remove old fulcio root and fix fallback target code (#1738)

Signed-off-by: Asra Ali <asraa@google.com>

pkg/cosign/tuf/client.go

@@ -28,6 +28,7 @@ import (
 	"path/filepath"
 	"runtime"
 	"strconv"
+	"strings"
 	"time"
 
 	"github.com/pkg/errors"
@@ -316,7 +317,7 @@ func (t *TUF) GetTargetsByMeta(usage UsageKind, fallbacks []string) ([]TargetFil
 		if scm.Sigstore.Usage == usage {
 			target, err := t.GetTarget(name)
 			if err != nil {
-				return nil, errors.Wrap(err, "error getting target")
+				return nil, errors.Wrap(err, "error getting target by usage")
 			}
 			matchedTargets = append(matchedTargets, TargetFile{Target: target, Status: scm.Sigstore.Status})
 		}
@@ -325,11 +326,15 @@ func (t *TUF) GetTargetsByMeta(usage UsageKind, fallbacks []string) ([]TargetFil
 		for _, fallback := range fallbacks {
 			target, err := t.GetTarget(fallback)
 			if err != nil {
-				return nil, errors.Wrap(err, "error getting target")
+				fmt.Fprintf(os.Stderr, "**Warning** Missing fallback target %s, skipping\n", fallback)
+				continue
 			}
 			matchedTargets = append(matchedTargets, TargetFile{Target: target, Status: Active})
 		}
 	}
+	if len(matchedTargets) == 0 {
+		return matchedTargets, fmt.Errorf("no matching targets by custom metadata, fallbacks not found: %s", strings.Join(fallbacks, ", "))
+	}
 	return matchedTargets, nil
 }
 

pkg/cosign/tuf/client_test.go

@@ -267,6 +267,17 @@ func TestGetTargetsByMeta(t *testing.T) {
 	if targets[0].Status != Active || targets[1].Status != Active {
 		t.Fatalf("target without custom metadata not active, got: %v and %v", targets[0].Status, targets[1].Status)
 	}
+	// Specify multiple fallbacks with no custom metadata.
+	targets, err = tufObj.GetTargetsByMeta(UnknownUsage, []string{"fooNoCustom.txt", "fooNoCustomOtherMissingTarget.txt"})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(targets) != 1 {
+		t.Fatalf("expected one targets without custom metadata, got %d targets", len(targets))
+	}
+	if targets[0].Status != Active {
+		t.Fatalf("target without custom metadata not active, got: %v and %v", targets[0].Status, targets[1].Status)
+	}
 	// Fetch targets with custom metadata.
 	targets, err = tufObj.GetTargetsByMeta(Fulcio, []string{"fooNoCustom.txt"})
 	if err != nil {
@@ -291,7 +302,7 @@ func TestGetTargetsByMeta(t *testing.T) {
 	// Error when fetching target that does not exist.
 	_, err = tufObj.GetTargetsByMeta(UsageKind(UnknownStatus), []string{"unknown.txt"})
 	expectedErr := "file not found: unknown.txt"
-	if !strings.Contains(err.Error(), "file not found: unknown.txt") {
+	if !strings.Contains(err.Error(), "not found: unknown.txt") {
 		t.Fatalf("unexpected error fetching missing metadata, expected: %s, got: %s", expectedErr, err.Error())
 	}
 }