UUID parsing to include pre-pended shard ID

Signed-off-by: Lily Sturmann <lsturman@redhat.com>

Author: lkatalin

cmd/rekor-cli/app/get.go

@@ -30,6 +30,7 @@ import (
 	"github.com/spf13/viper"
 
 	"github.com/sigstore/rekor/cmd/rekor-cli/app/format"
+	"github.com/sigstore/rekor/cmd/rekor-cli/app/sharding"
 	"github.com/sigstore/rekor/pkg/client"
 	"github.com/sigstore/rekor/pkg/generated/client/entries"
 	"github.com/sigstore/rekor/pkg/generated/models"
@@ -110,15 +111,21 @@ var getCmd = &cobra.Command{
 		if uuid != "" {
 			params := entries.NewGetLogEntryByUUIDParams()
 			params.SetTimeout(viper.GetDuration("timeout"))
-			params.EntryUUID = uuid
+			if len(uuid) == sharding.UUIDLen {
+				params.EntryUUID = uuid
+			} else if len(uuid) == sharding.FullIDLen {
+				params.EntryUUID = uuid[sharding.FullIDLen-sharding.UUIDLen:]
+			} else {
+				return nil, fmt.Errorf("invalid UUID length: %v", len(uuid))
+			}
 
 			resp, err := rekorClient.Entries.GetLogEntryByUUID(params)
 			if err != nil {
 				return nil, err
 			}
 
 			for k, entry := range resp.Payload {
-				if k != uuid {
+				if k != params.EntryUUID {
 					continue
 				}
 

cmd/rekor-cli/app/pflags.go

@@ -22,6 +22,7 @@ import (
 	"strings"
 	"time"
 
+	"github.com/sigstore/rekor/cmd/rekor-cli/app/sharding"
 	"github.com/sigstore/rekor/pkg/pki"
 	"github.com/sigstore/rekor/pkg/util"
 
@@ -56,8 +57,8 @@ var pflagValueFuncMap map[FlagType]newPFlagValueFunc
 func initializePFlagMap() {
 	pflagValueFuncMap = map[FlagType]newPFlagValueFunc{
 		uuidFlag: func() pflag.Value {
-			// this corresponds to the merkle leaf hash of entries, which is represented by a 64 character hexadecimal string
-			return valueFactory(uuidFlag, validateString("required,len=64,hexadecimal"), "")
+			// this corresponds to the merkle leaf hash of entries, which is represented by a 64 character hexadecimal string, prepended by the 6-digit shard ID and '-'  separator
+			return valueFactory(uuidFlag, validateFullID, "")
 		},
 		shaFlag: func() pflag.Value {
 			// this validates a valid sha256 checksum which is optionally prefixed with 'sha256:'
@@ -190,6 +191,53 @@ func validateFileOrURL(v string) error {
 	return valGen().Set(v)
 }
 
+// validateFullID ensures the FullID is composed of a valid shardID, separator character, and UUID
+func validateFullID(v string) error {
+	if len(v) == sharding.FullIDLen {
+
+		// validate separator
+		if string(v[sharding.ShardIDLen]) != sharding.FullIDSeparator {
+			return fmt.Errorf("unexpected separator char in fullID: %v", v[sharding.ShardIDLen])
+		}
+
+		// validate the ShardID
+		shardID := v[:sharding.ShardIDLen]
+		shardIDTag := "required," + "len=" + fmt.Sprintf("%v", sharding.ShardIDLen) + ",number"
+		shardIDStringValidatorFunc := validateString(shardIDTag)
+		shardIDErr := shardIDStringValidatorFunc(shardID)
+
+		if shardIDErr != nil {
+			return fmt.Errorf("invalid shardID: %v", shardID)
+		}
+
+		// validate the UUID
+		UUID := v[sharding.FullIDLen-sharding.UUIDLen:]
+		UUIDTag := "required," + "len=" + fmt.Sprintf("%v", sharding.UUIDLen) + ",hexadecimal"
+		UUIDStringValidatorFunc := validateString(UUIDTag)
+		UUIDErr := UUIDStringValidatorFunc(UUID)
+
+		if UUIDErr != nil {
+			return fmt.Errorf("invalid uuid: %v", UUID)
+		}
+
+		return nil
+
+	} else if len(v) == sharding.UUIDLen {
+		// indicates older UUID format is being used without pre-pended shardID
+		UUIDStringValidatorFunc := validateString("required,len=64,hexadecimal")
+		UUIDErr := UUIDStringValidatorFunc(v)
+
+		if UUIDErr != nil {
+			return fmt.Errorf("invalid uuid: %v", v)
+		}
+
+		return nil
+
+	}
+
+	return fmt.Errorf("fullID len error, expected %v but got %v", sharding.FullIDLen, len(v))
+}
+
 // validateLogIndex ensures that the supplied string is a valid log index (integer >= 0)
 func validateLogIndex(v string) error {
 	i, err := strconv.Atoi(v)

cmd/rekor-cli/app/sharding/sharding.go

@@ -0,0 +1,58 @@
+//
+// Copyright 2021 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package sharding
+
+import (
+	"fmt"
+)
+
+// A FullID refers to a specific artifact's ID and is made of two components,
+// the ShardID and the UUID, separated by a character, the FullIDSeparator.
+// The ShardID is in human-readable decimal and refers to the specific log or
+// shard where the artifact can be found. The UUID refers to the hex-encoded
+// merkle leaf hash from trillian for the specific artifact.
+
+const ShardIDMax = 999999
+const FullIDSeparator = "-"
+
+const ShardIDLen = 6
+const UUIDLen = 64
+const SeparatorLen = len(FullIDSeparator)
+const FullIDLen = ShardIDLen + UUIDLen + SeparatorLen
+
+// A ShardID is a number with specific properties, including
+// its representation as a six-digit string.
+type ShardID struct {
+	ShardIDInt    uint32
+	ShardIDString string
+}
+
+// Create a 6-digit string from shardID
+func IntToString(i uint32) string {
+	return fmt.Sprintf("%06d", i)
+}
+
+// Create default values
+func NewCurrent() ShardID {
+	return ShardID{
+		ShardIDInt:    CurrentShardID,
+		ShardIDString: IntToString(CurrentShardID)}
+}
+
+// TODO: The shardID will be part of the state and will be updated. Store it in state.go?
+// TODO: Add a check that the CurrentShardID cannot be updated beyond 999,999
+
+var CurrentShardID uint32 = 0

pkg/api/entries.go

@@ -36,6 +36,7 @@ import (
 	"google.golang.org/genproto/googleapis/rpc/code"
 	"google.golang.org/grpc/codes"
 
+	"github.com/sigstore/rekor/cmd/rekor-cli/app/sharding"
 	"github.com/sigstore/rekor/pkg/generated/models"
 	"github.com/sigstore/rekor/pkg/generated/restapi/operations/entries"
 	"github.com/sigstore/rekor/pkg/log"
@@ -183,7 +184,8 @@ func createLogEntry(params entries.CreateLogEntryParams) (models.LogEntry, middl
 	metricNewEntries.Inc()
 
 	queuedLeaf := resp.getAddResult.QueuedLeaf.Leaf
-	uuid := hex.EncodeToString(queuedLeaf.GetMerkleLeafHash())
+	shardID := sharding.NewCurrent()
+	uuid := shardID.ShardIDString + sharding.FullIDSeparator + hex.EncodeToString(queuedLeaf.GetMerkleLeafHash())
 
 	logEntryAnon := models.LogEntryAnon{
 		LogID:          swag.String(api.pubkeyHash),