Add logic to GET artifacts via old or new UUID

[lkatalin]

Summary

This PR has 5 commits:

1. Moves ranges.go and its testing into the sharding package because it is related to sharding and I was getting import cycle errors otherwise.
2. Updates the name FullID to EntryID
3. Adds unit tests and a few more helper functions to sharding package
4. Adds logic to handle both new and old UUIDs during a GET request
5. Adds an e2e test to make sure a GET request with a longer EntryID is still handled properly

• TODO: I think this would benefit from an integration test before being merged, but I'm still looking into how to add that. I assume it should have its own function is tests/e2e_test.go?

Ticket Link

Related to #487
(needs another PR before that can be closed)

[bobcallaway]

what happens here if someone passes in a string that isn't a valid ID? you could end up panicking if the lengths are wrong. I think we need some sort of a defensive check here (with potentially an error return value as well)

[lkatalin]

You are right @bobcallaway , sorry I missed it.

[lkatalin]

I'm still going to try to add an e2e test in here.

[bobcallaway]

Suggested change

	entryUUID, err := sharding.GetUUIDFromIDString(uuid)
	if err != nil {
	return nil, fmt.Errorf("unable to parse uuid: %w", err)
	}
	params.EntryUUID = entryUUID
	params.EntryUUID, err = sharding.GetUUIDFromIDString(uuid)
	if err != nil {
	return nil, fmt.Errorf("unable to parse UUID: %w", err)
	}

[bobcallaway]

Suggested change

	if k != entryUUID {
	if k != params.entryUUID {

[bobcallaway]

Is there a way to move validateID logic from CLI into this package and just re-use it here? As written this doesn't check that id is a valid hex string. Its a tad paranoid given that the API layer will check the input values, but since its a exported function I think it would be good to be consistent.

[lkatalin]

Yeah, this is a good idea. I'm just not sure yet how to do it without tearing out the entire pflags.go logic and moving it into sharding. validateID relies on validateString, which uses the validationFunc, baseValue, etc. and I can't import those into sharding because rekor-cli has sharding as a dependency. Writing a duplicate version of validateString in sharding also seems suboptimal. Possibly would make sense to move pflags.go into a package accessible to both sharding and rekor-cli? What do you think?

[lkatalin]

I guess this function could also just move into pflags.

[lkatalin]

I think in order to do this, pflags.go and related files would have to move "up" and out of rekor-cli into a new pkg/validation or cmd/validation because that way GetUUIDFromIDString could be used in both cmd/rekor-cli/app/get.go and pkg/api/entries.go without import cycles. Still experimenting with this.

[lkatalin]

I ended up using hex.DecodeString instead of moving the pflags logic around.

[bobcallaway]

can you please add unit tests for this package?

[lkatalin]

Definitely!

[lkatalin]

Done: the unit tests have their own commit.

[bobcallaway]

2 minor nits. otherwise thanks for addressing all of the other comments and i think this should be good to merge once these two are fixed.

[bobcallaway]

If the UUID isn't valid, this should return an http.StatusBadRequestError since the problem is invalid input from the client.

[lkatalin]

Makes sense!

[bobcallaway]

Suggested change

	err := fmt.Errorf("id %v is not a valid hex string: %v", id, err)
	return "", err
	return "", fmt.Errorf("id %v is not a valid hex string: %v", id, err)

[lkatalin]

2 minor nits. otherwise thanks for addressing all of the other comments and i think this should be good to merge once these two are fixed.

@bobcallaway Thanks for catching these!

[bobcallaway]

i'd like @dlorenc to take one final look but LGTM