chore: start using plugin-framework package

go.mod

@@ -5,6 +5,7 @@ go 1.20
 require (
 	github.com/go-ldap/ldap/v3 v3.4.6
 	github.com/notaryproject/notation-core-go v1.0.1
+	github.com/notaryproject/notation-plugin-framework-go v0.0.0-20240103032027-c077edacd1ef
 	github.com/opencontainers/go-digest v1.0.0
 	github.com/opencontainers/image-spec v1.1.0-rc5
 	github.com/veraison/go-cose v1.1.0

go.sum

@@ -17,6 +17,8 @@ github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4=
 github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/notaryproject/notation-core-go v1.0.1 h1:01doxjDERbd0vocLQrlJdusKrRLNNn50OJzp0c5I4Cw=
 github.com/notaryproject/notation-core-go v1.0.1/go.mod h1:rayl8WlKgS4YxOZgDO0iGGB4Ef515ZFZUFaZDmsPXgE=
+github.com/notaryproject/notation-plugin-framework-go v0.0.0-20240103032027-c077edacd1ef h1:49DEBh9FgHTQDcezSJShAw4r3KBa05EE/vY8pjw5HlU=
+github.com/notaryproject/notation-plugin-framework-go v0.0.0-20240103032027-c077edacd1ef/go.mod h1:RqWSrTOtEASCrGOEffq0n8pSg2KOgKYiWqFWczRSics=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/opencontainers/image-spec v1.1.0-rc5 h1:Ygwkfw9bpDvs+c9E34SdgGOj41dX/cbdlwvlWt0pnFI=

plugin/plugin.go

@@ -29,44 +29,22 @@ import (
 	"github.com/notaryproject/notation-go/internal/slices"
 	"github.com/notaryproject/notation-go/log"
 	"github.com/notaryproject/notation-go/plugin/proto"
+	"github.com/notaryproject/notation-plugin-framework-go/plugin"
 )
 
 var executor commander = &execCommander{} // for unit test
 
 // GenericPlugin is the base requirement to be an plugin.
-type GenericPlugin interface {
-	// GetMetadata returns the metadata information of the plugin.
-	GetMetadata(ctx context.Context, req *proto.GetMetadataRequest) (*proto.GetMetadataResponse, error)
-}
+type GenericPlugin = plugin.GenericPlugin
 
 // SignPlugin defines the required methods to be a SignPlugin.
-type SignPlugin interface {
-	GenericPlugin
-
-	// DescribeKey returns the KeySpec of a key.
-	DescribeKey(ctx context.Context, req *proto.DescribeKeyRequest) (*proto.DescribeKeyResponse, error)
-
-	// GenerateSignature generates the raw signature based on the request.
-	GenerateSignature(ctx context.Context, req *proto.GenerateSignatureRequest) (*proto.GenerateSignatureResponse, error)
-
-	// GenerateEnvelope generates the Envelope with signature based on the
-	// request.
-	GenerateEnvelope(ctx context.Context, req *proto.GenerateEnvelopeRequest) (*proto.GenerateEnvelopeResponse, error)
-}
+type SignPlugin = plugin.SignPlugin
 
 // VerifyPlugin defines the required method to be a VerifyPlugin.
-type VerifyPlugin interface {
-	GenericPlugin
-
-	// VerifySignature validates the signature based on the request.
-	VerifySignature(ctx context.Context, req *proto.VerifySignatureRequest) (*proto.VerifySignatureResponse, error)
-}
+type VerifyPlugin = plugin.VerifyPlugin
 
 // Plugin defines required methods to be an Plugin.
-type Plugin interface {
-	SignPlugin
-	VerifyPlugin
-}
+type Plugin = plugin.Plugin
 
 // CLIPlugin implements Plugin interface to CLI plugins.
 type CLIPlugin struct {

plugin/proto/algorithm.go

@@ -18,21 +18,22 @@ import (
 	"fmt"
 
 	"github.com/notaryproject/notation-core-go/signature"
+	"github.com/notaryproject/notation-plugin-framework-go/plugin"
 )
 
 // KeySpec is type of the signing algorithm, including algorithm and size.
-type KeySpec string
+type KeySpec = plugin.KeySpec
 
 // one of the following supported key spec names.
 //
 // https://github.com/notaryproject/notaryproject/blob/main/specs/signature-specification.md#algorithm-selection
 const (
-	KeySpecRSA2048 KeySpec = "RSA-2048"
-	KeySpecRSA3072 KeySpec = "RSA-3072"
-	KeySpecRSA4096 KeySpec = "RSA-4096"
-	KeySpecEC256   KeySpec = "EC-256"
-	KeySpecEC384   KeySpec = "EC-384"
-	KeySpecEC521   KeySpec = "EC-521"
+	KeySpecRSA2048 = plugin.KeySpecRSA2048
+	KeySpecRSA3072 = plugin.KeySpecRSA3072
+	KeySpecRSA4096 = plugin.KeySpecRSA4096
+	KeySpecEC256   = plugin.KeySpecEC256
+	KeySpecEC384   = plugin.KeySpecEC384
+	KeySpecEC521   = plugin.KeySpecEC521
 )
 
 // EncodeKeySpec returns the name of a keySpec according to the spec.
@@ -89,15 +90,15 @@ func DecodeKeySpec(k KeySpec) (keySpec signature.KeySpec, err error) {
 }
 
 // HashAlgorithm is the type of a hash algorithm.
-type HashAlgorithm string
+type HashAlgorithm = plugin.HashAlgorithm
 
 // one of the following supported hash algorithm names.
 //
 // https://github.com/notaryproject/notaryproject/blob/main/specs/signature-specification.md#algorithm-selection
 const (
-	HashAlgorithmSHA256 HashAlgorithm = "SHA-256"
-	HashAlgorithmSHA384 HashAlgorithm = "SHA-384"
-	HashAlgorithmSHA512 HashAlgorithm = "SHA-512"
+	HashAlgorithmSHA256 = plugin.HashAlgorithmSHA256
+	HashAlgorithmSHA384 = plugin.HashAlgorithmSHA384
+	HashAlgorithmSHA512 = plugin.HashAlgorithmSHA512
 )
 
 // HashAlgorithmFromKeySpec returns the name of hash function according to the spec.
@@ -126,18 +127,18 @@ func HashAlgorithmFromKeySpec(k signature.KeySpec) (HashAlgorithm, error) {
 }
 
 // SignatureAlgorithm is the type of signature algorithm
-type SignatureAlgorithm string
+type SignatureAlgorithm = plugin.SignatureAlgorithm
 
 // one of the following supported signing algorithm names.
 //
 // https://github.com/notaryproject/notaryproject/blob/main/specs/signature-specification.md#algorithm-selection
 const (
-	SignatureAlgorithmECDSA_SHA256      SignatureAlgorithm = "ECDSA-SHA-256"
-	SignatureAlgorithmECDSA_SHA384      SignatureAlgorithm = "ECDSA-SHA-384"
-	SignatureAlgorithmECDSA_SHA512      SignatureAlgorithm = "ECDSA-SHA-512"
-	SignatureAlgorithmRSASSA_PSS_SHA256 SignatureAlgorithm = "RSASSA-PSS-SHA-256"
-	SignatureAlgorithmRSASSA_PSS_SHA384 SignatureAlgorithm = "RSASSA-PSS-SHA-384"
-	SignatureAlgorithmRSASSA_PSS_SHA512 SignatureAlgorithm = "RSASSA-PSS-SHA-512"
+	SignatureAlgorithmECDSA_SHA256      = plugin.SignatureAlgorithmECDSA_SHA256
+	SignatureAlgorithmECDSA_SHA384      = plugin.SignatureAlgorithmECDSA_SHA384
+	SignatureAlgorithmECDSA_SHA512      = plugin.SignatureAlgorithmECDSA_SHA512
+	SignatureAlgorithmRSASSA_PSS_SHA256 = plugin.SignatureAlgorithmRSASSA_PSS_SHA256
+	SignatureAlgorithmRSASSA_PSS_SHA384 = plugin.SignatureAlgorithmRSASSA_PSS_SHA384
+	SignatureAlgorithmRSASSA_PSS_SHA512 = plugin.SignatureAlgorithmRSASSA_PSS_SHA512
 )
 
 // EncodeSigningAlgorithm returns the signing algorithm name of an algorithm

plugin/proto/errors.go

@@ -17,38 +17,36 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+
+	"github.com/notaryproject/notation-plugin-framework-go/plugin"
 )
 
-type ErrorCode string
+type ErrorCode = plugin.ErrorCode
 
 const (
 	// Any of the required request fields was empty,
 	// or a value was malformed/invalid.
-	ErrorCodeValidation ErrorCode = "VALIDATION_ERROR"
+	ErrorCodeValidation = plugin.ErrorCodeValidation
 
 	// The contract version used in the request is unsupported.
-	ErrorCodeUnsupportedContractVersion ErrorCode = "UNSUPPORTED_CONTRACT_VERSION"
+	ErrorCodeUnsupportedContractVersion ErrorCode = plugin.ErrorCodeUnsupportedContractVersion
 
 	// Authentication/authorization error to use given key.
-	ErrorCodeAccessDenied ErrorCode = "ACCESS_DENIED"
+	ErrorCodeAccessDenied = plugin.ErrorCodeAccessDenied
 
 	// The operation to generate signature timed out
 	// and can be retried by Notation.
-	ErrorCodeTimeout ErrorCode = "TIMEOUT"
+	ErrorCodeTimeout = plugin.ErrorCodeTimeout
 
 	// The operation to generate signature was throttles
 	// and can be retried by Notation.
-	ErrorCodeThrottled ErrorCode = "THROTTLED"
+	ErrorCodeThrottled = plugin.ErrorCodeThrottled
 
 	// Any general error that does not fall into any categories.
-	ErrorCodeGeneric ErrorCode = "ERROR"
+	ErrorCodeGeneric = plugin.ErrorCodeGeneric
 )
 
-type jsonErr struct {
-	Code     ErrorCode         `json:"errorCode"`
-	Message  string            `json:"errorMessage,omitempty"`
-	Metadata map[string]string `json:"errorMetadata,omitempty"`
-}
+type jsonErr = plugin.Error
 
 // RequestError is the common error response for any request.
 type RequestError struct {
@@ -92,10 +90,10 @@ func (e *RequestError) UnmarshalJSON(data []byte) error {
 	if err != nil {
 		return err
 	}
-	if tmp.Code == "" && tmp.Message == "" && tmp.Metadata == nil {
+	if tmp.ErrCode == "" && tmp.Message == "" && tmp.Metadata == nil {
 		return errors.New("incomplete json")
 	}
-	*e = RequestError{Code: tmp.Code, Metadata: tmp.Metadata}
+	*e = RequestError{Code: tmp.ErrCode, Metadata: tmp.Metadata}
 	if tmp.Message != "" {
 		e.Err = errors.New(tmp.Message)
 	}

plugin/proto/metadata.go

@@ -13,30 +13,19 @@
 
 package proto
 
+import "github.com/notaryproject/notation-plugin-framework-go/plugin"
+
 // GetMetadataRequest contains the parameters passed in a get-plugin-metadata
 // request.
-type GetMetadataRequest struct {
-	PluginConfig map[string]string `json:"pluginConfig,omitempty"`
-}
-
-func (GetMetadataRequest) Command() Command {
-	return CommandGetMetadata
-}
+type GetMetadataRequest = plugin.GetMetadataRequest
 
 // GetMetadataResponse provided by the plugin.
-type GetMetadataResponse struct {
-	Name                      string       `json:"name"`
-	Description               string       `json:"description"`
-	Version                   string       `json:"version"`
-	URL                       string       `json:"url"`
-	SupportedContractVersions []string     `json:"supportedContractVersions"`
-	Capabilities              []Capability `json:"capabilities"`
-}
+type GetMetadataResponse = plugin.GetMetadataResponse
 
 // HasCapability return true if the metadata states that the
 // capability is supported.
 // Returns true if capability is empty.
-func (resp *GetMetadataResponse) HasCapability(capability Capability) bool {
+func HasCapability(resp *GetMetadataResponse, capability Capability) bool {
 	if capability == "" {
 		return true
 	}

plugin/proto/metadata_test.go

@@ -34,7 +34,7 @@ func TestGetMetadataResponse_HasCapability(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := tt.m.HasCapability(tt.args.capability); got != tt.want {
+			if got := HasCapability(tt.m, tt.args.capability); got != tt.want {
 				t.Errorf("GetMetadataResponse.HasCapability() = %v, want %v", got, tt.want)
 			}
 		})

plugin/proto/proto.go

@@ -15,64 +15,64 @@
 // and notation external plugin.
 package proto
 
+import "github.com/notaryproject/notation-plugin-framework-go/plugin"
+
 // Prefix is the prefix required on all plugin binary names.
 const Prefix = "notation-"
 
 // ContractVersion is the <major>.<minor> version of the plugin contract.
 const ContractVersion = "1.0"
 
 // Command is a CLI command available in the plugin contract.
-type Command string
+type Command = plugin.Command
 
 // Request defines a plugin request, which is always associated to a command.
-type Request interface {
-	Command() Command
-}
+type Request = plugin.Request
 
 const (
 	// CommandGetMetadata is the name of the plugin command
 	// which must be supported by every plugin and returns the
 	// plugin metadata.
-	CommandGetMetadata Command = "get-plugin-metadata"
+	CommandGetMetadata = plugin.CommandGetMetadata
 
 	// CommandDescribeKey is the name of the plugin command
 	// which must be supported by every plugin that has the
 	// SIGNATURE_GENERATOR.RAW capability.
-	CommandDescribeKey Command = "describe-key"
+	CommandDescribeKey = plugin.CommandDescribeKey
 
 	// CommandGenerateSignature is the name of the plugin command
 	// which must be supported by every plugin that has the
 	// SIGNATURE_GENERATOR.RAW capability.
-	CommandGenerateSignature Command = "generate-signature"
+	CommandGenerateSignature = plugin.CommandGenerateSignature
 
 	// CommandGenerateEnvelope is the name of the plugin command
 	// which must be supported by every plugin that has the
 	// SIGNATURE_GENERATOR.ENVELOPE capability.
-	CommandGenerateEnvelope Command = "generate-envelope"
+	CommandGenerateEnvelope = plugin.CommandGenerateEnvelope
 
 	// CommandVerifySignature is the name of the plugin command
 	// which must be supported by every plugin that has
 	// any SIGNATURE_VERIFIER.* capability
-	CommandVerifySignature Command = "verify-signature"
+	CommandVerifySignature = plugin.CommandVerifySignature
 )
 
 // Capability is a feature available in the plugin contract.
-type Capability string
+type Capability = plugin.Capability
 
 const (
 	// CapabilitySignatureGenerator is the name of the capability
 	// for a plugin to support generating raw signatures.
-	CapabilitySignatureGenerator Capability = "SIGNATURE_GENERATOR.RAW"
+	CapabilitySignatureGenerator = plugin.CapabilitySignatureGenerator
 
 	// CapabilityEnvelopeGenerator is the name of the capability
 	// for a plugin to support generating envelope signatures.
-	CapabilityEnvelopeGenerator Capability = "SIGNATURE_GENERATOR.ENVELOPE"
+	CapabilityEnvelopeGenerator = plugin.CapabilityEnvelopeGenerator
 
 	// CapabilityTrustedIdentityVerifier is the name of the
 	// capability for a plugin to support verifying trusted identities.
-	CapabilityTrustedIdentityVerifier Capability = "SIGNATURE_VERIFIER.TRUSTED_IDENTITY"
+	CapabilityTrustedIdentityVerifier = plugin.CapabilityTrustedIdentityVerifier
 
 	// CapabilityRevocationCheckVerifier is the name of the
 	// capability for a plugin to support verifying revocation checks.
-	CapabilityRevocationCheckVerifier Capability = "SIGNATURE_VERIFIER.REVOCATION_CHECK"
+	CapabilityRevocationCheckVerifier = plugin.CapabilityRevocationCheckVerifier
 )