diff --git a/pkg/api/entries.go b/pkg/api/entries.go index daa8d8423..76dffe953 100644 --- a/pkg/api/entries.go +++ b/pkg/api/entries.go @@ -206,8 +206,15 @@ func createLogEntry(params entries.CreateLogEntryParams) (models.LogEntry, middl case int32(code.Code_OK): case int32(code.Code_ALREADY_EXISTS), int32(code.Code_FAILED_PRECONDITION): existingUUID := hex.EncodeToString(rfc6962.DefaultHasher.HashLeaf(leaf)) - err := fmt.Errorf("grpc error: %v", insertionStatus.String()) - return nil, handleRekorAPIError(params, http.StatusConflict, err, fmt.Sprintf(entryAlreadyExists, existingUUID), "entryURL", getEntryURL(*params.HTTPRequest.URL, existingUUID)) + activeTree := fmt.Sprintf("%x", api.logID) + entryIDstruct, err := sharding.CreateEntryIDFromParts(activeTree, existingUUID) + if err != nil { + err := fmt.Errorf("error creating EntryID from active treeID %v and uuid %v: %w", activeTree, existingUUID, err) + return nil, handleRekorAPIError(params, http.StatusInternalServerError, err, fmt.Sprintf(validationError, err)) + } + existingEntryID := entryIDstruct.ReturnEntryIDString() + err = fmt.Errorf("grpc error: %v", insertionStatus.String()) + return nil, handleRekorAPIError(params, http.StatusConflict, err, fmt.Sprintf(entryAlreadyExists, existingEntryID), "entryURL", getEntryURL(*params.HTTPRequest.URL, existingEntryID)) default: err := fmt.Errorf("grpc error: %v", insertionStatus.String()) return nil, handleRekorAPIError(params, http.StatusInternalServerError, err, trillianUnexpectedResult) diff --git a/pkg/types/intoto/e2e_test.go b/pkg/types/intoto/e2e_test.go index 2bb4130ea..b0b3dd46d 100644 --- a/pkg/types/intoto/e2e_test.go +++ b/pkg/types/intoto/e2e_test.go @@ -42,6 +42,7 @@ import ( slsa "github.com/in-toto/in-toto-golang/in_toto/slsa_provenance/v0.2" "github.com/secure-systems-lab/go-securesystemslib/dsse" "github.com/sigstore/rekor/pkg/generated/models" + "github.com/sigstore/rekor/pkg/sharding" "github.com/sigstore/rekor/pkg/types" "github.com/sigstore/sigstore/pkg/signature" @@ -161,7 +162,13 @@ func TestIntoto(t *testing.T) { out = util.RunCli(t, "upload", "--artifact", attestationPath, "--type", "intoto", "--public-key", pubKeyPath) util.OutputContains(t, out, "Entry already exists") + // issue1649 check for full UUID in printed Location value from 409 response header + if len(uuid) != sharding.EntryIDHexStringLen { + t.Fatal("UUID returned instead of entry ID (includes treeID)") + } + util.OutputContains(t, out, uuid) } + func TestIntotoMultiSig(t *testing.T) { td := t.TempDir() attestationPath := filepath.Join(td, "attestation.json")