Allow `ociArtifact` Accesses to have URL schemes defined on top of OCI reference strings

[jakobmoellerdev]

Context

In OCM v1 an access such as

type: ociArtifact
imageReference: https://ghcr.io:443/v2...

is a valid imageReference even though it is not part of the core specification of OCI (https://specs.opencontainers.org/image-spec/)

To Reproduce

Steps to reproduce the behavior:

Attempt to add a component version with an imageReference that contains a Scheme

components:
- name: github.com/acme.org/helloworld
  version: 1.0.0
  provider:
    name: acme.org
  resources:
    - name: mychart
      type: helmChart
      version: 6.7.1
      access:
        type: ociArtifact
        imageReference: https://ghcr.io/jakobmoellerdev/podinfo/podinfo:6.7.1

Actual behavior

The OCI Lib will fail to parse this reference when downloading or copying this resource.

Expected behavior

The scheme should be normalized away under the following circumstances:

• Scheme is https or oci: The imageReference should be resolved as is with the prefix removed
• Scheme is http: The imageReference should be disallowed unless explicitly allow-listed as a host in a configuration
• Scheme is any other: The imageReference should be rejected

References

• Old Parsing: https://github.com/open-component-model/ocm/blob/main/api/oci/ref.go#L72
• New Parsing (OCI): https://github.com/oras-project/oras-go/blob/main/registry/reference.go
• New Parsing (CTF): https://github.com/open-component-model/open-component-model/blob/main/bindings/go/oci/internal/looseref/parse.go