eeb45216 100644 --- a/pkg/syncer/sync.go +++ b/pkg/syncer/sync.go @@ -2,13 +2,7 @@ package syncer import ( "fmt" - "io/ioutil" - "os" - "path" - "path/filepath" - "github.com/bitnami-labs/charts-syncer/api" - "github.com/bitnami-labs/charts-syncer/internal/chart" "github.com/bitnami-labs/charts-syncer/internal/utils" "github.com/juju/errors" @@ -17,7 +11,11 @@ import ( "gopkg.in/yaml.v2" helm "helm.sh/helm/v3/pkg/action" helmchart "helm.sh/helm/v3/pkg/chart" + "io/ioutil" "k8s.io/klog" + "os" + "path" + "path/filepath" ) // SyncPendingCharts syncs the charts not found in the target @@ -102,6 +100,11 @@ func (s *Syncer) SyncPendingCharts(names ...string) error { continue } + if utils.ShouldIgnoreRepo(ch.Repo, s.target.SyncTrustedRepos, s.source.IgnoreTrustedRepos) { + klog.Infof("Skipping upload of %q chart because its repository is only in ignoreTrustedRepos list", id) + continue + } + klog.V(3).Infof("Uploading %q chart...", id) if err := s.cli.dst.Upload(packagedChartPath, metadata); err != nil { klog.Errorf("unable to upload %q chart: %+v", id, err) @@ -148,7 +151,7 @@ func (s *Syncer) SyncWithChartsSyncer(ch *Chart, id, workdir, outdir string, has // Update deps if hasDeps { klog.V(3).Infof("Building %q dependencies", id) - if err := chart.BuildDependencies(chartPath, s.cli.dst, s.source.GetRepo(), s.target.GetRepo(), s.target.ReplaceDependencyRepo); err != nil { + if err := chart.BuildDependencies(chartPath, s.cli.dst, s.source.GetRepo(), s.target.GetRepo(), s.cli.trusted, s.target.SyncTrustedRepos, s.source.IgnoreTrustedRepos); err != nil { klog.Errorf("unable to build %q chart dependencies: %+v", id, err) return "", errors.Trace(err) } diff --git a/pkg/syncer/syncer.go b/pkg/syncer/syncer.go index fa5c7e77..de84e5a0 100644 --- a/pkg/syncer/syncer.go +++ b/pkg/syncer/syncer.go @@ -1,22 +1,23 @@ package syncer import ( - "os" - "github.com/bitnami-labs/charts-syncer/api" + "github.com/bitnami-labs/charts-syncer/internal/utils" "github.com/bitnami-labs/charts-syncer/pkg/client" "github.com/bitnami-labs/charts-syncer/pkg/client/intermediate" "github.com/bitnami-labs/charts-syncer/pkg/client/repo" "github.com/bitnami-labs/charts-syncer/pkg/client/types" "github.com/juju/errors" "k8s.io/klog" + "os" ) // Clients holds the source and target chart repo clients type Clients struct { - src client.ChartsReaderWriter - dst client.ChartsReaderWriter - deps map[string]client.ChartsReaderWriter + src client.ChartsReaderWriter + dst client.ChartsReaderWriter + //stores clients for ignoreTrustedRepos and syncTrustedRepos repositories + trusted map[uint32]client.ChartsReaderWriter } // A Syncer can be used to sync a source and target chart repos. @@ -129,25 +130,35 @@ func New(source *api.Source, target *api.Target, opts ...Option) (*Syncer, error } s.cli = &Clients{} - //inits deps map - s.cli.deps = make(map[string]client.ChartsReaderWriter) - //Allowed deps repos - for _, depenencyRepo := range source.TrustedSourceDeps { - depClientTmp, err := repo.NewClient(depenencyRepo, types.WithCache(s.workdir), types.WithInsecure(s.insecure)) + //inits trusted map + s.cli.trusted = make(map[uint32]client.ChartsReaderWriter) + + //adds all ignored but trusted repos to the client map + for _, tRepo := range source.IgnoreTrustedRepos { + depClientTmp, err := repo.NewClient(tRepo, types.WithCache(s.workdir), types.WithInsecure(s.insecure)) + if err != nil { + return nil, errors.Trace(err) + } + locationId := utils.GetRepoLocationId(utils.GetRepoLocation(tRepo)) + s.cli.trusted[locationId] = depClientTmp + } + + //adds all trusted repos to the client map + for _, tRepo := range target.SyncTrustedRepos { + depClientTmp, err := repo.NewClient(tRepo, types.WithCache(s.workdir), types.WithInsecure(s.insecure)) if err != nil { return nil, errors.Trace(err) } - s.cli.deps[depenencyRepo.Url] = depClientTmp + locationId := utils.GetRepoLocationId(utils.GetRepoLocation(tRepo)) + s.cli.trusted[locationId] = depClientTmp } - //End of allowed deps + if source.GetRepo() != nil { srcCli, err := repo.NewClient(source.GetRepo(), types.WithCache(s.workdir), types.WithInsecure(s.insecure)) if err != nil { return nil, errors.Trace(err) } s.cli.src = srcCli - //Add source repo as a dependency repo also - s.cli.deps[source.GetRepo().Url] = srcCli } else if source.GetIntermediateBundlesPath() != "" { // Specifically disable dependencies sync for intermediate scenarios disableDependencySync(s)