Local testing - Second Pair of Eyes

[jimmyraywv]

@akashsinghal What is the best way to test locally, before I submit a PR? I have this fork. I updated the chart templates to accept the aws-ecr-basic auth provider config.

I built ratify with this updated Dockerfile

I installed with this helm command:

helm install ratify --atomic --namespace ratify .../code/github/forks/ratify/charts/ratify/ \
--values values.yaml

Following the verification outlined here, I can see the cm looks correct:

      "stores": {
        "version": "1.0.0",
        "plugins": [
            {
                "name": "oras"
                ,
                "auth-provider": {
                    "name": "aws-ecr-basic"
                }
            }
        ]
      },

My auth provider code is here.

I see this error in the ratify pod logs:

time="2022-06-21T20:16:54Z" level=info msg="configuration successfully loaded."
Error: failed to create auth provider from configuration: failed to find auth provider implementation with name aws-ecr-basic

So, even though I used the newly minted image from the build process, ratify can't seem to find my auth provider.

[akashsinghal]

@jimmyraywv The auth providers are registered in their respective init() functions and the init() function is called when another package imports the current provider. In our cases, the azure and aws provider packages aren't explicitly imported elsewhere so we need to force an import somewhere. I suggest adding a blank import to the oras.go file like we did for the azure auth provider here: https://github.com/jimmyraywv/ratify/blob/2dfe7c9be53cef7dd4ec602d0a8dd658572001ce/pkg/referrerstore/oras/oras.go#L43. This should resolve the issue.