40 lines
1.8 KiB
Diff
40 lines
1.8 KiB
Diff
From 982cfa8500250c9704448880a779ade06cc8f976 Mon Sep 17 00:00:00 2001
|
|
From: Nicolas Belouin <nicolas.belouin@suse.com>
|
|
Date: Thu, 3 Apr 2025 16:53:49 +0200
|
|
Subject: [PATCH] Allow slash prefixes in registry
|
|
|
|
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
|
|
---
|
|
container-build-checks.py | 12 ++++++++----
|
|
1 file changed, 8 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/container-build-checks.py b/container-build-checks.py
|
|
index b8c873c..d862f33 100755
|
|
--- a/container-build-checks.py
|
|
+++ b/container-build-checks.py
|
|
@@ -82,13 +82,17 @@ def verify_reference(image, result, value):
|
|
return
|
|
|
|
(registry, repo, tag) = reference_match.groups()
|
|
- allowed_registries: list[str] = config["General"].getlist("Registry")
|
|
- if len(allowed_registries) and registry not in allowed_registries:
|
|
+ raw_allowed_registries: list[str] = config["General"].getlist("Registry")
|
|
+ allowed_registries: dict[str, str] = {v[0]: v[2] for v in map(lambda a: a.partition("/"), raw_allowed_registries)}
|
|
+
|
|
+ if len(allowed_registries) and (registry not in allowed_registries.keys() or not repo.startswith(allowed_registries[registry])):
|
|
result.warn(
|
|
f"The org.opensuse.reference label ({value}) does not use an "
|
|
- f"allowed registry: {','.join(allowed_registries)}")
|
|
+ f"allowed registry: {','.join(raw_allowed_registries)}")
|
|
+
|
|
+ prefix = allowed_registries[registry]
|
|
|
|
- if f"{repo}:{tag}" not in image.containerinfo["tags"]:
|
|
+ if f"{repo[len(prefix)+1:]}:{tag}" not in image.containerinfo["tags"]:
|
|
tags = ", ".join(image.containerinfo["tags"])
|
|
result.warn(f"The org.opensuse.reference label ({value}) does not refer to an existing tag ({tags})")
|
|
elif "release" in image.containerinfo and image.containerinfo["release"] not in tag:
|
|
--
|
|
2.49.0
|
|
|