Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update: updated CLI outputs of sign/verification #450

Merged
merged 46 commits into from
Dec 5, 2022
Merged

update: updated CLI outputs of sign/verification #450

Show file tree
Hide file tree
Changes from 32 commits
Commits
Show all changes
46 commits
Select commit Hold shift + click to select a range
b910a8a
updated dependency
Two-Hearts Oct 12, 2022
28b0438
resolved conflicts
Two-Hearts Oct 12, 2022
4f4e2a4
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 12, 2022
eea8003
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 13, 2022
216cea2
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 17, 2022
1267c02
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 18, 2022
1c3dfbb
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 18, 2022
98e5946
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 18, 2022
55563d3
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 19, 2022
c68d602
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 19, 2022
d165a7b
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 20, 2022
7166877
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 25, 2022
94f174d
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 28, 2022
e1d8437
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 29, 2022
a873c67
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 31, 2022
cd877de
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 31, 2022
53b847d
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 31, 2022
1e29bb4
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 31, 2022
5121684
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 31, 2022
679e01d
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 31, 2022
394b59a
Merge branch 'notaryproject:main' into main
Two-Hearts Oct 31, 2022
c6e8dd1
Merge branch 'notaryproject:main' into main
Two-Hearts Nov 7, 2022
b54b712
Merge branch 'notaryproject:main' into main
Two-Hearts Nov 12, 2022
60e9fdf
updated CLI outputs for sign/verification with tag reference
Two-Hearts Nov 22, 2022
99d98de
update
Two-Hearts Nov 22, 2022
32ff7b0
Merge branch 'notaryproject:main' into tag_to_digest
Two-Hearts Nov 28, 2022
2125072
resolved conflicts
Two-Hearts Nov 30, 2022
9b8bf6c
update based on spec
Two-Hearts Nov 30, 2022
e2f3d97
update
Two-Hearts Nov 30, 2022
92a6b0d
update
Two-Hearts Dec 1, 2022
7c71f4f
update
Two-Hearts Dec 1, 2022
fbdfe52
update
Two-Hearts Dec 1, 2022
d4a00ef
updated output for verify
Two-Hearts Dec 2, 2022
04a877f
resolved conflicts
Two-Hearts Dec 2, 2022
7f87d1a
resolved conflicts
Two-Hearts Dec 2, 2022
8ec720a
update
Two-Hearts Dec 2, 2022
92b82c3
update
Two-Hearts Dec 2, 2022
58e79a8
Merge branch 'notaryproject:main' into tag_to_digest
Two-Hearts Dec 2, 2022
c74fdc8
added back tag to digest warnings print out
Two-Hearts Dec 2, 2022
0a4a379
update
Two-Hearts Dec 2, 2022
89d544c
updated per code review
Two-Hearts Dec 3, 2022
77a9187
return err if reference is missing digest or tag
Two-Hearts Dec 5, 2022
17c2751
updated per code review
Two-Hearts Dec 5, 2022
a2b9467
updated per code review
Two-Hearts Dec 5, 2022
c28e2ab
updated dependencies
Two-Hearts Dec 5, 2022
e21c8ee
update
Two-Hearts Dec 5, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cmd/notation/list.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ func runList(command *cobra.Command, opts *listOpts) error {
}

// core process
manifestDesc, err := getManifestDescriptorFromReference(command.Context(), &opts.SecureFlagOpts, reference)
manifestDesc, _, err := getManifestDescriptorFromReference(command.Context(), &opts.SecureFlagOpts, reference)
if err != nil {
return err
}
Expand Down
16 changes: 10 additions & 6 deletions cmd/notation/manifest.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,22 +8,26 @@ import (
"oras.land/oras-go/v2/registry"
)

func getManifestDescriptorFromContext(ctx context.Context, opts *SecureFlagOpts, ref string) (ocispec.Descriptor, error) {
func getManifestDescriptorFromContext(ctx context.Context, opts *SecureFlagOpts, ref string) (ocispec.Descriptor, registry.Reference, error) {
if ref == "" {
return ocispec.Descriptor{}, errors.New("missing reference")
return ocispec.Descriptor{}, registry.Reference{}, errors.New("missing reference")
}

return getManifestDescriptorFromReference(ctx, opts, ref)
}

func getManifestDescriptorFromReference(ctx context.Context, opts *SecureFlagOpts, reference string) (ocispec.Descriptor, error) {
func getManifestDescriptorFromReference(ctx context.Context, opts *SecureFlagOpts, reference string) (ocispec.Descriptor, registry.Reference, error) {
patrickzheng200 marked this conversation as resolved.
Show resolved Hide resolved
ref, err := registry.ParseReference(reference)
if err != nil {
return ocispec.Descriptor{}, err
return ocispec.Descriptor{}, registry.Reference{}, err
}
repo, err := getRepositoryClient(opts, ref)
if err != nil {
return ocispec.Descriptor{}, err
return ocispec.Descriptor{}, registry.Reference{}, err
}
return repo.Resolve(ctx, ref.ReferenceOrDefault())
manifestDesc, err := repo.Resolve(ctx, ref.ReferenceOrDefault())
patrickzheng200 marked this conversation as resolved.
Show resolved Hide resolved
if err != nil {
return ocispec.Descriptor{}, registry.Reference{}, err
}
return manifestDesc, ref, err
patrickzheng200 marked this conversation as resolved.
Show resolved Hide resolved
}
8 changes: 4 additions & 4 deletions cmd/notation/registry.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import (
"errors"
"net"

notationregistry "github.com/notaryproject/notation-go/registry"
notationRegistry "github.com/notaryproject/notation-go/registry"
patrickzheng200 marked this conversation as resolved.
Show resolved Hide resolved
"github.com/notaryproject/notation/internal/version"
loginauth "github.com/notaryproject/notation/pkg/auth"
"github.com/notaryproject/notation/pkg/configutil"
Expand All @@ -14,7 +14,7 @@ import (
"oras.land/oras-go/v2/registry/remote/auth"
)

func getSignatureRepository(opts *SecureFlagOpts, reference string) (notationregistry.Repository, error) {
func getSignatureRepository(opts *SecureFlagOpts, reference string) (notationRegistry.Repository, error) {
ref, err := registry.ParseReference(reference)
if err != nil {
return nil, err
Expand All @@ -35,7 +35,7 @@ func getRegistryClient(opts *SecureFlagOpts, serverAddress string) (*remote.Regi
return reg, nil
}

func getRepositoryClient(opts *SecureFlagOpts, ref registry.Reference) (notationregistry.Repository, error) {
func getRepositoryClient(opts *SecureFlagOpts, ref registry.Reference) (notationRegistry.Repository, error) {
authClient, plainHTTP, err := getAuthClient(opts, ref)
if err != nil {
return nil, err
Expand All @@ -46,7 +46,7 @@ func getRepositoryClient(opts *SecureFlagOpts, ref registry.Reference) (notation
PlainHTTP: plainHTTP,
}

return notationregistry.NewRepository(repo), nil
return notationRegistry.NewRepository(repo), nil
}

func getAuthClient(opts *SecureFlagOpts, ref registry.Reference) (*auth.Client, bool, error) {
Expand Down
18 changes: 10 additions & 8 deletions cmd/notation/sign.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (
"github.com/notaryproject/notation/internal/envelope"
ocispec "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/spf13/cobra"
"oras.land/oras-go/v2/registry"
)

type signOpts struct {
Expand Down Expand Up @@ -71,7 +72,7 @@ func runSign(command *cobra.Command, cmdOpts *signOpts) error {
}

// core process
desc, opts, err := prepareSigningContent(command.Context(), cmdOpts)
desc, opts, ref, err := prepareSigningContent(command.Context(), cmdOpts)
if err != nil {
return err
}
Expand All @@ -85,27 +86,28 @@ func runSign(command *cobra.Command, cmdOpts *signOpts) error {
}

// write out
fmt.Println(desc.Digest)
fmt.Printf("Successfully signed %s/%s@%s\n", ref.Registry, ref.Repository, desc.Digest)

patrickzheng200 marked this conversation as resolved.
Show resolved Hide resolved
return nil
}

func prepareSigningContent(ctx context.Context, opts *signOpts) (ocispec.Descriptor, notation.SignOptions, error) {
manifestDesc, err := getManifestDescriptorFromContext(ctx, &opts.SecureFlagOpts, opts.reference)
func prepareSigningContent(ctx context.Context, opts *signOpts) (ocispec.Descriptor, notation.SignOptions, registry.Reference, error) {
manifestDesc, ref, err := getManifestDescriptorFromContext(ctx, &opts.SecureFlagOpts, opts.reference)
if err != nil {
return ocispec.Descriptor{}, notation.SignOptions{}, err
return ocispec.Descriptor{}, notation.SignOptions{}, registry.Reference{}, err
}
mediaType, err := envelope.GetEnvelopeMediaType(opts.SignerFlagOpts.SignatureFormat)
if err != nil {
return ocispec.Descriptor{}, notation.SignOptions{}, err
return ocispec.Descriptor{}, notation.SignOptions{}, registry.Reference{}, err
}
pluginConfig, err := cmd.ParseFlagPluginConfig(opts.pluginConfig)
if err != nil {
return ocispec.Descriptor{}, notation.SignOptions{}, err
return ocispec.Descriptor{}, notation.SignOptions{}, registry.Reference{}, err
}
return manifestDesc, notation.SignOptions{
ArtifactReference: opts.reference,
SignatureMediaType: mediaType,
Expiry: cmd.GetExpiry(opts.expiry),
PluginConfig: pluginConfig,
}, nil
}, ref, nil
}
26 changes: 13 additions & 13 deletions cmd/notation/verify.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import (
"strings"

"github.com/notaryproject/notation-go"
notationregistry "github.com/notaryproject/notation-go/registry"
notationRegistry "github.com/notaryproject/notation-go/registry"
patrickzheng200 marked this conversation as resolved.
Show resolved Hide resolved
"github.com/notaryproject/notation-go/verifier"
"github.com/notaryproject/notation/internal/cmd"
"github.com/notaryproject/notation/internal/ioutil"
Expand Down Expand Up @@ -48,26 +48,26 @@ func verifyCommand(opts *verifyOpts) *cobra.Command {
}

func runVerify(command *cobra.Command, opts *verifyOpts) error {
// resolve the given reference and set the digest.
// resolve the given reference and set the digest
ref, err := resolveReference(command, opts)
if err != nil {
return err
}

// initialize verifier.
// initialize verifier
verifier, err := verifier.NewFromConfig()
if err != nil {
return err
}
authClient, plainHTTP, _ := getAuthClient(&opts.SecureFlagOpts, ref)
remote_repo := remote.Repository{
remoteRepo := remote.Repository{
Client: authClient,
Reference: ref,
PlainHTTP: plainHTTP,
}
repo := notationregistry.NewRepository(&remote_repo)
repo := notationRegistry.NewRepository(&remoteRepo)

// set up verification plugin config.
// set up verification plugin config
configs, err := cmd.ParseFlagPluginConfig(opts.pluginConfig)
if err != nil {
return err
Expand All @@ -81,11 +81,11 @@ func runVerify(command *cobra.Command, opts *verifyOpts) error {
MaxSignatureAttempts: math.MaxInt64,
}

// core verify process.
// core verify process
_, outcomes, err := notation.Verify(command.Context(), verifier, repo, verifyOpts)

// write out.
return ioutil.PrintVerificationResults(os.Stdout, outcomes, err, ref.Reference)
// write out
return ioutil.PrintVerificationResults(os.Stdout, outcomes, err, ref)
}

func resolveReference(command *cobra.Command, opts *verifyOpts) (registry.Reference, error) {
Expand All @@ -99,12 +99,12 @@ func resolveReference(command *cobra.Command, opts *verifyOpts) (registry.Refere
}

// Resolve tag reference to digest reference.
manifestDesc, err := getManifestDescriptorFromReference(command.Context(), &opts.SecureFlagOpts, opts.reference)
manifestDesc, _, err := getManifestDescriptorFromReference(command.Context(), &opts.SecureFlagOpts, opts.reference)
if err != nil {
return registry.Reference{}, err
}

ref.Reference = manifestDesc.Digest.String()

return ref, nil
}

Expand All @@ -114,6 +114,6 @@ func isDigestReference(reference string) bool {
return false
}

index := strings.Index(parts[1], "@")
return index != -1
_, _, found := strings.Cut(parts[1], "@")
return found
}
8 changes: 4 additions & 4 deletions internal/ioutil/print.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (
"github.com/notaryproject/notation-go/config"
"github.com/notaryproject/notation-go/plugin"
"github.com/notaryproject/notation-go/plugin/proto"
"oras.land/oras-go/v2/registry"
)

func newTabWriter(w io.Writer) *tabwriter.Writer {
Expand Down Expand Up @@ -56,15 +57,14 @@ func PrintKeyMap(w io.Writer, target string, v []config.KeySuite) error {
return tw.Flush()
}

func PrintVerificationResults(w io.Writer, v []*notation.VerificationOutcome, resultErr error, digest string) error {
func PrintVerificationResults(w io.Writer, v []*notation.VerificationOutcome, resultErr error, ref registry.Reference) error {
tw := newTabWriter(w)

if resultErr == nil {
fmt.Fprintf(tw, "Successfully verified for %s\n", digest)
fmt.Fprintf(tw, "Successfully verified signature for %s/%s@%s\n", ref.Registry, ref.Repository, ref.Reference)
// TODO[https://github.com/notaryproject/notation/issues/304]: print out failed validations as warnings.
return nil
}
fmt.Printf("Signature verification failed for all the signatures associated with digest: %s\n", digest)
fmt.Printf("Signature verification failed for all the signatures associated with %s/%s@%s\n", ref.Registry, ref.Repository, ref.Reference)
tw.Flush()

return resultErr
Expand Down