Skip to content

Commit

Permalink
bib: load repo keys using external paths
Browse files Browse the repository at this point in the history
Since d192f85, we switched to using dnf
(osbuild-depsolve-dnf) from BIB itself, but using the base (bootc)
container root to read configurations, certificates, keys, etc.
Unfortunately, what we didn't change, is the way in which we load the
repository certs after the depsolve.

The extractTLSKeys() function currently takes a Container instance which
implements ReadFile() by `cat`ing a file from inside the running
container.  However, the paths we get from the depsolve are relative to
the BIB worktree.  Therefore, we can simply read the files directly.

Add a SimpleFileReader that implements the fileReader interface to
simply read a file from a path.  We could simplify this to not require
a reader interface at all, but let's keep the implementation in case we
ever need to switch back to the older way of depsolving from inside the
container.

Resolves COMPOSER-2408
  • Loading branch information
achilleas-k authored and ondrejbudai committed Nov 28, 2024
1 parent 8d1aed1 commit 739aa04
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 1 deletion.
2 changes: 1 addition & 1 deletion bib/cmd/bootc-image-builder/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -311,7 +311,7 @@ func manifestFromCobra(cmd *cobra.Command, args []string) ([]byte, *mTLSConfig,
return nil, nil, err
}

mTLS, err := extractTLSKeys(container, repos)
mTLS, err := extractTLSKeys(SimpleFileReader{}, repos)
if err != nil {
return nil, nil, err
}
Expand Down
6 changes: 6 additions & 0 deletions bib/cmd/bootc-image-builder/mtls.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,12 @@ type fileReader interface {
ReadFile(string) ([]byte, error)
}

type SimpleFileReader struct{}

func (SimpleFileReader) ReadFile(path string) ([]byte, error) {
return os.ReadFile(path)
}

func extractTLSKeys(reader fileReader, repoSets map[string][]rpmmd.RepoConfig) (*mTLSConfig, error) {
var keyPath, certPath, caPath string
for _, set := range repoSets {
Expand Down

0 comments on commit 739aa04

Please sign in to comment.