feat: add additional manifest validations (#1609)

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>

pkg/extensions/search/search_test.go

@@ -876,7 +876,7 @@ func TestGetReferrersGQL(t *testing.T) {
 		artifactContentBlobSize := int64(len(artifactContentBlob))
 		artifactContentType := "application/octet-stream"
 		artifactContentBlobDigest := godigest.FromBytes(artifactContentBlob)
-		artifactType := "com.artifact.test"
+		artifactType := "com.artifact.test/type1"
 
 		artifactImg := Image{
 			Manifest: ispec.Manifest{
@@ -903,6 +903,8 @@ func TestGetReferrersGQL(t *testing.T) {
 			Layers: [][]byte{artifactContentBlob},
 		}
 
+		artifactImg.Manifest.SchemaVersion = 2
+
 		artifactManifestBlob, err := json.Marshal(artifactImg.Manifest)
 		So(err, ShouldBeNil)
 		artifactManifestDigest := godigest.FromBytes(artifactManifestBlob)
@@ -1001,7 +1003,7 @@ func TestGetReferrersGQL(t *testing.T) {
 		artifactContentBlobSize := int64(len(artifactContentBlob))
 		artifactContentType := "application/octet-stream"
 		artifactContentBlobDigest := godigest.FromBytes(artifactContentBlob)
-		artifactType := "com.artifact.test"
+		artifactType := "com.artifact.test/type2"
 
 		configBlob, err := json.Marshal(ispec.Image{})
 		So(err, ShouldBeNil)
@@ -1025,6 +1027,8 @@ func TestGetReferrersGQL(t *testing.T) {
 			},
 		}
 
+		artifactManifest.SchemaVersion = 2
+
 		artifactManifestBlob, err := json.Marshal(artifactManifest)
 		So(err, ShouldBeNil)
 		artifactManifestDigest := godigest.FromBytes(artifactManifestBlob)
@@ -1117,7 +1121,7 @@ func TestGetReferrersGQL(t *testing.T) {
 		indexReferrer, err := GetRandomMultiarchImage("ref")
 		So(err, ShouldBeNil)
 
-		artifactType := "art.type"
+		artifactType := "com.artifact.art/type"
 		indexReferrer.Index.ArtifactType = artifactType
 		indexReferrer.Index.Subject = &ispec.Descriptor{
 			MediaType: ispec.MediaTypeImageManifest,
@@ -6202,7 +6206,7 @@ func TestImageSummary(t *testing.T) {
 			Digest:    manifestDigest,
 			MediaType: ispec.MediaTypeImageManifest,
 		}
-		referrerImage.Manifest.Config.MediaType = "test.artifact.type"
+		referrerImage.Manifest.Config.MediaType = "application/test.artifact.type"
 		referrerImage.Manifest.Annotations = map[string]string{"testAnnotationKey": "testAnnotationValue"}
 		referrerManifestDigest, err := referrerImage.Digest()
 		So(err, ShouldBeNil)
@@ -6277,7 +6281,7 @@ func TestImageSummary(t *testing.T) {
 		So(len(imgSummary.Referrers), ShouldEqual, 1)
 		So(imgSummary.Referrers[0], ShouldResemble, zcommon.Referrer{
 			MediaType:    ispec.MediaTypeImageManifest,
-			ArtifactType: "test.artifact.type",
+			ArtifactType: "application/test.artifact.type",
 			Digest:       referrerManifestDigest.String(),
 			Annotations:  []zcommon.Annotation{{Key: "testAnnotationKey", Value: "testAnnotationValue"}},
 		})

pkg/extensions/sync/sync_test.go

@@ -23,6 +23,7 @@ import (
 	dockerManifest "github.com/containers/image/v5/manifest"
 	notreg "github.com/notaryproject/notation-go/registry"
 	godigest "github.com/opencontainers/go-digest"
+	"github.com/opencontainers/image-spec/specs-go"
 	ispec "github.com/opencontainers/image-spec/specs-go/v1"
 	artifactspec "github.com/oras-project/artifacts-spec/specs-go/v1"
 	"github.com/sigstore/cosign/v2/cmd/cosign/cli/attach"
@@ -409,6 +410,9 @@ func TestORAS(t *testing.T) {
 		_ = pushBlob(srcBaseURL, repoName, ispec.DescriptorEmptyJSON.Data)
 
 		artifactManifest := ispec.Manifest{
+			Versioned: specs.Versioned{
+				SchemaVersion: 2,
+			},
 			MediaType:    artifactspec.MediaTypeArtifactManifest,
 			ArtifactType: "application/vnd.oras.artifact",
 			Layers: []ispec.Descriptor{
@@ -743,6 +747,9 @@ func TestOnDemand(t *testing.T) {
 			_ = pushBlob(srcBaseURL, "remote-repo", ispec.DescriptorEmptyJSON.Data)
 
 			OCIRefManifest := ispec.Manifest{
+				Versioned: specs.Versioned{
+					SchemaVersion: 2,
+				},
 				Subject: &ispec.Descriptor{
 					MediaType: ispec.MediaTypeImageManifest,
 					Digest:    manifestDigest,
@@ -954,6 +961,9 @@ func TestSyncReferenceInLoop(t *testing.T) {
 		_ = pushBlob(srcBaseURL, testImage, ispec.DescriptorEmptyJSON.Data)
 
 		OCIRefManifest := ispec.Manifest{
+			Versioned: specs.Versioned{
+				SchemaVersion: 2,
+			},
 			Subject: &ispec.Descriptor{
 				MediaType: ispec.MediaTypeImageManifest,
 				Digest:    sbomDigest,
@@ -3896,6 +3906,9 @@ func TestSignatures(t *testing.T) {
 		_ = pushBlob(srcBaseURL, repoName, ispec.DescriptorEmptyJSON.Data)
 
 		OCIRefManifest := ispec.Manifest{
+			Versioned: specs.Versioned{
+				SchemaVersion: 2,
+			},
 			Subject: &ispec.Descriptor{
 				MediaType: ispec.MediaTypeImageManifest,
 				Digest:    sbomDigest,
@@ -6357,6 +6370,10 @@ func pushRepo(url, repoName string) godigest.Digest {
 
 	// create a manifest
 	manifest := ispec.Manifest{
+		Versioned: specs.Versioned{
+			SchemaVersion: 2,
+		},
+		MediaType: ispec.MediaTypeImageManifest,
 		Config: ispec.Descriptor{
 			MediaType: "application/vnd.oci.image.config.v1+json",
 			Digest:    cdigest,
@@ -6396,6 +6413,9 @@ func pushRepo(url, repoName string) godigest.Digest {
 
 	// push a referrer artifact
 	manifest = ispec.Manifest{
+		Versioned: specs.Versioned{
+			SchemaVersion: 2,
+		},
 		MediaType: ispec.MediaTypeImageManifest,
 		Config: ispec.Descriptor{
 			MediaType: "application/vnd.cncf.icecream",
@@ -6417,6 +6437,9 @@ func pushRepo(url, repoName string) godigest.Digest {
 	}
 
 	artifactManifest := ispec.Manifest{
+		Versioned: specs.Versioned{
+			SchemaVersion: 2,
+		},
 		MediaType:    ispec.MediaTypeImageManifest,
 		ArtifactType: "application/vnd.cncf.icecream",
 		Config: ispec.Descriptor{