Skip to content

Commit

Permalink
Merge branch 'master' into feat/pkcs8
Browse files Browse the repository at this point in the history
  • Loading branch information
Ali Yousuf authored May 10, 2017
2 parents 5c4e43b + 23eceed commit 5629a55
Show file tree
Hide file tree
Showing 24 changed files with 1,669 additions and 523 deletions.
4 changes: 2 additions & 2 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Contributing to notary

## Before reporting an issue...
## Before reporting an issue...

### If your problem is with...

Expand All @@ -26,7 +26,7 @@ By following these simple rules you will get better and faster feedback on your

- search the bugtracker for an already reported issue

### If you found an issue that describes your problem:
### If you found an issue that describes your problem:

- please read other user comments first, and confirm this is the same issue: a given error condition might be indicative of different problems - you may also find a workaround in the comments
- please refrain from adding "same thing here" or "+1" comments
Expand Down
19 changes: 11 additions & 8 deletions client/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (
"time"

"github.com/Sirupsen/logrus"
canonicaljson "github.com/docker/go/canonical/json"
"github.com/docker/notary"
"github.com/docker/notary/client/changelist"
"github.com/docker/notary/cryptoservice"
Expand Down Expand Up @@ -128,9 +129,10 @@ func (r *NotaryRepository) GetGUN() data.GUN {
// Target represents a simplified version of the data TUF operates on, so external
// applications don't have to depend on TUF data types.
type Target struct {
Name string // the name of the target
Hashes data.Hashes // the hash of the target
Length int64 // the size in bytes of the target
Name string // the name of the target
Hashes data.Hashes // the hash of the target
Length int64 // the size in bytes of the target
Custom *canonicaljson.RawMessage // the custom data provided to describe the file at TARGETPATH
}

// TargetWithRole represents a Target that exists in a particular role - this is
Expand All @@ -141,7 +143,7 @@ type TargetWithRole struct {
}

// NewTarget is a helper method that returns a Target
func NewTarget(targetName string, targetPath string) (*Target, error) {
func NewTarget(targetName, targetPath string, targetCustom *canonicaljson.RawMessage) (*Target, error) {
b, err := ioutil.ReadFile(targetPath)
if err != nil {
return nil, err
Expand All @@ -152,7 +154,7 @@ func NewTarget(targetName string, targetPath string) (*Target, error) {
return nil, err
}

return &Target{Name: targetName, Hashes: meta.Hashes, Length: meta.Length}, nil
return &Target{Name: targetName, Hashes: meta.Hashes, Length: meta.Length, Custom: targetCustom}, nil
}

func rootCertKey(gun data.GUN, privKey data.PrivateKey) (data.PublicKey, error) {
Expand Down Expand Up @@ -360,7 +362,7 @@ func (r *NotaryRepository) AddTarget(target *Target, roles ...data.RoleName) err
}
logrus.Debugf("Adding target \"%s\" with sha256 \"%x\" and size %d bytes.\n", target.Name, target.Hashes["sha256"], target.Length)

meta := data.FileMeta{Length: target.Length, Hashes: target.Hashes}
meta := data.FileMeta{Length: target.Length, Hashes: target.Hashes, Custom: target.Custom}
metaJSON, err := json.Marshal(meta)
if err != nil {
return err
Expand Down Expand Up @@ -417,6 +419,7 @@ func (r *NotaryRepository) ListTargets(roles ...data.RoleName) ([]*TargetWithRol
Name: targetName,
Hashes: targetMeta.Hashes,
Length: targetMeta.Length,
Custom: targetMeta.Custom,
},
Role: validRole.Name,
}
Expand Down Expand Up @@ -472,7 +475,7 @@ func (r *NotaryRepository) GetTargetByName(name string, roles ...data.RoleName)
}
// Check that we didn't error, and that we assigned to our target
if err := r.tufRepo.WalkTargets(name, role, getTargetVisitorFunc, skipRoles...); err == nil && foundTarget {
return &TargetWithRole{Target: Target{Name: name, Hashes: resultMeta.Hashes, Length: resultMeta.Length}, Role: resultRoleName}, nil
return &TargetWithRole{Target: Target{Name: name, Hashes: resultMeta.Hashes, Length: resultMeta.Length, Custom: resultMeta.Custom}, Role: resultRoleName}, nil
}
}
return nil, fmt.Errorf("No trust data for %s", name)
Expand Down Expand Up @@ -516,7 +519,7 @@ func (r *NotaryRepository) GetAllTargetMetadataByName(name string) ([]TargetSign
for targetName, resultMeta := range targetMetaToAdd {
targetInfo := TargetSignedStruct{
Role: validRole,
Target: Target{Name: targetName, Hashes: resultMeta.Hashes, Length: resultMeta.Length},
Target: Target{Name: targetName, Hashes: resultMeta.Hashes, Length: resultMeta.Length, Custom: resultMeta.Custom},
Signatures: tgt.Signatures,
}
targetInfoList = append(targetInfoList, targetInfo)
Expand Down
25 changes: 20 additions & 5 deletions client/client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -631,7 +631,13 @@ func testInitRepoPasswordInvalid(t *testing.T, rootType string) {

func addTarget(t *testing.T, repo *NotaryRepository, targetName, targetFile string,
roles ...data.RoleName) *Target {
target, err := NewTarget(targetName, targetFile)
var targetCustom *json.RawMessage
return addTargetWithCustom(t, repo, targetName, targetFile, targetCustom, roles...)
}

func addTargetWithCustom(t *testing.T, repo *NotaryRepository, targetName,
targetFile string, targetCustom *json.RawMessage, roles ...data.RoleName) *Target {
target, err := NewTarget(targetName, targetFile, targetCustom)
require.NoError(t, err, "error creating target")
err = repo.AddTarget(target, roles...)
require.NoError(t, err, "error adding target")
Expand Down Expand Up @@ -815,7 +821,8 @@ func testAddTargetToSpecifiedInvalidRoles(t *testing.T, clearCache bool) {
}

for _, invalidRole := range invalidRoles {
target, err := NewTarget("latest", "../fixtures/intermediate-ca.crt")
var targetCustom *json.RawMessage
target, err := NewTarget("latest", "../fixtures/intermediate-ca.crt", targetCustom)
require.NoError(t, err, "error creating target")

err = repo.AddTarget(target, data.CanonicalTargetsRole, invalidRole)
Expand Down Expand Up @@ -877,7 +884,8 @@ func TestAddTargetWithInvalidTarget(t *testing.T) {
repo, _ := initializeRepo(t, data.ECDSAKey, "docker.com/notary", ts.URL, false)
defer os.RemoveAll(repo.baseDir)

target, err := NewTarget("latest", "../fixtures/intermediate-ca.crt")
var targetCustom *json.RawMessage
target, err := NewTarget("latest", "../fixtures/intermediate-ca.crt", targetCustom)
require.NoError(t, err, "error creating target")

// Clear the hashes
Expand All @@ -889,7 +897,8 @@ func TestAddTargetWithInvalidTarget(t *testing.T) {
// to be propagated.
func TestAddTargetErrorWritingChanges(t *testing.T) {
testErrorWritingChangefiles(t, func(repo *NotaryRepository) error {
target, err := NewTarget("latest", "../fixtures/intermediate-ca.crt")
var targetCustom *json.RawMessage
target, err := NewTarget("latest", "../fixtures/intermediate-ca.crt", targetCustom)
require.NoError(t, err, "error creating target")
return repo.AddTarget(target, data.CanonicalTargetsRole)
})
Expand Down Expand Up @@ -1192,8 +1201,14 @@ func testListTarget(t *testing.T, rootType string) {
// tests need to manually bootstrap timestamp as client doesn't generate it
err := repo.tufRepo.InitTimestamp()
require.NoError(t, err, "error creating repository: %s", err)
var targetCustom json.RawMessage
rawTargetCustom := []byte("\"Lorem ipsum dolor sit\"")
err = json.Unmarshal(rawTargetCustom, &targetCustom)
require.NoError(t, err)

latestTarget := addTargetWithCustom(t, repo, "latest", "../fixtures/intermediate-ca.crt", &targetCustom)
require.Equal(t, targetCustom, *latestTarget.Custom, "Target created does not contain the expected custom data")

latestTarget := addTarget(t, repo, "latest", "../fixtures/intermediate-ca.crt")
currentTarget := addTarget(t, repo, "current", "../fixtures/intermediate-ca.crt")

// Apply the changelist. Normally, this would be done by Publish
Expand Down
116 changes: 114 additions & 2 deletions cmd/notary/integration_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,11 @@ import (
"testing"
"time"

"encoding/json"

"github.com/Sirupsen/logrus"
ctxu "github.com/docker/distribution/context"
canonicaljson "github.com/docker/go/canonical/json"
"github.com/docker/notary"
"github.com/docker/notary/client"
"github.com/docker/notary/cryptoservice"
Expand Down Expand Up @@ -198,8 +201,9 @@ func TestClientTUFInteraction(t *testing.T) {
defer os.Remove(tempFile.Name())

var (
output string
target = "sdgkadga"
output string
target = "sdgkadga"
target2 = "foobar"
)
// -- tests --

Expand Down Expand Up @@ -251,6 +255,62 @@ func TestClientTUFInteraction(t *testing.T) {
output, err = runCommand(t, tempDir, "-s", server.URL, "list", "gun")
require.NoError(t, err)
require.False(t, strings.Contains(string(output), target))

// Test a target with custom data.
tempFileForTargetCustom, err := ioutil.TempFile("", "targetCustom")
require.NoError(t, err)
var customData canonicaljson.RawMessage
err = canonicaljson.Unmarshal([]byte("\"Lorem ipsum dolor sit amet, consectetur adipiscing elit\""), &customData)
require.NoError(t, err)
_, err = tempFileForTargetCustom.Write(customData)
require.NoError(t, err)
tempFileForTargetCustom.Close()
defer os.Remove(tempFileForTargetCustom.Name())

// add a target
_, err = runCommand(t, tempDir, "add", "gun", target2, tempFile.Name(), "--custom", tempFileForTargetCustom.Name())
require.NoError(t, err)

// check status - see target
output, err = runCommand(t, tempDir, "status", "gun")
require.NoError(t, err)
require.Contains(t, output, target2)

// publish repo
_, err = runCommand(t, tempDir, "-s", server.URL, "publish", "gun")
require.NoError(t, err)

// check status - no targets
output, err = runCommand(t, tempDir, "status", "gun")
require.NoError(t, err)
require.False(t, strings.Contains(string(output), target2))

// list repo - see target
output, err = runCommand(t, tempDir, "-s", server.URL, "list", "gun")
require.NoError(t, err)
require.Contains(t, output, target2)

// Check the file this was written to to inspect metadata
cache, err := nstorage.NewFileStore(
filepath.Join(tempDir, "tuf", filepath.FromSlash("gun"), "metadata"),
"json",
)
require.NoError(t, err)
rawTargets, err := cache.Get("targets")
require.NoError(t, err)
parsedTargets := data.SignedTargets{}
err = json.Unmarshal(rawTargets, &parsedTargets)
require.NoError(t, err)
require.Equal(t, *parsedTargets.Signed.Targets[target2].Custom, customData)

// trigger a lookup error with < 2 args
_, err = runCommand(t, tempDir, "-s", server.URL, "lookup", "gun")
require.Error(t, err)

// lookup target and repo - see target
output, err = runCommand(t, tempDir, "-s", server.URL, "lookup", "gun", target2)
require.NoError(t, err)
require.Contains(t, output, target2)
}

func TestClientDeleteTUFInteraction(t *testing.T) {
Expand Down Expand Up @@ -422,6 +482,7 @@ func TestClientTUFAddByHashInteraction(t *testing.T) {
target1 = "sdgkadga"
target2 = "asdfasdf"
target3 = "qwerty"
target4 = "foobar"
)
// -- tests --

Expand Down Expand Up @@ -541,6 +602,57 @@ func TestClientTUFAddByHashInteraction(t *testing.T) {
// publish repo
_, err = runCommand(t, tempDir, "-s", server.URL, "publish", "gun")
require.NoError(t, err)

tempFile, err := ioutil.TempFile("", "targetCustom")
require.NoError(t, err)
var customData canonicaljson.RawMessage
err = canonicaljson.Unmarshal([]byte("\"Lorem ipsum dolor sit amet, consectetur adipiscing elit\""), &customData)
require.NoError(t, err)
_, err = tempFile.Write(customData)
require.NoError(t, err)
tempFile.Close()
defer os.Remove(tempFile.Name())

// add a target by sha512 and custom data
_, err = runCommand(t, tempDir, "addhash", "gun", target4, "3", "--sha512", targetSha512Hex, "--custom", tempFile.Name())
require.NoError(t, err)

// check status - see target
output, err = runCommand(t, tempDir, "status", "gun")
require.NoError(t, err)
require.Contains(t, output, target4)

// publish repo
_, err = runCommand(t, tempDir, "-s", server.URL, "publish", "gun")
require.NoError(t, err)

// check status - no targets
output, err = runCommand(t, tempDir, "status", "gun")
require.NoError(t, err)
require.False(t, strings.Contains(string(output), target4))

// list repo - see target
output, err = runCommand(t, tempDir, "-s", server.URL, "list", "gun")
require.NoError(t, err)
require.Contains(t, output, target4)

// Check the file this was written to to inspect metadata
cache, err := nstorage.NewFileStore(
filepath.Join(tempDir, "tuf", filepath.FromSlash("gun"), "metadata"),
"json",
)
require.NoError(t, err)
rawTargets, err := cache.Get("targets")
require.NoError(t, err)
parsedTargets := data.SignedTargets{}
err = json.Unmarshal(rawTargets, &parsedTargets)
require.NoError(t, err)
require.Equal(t, *parsedTargets.Signed.Targets[target4].Custom, customData)

// lookup target and repo - see target
output, err = runCommand(t, tempDir, "-s", server.URL, "lookup", "gun", target4)
require.NoError(t, err)
require.Contains(t, output, target4)
}

// Initialize repo and test delegations commands by adding, listing, and removing delegations
Expand Down
Loading

0 comments on commit 5629a55

Please sign in to comment.