Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Introduce a custom error type to classify errors. #2114

Merged
merged 1 commit into from
Jul 30, 2022
Merged

Introduce a custom error type to classify errors. #2114

merged 1 commit into from
Jul 30, 2022

Conversation

mattmoor
Copy link
Member

When checking signatures and evaluating policy, we may run into errors
for a variety of reasons unrelated to non-compliance, such as the registry
serving a 500. This change introduces an error type that we can use to
produce and wrap errors in a way that we can distinguish between incidental
and verification errors in the calling logic.

After this change, we will be able to write:

verr := &cosign.VerificationError{}
if errors.As(err, &verr) {
   // This is a verification error, handle accordingly.
} else {
  // This is something else, handle differently.
}

Related: sigstore/policy-controller#109

Release Note

Documentation

@mattmoor
Introduce a custom error type to classify errors.
31f7f9b 
When checking signatures and evaluating policy, we may run into errors
for a variety of reasons unrelated to non-compliance, such as the registry
serving a 500.  This change introduces an error type that we can use to
produce and wrap errors in a way that we can distinguish between incidental
and verification errors in the calling logic.

After this change, we will be able to write:
```go
verr := &cosign.VerificationError{}
if errors.As(err, &verr) {
   // This is a verification error, handle accordingly.
} else {
  // This is something else, handle differently.
}
```

Related: sigstore/policy-controller#109
Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
@codecov-commenter
Copy link

codecov-commenter commented Jul 29, 2022
edited
Loading

Codecov Report

Merging #2114 (31f7f9b) into main (39fb8d6) will increase coverage by 0.05%.
The diff coverage is 74.07%.

@@            Coverage Diff             @@
##             main    #2114      +/-   ##
==========================================
+ Coverage   26.27%   26.33%   +0.05%     
==========================================
  Files         129      130       +1     
  Lines        7582     7588       +6     
==========================================
+ Hits         1992     1998       +6     
  Misses       5333     5333              
  Partials      257      257
Impacted Files Coverage Δ
pkg/cosign/verify.go 32.08% <63.15%> (ø)
pkg/cosign/errors.go 100.00% <100.00%> (ø)
pkg/policy/eval.go 78.94% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us.

vaikas
vaikas approved these changes Jul 29, 2022
View reviewed changes
pkg/cosign/errors.go

// ErrNoMatchingAttestations is the error returned when there are no
// matching attestations during verification.
ErrNoMatchingAttestations = &VerificationError{"no matching attestations"}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a good pattern, then we can start adding things like if the issuer/subject or other things are not checking out.

@mattmoor mattmoor merged commit 36e1887 into sigstore:main Jul 30, 2022
@mattmoor mattmoor deleted the wrapped-errors branch July 30, 2022 00:17
@github-actions github-actions bot added this to the v1.11.0 milestone Jul 30, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vaikas vaikas vaikas approved these changes

@hectorj2f hectorj2f Awaiting requested review from hectorj2f

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.10.1
Development

Successfully merging this pull request may close these issues.
3 participants
@mattmoor @codecov-commenter @vaikas