Skip to content

spec: update cli verify spec for UX improvement#440

Merged
priteshbandi merged 11 commits intonotaryproject:mainfrom
yizha1:verify_ux
Dec 2, 2022
Merged

spec: update cli verify spec for UX improvement#440
priteshbandi merged 11 commits intonotaryproject:mainfrom
yizha1:verify_ux

Conversation

@yizha1
Copy link
Contributor

@yizha1 yizha1 commented Nov 8, 2022

Update cli verify spec for UX improvement

Signed-off-by: Yi Zha yizha1@microsoft.com

@yizha1
spec: update cli verify spec for UX improvement
eee90cd 
Signed-off-by: Yi Zha <yizha1@microsoft.com>
@yizha1 yizha1 added UX User experience changes spec Specifications to define the product requirements labels Nov 8, 2022
@yizha1 yizha1 self-assigned this Nov 8, 2022
@yizha1 yizha1 linked an issue Nov 8, 2022 that may be closed by this pull request
UX: Improve the help doc and output for verification #304
Closed
@yizha1
spec: update debug description
ef64d6a 
Signed-off-by: Yi Zha <yizha1@microsoft.com>
@FeynmanZhou
Copy link
Member

FeynmanZhou commented Nov 8, 2022

I saw this PR has also improved the output of notation verify when failing to verify a signature in beta.1 as follows, this is great.

$ notation verify localhost:5000/library/hello-world:latest

ERROR: signature verification failed

Signature verification failed for all the 1 signatures associated with digest: sha256:92c7f9c92844bbbb5d0a101b22f7c2a7949e40f8ea90c8b3bc396879d95e899a

Signature #1 : signature is not produced by a trusted signer

Error: signature verification failed

toddysm
toddysm approved these changes Nov 8, 2022
View reviewed changes
Copy link
Contributor

@toddysm toddysm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure that the cat experience for the trust policy is the best user experience but it seems this is what we can do for now.

@yizha1 yizha1 mentioned this pull request Nov 9, 2022
Closed
toddysm
toddysm previously requested changes Nov 11, 2022
View reviewed changes
@yizha1
spec: remove updates for debug option
331321b 
Signed-off-by: Yi Zha <yizha1@microsoft.com>
@yizha1 yizha1 requested review from toddysm and removed request for dtzar November 18, 2022 06:17
@yizha1
Copy link
Contributor Author

yizha1 commented Nov 18, 2022
edited
Loading

Remove the updates for debug option, which will be solved by separate issue. @toddysm @priteshbandi

@codecov-commenter
Copy link

codecov-commenter commented Nov 18, 2022
edited
Loading

Codecov Report

Merging #440 (c0de485) into main (5732b76) will decrease coverage by 0.34%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             main     #440      +/-   ##
==========================================
- Coverage   32.82%   32.48%   -0.35%     
==========================================
  Files          25       25              
  Lines        1237     1250      +13     
==========================================
  Hits          406      406              
- Misses        819      832      +13     
  Partials       12       12
Impacted Files Coverage Δ
cmd/notation/verify.go 22.07% <0.00%> (-2.93%) ⬇️
cmd/notation/cert/generateTest.go 16.66% <0.00%> (-1.26%) ⬇️
cmd/notation/list.go 23.28% <0.00%> (-0.66%) ⬇️
cmd/notation/plugin.go 0.00% <0.00%> (ø)
cmd/notation/registry.go 0.00% <0.00%> (ø)
cmd/notation/key.go 24.75% <0.00%> (+0.24%) ⬆️
cmd/notation/sign.go 45.45% <0.00%> (+8.22%) ⬆️

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@yizha1 yizha1 added this to the RC-1 milestone Nov 18, 2022
priteshbandi
priteshbandi reviewed Nov 18, 2022
View reviewed changes
patrickzheng200
patrickzheng200 reviewed Nov 21, 2022
View reviewed changes
@yizha1
spec: update according to comments
831cfcd 
Signed-off-by: Yi Zha <yizha1@microsoft.com>
@patrickzheng200 patrickzheng200 mentioned this pull request Nov 22, 2022
Merged
@yizha1
Copy link
Contributor Author

yizha1 commented Nov 23, 2022
edited
Loading

@priteshbandi @toddysm New updates:

  • Added a table for example values of trust policy properties.
  • Added directory examples for different OS users.

@yizha1
spec: fix typos
d339f0e 
Signed-off-by: Yi Zha <yizha1@microsoft.com>
vaninrao10
vaninrao10 reviewed Nov 23, 2022
View reviewed changes
Copy link
Contributor

@vaninrao10 vaninrao10 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

FeynmanZhou
FeynmanZhou reviewed Nov 24, 2022
View reviewed changes
FeynmanZhou
FeynmanZhou reviewed Nov 24, 2022
View reviewed changes
FeynmanZhou
FeynmanZhou reviewed Nov 24, 2022
View reviewed changes
shizhMSFT
shizhMSFT reviewed Nov 25, 2022
View reviewed changes
specs/commandline/verify.md Outdated
| registryScopes | "*" | The policy applies to all the artifacts stored in any repositories. |
| signatureVerification | "level": "strict" | Signature verification is performed at strict level, which enforces all validations: `integrity`, `authenticity`, `authentic timestamp`, `expiry` and `revocation`.|
| signatureVerification | "level": "permissive" | The permissive level enforces most validations, but will only logs failures for `revocation` and `expiry`. |
| signatureVerification | "level": "audit" | The audit level only enforces signature `integrity` if a signature is present. Failure of all other validations are only logged. |
Copy link
Contributor

@shizhMSFT shizhMSFT Nov 25, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't have log implemented.

@yizha1 yizha1 mentioned this pull request Nov 28, 2022
Open
patrickzheng200
patrickzheng200 reviewed Nov 28, 2022
View reviewed changes
patrickzheng200
patrickzheng200 reviewed Nov 28, 2022
View reviewed changes
@yizha1 yizha1 mentioned this pull request Nov 28, 2022
Closed
@yizha1
update per comments
3078025 
Signed-off-by: Yi Zha <yizha1@microsoft.com>
@yizha1
update per comments
e611ce6 
Signed-off-by: Yi Zha <yizha1@microsoft.com>
@yizha1
update per comments
7ed1b70 
Signed-off-by: Yi Zha <yizha1@microsoft.com>
vaninrao10
vaninrao10 reviewed Nov 28, 2022
View reviewed changes
Copy link
Contributor

@vaninrao10 vaninrao10 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

iamsamirzon
iamsamirzon reviewed Nov 28, 2022
View reviewed changes
iamsamirzon
iamsamirzon reviewed Nov 28, 2022
View reviewed changes
@iamsamirzon
Copy link
Contributor

iamsamirzon commented Nov 28, 2022

Suggested two enhancements

@yizha1
update per comments
fe944a5 
Signed-off-by: Yi Zha <yizha1@microsoft.com>
patrickzheng200
patrickzheng200 approved these changes Nov 29, 2022
View reviewed changes
Copy link
Contributor

@patrickzheng200 patrickzheng200 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

shizhMSFT
shizhMSFT approved these changes Dec 1, 2022
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM with notes

specs/commandline/verify.md Outdated
Comment on lines 14 to 15
Resolved artifact tag '<tag>' to digest '<digest>' before verification.
Warning: The resolved digest may not point to the same signed artifact, since tags are mutable.
Copy link
Contributor

@shizhMSFT shizhMSFT Dec 1, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: These outputs will be in the form of logs.

patrickzheng200
patrickzheng200 reviewed Dec 1, 2022
View reviewed changes
@yizha1
update according to comments
c0de485 
Signed-off-by: Yi Zha <yizha1@microsoft.com>
@yizha1 yizha1 dismissed toddysm’s stale review December 2, 2022 04:24

Discussed with Toddy and looks good to him.

@priteshbandi priteshbandi merged commit 2b39cf5 into notaryproject:main Dec 2, 2022
7h3-3mp7y-m4n pushed a commit to 7h3-3mp7y-m4n/notation that referenced this pull request Mar 29, 2025
@yizha1 @7h3-3mp7y-m4n
spec: update cli verify spec for UX improvement (notaryproject#440)
b9b846a 
Update cli verify spec for UX improvement

Signed-off-by: Yi Zha <yizha1@microsoft.com>
Signed-off-by: Yi Zha <yizha1@microsoft.com>
FeynmanZhou pushed a commit to FeynmanZhou/notation that referenced this pull request May 15, 2025
@yizha1 @FeynmanZhou
spec: update cli verify spec for UX improvement (notaryproject#440)
928c37f 
Update cli verify spec for UX improvement

Signed-off-by: Yi Zha <yizha1@microsoft.com>
Signed-off-by: Yi Zha <yizha1@microsoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vaninrao10 vaninrao10 vaninrao10 left review comments

@shizhMSFT shizhMSFT shizhMSFT approved these changes

@gokarnm gokarnm Awaiting requested review from gokarnm gokarnm is a code owner

@toddysm toddysm Awaiting requested review from toddysm toddysm is a code owner

@priteshbandi priteshbandi Awaiting requested review from priteshbandi priteshbandi is a code owner

@JeyJeyGao JeyJeyGao Awaiting requested review from JeyJeyGao

@FeynmanZhou FeynmanZhou Awaiting requested review from FeynmanZhou

+2 more reviewers

@patrickzheng200 patrickzheng200 patrickzheng200 approved these changes

@iamsamirzon iamsamirzon iamsamirzon approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@yizha1 yizha1

Labels

spec Specifications to define the product requirements UX User experience changes

Projects

Notary Project Planning Board
Status: Done

Milestone

RC-1

Development

Successfully merging this pull request may close these issues.

UX: Improve the help doc and output for verification

9 participants

@yizha1 @FeynmanZhou @codecov-commenter @iamsamirzon @toddysm @priteshbandi @shizhMSFT @patrickzheng200 @vaninrao10

Comments