Skip to content

Commit

Permalink
return full entryID on HTTP 409 responses
Browse files Browse the repository at this point in the history
Signed-off-by: Bob Callaway <bcallaway@google.com>
  • Loading branch information
bobcallaway committed Aug 29, 2023
1 parent 6208b39 commit aee6530
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 2 deletions.
11 changes: 9 additions & 2 deletions pkg/api/entries.go
Original file line number Diff line number Diff line change
Expand Up @@ -206,8 +206,15 @@ func createLogEntry(params entries.CreateLogEntryParams) (models.LogEntry, middl
case int32(code.Code_OK):
case int32(code.Code_ALREADY_EXISTS), int32(code.Code_FAILED_PRECONDITION):
existingUUID := hex.EncodeToString(rfc6962.DefaultHasher.HashLeaf(leaf))
err := fmt.Errorf("grpc error: %v", insertionStatus.String())
return nil, handleRekorAPIError(params, http.StatusConflict, err, fmt.Sprintf(entryAlreadyExists, existingUUID), "entryURL", getEntryURL(*params.HTTPRequest.URL, existingUUID))
activeTree := fmt.Sprintf("%x", api.logID)
entryIDstruct, err := sharding.CreateEntryIDFromParts(activeTree, existingUUID)
if err != nil {
err := fmt.Errorf("error creating EntryID from active treeID %v and uuid %v: %w", activeTree, existingUUID, err)
return nil, handleRekorAPIError(params, http.StatusInternalServerError, err, fmt.Sprintf(validationError, err))
}
existingEntryID := entryIDstruct.ReturnEntryIDString()
err = fmt.Errorf("grpc error: %v", insertionStatus.String())
return nil, handleRekorAPIError(params, http.StatusConflict, err, fmt.Sprintf(entryAlreadyExists, existingEntryID), "entryURL", getEntryURL(*params.HTTPRequest.URL, existingEntryID))
default:
err := fmt.Errorf("grpc error: %v", insertionStatus.String())
return nil, handleRekorAPIError(params, http.StatusInternalServerError, err, trillianUnexpectedResult)
Expand Down
7 changes: 7 additions & 0 deletions pkg/types/intoto/e2e_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ import (
slsa "github.com/in-toto/in-toto-golang/in_toto/slsa_provenance/v0.2"
"github.com/secure-systems-lab/go-securesystemslib/dsse"
"github.com/sigstore/rekor/pkg/generated/models"
"github.com/sigstore/rekor/pkg/sharding"
"github.com/sigstore/rekor/pkg/types"
"github.com/sigstore/sigstore/pkg/signature"

Expand Down Expand Up @@ -161,7 +162,13 @@ func TestIntoto(t *testing.T) {

out = util.RunCli(t, "upload", "--artifact", attestationPath, "--type", "intoto", "--public-key", pubKeyPath)
util.OutputContains(t, out, "Entry already exists")
// issue1649 check for full UUID in printed Location value from 409 response header
if len(uuid) != sharding.EntryIDHexStringLen {
t.Fatal("UUID returned instead of entry ID (includes treeID)")
}
util.OutputContains(t, out, uuid)
}

func TestIntotoMultiSig(t *testing.T) {
td := t.TempDir()
attestationPath := filepath.Join(td, "attestation.json")
Expand Down

0 comments on commit aee6530

Please sign in to comment.