fix: refactor create stages into separate lib (#2223)

## Description refactor create stages into separate lib ## Related Issue Fixes #2188 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow) followed --------- Signed-off-by: razzle <harry@razzle.cloud> Co-authored-by: razzle <harry@razzle.cloud> Co-authored-by: Austin Abro <37223396+AustinAbro321@users.noreply.github.com>
defenseunicorns · Mar 13, 2024 · 1ec8849 · 1ec8849
1 parent 9608731
commit 1ec8849
Show file tree

Hide file tree

Showing 54 changed files with 1,914 additions and 1,637 deletions.
diff --git a/docs/3-create-a-zarf-package/4-zarf-schema.md b/docs/3-create-a-zarf-package/4-zarf-schema.md
@@ -409,6 +409,25 @@ Must be one of:
 </blockquote>
 </details>
 
+<details open>
+<summary>
+<strong> <a name="build_registryOverrides"></a>registryOverrides</strong>
+</summary>
+&nbsp;
+<blockquote>
+
+  ## build > registryOverrides
+
+**Description:** Any registry domains that were overridden on package create when pulling images
+
+|                           |                                                                                                                                   |
+| ------------------------- | --------------------------------------------------------------------------------------------------------------------------------- |
+| **Type**                  | `object`                                                                                                                          |
+| **Additional properties** | [![Any type: allowed](https://img.shields.io/badge/Any%20type-allowed-green)](# "Additional Properties of any type are allowed.") |
+
+</blockquote>
+</details>
+
 <details>
 <summary>
 <strong> <a name="build_differential"></a>differential</strong>
@@ -425,21 +444,18 @@ Must be one of:
 </blockquote>
 </details>
 
-<details open>
+<details>
 <summary>
-<strong> <a name="build_registryOverrides"></a>registryOverrides</strong>
+<strong> <a name="build_differentialPackageVersion"></a>differentialPackageVersion</strong>
 </summary>
 &nbsp;
 <blockquote>
 
-  ## build > registryOverrides
-
-**Description:** Any registry domains that were overridden on package create when pulling images
+**Description:** Version of a previously built package used as the basis for creating this differential package
 
-|                           |                                                                                                                                   |
-| ------------------------- | --------------------------------------------------------------------------------------------------------------------------------- |
-| **Type**                  | `object`                                                                                                                          |
-| **Additional properties** | [![Any type: allowed](https://img.shields.io/badge/Any%20type-allowed-green)](# "Additional Properties of any type are allowed.") |
+|          |          |
+| -------- | -------- |
+| **Type** | `string` |
 
 </blockquote>
 </details>

diff --git a/docs/3-create-a-zarf-package/5-package-create-lifecycle.md b/docs/3-create-a-zarf-package/5-package-create-lifecycle.md
@@ -6,50 +6,51 @@ The following diagram shows the order of operations for the `zarf package create
 
 ```mermaid
 graph TD
-    A1(set working directory)-->A2
-    A2(parse zarf.yaml)-->A3
-    A3(filter components by architecture)-->A4
-    A4(detect init package)-->A5
-    A5(handle deprecations)-->A6
+    A1(cd to directory with zarf.yaml)-->A2
+    A2(load zarf.yaml into memory)-->A3
+    A3(set package architecture if not provided)-->A4
+    A4(filter components by architecture and flavor)-->A5
+    A5(migrate deprecated component configs)-->A6
     A6(parse component imports)-->A7
     A7(process create-time variables)-->A8
-    A8(write build data and zarf.yaml)-->A9
-
-    A9(run validations)-->A10
-    A10(confirm package create):::prompt-->A11
-    A11{Init package?}
-    A11 -->|Yes| A12(add seed image)-->A13
-    A11 -->|No| A13
+    A8(process extensions)-->A9
+    A9(remove duplicate images/repos if --differential flag used)-->A10
+    A10(run validations)-->A11
+    A11(confirm package create):::prompt-->A12
 
     subgraph  
-    A13(add each component)-->A13
-    A13 --> A14(run each '.actions.onCreate.before'):::action-->A14
-    A14 --> A15(load '.charts')-->A16
-    A16(load '.files')-->A17
-    A17(load '.dataInjections')-->A18
-    A18(load '.manifests')-->A19
-    A19(load '.repos')-->A20
-    A20(run each '.actions.onCreate.after'):::action-->A20
-    A20-->A21{Success?}
-    A21-->|Yes|A22(run each\n'.actions.onCreate.success'):::action-->A22
-    A21-->|No|A23(run each\n'.actions.onCreate.failure'):::action-->A23-->A999
+        A12(run each '.actions.onCreate.before'):::action-->A13(load '.charts')
+        A13-->A14(load '.files')
+        A14-->A15(load '.dataInjections')
+        A15-->A16(load '.manifests')
+        A16-->A17(load '.repos')
+        A17-->A18(run each '.actions.onCreate.after'):::action
+        A18-->A19{Success?}
+        A19-->|Yes|A20(run each\n'.actions.onCreate.success'):::action
+        A19-->|No|A999
     end
 
-    A22-->A24(load all '.images')
-    A24-->A25{Skip SBOM?}
-    A25-->|Yes|A27
-    A25-->|No|A26
-    A26(generate SBOM)-->A27
-    A27(reset working directory)-->A28
-    A28(create package archive)-->A29
-    A29{Is multipart?}
-    A29-->|Yes|A30(split package archive)-->A31
-    A29-->|No|A31
-    A31(handle sbom view/out flags)
+    A20-->A21(load all '.images')
+    A21-->A22(generate SBOMs unless --skip-sbom flag was used)
+    A22-->A23(cd back to original working directory)
+    A23-->A24(archive components into tarballs)
+    A24-->A25(generate checksums for all package files)
+    A25-->A26(record package build metadata)
+    A26-->A27(write the zarf.yaml to disk)
+    A27-->A28(sign the package if a key was provided)
+    A28-->A29{Output to OCI?}
+    A29-->|Yes|A30(publish package to OCI registry)
+    A29-->|No|A31(archive package into a tarball and write to disk)
+    A30-->A32
+    A31-->A32
+    A32(write SBOM files to disk if --sbom or --sbom-out flags used)-->A33
+    A33(view SBOMs if --sbom flag used)-->A34
+    A34[Zarf Package Create Successful]:::success
 
     A999[Abort]:::fail
 
     classDef prompt fill:#4adede,color:#000000
     classDef action fill:#bd93f9,color:#000000
     classDef fail fill:#aa0000
+    classDef success fill:#008000,color:#fff;
 ```
diff --git a/src/cmd/common/utils.go b/src/cmd/common/utils.go
@@ -4,15 +4,10 @@
 // Package common handles command configuration across all commands
 package common
 
-import (
-	"github.com/defenseunicorns/zarf/src/types"
-)
-
-// SetBaseDirectory sets base directory on package config when given in args
-func SetBaseDirectory(args []string, pkgConfig *types.PackagerConfig) {
+// SetBaseDirectory sets the base directory. This is a directory with a zarf.yaml.
+func SetBaseDirectory(args []string) string {
 	if len(args) > 0 {
-		pkgConfig.CreateOpts.BaseDir = args[0]
-	} else {
-		pkgConfig.CreateOpts.BaseDir = "."
+		return args[0]
 	}
+	return "."
 }
diff --git a/src/cmd/dev.go b/src/cmd/dev.go
@@ -41,7 +41,7 @@ var devDeployCmd = &cobra.Command{
 	Short: lang.CmdDevDeployShort,
 	Long:  lang.CmdDevDeployLong,
 	Run: func(_ *cobra.Command, args []string) {
-		common.SetBaseDirectory(args, &pkgConfig)
+		pkgConfig.CreateOpts.BaseDir = common.SetBaseDirectory(args)
 
 		v := common.GetViper()
 		pkgConfig.CreateOpts.SetVariables = helpers.TransformAndMergeMap(
@@ -116,7 +116,7 @@ var devTransformGitLinksCmd = &cobra.Command{
 
 		if confirm {
 			// Overwrite the file
-			err = os.WriteFile(fileName, []byte(processedText), 0640)
+			err = os.WriteFile(fileName, []byte(processedText), helpers.ReadAllWriteUser)
 			if err != nil {
 				message.Fatal(err, lang.CmdDevPatchGitFileWriteErr)
 			}
@@ -207,7 +207,7 @@ var devFindImagesCmd = &cobra.Command{
 	Short:   lang.CmdDevFindImagesShort,
 	Long:    lang.CmdDevFindImagesLong,
 	Run: func(_ *cobra.Command, args []string) {
-		common.SetBaseDirectory(args, &pkgConfig)
+		pkgConfig.CreateOpts.BaseDir = common.SetBaseDirectory(args)
 
 		// Ensure uppercase keys from viper
 		v := common.GetViper()
@@ -256,7 +256,7 @@ var devLintCmd = &cobra.Command{
 	Short:   lang.CmdDevLintShort,
 	Long:    lang.CmdDevLintLong,
 	Run: func(_ *cobra.Command, args []string) {
-		common.SetBaseDirectory(args, &pkgConfig)
+		pkgConfig.CreateOpts.BaseDir = common.SetBaseDirectory(args)
 		v := common.GetViper()
 		pkgConfig.CreateOpts.SetVariables = helpers.TransformAndMergeMap(
 			v.GetStringMapString(common.VPkgCreateSet), pkgConfig.CreateOpts.SetVariables, strings.ToUpper)

diff --git a/src/cmd/initialize.go b/src/cmd/initialize.go
@@ -44,7 +44,7 @@ var initCmd = &cobra.Command{
 		}
 
 		// Continue running package deploy for all components like any other package
-		initPackageName := packager.GetInitPackageName("")
+		initPackageName := sources.GetInitPackageName()
 		pkgConfig.PkgOpts.PackageSource = initPackageName
 
 		// Try to use an init-package in the executable directory if none exist in current working directory

diff --git a/src/cmd/package.go b/src/cmd/package.go
@@ -41,7 +41,7 @@ var packageCreateCmd = &cobra.Command{
 	Short:   lang.CmdPackageCreateShort,
 	Long:    lang.CmdPackageCreateLong,
 	Run: func(_ *cobra.Command, args []string) {
-		common.SetBaseDirectory(args, &pkgConfig)
+		pkgConfig.CreateOpts.BaseDir = common.SetBaseDirectory(args)
 
 		var isCleanPathRegex = regexp.MustCompile(`^[a-zA-Z0-9\_\-\/\.\~\\:]+$`)
 		if !isCleanPathRegex.MatchString(config.CommonOptions.CachePath) {
@@ -350,7 +350,7 @@ func bindCreateFlags(v *viper.Viper) {
 	createFlags.StringVar(&pkgConfig.CreateOpts.Output, "output-directory", v.GetString("package.create.output_directory"), lang.CmdPackageCreateFlagOutput)
 	createFlags.StringVarP(&pkgConfig.CreateOpts.Output, "output", "o", v.GetString(common.VPkgCreateOutput), lang.CmdPackageCreateFlagOutput)
 
-	createFlags.StringVar(&pkgConfig.CreateOpts.DifferentialData.DifferentialPackagePath, "differential", v.GetString(common.VPkgCreateDifferential), lang.CmdPackageCreateFlagDifferential)
+	createFlags.StringVar(&pkgConfig.CreateOpts.DifferentialPackagePath, "differential", v.GetString(common.VPkgCreateDifferential), lang.CmdPackageCreateFlagDifferential)
 	createFlags.StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(common.VPkgCreateSet), lang.CmdPackageCreateFlagSet)
 	createFlags.BoolVarP(&pkgConfig.CreateOpts.ViewSBOM, "sbom", "s", v.GetBool(common.VPkgCreateSbom), lang.CmdPackageCreateFlagSbom)
 	createFlags.StringVar(&pkgConfig.CreateOpts.SBOMOutputDir, "sbom-out", v.GetString(common.VPkgCreateSbomOutput), lang.CmdPackageCreateFlagSbomOut)

diff --git a/src/config/lang/english.go b/src/config/lang/english.go
@@ -633,20 +633,21 @@ const (
 	AgentErrUnableTransform        = "unable to transform the provided request; see zarf http proxy logs for more details"
 )
 
-// src/internal/packager/create
+// Package create
 const (
-	PkgCreateErrDifferentialSameVersion = "unable to create a differential package with the same version as the package you are using as a reference; the package version must be incremented"
+	PkgCreateErrDifferentialSameVersion = "unable to create differential package. Please ensure the differential package version and reference package version are not the same. The package version must be incremented"
+	PkgCreateErrDifferentialNoVersion   = "unable to create differential package. Please ensure both package versions are set"
 )
 
-// src/internal/packager/deploy.
+// Package deploy
 const (
 	PkgDeployErrMultipleComponentsSameGroup        = "You cannot specify multiple components (%q, %q) within the same group (%q) when using the --components flag."
 	PkgDeployErrNoDefaultOrSelection               = "You must make a selection from %q with the --components flag as there is no default in their group."
 	PkgDeployErrNoCompatibleComponentsForSelection = "No compatible components found that matched %q. Please check spelling and try again."
 	PkgDeployErrComponentSelectionCanceled         = "Component selection canceled: %s"
 )
 
-// src/internal/packager/validate.
+// Package validate
 const (
 	PkgValidateTemplateDeprecation        = "Package template %q is using the deprecated syntax ###ZARF_PKG_VAR_%s###. This will be removed in Zarf v1.0.0. Please update to ###ZARF_PKG_TMPL_%s###."
 	PkgValidateMustBeUppercase            = "variable name %q must be all uppercase and contain no special characters except _"

diff --git a/src/internal/packager/sbom/tools.go b/src/internal/packager/sbom/tools.go
@@ -6,15 +6,11 @@ package sbom
 
 import (
 	"fmt"
-	"os"
 	"path/filepath"
 
 	"github.com/AlecAivazis/survey/v2"
 	"github.com/defenseunicorns/zarf/src/pkg/message"
-	"github.com/defenseunicorns/zarf/src/pkg/utils"
 	"github.com/defenseunicorns/zarf/src/pkg/utils/exec"
-	"github.com/defenseunicorns/zarf/src/pkg/utils/helpers"
-	"github.com/defenseunicorns/zarf/src/types"
 )
 
 // ViewSBOMFiles opens a browser to view the SBOM files and pauses for user input.
@@ -41,29 +37,3 @@ func ViewSBOMFiles(directory string) {
 		message.Note("There were no images with software bill-of-materials (SBOM) included.")
 	}
 }
-
-// OutputSBOMFiles outputs the sbom files into a specified directory.
-func OutputSBOMFiles(sourceDir, outputDir, packageName string) (string, error) {
-	packagePath := filepath.Join(outputDir, packageName)
-
-	if err := os.RemoveAll(packagePath); err != nil {
-		return "", err
-	}
-
-	if err := utils.CreateDirectory(packagePath, helpers.ReadWriteExecuteUser); err != nil {
-		return "", err
-	}
-
-	return packagePath, utils.CreatePathAndCopy(sourceDir, packagePath)
-}
-
-// IsSBOMAble checks if a package has contents that an SBOM can be created on (i.e. images, files, or data injections)
-func IsSBOMAble(pkg types.ZarfPackage) bool {
-	for _, c := range pkg.Components {
-		if len(c.Images) > 0 || len(c.Files) > 0 || len(c.DataInjections) > 0 {
-			return true
-		}
-	}
-
-	return false
-}