Skip to content

Commit 4fcdcaa

Browse files
asraaSantiagoTorrestrishankatdatadogmnm678
authored
Add TUF type (sigstore#383)
* Adds rekor TUF type Co-authored-by: Santiago Torres <santiagotorres@purdue.edu> Co-authored-by: Trishank Karthik Kuppusamy <trishank.kuppusamy@datadoghq.com> Co-authored-by: Marina Moore <mnm678@gmail.com> Signed-off-by: Asra Ali <asraa@google.com> * add type documentation Signed-off-by: Asra Ali <asraa@google.com> * Address bob comments Signed-off-by: Asra Ali <asraa@google.com> * run make Signed-off-by: Asra Ali <asraa@google.com> * wip Signed-off-by: Asra Ali <asraa@google.com> * Address comments Signed-off-by: Asra Ali <asraa@google.com> Co-authored-by: Santiago Torres <santiagotorres@purdue.edu> Co-authored-by: Trishank Karthik Kuppusamy <trishank.kuppusamy@datadoghq.com> Co-authored-by: Marina Moore <mnm678@gmail.com>
1 parent b7e0a46 commit 4fcdcaa

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

58 files changed

+2875
-2519
lines changed

Makefile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -50,8 +50,8 @@ SERVER_PKG=github.com/sigstore/rekor/cmd/rekor-server/app
5050
SERVER_LDFLAGS="-X $(SERVER_PKG).GitVersion=$(GIT_VERSION) -X $(SERVER_PKG).gitCommit=$(GIT_HASH) -X $(SERVER_PKG).gitTreeState=$(GIT_TREESTATE) -X $(SERVER_PKG).buildDate=$(BUILD_DATE)"
5151

5252
$(GENSRC): $(SWAGGER) $(OPENAPIDEPS)
53-
$(SWAGGER) generate client -f openapi.yaml -q -r COPYRIGHT.txt -t pkg/generated --default-consumes application/json\;q=1
54-
$(SWAGGER) generate server -f openapi.yaml -q -r COPYRIGHT.txt -t pkg/generated --exclude-main -A rekor_server --exclude-spec --flag-strategy=pflag --default-produces application/json
53+
$(SWAGGER) generate client -f openapi.yaml -q -r COPYRIGHT.txt -t pkg/generated --default-consumes application/json\;q=1 --additional-initialism=TUF
54+
$(SWAGGER) generate server -f openapi.yaml -q -r COPYRIGHT.txt -t pkg/generated --exclude-main -A rekor_server --exclude-spec --flag-strategy=pflag --default-produces application/json --additional-initialism=TUF
5555

5656
.PHONY: validate-openapi
5757
validate-openapi: $(SWAGGER)

cmd/rekor-cli/app/root.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,7 @@ import (
3535
_ "github.com/sigstore/rekor/pkg/types/rekord/v0.0.1"
3636
_ "github.com/sigstore/rekor/pkg/types/rfc3161/v0.0.1"
3737
_ "github.com/sigstore/rekor/pkg/types/rpm/v0.0.1"
38+
_ "github.com/sigstore/rekor/pkg/types/tuf/v0.0.1"
3839
)
3940

4041
var rootCmd = &cobra.Command{

cmd/rekor-cli/app/search.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -165,6 +165,8 @@ var searchCmd = &cobra.Command{
165165
params.Query.PublicKey.Format = swag.String(models.SearchIndexPublicKeyFormatX509)
166166
case "ssh":
167167
params.Query.PublicKey.Format = swag.String(models.SearchIndexPublicKeyFormatSSH)
168+
case "tuf":
169+
params.Query.PublicKey.Format = swag.String(models.SearchIndexPublicKeyFormatTUF)
168170
default:
169171
return nil, fmt.Errorf("unknown pki-format %v", pkiFormat)
170172
}

cmd/rekor-server/app/serve.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,8 @@ import (
4242
rfc3161_v001 "github.com/sigstore/rekor/pkg/types/rfc3161/v0.0.1"
4343
"github.com/sigstore/rekor/pkg/types/rpm"
4444
rpm_v001 "github.com/sigstore/rekor/pkg/types/rpm/v0.0.1"
45+
"github.com/sigstore/rekor/pkg/types/tuf"
46+
tuf_v001 "github.com/sigstore/rekor/pkg/types/tuf/v0.0.1"
4547
)
4648

4749
// serveCmd represents the serve command
@@ -85,6 +87,7 @@ var serveCmd = &cobra.Command{
8587
rfc3161.KIND: rfc3161_v001.APIVERSION,
8688
alpine.KIND: alpine_v001.APIVERSION,
8789
helm.KIND: helm_v001.APIVERSION,
90+
tuf.KIND: tuf_v001.APIVERSION,
8891
}
8992

9093
for k, v := range pluggableTypeMap {

go.mod

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,8 @@ require (
4646
github.com/spf13/cobra v1.2.1
4747
github.com/spf13/pflag v1.0.5
4848
github.com/spf13/viper v1.8.1
49+
github.com/tent/canonical-json-go v0.0.0-20130607151641-96e4ba3a7613
50+
github.com/theupdateframework/go-tuf v0.0.0-20210722233521-90e262754396
4951
github.com/tidwall/pretty v1.2.0 // indirect
5052
github.com/tilinna/clock v1.1.0 // indirect
5153
github.com/ulikunitz/xz v0.5.10 // indirect

go.sum

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1119,6 +1119,7 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
11191119
github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s=
11201120
github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
11211121
github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ=
1122+
github.com/tent/canonical-json-go v0.0.0-20130607151641-96e4ba3a7613 h1:iGnD/q9160NWqKZZ5vY4p0dMiYMRknzctfSkqA4nBDw=
11221123
github.com/tent/canonical-json-go v0.0.0-20130607151641-96e4ba3a7613/go.mod h1:g6AnIpDSYMcphz193otpSIzN+11Rs+AAIIC6rm1enug=
11231124
github.com/theupdateframework/go-tuf v0.0.0-20210722233521-90e262754396 h1:j4odVZMwglHp54CYsNHd0wls+lkQzxloQU9AQjQu0W4=
11241125
github.com/theupdateframework/go-tuf v0.0.0-20210722233521-90e262754396/go.mod h1:L+uU/NRFK/7h0NYAnsmvsX9EghDB5QVCcHCIrK2h5nw=

openapi.yaml

Lines changed: 18 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -329,6 +329,23 @@ definitions:
329329
- spec
330330
additionalProperties: false
331331

332+
tuf:
333+
type: object
334+
description: TUF metadata
335+
allOf:
336+
- $ref: '#/definitions/ProposedEntry'
337+
- properties:
338+
apiVersion:
339+
type: string
340+
pattern: ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
341+
spec:
342+
type: object
343+
$ref: 'pkg/types/tuf/tuf_schema.json'
344+
required:
345+
- apiVersion
346+
- spec
347+
additionalProperties: false
348+
332349
alpine:
333350
type: object
334351
description: Alpine package
@@ -469,7 +486,7 @@ definitions:
469486
properties:
470487
format:
471488
type: string
472-
enum: ['pgp','x509','minisign', 'ssh']
489+
enum: ['pgp','x509','minisign', 'ssh', 'tuf']
473490
content:
474491
type: string
475492
format: byte

pkg/api/error.go

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ import (
2727
"github.com/sigstore/rekor/pkg/generated/models"
2828
"github.com/sigstore/rekor/pkg/generated/restapi/operations/entries"
2929
"github.com/sigstore/rekor/pkg/generated/restapi/operations/index"
30+
"github.com/sigstore/rekor/pkg/generated/restapi/operations/pubkey"
3031
"github.com/sigstore/rekor/pkg/generated/restapi/operations/timestamp"
3132
"github.com/sigstore/rekor/pkg/generated/restapi/operations/tlog"
3233
"github.com/sigstore/rekor/pkg/log"
@@ -134,9 +135,9 @@ func handleRekorAPIError(params interface{}, code int, err error, message string
134135
default:
135136
return tlog.NewGetLogProofDefault(code).WithPayload(errorMsg(message, code))
136137
}
137-
case tlog.GetPublicKeyParams:
138+
case pubkey.GetPublicKeyParams:
138139
logMsg(params.HTTPRequest)
139-
return tlog.NewGetPublicKeyDefault(code).WithPayload(errorMsg(message, code))
140+
return pubkey.NewGetPublicKeyDefault(code).WithPayload(errorMsg(message, code))
140141
case index.SearchIndexParams:
141142
logMsg(params.HTTPRequest)
142143
switch code {

pkg/generated/client/operations/get_public_key_parameters.go

Lines changed: 0 additions & 143 deletions
This file was deleted.

pkg/generated/client/operations/get_public_key_responses.go

Lines changed: 0 additions & 130 deletions
This file was deleted.

0 commit comments

Comments
 (0)