2017-08-24 18:45:20 -04:00
|
|
|
package trust
|
|
|
|
|
|
|
|
|
|
import (
|
2017-08-25 17:49:40 -04:00
|
|
|
"context"
|
2017-08-24 18:45:20 -04:00
|
|
|
"fmt"
|
2017-09-26 12:53:21 -04:00
|
|
|
"io"
|
2017-08-24 18:45:20 -04:00
|
|
|
"path"
|
|
|
|
|
"sort"
|
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
|
|
"github.com/docker/cli/cli"
|
|
|
|
|
"github.com/docker/cli/cli/command"
|
|
|
|
|
"github.com/docker/cli/cli/command/image"
|
|
|
|
|
"github.com/docker/cli/cli/trust"
|
2024-01-24 08:32:07 -05:00
|
|
|
imagetypes "github.com/docker/docker/api/types/image"
|
2023-04-11 12:16:30 -04:00
|
|
|
registrytypes "github.com/docker/docker/api/types/registry"
|
2023-11-20 11:38:50 -05:00
|
|
|
apiclient "github.com/docker/docker/client"
|
2017-08-25 17:49:40 -04:00
|
|
|
"github.com/pkg/errors"
|
2017-08-24 18:45:20 -04:00
|
|
|
"github.com/spf13/cobra"
|
2017-10-30 12:21:41 -04:00
|
|
|
"github.com/theupdateframework/notary/client"
|
|
|
|
|
"github.com/theupdateframework/notary/tuf/data"
|
2017-08-24 18:45:20 -04:00
|
|
|
)
|
|
|
|
|
|
2017-09-29 12:51:45 -04:00
|
|
|
type signOptions struct {
|
|
|
|
|
local bool
|
|
|
|
|
imageName string
|
|
|
|
|
}
|
|
|
|
|
|
2023-11-20 11:38:50 -05:00
|
|
|
func newSignCommand(dockerCLI command.Cli) *cobra.Command {
|
2017-09-29 12:51:45 -04:00
|
|
|
options := signOptions{}
|
2017-08-24 18:45:20 -04:00
|
|
|
cmd := &cobra.Command{
|
2017-09-26 19:15:45 -04:00
|
|
|
Use: "sign IMAGE:TAG",
|
2017-08-24 18:45:20 -04:00
|
|
|
Short: "Sign an image",
|
|
|
|
|
Args: cli.ExactArgs(1),
|
|
|
|
|
RunE: func(cmd *cobra.Command, args []string) error {
|
2017-09-29 12:51:45 -04:00
|
|
|
options.imageName = args[0]
|
2023-09-09 18:27:44 -04:00
|
|
|
return runSignImage(cmd.Context(), dockerCLI, options)
|
2017-08-24 18:45:20 -04:00
|
|
|
},
|
|
|
|
|
}
|
2017-09-29 12:51:45 -04:00
|
|
|
flags := cmd.Flags()
|
|
|
|
|
flags.BoolVar(&options.local, "local", false, "Sign a locally tagged image")
|
2017-08-24 18:45:20 -04:00
|
|
|
return cmd
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-09 18:27:44 -04:00
|
|
|
func runSignImage(ctx context.Context, dockerCLI command.Cli, options signOptions) error {
|
2017-09-29 12:51:45 -04:00
|
|
|
imageName := options.imageName
|
2023-11-20 11:38:50 -05:00
|
|
|
imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, image.AuthResolver(dockerCLI), imageName)
|
2017-08-24 18:45:20 -04:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2017-09-26 12:53:21 -04:00
|
|
|
if err := validateTag(imgRefAndAuth); err != nil {
|
|
|
|
|
return err
|
2017-08-25 17:49:40 -04:00
|
|
|
}
|
2017-08-24 18:45:20 -04:00
|
|
|
|
2023-11-20 11:38:50 -05:00
|
|
|
notaryRepo, err := dockerCLI.NotaryClient(imgRefAndAuth, trust.ActionsPushAndPull)
|
2017-08-24 18:45:20 -04:00
|
|
|
if err != nil {
|
2017-08-25 17:49:40 -04:00
|
|
|
return trust.NotaryError(imgRefAndAuth.Reference().Name(), err)
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
if err = clearChangeList(notaryRepo); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
defer clearChangeList(notaryRepo)
|
|
|
|
|
|
|
|
|
|
// get the latest repository metadata so we can figure out which roles to sign
|
2017-09-11 17:07:00 -04:00
|
|
|
if _, err = notaryRepo.ListTargets(); err != nil {
|
2017-08-24 18:45:20 -04:00
|
|
|
switch err.(type) {
|
|
|
|
|
case client.ErrRepoNotInitialized, client.ErrRepositoryNotExist:
|
|
|
|
|
// before initializing a new repo, check that the image exists locally:
|
2023-11-20 11:38:50 -05:00
|
|
|
if err := checkLocalImageExistence(ctx, dockerCLI.Client(), imageName); err != nil {
|
2017-08-24 18:45:20 -04:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-25 17:49:40 -04:00
|
|
|
userRole := data.RoleName(path.Join(data.CanonicalTargetsRole.String(), imgRefAndAuth.AuthConfig().Username))
|
2017-08-24 18:45:20 -04:00
|
|
|
if err := initNotaryRepoWithSigners(notaryRepo, userRole); err != nil {
|
2017-08-25 17:49:40 -04:00
|
|
|
return trust.NotaryError(imgRefAndAuth.Reference().Name(), err)
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
|
2023-11-20 11:38:50 -05:00
|
|
|
fmt.Fprintf(dockerCLI.Out(), "Created signer: %s\n", imgRefAndAuth.AuthConfig().Username)
|
|
|
|
|
fmt.Fprintf(dockerCLI.Out(), "Finished initializing signed repository for %s\n", imageName)
|
2017-08-24 18:45:20 -04:00
|
|
|
default:
|
2017-08-25 17:49:40 -04:00
|
|
|
return trust.NotaryError(imgRefAndAuth.RepoInfo().Name.Name(), err)
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
}
|
2023-11-20 11:38:50 -05:00
|
|
|
requestPrivilege := command.RegistryAuthenticationPrivilegedFunc(dockerCLI, imgRefAndAuth.RepoInfo().Index, "push")
|
2017-09-26 12:53:21 -04:00
|
|
|
target, err := createTarget(notaryRepo, imgRefAndAuth.Tag())
|
2017-09-29 12:51:45 -04:00
|
|
|
if err != nil || options.local {
|
2017-08-24 18:45:20 -04:00
|
|
|
switch err := err.(type) {
|
2017-09-29 12:51:45 -04:00
|
|
|
// If the error is nil then the local flag is set
|
|
|
|
|
case client.ErrNoSuchTarget, client.ErrRepositoryNotExist, nil:
|
2017-08-24 18:45:20 -04:00
|
|
|
// Fail fast if the image doesn't exist locally
|
2023-11-20 11:38:50 -05:00
|
|
|
if err := checkLocalImageExistence(ctx, dockerCLI.Client(), imageName); err != nil {
|
2017-08-24 18:45:20 -04:00
|
|
|
return err
|
|
|
|
|
}
|
2023-11-20 11:38:50 -05:00
|
|
|
fmt.Fprintf(dockerCLI.Err(), "Signing and pushing trust data for local image %s, may overwrite remote trust data\n", imageName)
|
implement docker push -a/--all-tags
The `docker push` command up until [v0.9.1](https://github.com/moby/moby/blob/v0.9.1/api/client.go#L998)
always pushed all tags of a given image, so `docker push foo/bar` would push (e.g.)
all of `foo/bar:latest`, `foo:/bar:v1`, `foo/bar:v1.0.0`.
Pushing all tags of an image was not desirable in many case, so docker v0.10.0
enhanced `docker push` to optionally specify a tag to push (`docker push foo/bar:v1`)
(see https://github.com/moby/moby/issues/3411 and the pull request that implemented
this: https://github.com/moby/moby/pull/4948).
This behavior exists up until today, and is confusing, because unlike other commands,
`docker push` does not default to use the `:latest` tag when omitted, but instead
makes it push "all tags of the image"
For example, in the following situation;
```
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
thajeztah/myimage latest b534869c81f0 41 hours ago 1.22MB
```
Running `docker push thajeztah/myimage` seemingly does the expected behavior (it
pushes `thajeztah/myimage:latest` to Docker Hub), however, it does not so for the
reason expected (`:latest` being the default tag), but because `:latest` happens
to be the only tag present for the `thajeztah/myimage` image.
If another tag exists for the image:
```
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
thajeztah/myimage latest b534869c81f0 41 hours ago 1.22MB
thajeztah/myimage v1.0.0 b534869c81f0 41 hours ago 1.22MB
```
Running the same command (`docker push thajeztah/myimage`) will push _both_ images
to Docker Hub.
> Note that the behavior described above is currently not (clearly) documented;
> the `docker push` reference documentation (https://docs.docker.com/engine/reference/commandline/push/)
does not mention that omitting the tag will push all tags
This patch changes the default behavior, and if no tag is specified, `:latest` is
assumed. To push _all_ tags, a new flag (`-a` / `--all-tags`) is added, similar
to the flag that's present on `docker pull`.
With this change:
- `docker push myname/myimage` will be the equivalent of `docker push myname/myimage:latest`
- to push all images, the user needs to set a flag (`--all-tags`), so `docker push --all-tags myname/myimage:latest`
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-09 08:48:42 -05:00
|
|
|
|
2023-11-20 11:38:50 -05:00
|
|
|
authConfig := command.ResolveAuthConfig(dockerCLI.ConfigFile(), imgRefAndAuth.RepoInfo().Index)
|
2023-04-11 12:16:30 -04:00
|
|
|
encodedAuth, err := registrytypes.EncodeAuthConfig(authConfig)
|
implement docker push -a/--all-tags
The `docker push` command up until [v0.9.1](https://github.com/moby/moby/blob/v0.9.1/api/client.go#L998)
always pushed all tags of a given image, so `docker push foo/bar` would push (e.g.)
all of `foo/bar:latest`, `foo:/bar:v1`, `foo/bar:v1.0.0`.
Pushing all tags of an image was not desirable in many case, so docker v0.10.0
enhanced `docker push` to optionally specify a tag to push (`docker push foo/bar:v1`)
(see https://github.com/moby/moby/issues/3411 and the pull request that implemented
this: https://github.com/moby/moby/pull/4948).
This behavior exists up until today, and is confusing, because unlike other commands,
`docker push` does not default to use the `:latest` tag when omitted, but instead
makes it push "all tags of the image"
For example, in the following situation;
```
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
thajeztah/myimage latest b534869c81f0 41 hours ago 1.22MB
```
Running `docker push thajeztah/myimage` seemingly does the expected behavior (it
pushes `thajeztah/myimage:latest` to Docker Hub), however, it does not so for the
reason expected (`:latest` being the default tag), but because `:latest` happens
to be the only tag present for the `thajeztah/myimage` image.
If another tag exists for the image:
```
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
thajeztah/myimage latest b534869c81f0 41 hours ago 1.22MB
thajeztah/myimage v1.0.0 b534869c81f0 41 hours ago 1.22MB
```
Running the same command (`docker push thajeztah/myimage`) will push _both_ images
to Docker Hub.
> Note that the behavior described above is currently not (clearly) documented;
> the `docker push` reference documentation (https://docs.docker.com/engine/reference/commandline/push/)
does not mention that omitting the tag will push all tags
This patch changes the default behavior, and if no tag is specified, `:latest` is
assumed. To push _all_ tags, a new flag (`-a` / `--all-tags`) is added, similar
to the flag that's present on `docker pull`.
With this change:
- `docker push myname/myimage` will be the equivalent of `docker push myname/myimage:latest`
- to push all images, the user needs to set a flag (`--all-tags`), so `docker push --all-tags myname/myimage:latest`
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-09 08:48:42 -05:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2024-01-24 08:32:07 -05:00
|
|
|
options := imagetypes.PushOptions{
|
implement docker push -a/--all-tags
The `docker push` command up until [v0.9.1](https://github.com/moby/moby/blob/v0.9.1/api/client.go#L998)
always pushed all tags of a given image, so `docker push foo/bar` would push (e.g.)
all of `foo/bar:latest`, `foo:/bar:v1`, `foo/bar:v1.0.0`.
Pushing all tags of an image was not desirable in many case, so docker v0.10.0
enhanced `docker push` to optionally specify a tag to push (`docker push foo/bar:v1`)
(see https://github.com/moby/moby/issues/3411 and the pull request that implemented
this: https://github.com/moby/moby/pull/4948).
This behavior exists up until today, and is confusing, because unlike other commands,
`docker push` does not default to use the `:latest` tag when omitted, but instead
makes it push "all tags of the image"
For example, in the following situation;
```
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
thajeztah/myimage latest b534869c81f0 41 hours ago 1.22MB
```
Running `docker push thajeztah/myimage` seemingly does the expected behavior (it
pushes `thajeztah/myimage:latest` to Docker Hub), however, it does not so for the
reason expected (`:latest` being the default tag), but because `:latest` happens
to be the only tag present for the `thajeztah/myimage` image.
If another tag exists for the image:
```
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
thajeztah/myimage latest b534869c81f0 41 hours ago 1.22MB
thajeztah/myimage v1.0.0 b534869c81f0 41 hours ago 1.22MB
```
Running the same command (`docker push thajeztah/myimage`) will push _both_ images
to Docker Hub.
> Note that the behavior described above is currently not (clearly) documented;
> the `docker push` reference documentation (https://docs.docker.com/engine/reference/commandline/push/)
does not mention that omitting the tag will push all tags
This patch changes the default behavior, and if no tag is specified, `:latest` is
assumed. To push _all_ tags, a new flag (`-a` / `--all-tags`) is added, similar
to the flag that's present on `docker pull`.
With this change:
- `docker push myname/myimage` will be the equivalent of `docker push myname/myimage:latest`
- to push all images, the user needs to set a flag (`--all-tags`), so `docker push --all-tags myname/myimage:latest`
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-09 08:48:42 -05:00
|
|
|
RegistryAuth: encodedAuth,
|
|
|
|
|
PrivilegeFunc: requestPrivilege,
|
|
|
|
|
}
|
2023-11-20 11:38:50 -05:00
|
|
|
return image.TrustedPush(ctx, dockerCLI, imgRefAndAuth.RepoInfo(), imgRefAndAuth.Reference(), *imgRefAndAuth.AuthConfig(), options)
|
2017-08-24 18:45:20 -04:00
|
|
|
default:
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-11-20 11:38:50 -05:00
|
|
|
return signAndPublishToTarget(dockerCLI.Out(), imgRefAndAuth, notaryRepo, target)
|
2017-09-26 12:53:21 -04:00
|
|
|
}
|
2017-08-24 18:45:20 -04:00
|
|
|
|
2017-09-26 12:53:21 -04:00
|
|
|
func signAndPublishToTarget(out io.Writer, imgRefAndAuth trust.ImageRefAndAuth, notaryRepo client.Repository, target client.Target) error {
|
|
|
|
|
tag := imgRefAndAuth.Tag()
|
|
|
|
|
fmt.Fprintf(out, "Signing and pushing trust metadata for %s\n", imgRefAndAuth.Name())
|
2017-08-24 18:45:20 -04:00
|
|
|
existingSigInfo, err := getExistingSignatureInfoForReleasedTag(notaryRepo, tag)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
err = image.AddTargetToAllSignableRoles(notaryRepo, &target)
|
|
|
|
|
if err == nil {
|
2017-09-26 12:53:21 -04:00
|
|
|
prettyPrintExistingSignatureInfo(out, existingSigInfo)
|
2017-08-24 18:45:20 -04:00
|
|
|
err = notaryRepo.Publish()
|
|
|
|
|
}
|
|
|
|
|
if err != nil {
|
2017-10-30 13:22:10 -04:00
|
|
|
return errors.Wrapf(err, "failed to sign %s:%s", imgRefAndAuth.RepoInfo().Name.Name(), tag)
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
2017-10-30 13:22:10 -04:00
|
|
|
fmt.Fprintf(out, "Successfully signed %s:%s\n", imgRefAndAuth.RepoInfo().Name.Name(), tag)
|
2017-09-26 12:53:21 -04:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func validateTag(imgRefAndAuth trust.ImageRefAndAuth) error {
|
|
|
|
|
tag := imgRefAndAuth.Tag()
|
|
|
|
|
if tag == "" {
|
|
|
|
|
if imgRefAndAuth.Digest() != "" {
|
linting: ST1005: error strings should not be capitalized (stylecheck)
While fixing, also updated errors without placeholders to `errors.New()`, and
updated some code to use pkg/errors if it was already in use in the file.
cli/command/config/inspect.go:59:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/node/inspect.go:61:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/secret/inspect.go:57:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/trust/common.go:77:74: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signatures or cannot access %s", remote)
^
cli/command/trust/common.go:85:73: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signers for %s", remote)
^
cli/command/trust/sign.go:137:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("No tag specified for %s", imgRefAndAuth.Name())
^
cli/command/trust/sign.go:151:19: ST1005: error strings should not be capitalized (stylecheck)
return *target, fmt.Errorf("No tag specified")
^
cli/command/trust/signer_add.go:77:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Failed to add signer to: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:52:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Error removing signer from: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:67:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("All signed tags are currently revoked, use docker trust sign to fix")
^
cli/command/trust/signer_remove.go:108:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("No signer %s for repository %s", signerName, repoName)
^
opts/hosts.go:89:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", addr)
^
opts/hosts.go:100:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected %s: %s", proto, addr)
^
opts/hosts.go:119:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected tcp: %s", tryAddr)
^
opts/hosts.go:144:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
opts/hosts.go:155:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-02 18:04:53 -04:00
|
|
|
return errors.New("cannot use a digest reference for IMAGE:TAG")
|
2017-09-26 12:53:21 -04:00
|
|
|
}
|
linting: ST1005: error strings should not be capitalized (stylecheck)
While fixing, also updated errors without placeholders to `errors.New()`, and
updated some code to use pkg/errors if it was already in use in the file.
cli/command/config/inspect.go:59:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/node/inspect.go:61:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/secret/inspect.go:57:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/trust/common.go:77:74: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signatures or cannot access %s", remote)
^
cli/command/trust/common.go:85:73: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signers for %s", remote)
^
cli/command/trust/sign.go:137:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("No tag specified for %s", imgRefAndAuth.Name())
^
cli/command/trust/sign.go:151:19: ST1005: error strings should not be capitalized (stylecheck)
return *target, fmt.Errorf("No tag specified")
^
cli/command/trust/signer_add.go:77:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Failed to add signer to: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:52:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Error removing signer from: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:67:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("All signed tags are currently revoked, use docker trust sign to fix")
^
cli/command/trust/signer_remove.go:108:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("No signer %s for repository %s", signerName, repoName)
^
opts/hosts.go:89:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", addr)
^
opts/hosts.go:100:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected %s: %s", proto, addr)
^
opts/hosts.go:119:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected tcp: %s", tryAddr)
^
opts/hosts.go:144:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
opts/hosts.go:155:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-02 18:04:53 -04:00
|
|
|
return fmt.Errorf("no tag specified for %s", imgRefAndAuth.Name())
|
2017-09-26 12:53:21 -04:00
|
|
|
}
|
2017-08-24 18:45:20 -04:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2023-11-20 11:38:50 -05:00
|
|
|
func checkLocalImageExistence(ctx context.Context, apiClient apiclient.APIClient, imageName string) error {
|
|
|
|
|
_, _, err := apiClient.ImageInspectWithRaw(ctx, imageName)
|
2017-08-25 17:49:40 -04:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-11 17:07:00 -04:00
|
|
|
func createTarget(notaryRepo client.Repository, tag string) (client.Target, error) {
|
2017-08-24 18:45:20 -04:00
|
|
|
target := &client.Target{}
|
|
|
|
|
var err error
|
|
|
|
|
if tag == "" {
|
linting: ST1005: error strings should not be capitalized (stylecheck)
While fixing, also updated errors without placeholders to `errors.New()`, and
updated some code to use pkg/errors if it was already in use in the file.
cli/command/config/inspect.go:59:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/node/inspect.go:61:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/secret/inspect.go:57:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/trust/common.go:77:74: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signatures or cannot access %s", remote)
^
cli/command/trust/common.go:85:73: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signers for %s", remote)
^
cli/command/trust/sign.go:137:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("No tag specified for %s", imgRefAndAuth.Name())
^
cli/command/trust/sign.go:151:19: ST1005: error strings should not be capitalized (stylecheck)
return *target, fmt.Errorf("No tag specified")
^
cli/command/trust/signer_add.go:77:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Failed to add signer to: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:52:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Error removing signer from: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:67:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("All signed tags are currently revoked, use docker trust sign to fix")
^
cli/command/trust/signer_remove.go:108:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("No signer %s for repository %s", signerName, repoName)
^
opts/hosts.go:89:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", addr)
^
opts/hosts.go:100:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected %s: %s", proto, addr)
^
opts/hosts.go:119:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected tcp: %s", tryAddr)
^
opts/hosts.go:144:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
opts/hosts.go:155:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-02 18:04:53 -04:00
|
|
|
return *target, errors.New("no tag specified")
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
target.Name = tag
|
|
|
|
|
target.Hashes, target.Length, err = getSignedManifestHashAndSize(notaryRepo, tag)
|
|
|
|
|
return *target, err
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-11 17:07:00 -04:00
|
|
|
func getSignedManifestHashAndSize(notaryRepo client.Repository, tag string) (data.Hashes, int64, error) {
|
2017-08-24 18:45:20 -04:00
|
|
|
targets, err := notaryRepo.GetAllTargetMetadataByName(tag)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, 0, err
|
|
|
|
|
}
|
|
|
|
|
return getReleasedTargetHashAndSize(targets, tag)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func getReleasedTargetHashAndSize(targets []client.TargetSignedStruct, tag string) (data.Hashes, int64, error) {
|
|
|
|
|
for _, tgt := range targets {
|
|
|
|
|
if isReleasedTarget(tgt.Role.Name) {
|
|
|
|
|
return tgt.Target.Hashes, tgt.Target.Length, nil
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil, 0, client.ErrNoSuchTarget(tag)
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-11 17:07:00 -04:00
|
|
|
func getExistingSignatureInfoForReleasedTag(notaryRepo client.Repository, tag string) (trustTagRow, error) {
|
2017-08-24 18:45:20 -04:00
|
|
|
targets, err := notaryRepo.GetAllTargetMetadataByName(tag)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return trustTagRow{}, err
|
|
|
|
|
}
|
|
|
|
|
releasedTargetInfoList := matchReleasedSignatures(targets)
|
|
|
|
|
if len(releasedTargetInfoList) == 0 {
|
|
|
|
|
return trustTagRow{}, nil
|
|
|
|
|
}
|
|
|
|
|
return releasedTargetInfoList[0], nil
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-26 12:53:21 -04:00
|
|
|
func prettyPrintExistingSignatureInfo(out io.Writer, existingSigInfo trustTagRow) {
|
2017-08-24 18:45:20 -04:00
|
|
|
sort.Strings(existingSigInfo.Signers)
|
|
|
|
|
joinedSigners := strings.Join(existingSigInfo.Signers, ", ")
|
2017-11-15 14:50:33 -05:00
|
|
|
fmt.Fprintf(out, "Existing signatures for tag %s digest %s from:\n%s\n", existingSigInfo.SignedTag, existingSigInfo.Digest, joinedSigners)
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
|
2017-09-11 17:07:00 -04:00
|
|
|
func initNotaryRepoWithSigners(notaryRepo client.Repository, newSigner data.RoleName) error {
|
2017-08-24 18:45:20 -04:00
|
|
|
rootKey, err := getOrGenerateNotaryKey(notaryRepo, data.CanonicalRootRole)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
rootKeyID := rootKey.ID()
|
|
|
|
|
|
|
|
|
|
// Initialize the notary repository with a remotely managed snapshot key
|
|
|
|
|
if err := notaryRepo.Initialize([]string{rootKeyID}, data.CanonicalSnapshotRole); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
signerKey, err := getOrGenerateNotaryKey(notaryRepo, newSigner)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2017-10-10 13:16:01 -04:00
|
|
|
if err := addStagedSigner(notaryRepo, newSigner, []data.PublicKey{signerKey}); err != nil {
|
|
|
|
|
return errors.Wrapf(err, "could not add signer to repo: %s", strings.TrimPrefix(newSigner.String(), "targets/"))
|
|
|
|
|
}
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
return notaryRepo.Publish()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// generates an ECDSA key without a GUN for the specified role
|
2017-09-11 17:07:00 -04:00
|
|
|
func getOrGenerateNotaryKey(notaryRepo client.Repository, role data.RoleName) (data.PublicKey, error) {
|
2017-08-24 18:45:20 -04:00
|
|
|
// use the signer name in the PEM headers if this is a delegation key
|
|
|
|
|
if data.IsDelegation(role) {
|
|
|
|
|
role = data.RoleName(notaryRoleToSigner(role))
|
|
|
|
|
}
|
2017-09-11 17:07:00 -04:00
|
|
|
keys := notaryRepo.GetCryptoService().ListKeys(role)
|
2017-08-24 18:45:20 -04:00
|
|
|
var err error
|
|
|
|
|
var key data.PublicKey
|
|
|
|
|
// always select the first key by ID
|
|
|
|
|
if len(keys) > 0 {
|
|
|
|
|
sort.Strings(keys)
|
|
|
|
|
keyID := keys[0]
|
2017-09-11 17:07:00 -04:00
|
|
|
privKey, _, err := notaryRepo.GetCryptoService().GetPrivateKey(keyID)
|
2017-08-24 18:45:20 -04:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
key = data.PublicKeyFromPrivate(privKey)
|
|
|
|
|
} else {
|
2017-09-11 17:07:00 -04:00
|
|
|
key, err = notaryRepo.GetCryptoService().Create(role, "", data.ECDSAKey)
|
2017-08-24 18:45:20 -04:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return key, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// stages changes to add a signer with the specified name and key(s). Adds to targets/<name> and targets/releases
|
2017-10-10 13:16:01 -04:00
|
|
|
func addStagedSigner(notaryRepo client.Repository, newSigner data.RoleName, signerKeys []data.PublicKey) error {
|
2017-08-24 18:45:20 -04:00
|
|
|
// create targets/<username>
|
2017-10-10 13:16:01 -04:00
|
|
|
if err := notaryRepo.AddDelegationRoleAndKeys(newSigner, signerKeys); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := notaryRepo.AddDelegationPaths(newSigner, []string{""}); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
// create targets/releases
|
2017-10-10 13:16:01 -04:00
|
|
|
if err := notaryRepo.AddDelegationRoleAndKeys(trust.ReleasesRole, signerKeys); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-01-13 07:16:34 -05:00
|
|
|
return notaryRepo.AddDelegationPaths(trust.ReleasesRole, []string{""})
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
