diff --git a/cmd/notation/policy/import.go b/cmd/notation/policy/import.go index d4d360514..ec3d3e854 100644 --- a/cmd/notation/policy/import.go +++ b/cmd/notation/policy/import.go @@ -42,7 +42,12 @@ func importCmd() *cobra.Command { Example - Import trust policy configuration from a file: notation policy import my_policy.json `, - Args: cobra.ExactArgs(1), + Args: func(cmd *cobra.Command, args []string) error { + if len(args) != 1 { + return fmt.Errorf("requires 1 argument but received %d.\nUsage: notation policy import \nPlease specify a trust policy file location as the argument", len(args)) + } + return nil + }, RunE: func(cmd *cobra.Command, args []string) error { opts.filePath = args[0] return runImport(cmd, opts) @@ -71,7 +76,7 @@ func runImport(command *cobra.Command, opts importOpts) error { // optional confirmation if !opts.force { if _, err := trustpolicy.LoadDocument(); err == nil { - confirmed, err := cmdutil.AskForConfirmation(os.Stdin, "Existing trust policy configuration found, do you want to overwrite it?", opts.force) + confirmed, err := cmdutil.AskForConfirmation(os.Stdin, "The trust policy file already exists, do you want to overwrite it?", opts.force) if err != nil { return err } diff --git a/cmd/notation/policy/show.go b/cmd/notation/policy/show.go index 2c60206a0..dca73c942 100644 --- a/cmd/notation/policy/show.go +++ b/cmd/notation/policy/show.go @@ -15,7 +15,9 @@ package policy import ( "encoding/json" + "errors" "fmt" + "io/fs" "os" "github.com/notaryproject/notation-go/dir" @@ -53,13 +55,16 @@ func runShow(command *cobra.Command, opts showOpts) error { // get policy file path policyPath, err := dir.ConfigFS().SysPath(dir.PathTrustPolicy) if err != nil { - return fmt.Errorf("failed to obtain path of trust policy configuration file: %w", err) + return fmt.Errorf("failed to obtain path of trust policy file: %w", err) } // core process policyJSON, err := os.ReadFile(policyPath) if err != nil { - return fmt.Errorf("failed to load trust policy configuration, you may import one via `notation policy import `: %w", err) + if errors.Is(err, fs.ErrNotExist) { + return fmt.Errorf("failed to show trust policy as the trust policy file does not exist.\nYou can import one using `notation policy import `") + } + return fmt.Errorf("failed to show trust policy: %w", err) } var doc trustpolicy.Document if err = json.Unmarshal(policyJSON, &doc); err == nil { diff --git a/test/e2e/suite/command/policy.go b/test/e2e/suite/command/policy.go index 5aeada38e..118939c58 100644 --- a/test/e2e/suite/command/policy.go +++ b/test/e2e/suite/command/policy.go @@ -30,7 +30,17 @@ var _ = Describe("trust policy maintainer", func() { Host(Opts(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { notation.ExpectFailure(). Exec("policy", "show"). - MatchErrKeyWords("failed to load trust policy configuration", "notation policy import") + MatchErrKeyWords("failed to show trust policy", "notation policy import") + }) + }) + + It("should show error and hint if policy without read permission", func() { + Host(Opts(AddTrustPolicyOption(TrustPolicyName)), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { + trustPolicyPath := vhost.AbsolutePath(NotationDirName, TrustPolicyName) + os.Chmod(trustPolicyPath, 0200) + notation.ExpectFailure(). + Exec("policy", "show"). + MatchErrKeyWords("failed to show trust policy", "permission denied") }) }) @@ -60,7 +70,17 @@ var _ = Describe("trust policy maintainer", func() { It("should fail if no file path is provided", func() { Host(opts, func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { notation.ExpectFailure(). - Exec("policy", "import") + Exec("policy", "import"). + MatchErrKeyWords("requires 1 argument but received 0") + + }) + }) + + It("should fail if more than one file path is provided", func() { + Host(opts, func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { + notation.ExpectFailure(). + Exec("policy", "import", "a", "b"). + MatchErrKeyWords("requires 1 argument but received 2") }) })