Closed ribbybibby closed 1 month ago
Appreciate the contextual description at the top of the PR @ribbybibby. I've added issue / thoughts on the existing comments. I think it'd be good to merge and fix for users of ghcr.io.
@davidcollom I'll defer to you for approval. My Go isn't good enough to properly review. But from a "this is what the PR tackles" perspective I give it 👍
We were previously using releases to figure out tags for a Github package. I think this was wrong. Not all release tags will be pushed as package versions, and vice versa. Someone may choose to use GHCR without taking advantage of releases at all.
I've modified it so that the client will check if the owner is a user or an org and then make the appropriate
PackageGetAllVersions
function call to retrieve the tags.I've also fixed a few other things I ran into while testing this:
New
so that rate limiting and other goodness is reused across calls.RepoImageFromPath
, so it will split the repository path into the 'owner' and 'repo' segments thatTags
expects. Previously we would have got errors for subrepositories.TestRepoImage
to ensure it doesn't panic on unexpected inputs.ghcr.io
toghcr.io
..att
tags then we should probably exclude.sig
and.sbom
too.Fixes #179, #175