Merge branch 'master' of https://github.com/PowerShell/PSResourceGet into bugfix-containerregistry-2digitinstall

Author: anamnavi

CHANGELOG/1.1.md

@@ -0,0 +1,12 @@
+## [1.1.0](https://github.com/PowerShell/PSResourceGet/compare/v1.1.0-rc3...v1.1.0) - 2025-01-09
+
+### Bug Fixes
+
+- Bugfix for publishing .nupkg file to ContainerRegistry repository (#1763)
+- Bugfix for PMPs like Artifactory needing modified filter query parameter to proxy upstream (#1761)
+- Bugfix for ContainerRegistry repository to parse out dependencies from metadata (#1766)
+- Bugfix for Install-PSResource Null pointer occurring when package is present only in upstream feed in ADO (#1760)
+- Bugfix for local repository casing issue on Linux (#1750)
+- Update README.md (#1759)
+- Bug fix for case sensitive License.txt when RequireLicense is specified (#1757)
+- Bug fix for broken -Quiet parameter for Save-PSResource (#1745)

global.json

@@ -1,5 +1,5 @@
 {
     "sdk": {
-        "version": "8.0.403"
+        "version": "8.0.404"
     }
 }

src/Microsoft.PowerShell.PSResourceGet.psd1

@@ -46,7 +46,7 @@
         'udres')
     PrivateData = @{
         PSData = @{
-            Prerelease   = 'rc3'
+            # Prerelease   = ''
             Tags         = @('PackageManagement',
                 'PSEdition_Desktop',
                 'PSEdition_Core',
@@ -56,6 +56,18 @@
             ProjectUri   = 'https://go.microsoft.com/fwlink/?LinkId=828955'
             LicenseUri   = 'https://go.microsoft.com/fwlink/?LinkId=829061'
             ReleaseNotes = @'
+## 1.1.0
+
+### Bug Fix
+- Bugfix for publishing .nupkg file to ContainerRegistry repository (#1763)
+- Bugfix for PMPs like Artifactory needing modified filter query parameter to proxy upstream (#1761)
+- Bugfix for ContainerRegistry repository to parse out dependencies from metadata (#1766)
+- Bugfix for Install-PSResource Null pointer occurring when package is present only in upstream feed in ADO (#1760)
+- Bugfix for local repository casing issue on Linux (#1750)
+- Update README.md (#1759)
+- Bug fix for case sensitive License.txt when RequireLicense is specified (#1757)
+- Bug fix for broken -Quiet parameter for Save-PSResource (#1745)
+
 ## 1.1.0-rc3
 
 ### Bug Fix

src/code/ContainerRegistryServerAPICalls.cs

@@ -38,14 +38,16 @@ internal class ContainerRegistryServerAPICalls : ServerApiCall
         private static readonly FindResults emptyResponseResults = new FindResults(stringResponse: Utils.EmptyStrArray, hashtableResponse: emptyHashResponses, responseType: containerRegistryFindResponseType);
 
         const string containerRegistryRefreshTokenTemplate = "grant_type=access_token&service={0}&tenant={1}&access_token={2}"; // 0 - registry, 1 - tenant, 2 - access token
-        const string containerRegistryAccessTokenTemplate = "grant_type=refresh_token&service={0}&scope=repository:*:*&refresh_token={1}"; // 0 - registry, 1 - refresh token
+        const string containerRegistryAccessTokenTemplate = "grant_type=refresh_token&service={0}&scope=repository:*:*&scope=registry:catalog:*&refresh_token={1}"; // 0 - registry, 1 - refresh token
         const string containerRegistryOAuthExchangeUrlTemplate = "https://{0}/oauth2/exchange"; // 0 - registry
         const string containerRegistryOAuthTokenUrlTemplate = "https://{0}/oauth2/token"; // 0 - registry
         const string containerRegistryManifestUrlTemplate = "https://{0}/v2/{1}/manifests/{2}"; // 0 - registry, 1 - repo(modulename), 2 - tag(version)
         const string containerRegistryBlobDownloadUrlTemplate = "https://{0}/v2/{1}/blobs/{2}"; // 0 - registry, 1 - repo(modulename), 2 - layer digest
         const string containerRegistryFindImageVersionUrlTemplate = "https://{0}/v2/{1}/tags/list"; // 0 - registry, 1 - repo(modulename)
         const string containerRegistryStartUploadTemplate = "https://{0}/v2/{1}/blobs/uploads/"; // 0 - registry, 1 - packagename
         const string containerRegistryEndUploadTemplate = "https://{0}{1}&digest=sha256:{2}"; // 0 - registry, 1 - location, 2 - digest
+        const string defaultScope = "&scope=repository:*:*&scope=registry:catalog:*";
+        const string containerRegistryRepositoryListTemplate = "https://{0}/v2/_catalog"; // 0 - registry
 
         #endregion
 
@@ -76,13 +78,13 @@ public ContainerRegistryServerAPICalls(PSRepositoryInfo repository, PSCmdlet cmd
         public override FindResults FindAll(bool includePrerelease, ResourceType type, out ErrorRecord errRecord)
         {
             _cmdletPassedIn.WriteDebug("In ContainerRegistryServerAPICalls::FindAll()");
-            errRecord = new ErrorRecord(
-                new InvalidOperationException($"Find all is not supported for the ContainerRegistry server protocol repository '{Repository.Name}'"),
-                "FindAllFailure",
-                ErrorCategory.InvalidOperation,
-                this);
+            var findResult = FindPackages("*", includePrerelease, out errRecord);
+            if (errRecord != null)
+            {
+                return emptyResponseResults;
+            }
 
-            return emptyResponseResults;
+            return findResult;
         }
 
         /// <summary>
@@ -161,13 +163,13 @@ public override FindResults FindNameWithTag(string packageName, string[] tags, b
         public override FindResults FindNameGlobbing(string packageName, bool includePrerelease, ResourceType type, out ErrorRecord errRecord)
         {
             _cmdletPassedIn.WriteDebug("In ContainerRegistryServerAPICalls::FindNameGlobbing()");
-            errRecord = new ErrorRecord(
-                new InvalidOperationException($"FindNameGlobbing all is not supported for the ContainerRegistry server protocol repository '{Repository.Name}'"),
-                "FindNameGlobbingFailure",
-                ErrorCategory.InvalidOperation,
-                this);
+            var findResult = FindPackages(packageName, includePrerelease, out errRecord);
+            if (errRecord != null)
+            {
+                return emptyResponseResults;
+            }
 
-            return emptyResponseResults;
+            return findResult;
         }
 
         /// <summary>
@@ -391,12 +393,18 @@ internal string GetContainerRegistryAccessToken(out ErrorRecord errRecord)
             }
             else
             {
-                bool isRepositoryUnauthenticated = IsContainerRegistryUnauthenticated(Repository.Uri.ToString(), out errRecord);
+                bool isRepositoryUnauthenticated = IsContainerRegistryUnauthenticated(Repository.Uri.ToString(), out errRecord, out accessToken);
                 if (errRecord != null)
                 {
                     return null;
                 }
 
+                if (!string.IsNullOrEmpty(accessToken))
+                {
+                    _cmdletPassedIn.WriteVerbose("Anonymous access token retrieved.");
+                    return accessToken;
+                }
+
                 if (!isRepositoryUnauthenticated)
                 {
                     accessToken = Utils.GetAzAccessToken();
@@ -436,15 +444,82 @@ internal string GetContainerRegistryAccessToken(out ErrorRecord errRecord)
         /// <summary>
         /// Checks if container registry repository is unauthenticated.
         /// </summary>
-        internal bool IsContainerRegistryUnauthenticated(string containerRegistyUrl, out ErrorRecord errRecord)
+        internal bool IsContainerRegistryUnauthenticated(string containerRegistyUrl, out ErrorRecord errRecord, out string anonymousAccessToken)
         {
             _cmdletPassedIn.WriteDebug("In ContainerRegistryServerAPICalls::IsContainerRegistryUnauthenticated()");
             errRecord = null;
+            anonymousAccessToken = string.Empty;
             string endpoint = $"{containerRegistyUrl}/v2/";
             HttpResponseMessage response;
             try
             {
                 response = _sessionClient.SendAsync(new HttpRequestMessage(HttpMethod.Head, endpoint)).Result;
+
+                if (response.StatusCode == HttpStatusCode.Unauthorized)
+                {
+                    // check if there is a auth challenge header
+                    if (response.Headers.WwwAuthenticate.Count() > 0)
+                    {
+                        var authHeader = response.Headers.WwwAuthenticate.First();
+                        if (authHeader.Scheme == "Bearer")
+                        {
+                            // check if there is a realm
+                            if (authHeader.Parameter.Contains("realm"))
+                            {
+                                // get the realm
+                                var realm = authHeader.Parameter.Split(',')?.Where(x => x.Contains("realm"))?.FirstOrDefault()?.Split('=')[1]?.Trim('"');
+                                // get the service
+                                var service = authHeader.Parameter.Split(',')?.Where(x => x.Contains("service"))?.FirstOrDefault()?.Split('=')[1]?.Trim('"');
+
+                                if (string.IsNullOrEmpty(realm) || string.IsNullOrEmpty(service))
+                                {
+                                    errRecord = new ErrorRecord(
+                                        new InvalidOperationException("Failed to get realm or service from the auth challenge header."),
+                                        "RegistryUnauthenticationCheckError",
+                                        ErrorCategory.InvalidResult,
+                                        this);
+
+                                    return false;
+                                }
+
+                                string content = "grant_type=access_token&service=" + service + defaultScope;
+                                var contentHeaders = new Collection<KeyValuePair<string, string>> { new KeyValuePair<string, string>("Content-Type", "application/x-www-form-urlencoded") };
+
+                                // get the anonymous access token
+                                var url = $"{realm}?service={service}{defaultScope}";
+
+                                // we dont check the errorrecord here because we want to return false if we get a 401 and not throw an error
+                                var results = GetHttpResponseJObjectUsingContentHeaders(url, HttpMethod.Get, content, contentHeaders, out _);
+
+                                if (results == null)
+                                {
+                                    _cmdletPassedIn.WriteDebug("Failed to get access token from the realm. results is null.");
+                                    return false;
+                                }
+
+                                if (results["access_token"] == null)
+                                {
+                                    _cmdletPassedIn.WriteDebug($"Failed to get access token from the realm. access_token is null. results: {results}");
+                                    return false;
+                                }
+
+                                anonymousAccessToken = results["access_token"].ToString();
+                                _cmdletPassedIn.WriteDebug("Anonymous access token retrieved");
+                                return true;
+                            }
+                        }
+                    }
+                }
+            }
+            catch (HttpRequestException hre)
+            {
+                 errRecord = new ErrorRecord(
+                    hre,
+                    "RegistryAnonymousAcquireError",
+                    ErrorCategory.ConnectionError,
+                    this);
+
+                return false;
             }
             catch (Exception e)
             {
@@ -591,6 +666,20 @@ internal JObject FindContainerRegistryImageTags(string packageName, string versi
             return GetHttpResponseJObjectUsingDefaultHeaders(findImageUrl, HttpMethod.Get, defaultHeaders, out errRecord);
         }
 
+        /// <summary>
+        /// Helper method to find all packages on container registry
+        /// </summary>
+        /// <param name="containerRegistryAccessToken"></param>
+        /// <param name="errRecord"></param>
+        /// <returns></returns>
+        internal JObject FindAllRepositories(string containerRegistryAccessToken, out ErrorRecord errRecord)
+        {
+            _cmdletPassedIn.WriteDebug("In ContainerRegistryServerAPICalls::FindAllRepositories()");
+            string repositoryListUrl = string.Format(containerRegistryRepositoryListTemplate, Registry);
+            var defaultHeaders = GetDefaultHeaders(containerRegistryAccessToken);
+            return GetHttpResponseJObjectUsingDefaultHeaders(repositoryListUrl, HttpMethod.Get, defaultHeaders, out errRecord);
+        }
+
         /// <summary>
         /// Get metadata for a package version.
         /// </summary>
@@ -1705,12 +1794,63 @@ private string PrependMARPrefix(string packageName)
 
             // If the repostitory is MAR and its not a wildcard search, we need to prefix the package name with MAR prefix.
             string updatedPackageName = Repository.IsMARRepository() && packageName.Trim() != "*"
-                                            ? string.Concat(prefix, packageName)
+                                            ? packageName.StartsWith(prefix) ? packageName : string.Concat(prefix, packageName)
                                             : packageName;
 
             return updatedPackageName;
         }
 
+        private FindResults FindPackages(string packageName, bool includePrerelease, out ErrorRecord errRecord)
+        {
+            _cmdletPassedIn.WriteDebug("In ContainerRegistryServerAPICalls::FindPackages()");
+            errRecord = null;
+            string containerRegistryAccessToken = GetContainerRegistryAccessToken(out errRecord);
+            if (errRecord != null)
+            {
+                return emptyResponseResults;
+            }
+
+            var pkgResult = FindAllRepositories(containerRegistryAccessToken, out errRecord);
+            if (errRecord != null)
+            {
+                return emptyResponseResults;
+            }
+
+            List<Hashtable> repositoriesList = new List<Hashtable>();
+            var isMAR = Repository.IsMARRepository();
+
+            // Convert the list of repositories to a list of hashtables
+            foreach (var repository in pkgResult["repositories"].ToList())
+            {
+                string repositoryName = repository.ToString();
+
+                if (isMAR && !repositoryName.StartsWith(PSRepositoryInfo.MARPrefix))
+                {
+                    continue;
+                }
+
+                // This remove the 'psresource/' prefix from the repository name for comparison with wildcard.
+                string moduleName = repositoryName.StartsWith("psresource/") ? repositoryName.Substring(11) : repositoryName;
+
+                WildcardPattern wildcardPattern = new WildcardPattern(packageName, WildcardOptions.IgnoreCase);
+
+                if (!wildcardPattern.IsMatch(moduleName))
+                {
+                    continue;
+                }
+
+                _cmdletPassedIn.WriteDebug($"Found repository: {repositoryName}");
+
+                repositoriesList.AddRange(FindPackagesWithVersionHelper(repositoryName, VersionType.VersionRange, versionRange: VersionRange.All, requiredVersion: null, includePrerelease, getOnlyLatest: true, out errRecord));
+                if (errRecord != null)
+                {
+                    return emptyResponseResults;
+                }
+            }
+
+            return new FindResults(stringResponse: new string[] { }, hashtableResponse: repositoriesList.ToArray(), responseType: containerRegistryFindResponseType);
+        }
+
         #endregion
     }
 }

test/FindPSResourceTests/FindPSResourceContainerRegistryServer.Tests.ps1

@@ -171,12 +171,11 @@ Describe 'Test HTTP Find-PSResource for ACR Server Protocol' -tags 'CI' {
         $err[0].FullyQualifiedErrorId | Should -BeExactly "FindCommandOrDscResourceFailure,Microsoft.PowerShell.PSResourceGet.Cmdlets.FindPSResource"
     }
 
-    It "Should not find all resources given Name '*'" {
+    It "Should find all resources given Name '*'" {
         # FindAll()
         $res = Find-PSResource -Name "*" -Repository $ACRRepoName -ErrorVariable err -ErrorAction SilentlyContinue
-        $res | Should -BeNullOrEmpty
-        $err.Count | Should -BeGreaterThan 0
-        $err[0].FullyQualifiedErrorId | Should -BeExactly "FindAllFailure,Microsoft.PowerShell.PSResourceGet.Cmdlets.FindPSResource"
+        $res | Should -Not -BeNullOrEmpty
+        $res.Count | Should -BeGreaterThan 0
     }
 
     It "Should find script given Name" {
@@ -267,12 +266,53 @@ Describe 'Test Find-PSResource for MAR Repository' -tags 'CI' {
     It "Should find resource given specific Name, Version null" {
         $res = Find-PSResource -Name "Az.Accounts" -Repository "MAR"
         $res.Name | Should -Be "Az.Accounts"
-        $res.Version | Should -Be "4.0.0"
+        $res.Version | Should -BeGreaterThan ([Version]"4.0.0")
     }
 
     It "Should find resource and its dependency given specific Name and Version" {
         $res = Find-PSResource -Name "Az.Storage" -Version "8.0.0" -Repository "MAR"
         $res.Dependencies.Length | Should -Be 1
         $res.Dependencies[0].Name | Should -Be "Az.Accounts"
     }
+
+    It "Should find resource with wildcard in Name" {
+        $res = Find-PSResource -Name "Az.App*" -Repository "MAR"
+        $res | Should -Not -BeNullOrEmpty
+        $res.Count | Should -BeGreaterThan 1
+    }
+
+    It "Should find all resource with wildcard in Name" {
+        $res = Find-PSResource -Name "*" -Repository "MAR"
+        $res | Should -Not -BeNullOrEmpty
+        $res.Count | Should -BeGreaterThan 1
+    }
+}
+
+# Skip this test fo
+Describe 'Test Find-PSResource for unauthenticated ACR repository' -tags 'CI' {
+    BeforeAll {
+        $skipOnWinPS =  $PSVersionTable.PSVersion.Major -eq 5
+
+        if (-not $skipOnWinPS) {
+            Register-PSResourceRepository -Name "Unauthenticated" -Uri "https://psresourcegetnoauth.azurecr.io/" -ApiVersion "ContainerRegistry"
+        }
+    }
+
+    AfterAll {
+        if (-not $skipOnWinPS) {
+            Unregister-PSResourceRepository -Name "Unauthenticated"
+        }
+    }
+
+    It "Should find resource given specific Name, Version null" {
+
+        if ($skipOnWinPS) {
+            Set-ItResult -Pending -Because "Skipping test on Windows PowerShell"
+            return
+        }
+
+        $res = Find-PSResource -Name "hello-world" -Repository "Unauthenticated"
+        $res.Name | Should -Be "hello-world"
+        $res.Version | Should -Be "5.0.0"
+    }
 }