DockerCLI/cli/command/trust/signer_add.go

140 lines
4.4 KiB
Go
Raw Permalink Normal View History

package trust
import (
"context"
"fmt"
"io"
"os"
"path"
"regexp"
"strings"
"github.com/docker/cli/cli"
"github.com/docker/cli/cli/command"
"github.com/docker/cli/cli/command/image"
"github.com/docker/cli/cli/trust"
"github.com/docker/cli/opts"
"github.com/pkg/errors"
"github.com/spf13/cobra"
"github.com/theupdateframework/notary/client"
"github.com/theupdateframework/notary/tuf/data"
tufutils "github.com/theupdateframework/notary/tuf/utils"
)
type signerAddOptions struct {
keys opts.ListOpts
signer string
repos []string
}
func newSignerAddCommand(dockerCLI command.Cli) *cobra.Command {
var options signerAddOptions
cmd := &cobra.Command{
Use: "add OPTIONS NAME REPOSITORY [REPOSITORY...] ",
Short: "Add a signer",
Args: cli.RequiresMinArgs(2),
RunE: func(cmd *cobra.Command, args []string) error {
options.signer = args[0]
options.repos = args[1:]
return addSigner(cmd.Context(), dockerCLI, options)
},
}
flags := cmd.Flags()
options.keys = opts.NewListOpts(nil)
flags.Var(&options.keys, "key", "Path to the signer's public key file")
return cmd
}
var validSignerName = regexp.MustCompile(`^[a-z0-9][a-z0-9\_\-]*$`).MatchString
func addSigner(ctx context.Context, dockerCLI command.Cli, options signerAddOptions) error {
signerName := options.signer
if !validSignerName(signerName) {
return fmt.Errorf("signer name \"%s\" must start with lowercase alphanumeric characters and can include \"-\" or \"_\" after the first character", signerName)
}
if signerName == "releases" {
return errors.New("releases is a reserved keyword, use a different signer name")
}
if options.keys.Len() == 0 {
linting: fmt.Errorf can be replaced with errors.New (perfsprint) internal/test/cli.go:175:14: fmt.Errorf can be replaced with errors.New (perfsprint) return nil, fmt.Errorf("no notary client available unless defined") ^ cli/command/cli.go:318:29: fmt.Errorf can be replaced with errors.New (perfsprint) return docker.Endpoint{}, fmt.Errorf("no context store initialized") ^ cli/command/container/attach.go:161:11: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf(result.Error.Message) ^ cli/command/container/opts.go:577:16: fmt.Errorf can be replaced with errors.New (perfsprint) return nil, fmt.Errorf("--health-start-period cannot be negative") ^ cli/command/container/opts.go:580:16: fmt.Errorf can be replaced with errors.New (perfsprint) return nil, fmt.Errorf("--health-start-interval cannot be negative") ^ cli/command/container/stats.go:221:11: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("filtering is not supported when specifying a list of containers") ^ cli/command/container/attach_test.go:82:17: fmt.Errorf can be replaced with errors.New (perfsprint) expectedErr = fmt.Errorf("unexpected error") ^ cli/command/container/create_test.go:234:40: fmt.Errorf can be replaced with errors.New (perfsprint) return container.CreateResponse{}, fmt.Errorf("shouldn't try to pull image") ^ cli/command/container/list_test.go:150:17: fmt.Errorf can be replaced with errors.New (perfsprint) return nil, fmt.Errorf("error listing containers") ^ cli/command/container/rm_test.go:40:31: fmt.Errorf can be replaced with errors.New (perfsprint) return errdefs.NotFound(fmt.Errorf("Error: no such container: " + container)) ^ cli/command/container/run_test.go:138:40: fmt.Errorf can be replaced with errors.New (perfsprint) return container.CreateResponse{}, fmt.Errorf("shouldn't try to pull image") ^ cli/command/image/pull_test.go:115:49: fmt.Errorf can be replaced with errors.New (perfsprint) return io.NopCloser(strings.NewReader("")), fmt.Errorf("shouldn't try to pull image") ^ cli/command/network/connect.go:88:16: fmt.Errorf can be replaced with errors.New (perfsprint) return nil, fmt.Errorf("invalid key/value pair format in driver options") ^ cli/command/plugin/create_test.go:96:11: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("Error creating plugin") ^ cli/command/plugin/disable_test.go:32:12: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("Error disabling plugin") ^ cli/command/plugin/enable_test.go:32:12: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("failed to enable plugin") ^ cli/command/plugin/inspect_test.go:55:22: fmt.Errorf can be replaced with errors.New (perfsprint) return nil, nil, fmt.Errorf("error inspecting plugin") ^ cli/command/plugin/install_test.go:43:17: fmt.Errorf can be replaced with errors.New (perfsprint) return nil, fmt.Errorf("Error installing plugin") ^ cli/command/plugin/install_test.go:51:17: fmt.Errorf can be replaced with errors.New (perfsprint) return nil, fmt.Errorf("(image) when fetching") ^ cli/command/plugin/install_test.go:95:17: fmt.Errorf can be replaced with errors.New (perfsprint) return nil, fmt.Errorf("should not try to install plugin") ^ cli/command/plugin/list_test.go:35:41: fmt.Errorf can be replaced with errors.New (perfsprint) return types.PluginsListResponse{}, fmt.Errorf("error listing plugins") ^ cli/command/plugin/remove_test.go:27:12: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("Error removing plugin") ^ cli/command/registry/login_test.go:36:46: fmt.Errorf can be replaced with errors.New (perfsprint) return registrytypes.AuthenticateOKBody{}, fmt.Errorf("Invalid Username or Password") ^ cli/command/registry/login_test.go:44:46: fmt.Errorf can be replaced with errors.New (perfsprint) return registrytypes.AuthenticateOKBody{}, fmt.Errorf(errUnknownUser) ^ cli/command/system/info.go:190:10: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("errors pretty printing info") ^ cli/command/system/prune.go:77:10: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf(`ERROR: The "until" filter is not supported with "--volumes"`) ^ cli/command/system/version_test.go:19:28: fmt.Errorf can be replaced with errors.New (perfsprint) return types.Version{}, fmt.Errorf("no server") ^ cli/command/trust/key_load.go:112:22: fmt.Errorf can be replaced with errors.New (perfsprint) return []byte{}, fmt.Errorf("could not decrypt key") ^ cli/command/trust/revoke.go:44:10: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("cannot use a digest reference for IMAGE:TAG") ^ cli/command/trust/revoke.go:105:10: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("no signed tags to remove") ^ cli/command/trust/signer_add.go:56:10: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("releases is a reserved keyword, please use a different signer name") ^ cli/command/trust/signer_add.go:60:10: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("path to a public key must be provided using the `--key` flag") ^ opts/config.go:71:10: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("source is required") ^ opts/mount.go:168:10: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("type is required") ^ opts/mount.go:172:10: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("target is required") ^ opts/network.go:90:11: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("network name/id is not specified") ^ opts/network.go:129:18: fmt.Errorf can be replaced with errors.New (perfsprint) return "", "", fmt.Errorf("invalid key value pair format in driver options") ^ opts/opts.go:404:13: fmt.Errorf can be replaced with errors.New (perfsprint) return 0, fmt.Errorf("value is too precise") ^ opts/opts.go:412:18: fmt.Errorf can be replaced with errors.New (perfsprint) return "", "", fmt.Errorf("empty string specified for links") ^ opts/parse.go:84:37: fmt.Errorf can be replaced with errors.New (perfsprint) return container.RestartPolicy{}, fmt.Errorf("invalid restart policy format: no policy provided before colon") ^ opts/parse.go:89:38: fmt.Errorf can be replaced with errors.New (perfsprint) return container.RestartPolicy{}, fmt.Errorf("invalid restart policy format: maximum retry count must be an integer") ^ opts/port.go:105:13: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("hostip is not supported") ^ opts/secret.go:70:10: fmt.Errorf can be replaced with errors.New (perfsprint) return fmt.Errorf("source is required") ^ opts/env_test.go:57:11: fmt.Errorf can be replaced with errors.New (perfsprint) err: fmt.Errorf("invalid environment variable: =a"), ^ opts/env_test.go:93:11: fmt.Errorf can be replaced with errors.New (perfsprint) err: fmt.Errorf("invalid environment variable: ="), ^ cli-plugins/manager/error_test.go:16:11: fmt.Errorf can be replaced with errors.New (perfsprint) inner := fmt.Errorf("testing") ^ Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-10 14:47:07 -04:00
return errors.New("path to a public key must be provided using the `--key` flag")
}
signerPubKeys, err := ingestPublicKeys(options.keys.GetAll())
if err != nil {
return err
}
var errRepos []string
for _, repoName := range options.repos {
fmt.Fprintf(dockerCLI.Out(), "Adding signer \"%s\" to %s...\n", signerName, repoName)
if err := addSignerToRepo(ctx, dockerCLI, signerName, repoName, signerPubKeys); err != nil {
fmt.Fprintln(dockerCLI.Err(), err.Error()+"\n")
errRepos = append(errRepos, repoName)
} else {
fmt.Fprintf(dockerCLI.Out(), "Successfully added signer: %s to %s\n\n", signerName, repoName)
}
}
if len(errRepos) > 0 {
linting: ST1005: error strings should not be capitalized (stylecheck) While fixing, also updated errors without placeholders to `errors.New()`, and updated some code to use pkg/errors if it was already in use in the file. cli/command/config/inspect.go:59:10: ST1005: error strings should not be capitalized (stylecheck) return fmt.Errorf("Cannot supply extra formatting options to the pretty template") ^ cli/command/node/inspect.go:61:10: ST1005: error strings should not be capitalized (stylecheck) return fmt.Errorf("Cannot supply extra formatting options to the pretty template") ^ cli/command/secret/inspect.go:57:10: ST1005: error strings should not be capitalized (stylecheck) return fmt.Errorf("Cannot supply extra formatting options to the pretty template") ^ cli/command/trust/common.go:77:74: ST1005: error strings should not be capitalized (stylecheck) return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signatures or cannot access %s", remote) ^ cli/command/trust/common.go:85:73: ST1005: error strings should not be capitalized (stylecheck) return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signers for %s", remote) ^ cli/command/trust/sign.go:137:10: ST1005: error strings should not be capitalized (stylecheck) return fmt.Errorf("No tag specified for %s", imgRefAndAuth.Name()) ^ cli/command/trust/sign.go:151:19: ST1005: error strings should not be capitalized (stylecheck) return *target, fmt.Errorf("No tag specified") ^ cli/command/trust/signer_add.go:77:10: ST1005: error strings should not be capitalized (stylecheck) return fmt.Errorf("Failed to add signer to: %s", strings.Join(errRepos, ", ")) ^ cli/command/trust/signer_remove.go:52:10: ST1005: error strings should not be capitalized (stylecheck) return fmt.Errorf("Error removing signer from: %s", strings.Join(errRepos, ", ")) ^ cli/command/trust/signer_remove.go:67:17: ST1005: error strings should not be capitalized (stylecheck) return false, fmt.Errorf("All signed tags are currently revoked, use docker trust sign to fix") ^ cli/command/trust/signer_remove.go:108:17: ST1005: error strings should not be capitalized (stylecheck) return false, fmt.Errorf("No signer %s for repository %s", signerName, repoName) ^ opts/hosts.go:89:14: ST1005: error strings should not be capitalized (stylecheck) return "", fmt.Errorf("Invalid bind address format: %s", addr) ^ opts/hosts.go:100:14: ST1005: error strings should not be capitalized (stylecheck) return "", fmt.Errorf("Invalid proto, expected %s: %s", proto, addr) ^ opts/hosts.go:119:14: ST1005: error strings should not be capitalized (stylecheck) return "", fmt.Errorf("Invalid proto, expected tcp: %s", tryAddr) ^ opts/hosts.go:144:14: ST1005: error strings should not be capitalized (stylecheck) return "", fmt.Errorf("Invalid bind address format: %s", tryAddr) ^ opts/hosts.go:155:14: ST1005: error strings should not be capitalized (stylecheck) return "", fmt.Errorf("Invalid bind address format: %s", tryAddr) ^ Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-02 18:04:53 -04:00
return fmt.Errorf("failed to add signer to: %s", strings.Join(errRepos, ", "))
}
return nil
}
func addSignerToRepo(ctx context.Context, dockerCLI command.Cli, signerName string, repoName string, signerPubKeys []data.PublicKey) error {
imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, image.AuthResolver(dockerCLI), repoName)
if err != nil {
return err
}
notaryRepo, err := dockerCLI.NotaryClient(imgRefAndAuth, trust.ActionsPushAndPull)
if err != nil {
return trust.NotaryError(imgRefAndAuth.Reference().Name(), err)
}
if _, err = notaryRepo.ListTargets(); err != nil {
switch err.(type) {
case client.ErrRepoNotInitialized, client.ErrRepositoryNotExist:
fmt.Fprintf(dockerCLI.Out(), "Initializing signed repository for %s...\n", repoName)
if err := getOrGenerateRootKeyAndInitRepo(notaryRepo); err != nil {
return trust.NotaryError(repoName, err)
}
fmt.Fprintf(dockerCLI.Out(), "Successfully initialized %q\n", repoName)
default:
return trust.NotaryError(repoName, err)
}
}
newSignerRoleName := data.RoleName(path.Join(data.CanonicalTargetsRole.String(), signerName))
if err := addStagedSigner(notaryRepo, newSignerRoleName, signerPubKeys); err != nil {
return errors.Wrapf(err, "could not add signer to repo: %s", strings.TrimPrefix(newSignerRoleName.String(), "targets/"))
}
return notaryRepo.Publish()
}
func ingestPublicKeys(pubKeyPaths []string) ([]data.PublicKey, error) {
pubKeys := []data.PublicKey{}
for _, pubKeyPath := range pubKeyPaths {
// Read public key bytes from PEM file, limit to 1 KiB
pubKeyFile, err := os.OpenFile(pubKeyPath, os.O_RDONLY, 0o666)
if err != nil {
return nil, errors.Wrap(err, "unable to read public key from file")
}
defer pubKeyFile.Close()
// limit to
l := io.LimitReader(pubKeyFile, 1<<20)
pubKeyBytes, err := io.ReadAll(l)
if err != nil {
return nil, errors.Wrap(err, "unable to read public key from file")
}
// Parse PEM bytes into type PublicKey
pubKey, err := tufutils.ParsePEMPublicKey(pubKeyBytes)
if err != nil {
return nil, errors.Wrapf(err, "could not parse public key from file: %s", pubKeyPath)
}
pubKeys = append(pubKeys, pubKey)
}
return pubKeys, nil
}