Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add inspect blob commands #888

Open
wants to merge 16 commits into
base: main
Choose a base branch
from
Open

feat: add inspect blob commands #888

wants to merge 16 commits into from
+533 −202

Conversation

rrsemlani
Copy link

Adding inspect blob commands.
Spec Pr used for ref: #811

@rrsemlani rrsemlani force-pushed the rsemlani_notation_inspect branch 4 times, most recently from 1ffee89 to 3b75784 Compare February 13, 2024 20:14
priteshbandi
priteshbandi reviewed Feb 16, 2024
View reviewed changes
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/internal/sharedutils/inspect.go Outdated Show resolved Hide resolved
cmd/notation/internal/sharedutils/inspect.go Outdated Show resolved Hide resolved
@priteshbandi
Copy link
Contributor

Also as per spec we have a new field called signature envelope type. Please add support for it in both oci and blob inspect command.

priteshbandi
priteshbandi reviewed Feb 21, 2024
View reviewed changes
cmd/notation/blob/cmd.go Outdated Show resolved Hide resolved
cmd/notation/blob/cmd.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
priteshbandi
priteshbandi reviewed Mar 24, 2024
View reviewed changes
cmd/notation/blob/cmd.go Outdated Show resolved Hide resolved
cmd/notation/blob/cmd.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect_test.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect_test.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect_test.go Show resolved Hide resolved
cmd/notation/main.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
@rrsemlani
Adding sign and inspect blob commands
af88c66 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@rrsemlani
Adding sign and inspect blob commands
586e5e6 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@rrsemlani
Adding inspect blob commands
873b060 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@rrsemlani
Adding inspect blob commands
474ee17 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@rrsemlani
Adding sign and inspect blob commands
7e8dbe0 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@rrsemlani
Adding inspect blob commands
d6a58f1 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@codecov-commenter
Copy link

codecov-commenter commented Apr 4, 2024
edited by codecov bot

Codecov Report

Attention: Patch coverage is 68.68132% with 57 lines in your changes are missing coverage. Please review.

Project coverage is 71.05%. Comparing base (eaa5fb4) to head (3ee161f).
Report is 29 commits behind head on main.

Files Patch % Lines
cmd/notation/internal/outputs/inspect.go 70.53% 23 Missing and 10 partials ⚠️
cmd/notation/blob/inspect.go 47.50% 21 Missing ⚠️
cmd/notation/internal/osutil/read.go 86.66% 1 Missing and 1 partial ⚠️
cmd/notation/inspect.go 80.00% 0 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #888      +/-   ##
==========================================
+ Coverage   64.93%   71.05%   +6.12%     
==========================================
  Files          45       49       +4     
  Lines        2729     2246     -483     
==========================================
- Hits         1772     1596     -176     
+ Misses        795      453     -342     
- Partials      162      197      +35

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@rrsemlani
Adding inspect blob commands
d423ce9 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
priteshbandi
priteshbandi reviewed Apr 4, 2024
View reviewed changes
internal/testdata/Output.txt Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
priteshbandi
priteshbandi reviewed Apr 4, 2024
View reviewed changes
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
priteshbandi
priteshbandi reviewed Apr 4, 2024
View reviewed changes
cmd/notation/blob/inspect_test.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect_test.go Outdated Show resolved Hide resolved
@rrsemlani
Adding inspect blob commands
a7daaba 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@rrsemlani
Adding inspect blob commands
d89f8e4 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@rrsemlani
Adding inspect blob commands
fc6fd6b 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
priteshbandi
priteshbandi reviewed Apr 4, 2024
View reviewed changes
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/internal/osutil/read.go Outdated Show resolved Hide resolved
cmd/notation/internal/osutil/read.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Show resolved Hide resolved
cmd/notation/blob/inspect_test.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect_test.go Outdated Show resolved Hide resolved
internal/testdata/LargeFile.txt Outdated Show resolved Hide resolved
@rrsemlani
Adding inspect blob commands
deb4e8c 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@rrsemlani
Adding inspect blob commands
961be04 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@rrsemlani
Adding inspect blob commands
6edecc3 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@rrsemlani
Adding inspect blob commands
dcb0610 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@rrsemlani
Adding inspect blob commands
3b0f99a 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
@rrsemlani
Adding inspect blob commands
3ee161f 
Signed-off-by: Rishab Semlani <rrsemlani@gmail.com>
Two-Hearts
Two-Hearts reviewed May 30, 2024
View reviewed changes
cmd/notation/internal/osutil/read.go
"os"
)

func ReadFile(path string, size int64) ([]byte, error) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This function should be moved into internal/osutil/file.go.
And all public methods (including the ones inside internal) should have a function doc. For this function, that would start with // ReadFile ...

cmd/notation/internal/outputs/inspect.go
}
}

func Signatures(mediaType string, digest string, output InspectOutput, sigFile []byte) (error, []SignatureOutput) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here, function doc is missing. Basically, what does this function do? What are the inputs? What are the outputs?

cmd/notation/internal/outputs/inspect.go
}
}

func Signatures(mediaType string, digest string, output InspectOutput, sigFile []byte) (error, []SignatureOutput) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This function is called Signatures and returning an array of SignatureOutput, so it seems to be processing multiple signatures. However, from its input sigFile []byte and logic sigEnvelope, err := signature.ParseEnvelope(mediaType, sigFile), it actually can only process one signature per call. Please make sure this is by design.

cmd/notation/internal/outputs/inspect.go
skippedSignatures := false
if err != nil {
logSkippedSignature(digest, err)
skippedSignatures = true
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since you are return nil, nil right after this line, toggling this local bool seems redundant?

cmd/notation/internal/outputs/inspect.go

certListNode := sigNode.Add("certificates")
for _, cert := range signature.Certificates {
certNode := certListNode.AddPair("SHA256 fingerprint", cert.SHA256Fingerprint)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have a use case that the user would like to have an array of SHA256 fingerprints, starting from the leaf cert to the root cert, in the output. For example, if the SHA256 fingerprints for leaf is aaaaa, for intermediate 1 is bbbbb, for intermediate 2 is ccccc, and for root is ddddd. Then when I run notation blob inspect my_sig, I could get an array ["aaaaa", "bbbbb", "ccccc", "ddddd"] from the final output.
The current implementation does not support it, where I have to copy/paste/assemble such an array myself. Can we add a new field to the output to show the array?
/cc: @yizha1 @FeynmanZhou

Two-Hearts
Two-Hearts reviewed May 30, 2024
View reviewed changes
Copy link
Contributor

@Two-Hearts Two-Hearts left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add corresponding E2E test cases for blob inspect command under test/e2e.

@shizhMSFT shizhMSFT changed the title Adding inspect blob commands feat: add inspect blob commands Jun 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@priteshbandi priteshbandi priteshbandi left review comments

@Two-Hearts Two-Hearts Two-Hearts left review comments

@gokarnm gokarnm Awaiting requested review from gokarnm gokarnm is a code owner

@JeyJeyGao JeyJeyGao Awaiting requested review from JeyJeyGao JeyJeyGao is a code owner

@justincormack justincormack Awaiting requested review from justincormack

@NiazFK NiazFK Awaiting requested review from NiazFK NiazFK is a code owner

@rgnote rgnote Awaiting requested review from rgnote rgnote is a code owner

@shizhMSFT shizhMSFT Awaiting requested review from shizhMSFT shizhMSFT is a code owner

@SteveLasker SteveLasker Awaiting requested review from SteveLasker

@toddysm toddysm Awaiting requested review from toddysm toddysm is a code owner

@vaninrao10 vaninrao10 Awaiting requested review from vaninrao10 vaninrao10 is a code owner

@yizha1 yizha1 Awaiting requested review from yizha1 yizha1 is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@rrsemlani @priteshbandi @codecov-commenter @Two-Hearts