Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: blob inspect command #1133

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

feat: blob inspect command #1133

wants to merge 5 commits into from
+576 −18

Conversation

JeyJeyGao
Copy link
Contributor

@JeyJeyGao JeyJeyGao commented Jan 2, 2025
edited
Loading

Feat:

  • added notation blob inspect command
  • added signature envelope type for inspect command to be consistent with blob inspect command spec

Fix:

  • removed repeated blob.Cmd()

Fix docs:

  • updated the command spec docs

Refactor:

  • refactor inspect handler related code to be shared by blob inspect handler

Test:

  • added E2E

Output examples
Text format:

/home/jj/download/LICENSE.jws.sig
├── signature algorithm: RSASSA-PSS-SHA-256
├── signature envelope type: application/jose+json
├── signed attributes
│   ├── content type: application/vnd.cncf.notary.payload.v1+json
│   ├── signing scheme: notary.x509
│   └── signing time: Tue Jan  7 08:42:43 2025
├── user defined attributes
│   └── (empty)
├── unsigned attributes
│   ├── signing agent: notation-go/1.3.0+unreleased
│   └── timestamp signature
│       ├── timestamp: [Tue Jan  7 08:42:43 2025, Tue Jan  7 08:42:44 2025]
│       └── certificates
│           ├── SHA256 fingerprint: 36e731cfa9bfd69dafb643809f6dec500902f7197daeaad86ea0159a2268a2b8
│           │   ├── issued to: CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US
│           │   ├── issued by: CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US
│           │   └── expiry: Mon Nov 19 20:42:31 2035
│           └── SHA256 fingerprint: 3403d75002d22e2b8c49a8a113957d9eb225c901b946837fd61ff3ce32c51f65
│               ├── issued to: CN=Microsoft Public RSA Time Stamping Authority,OU=Microsoft America Operations+OU=Thales TSS ESN:45D6-96C5-5E63,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US
│               ├── issued by: CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US
│               └── expiry: Sat Feb 15 20:35:56 2025
├── certificates
│   └── SHA256 fingerprint: 3678adce9daa3a82f4f55fd65e0c87c398b3d9bcd5338c06bbf8850df8c6641d
│       ├── issued to: CN=testcert3,O=Notary,L=Seattle,ST=WA,C=US
│       ├── issued by: CN=testcert3,O=Notary,L=Seattle,ST=WA,C=US
│       └── expiry: Wed Jan  8 08:42:24 2025
└── signed artifact
    ├── media type: application/octet-stream
    ├── digest: sha256:c71d239df91726fc519c6eb72d318ec65820627232b2f796219e87dcf35d0ab4
    └── size: 11357

Json format:

{
  "signatureAlgorithm": "RSASSA-PSS-SHA-256",
  "signatureEnvelopeType": "application/jose+json",
  "signedAttributes": {
    "contentType": "application/vnd.cncf.notary.payload.v1+json",
    "signingScheme": "notary.x509",
    "signingTime": "2025-01-07T08:42:43Z"
  },
  "userDefinedAttributes": null,
  "unsignedAttributes": {
    "signingAgent": "notation-go/1.3.0+unreleased",
    "timestampSignature": {
      "timestamp": "[2025-01-07T08:42:43.582Z, 2025-01-07T08:42:44.582Z]",
      "certificates": [
        {
          "SHA256Fingerprint": "36e731cfa9bfd69dafb643809f6dec500902f7197daeaad86ea0159a2268a2b8",
          "issuedTo": "CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US",
          "issuedBy": "CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US",
          "expiry": "2035-11-19T20:42:31Z"
        },
        {
          "SHA256Fingerprint": "3403d75002d22e2b8c49a8a113957d9eb225c901b946837fd61ff3ce32c51f65",
          "issuedTo": "CN=Microsoft Public RSA Time Stamping Authority,OU=Microsoft America Operations+OU=Thales TSS ESN:45D6-96C5-5E63,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US",
          "issuedBy": "CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US",
          "expiry": "2025-02-15T20:35:56Z"
        }
      ]
    }
  },
  "certificates": [
    {
      "SHA256Fingerprint": "3678adce9daa3a82f4f55fd65e0c87c398b3d9bcd5338c06bbf8850df8c6641d",
      "issuedTo": "CN=testcert3,O=Notary,L=Seattle,ST=WA,C=US",
      "issuedBy": "CN=testcert3,O=Notary,L=Seattle,ST=WA,C=US",
      "expiry": "2025-01-08T08:42:24Z"
    }
  ],
  "signedArtifact": {
    "mediaType": "application/octet-stream",
    "digest": "sha256:c71d239df91726fc519c6eb72d318ec65820627232b2f796219e87dcf35d0ab4",
    "size": 11357
  }
}

@JeyJeyGao JeyJeyGao changed the title fix: blob inspect command prototype feat: blob inspect command prototype Jan 2, 2025
@codecov Codecov
Copy link

codecov bot commented Jan 2, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 84.76190% with 16 lines in your changes missing coverage. Please review.

Project coverage is 75.58%. Comparing base (73b1551) to head (5985391).

Files with missing lines Patch % Lines
...notation/internal/display/metadata/tree/inspect.go 57.14% 5 Missing and 1 partial ⚠️
cmd/notation/blob/inspect.go 94.11% 2 Missing and 1 partial ⚠️
...ion/internal/display/metadata/json/blob_inspect.go 78.57% 2 Missing and 1 partial ⚠️
...ion/internal/display/metadata/tree/blob_inspect.go 76.92% 2 Missing and 1 partial ⚠️
cmd/notation/inspect.go 0.00% 0 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1133      +/-   ##
==========================================
+ Coverage   75.27%   75.58%   +0.31%     
==========================================
  Files          60       63       +3     
  Lines        3365     3457      +92     
==========================================
+ Hits         2533     2613      +80     
- Misses        640      648       +8     
- Partials      192      196       +4

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@JeyJeyGao JeyJeyGao changed the title feat: blob inspect command prototype feat: blob inspect command Jan 8, 2025
@JeyJeyGao JeyJeyGao marked this pull request as ready for review January 8, 2025 06:15
Two-Hearts
Two-Hearts requested changes Jan 8, 2025
View reviewed changes
Copy link
Contributor

@Two-Hearts Two-Hearts left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR should be reviewed and merged after PR: #1128

@JeyJeyGao JeyJeyGao requested a review from Two-Hearts January 14, 2025 09:24
@JeyJeyGao
Copy link
Contributor Author

This PR should be reviewed and merged after PR: #1128

Unblocked now.

shizhMSFT
shizhMSFT requested changes Jan 14, 2025
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's discuss offline for the design first.

I'd like to refactor notation and adopt the same rendering model as oras.

internal/tree/tree.go Outdated Show resolved Hide resolved
internal/tree/tree.go Outdated Show resolved Hide resolved
cmd/notation/blob/inspect.go Outdated Show resolved Hide resolved
@Two-Hearts Two-Hearts mentioned this pull request Jan 21, 2025
Closed
Two-Hearts
Two-Hearts reviewed Jan 21, 2025
View reviewed changes
cmd/notation/main.go Outdated Show resolved Hide resolved
@JeyJeyGao JeyJeyGao marked this pull request as draft January 21, 2025 03:23
@JeyJeyGao
fix: complete the basic code
f476bf0 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
db2858e 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: add envelope media type
98d34b6 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: complete test and docs
4bbbb75 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: restore code
5985391 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao JeyJeyGao marked this pull request as ready for review February 12, 2025 08:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gokarnm gokarnm Awaiting requested review from gokarnm gokarnm is a code owner

@NiazFK NiazFK Awaiting requested review from NiazFK NiazFK is a code owner

@priteshbandi priteshbandi Awaiting requested review from priteshbandi priteshbandi is a code owner

@rgnote rgnote Awaiting requested review from rgnote rgnote is a code owner

@toddysm toddysm Awaiting requested review from toddysm toddysm is a code owner

@vaninrao10 vaninrao10 Awaiting requested review from vaninrao10 vaninrao10 is a code owner

@yizha1 yizha1 Awaiting requested review from yizha1 yizha1 is a code owner

@Two-Hearts Two-Hearts Awaiting requested review from Two-Hearts Two-Hearts is a code owner

@shizhMSFT shizhMSFT Awaiting requested review from shizhMSFT shizhMSFT is a code owner

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@JeyJeyGao @shizhMSFT @Two-Hearts