From 0488b3317b5cfceee82fd8c2dd38c4b0bf83feba Mon Sep 17 00:00:00 2001 From: Byron Chien Date: Thu, 5 Jan 2023 14:49:49 -0800 Subject: [PATCH 01/11] Adds additional flag and passes values to notation-go Signed-off-by: Byron Chien --- cmd/notation/key.go | 2 +- cmd/notation/sign.go | 9 ++++++++- cmd/notation/sign_test.go | 2 +- cmd/notation/verify.go | 31 ++++++++++++++++++++++++++++++- internal/cmd/flags.go | 24 ++++++++++++++++++------ 5 files changed, 58 insertions(+), 10 deletions(-) diff --git a/cmd/notation/key.go b/cmd/notation/key.go index fecc06432..49922f59f 100644 --- a/cmd/notation/key.go +++ b/cmd/notation/key.go @@ -220,7 +220,7 @@ func addExternalKey(ctx context.Context, opts *keyAddOpts, pluginName, keyName s if err != nil { return config.KeySuite{}, err } - pluginConfig, err := cmd.ParseFlagPluginConfig(opts.pluginConfig) + pluginConfig, err := cmd.ParseFlagMap(opts.pluginConfig, cmd.PflagPluginConfig.Name) if err != nil { return config.KeySuite{}, err } diff --git a/cmd/notation/sign.go b/cmd/notation/sign.go index 74ce1d8dd..775396a51 100644 --- a/cmd/notation/sign.go +++ b/cmd/notation/sign.go @@ -21,6 +21,7 @@ type signOpts struct { SecureFlagOpts expiry time.Duration pluginConfig []string + userMetadata []string reference string } @@ -66,6 +67,7 @@ Example - Sign an OCI artifact stored in a registry and specify the signature ex opts.SecureFlagOpts.ApplyFlags(command.Flags()) cmd.SetPflagExpiry(command.Flags(), &opts.expiry) cmd.SetPflagPluginConfig(command.Flags(), &opts.pluginConfig) + cmd.SetPflagUserMetadata(command.Flags(), &opts.userMetadata, cmd.PflagUserMetadataSignUsage) return command } @@ -111,7 +113,11 @@ func prepareSigningContent(ctx context.Context, opts *signOpts, sigRepo notation if err != nil { return notation.SignOptions{}, registry.Reference{}, err } - pluginConfig, err := cmd.ParseFlagPluginConfig(opts.pluginConfig) + pluginConfig, err := cmd.ParseFlagMap(opts.pluginConfig, cmd.PflagPluginConfig.Name) + if err != nil { + return notation.SignOptions{}, registry.Reference{}, err + } + userMetadata, err := cmd.ParseFlagMap(opts.userMetadata, cmd.PflagUserMetadata.Name) if err != nil { return notation.SignOptions{}, registry.Reference{}, err } @@ -121,6 +127,7 @@ func prepareSigningContent(ctx context.Context, opts *signOpts, sigRepo notation SignatureMediaType: mediaType, ExpiryDuration: opts.expiry, PluginConfig: pluginConfig, + UserMetadata: userMetadata, } return signOpts, ref, nil diff --git a/cmd/notation/sign_test.go b/cmd/notation/sign_test.go index 587f9bafc..39b936b0a 100644 --- a/cmd/notation/sign_test.go +++ b/cmd/notation/sign_test.go @@ -100,7 +100,7 @@ func TestSignCommand_CorrectConfig(t *testing.T) { if !reflect.DeepEqual(*expected, *opts) { t.Fatalf("Expect sign opts: %v, got: %v", expected, opts) } - config, err := cmd.ParseFlagPluginConfig(opts.pluginConfig) + config, err := cmd.ParseFlagMap(opts.pluginConfig, cmd.PflagPluginConfig.Name) if err != nil { t.Fatalf("Parse plugin Config flag failed: %v", err) } diff --git a/cmd/notation/verify.go b/cmd/notation/verify.go index 387e045dc..0eb3bac9c 100644 --- a/cmd/notation/verify.go +++ b/cmd/notation/verify.go @@ -5,7 +5,9 @@ import ( "errors" "fmt" "math" + "os" "reflect" + "text/tabwriter" "github.com/notaryproject/notation-go" notationregistry "github.com/notaryproject/notation-go/registry" @@ -23,6 +25,7 @@ type verifyOpts struct { SecureFlagOpts reference string pluginConfig []string + userMetadata []string } func verifyCommand(opts *verifyOpts) *cobra.Command { @@ -56,6 +59,7 @@ Example - Verify a signature on an OCI artifact identified by a tag (Notation w opts.LoggingFlagOpts.ApplyFlags(command.Flags()) opts.SecureFlagOpts.ApplyFlags(command.Flags()) command.Flags().StringArrayVarP(&opts.pluginConfig, "plugin-config", "c", nil, "{key}={value} pairs that are passed as it is to a plugin, if the verification is associated with a verification plugin, refer plugin documentation to set appropriate values") + cmd.SetPflagUserMetadata(command.Flags(), &opts.userMetadata, cmd.PflagUserMetadataVerifyUsage) return command } @@ -86,7 +90,13 @@ func runVerify(command *cobra.Command, opts *verifyOpts) error { } // set up verification plugin config. - configs, err := cmd.ParseFlagPluginConfig(opts.pluginConfig) + configs, err := cmd.ParseFlagMap(opts.pluginConfig, cmd.PflagPluginConfig.Name) + if err != nil { + return err + } + + // set up user metadata + userMetadata, err := cmd.ParseFlagMap(opts.userMetadata, cmd.PflagUserMetadata.Name) if err != nil { return err } @@ -97,6 +107,7 @@ func runVerify(command *cobra.Command, opts *verifyOpts) error { // TODO: need to change MaxSignatureAttempts as a user input flag or // a field in config.json MaxSignatureAttempts: math.MaxInt64, + UserMetadata: userMetadata, } // core verify process @@ -126,6 +137,7 @@ func runVerify(command *cobra.Command, opts *verifyOpts) error { fmt.Println("Trust policy is configured to skip signature verification for", ref.String()) } else { fmt.Println("Successfully verified signature for", ref.String()) + printMetadataIfPresent(outcome) } return nil } @@ -148,3 +160,20 @@ func resolveReference(ctx context.Context, opts *SecureFlagOpts, reference strin return ref, nil } + +func printMetadataIfPresent(outcome *notation.VerificationOutcome) { + // ignoring error, getting metadata for a successful outcome + metadata, _ := outcome.GetUserMetadata() + + if len(metadata) > 0 { + fmt.Println("\nThe artifact was signed with the following user metadata.") + tw := tabwriter.NewWriter(os.Stdout, 0, 0, 3, ' ', 0) + fmt.Fprintln(tw, "\nKEY\tVALUE\t") + + for k, v := range metadata { + fmt.Fprintf(tw, "%v\t%v\t\n", k, v) + } + + tw.Flush() + } +} \ No newline at end of file diff --git a/internal/cmd/flags.go b/internal/cmd/flags.go index 53512c1be..bbf195f5c 100644 --- a/internal/cmd/flags.go +++ b/internal/cmd/flags.go @@ -71,6 +71,18 @@ var ( SetPflagPluginConfig = func(fs *pflag.FlagSet, p *[]string) { fs.StringArrayVarP(p, PflagPluginConfig.Name, PflagPluginConfig.Shorthand, nil, PflagPluginConfig.Usage) } + + PflagUserMetadata = &pflag.Flag{ + Name: "user-metadata", + Shorthand: "m", + } + + PflagUserMetadataSignUsage = "example sign usage" + PflagUserMetadataVerifyUsage = "example verify usage" + + SetPflagUserMetadata = func(fs *pflag.FlagSet, p *[]string, usage string) { + fs.StringArrayVarP(p, PflagUserMetadata.Name, PflagUserMetadata.Shorthand, nil, usage) + } ) // KeyValueSlice is a flag with type int @@ -79,14 +91,14 @@ type KeyValueSlice interface { String() string } -func ParseFlagPluginConfig(config []string) (map[string]string, error) { - pluginConfig := make(map[string]string, len(config)) - for _, pair := range config { +func ParseFlagMap(c []string, flagName string) (map[string]string, error) { + m := make(map[string]string, len(c)) + for _, pair := range c { key, val, found := strings.Cut(pair, "=") if !found || key == "" || val == "" { - return nil, fmt.Errorf("could not parse flag %s: key-value pair requires \"=\" as separator", PflagPluginConfig.Name) + return nil, fmt.Errorf("could not parse flag %s: key-value pair requires \"=\" as separator", flagName) } - pluginConfig[key] = val + m[key] = val } - return pluginConfig, nil + return m, nil } From e0c5113cb5a8eb98149dc36f7907df6ee38e0202 Mon Sep 17 00:00:00 2001 From: Byron Chien Date: Fri, 13 Jan 2023 13:42:06 -0800 Subject: [PATCH 02/11] Fix usage, add error message Signed-off-by: Byron Chien --- cmd/notation/verify.go | 27 +++++++++------------------ internal/cmd/flags.go | 4 ++-- internal/ioutil/print.go | 11 +++++++++++ 3 files changed, 22 insertions(+), 20 deletions(-) diff --git a/cmd/notation/verify.go b/cmd/notation/verify.go index 0eb3bac9c..a5de11b32 100644 --- a/cmd/notation/verify.go +++ b/cmd/notation/verify.go @@ -7,13 +7,13 @@ import ( "math" "os" "reflect" - "text/tabwriter" "github.com/notaryproject/notation-go" notationregistry "github.com/notaryproject/notation-go/registry" "github.com/notaryproject/notation-go/verifier" "github.com/notaryproject/notation-go/verifier/trustpolicy" "github.com/notaryproject/notation/internal/cmd" + "github.com/notaryproject/notation/internal/ioutil" ocispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/spf13/cobra" @@ -115,10 +115,7 @@ func runVerify(command *cobra.Command, opts *verifyOpts) error { // write out on failure if err != nil || len(outcomes) == 0 { if err != nil { - var errorVerificationFailed *notation.ErrorVerificationFailed - if !errors.As(err, &errorVerificationFailed) { - return fmt.Errorf("signature verification failed: %w", err) - } + return fmt.Errorf("signature verification failed: %w", err) } return fmt.Errorf("signature verification failed for all the signatures associated with %s", ref.String()) } @@ -162,18 +159,12 @@ func resolveReference(ctx context.Context, opts *SecureFlagOpts, reference strin } func printMetadataIfPresent(outcome *notation.VerificationOutcome) { - // ignoring error, getting metadata for a successful outcome - metadata, _ := outcome.GetUserMetadata() - - if len(metadata) > 0 { - fmt.Println("\nThe artifact was signed with the following user metadata.") - tw := tabwriter.NewWriter(os.Stdout, 0, 0, 3, ' ', 0) - fmt.Fprintln(tw, "\nKEY\tVALUE\t") - - for k, v := range metadata { - fmt.Fprintf(tw, "%v\t%v\t\n", k, v) - } - - tw.Flush() + metadata, err := outcome.GetUserMetadata() + if err != nil { + fmt.Println("Warning: unable to parse metadata from signature") + return } + + fmt.Println("\nThe artifact was signed with the following user metadata.") + ioutil.PrintMetadataMap(os.Stdout, metadata) } \ No newline at end of file diff --git a/internal/cmd/flags.go b/internal/cmd/flags.go index bbf195f5c..763f92569 100644 --- a/internal/cmd/flags.go +++ b/internal/cmd/flags.go @@ -77,8 +77,8 @@ var ( Shorthand: "m", } - PflagUserMetadataSignUsage = "example sign usage" - PflagUserMetadataVerifyUsage = "example verify usage" + PflagUserMetadataSignUsage = "{key}={value} pairs that are added to the signature payload" + PflagUserMetadataVerifyUsage = "user defined {key}={value} pairs that must be present in the signature for successful verification if provided" SetPflagUserMetadata = func(fs *pflag.FlagSet, p *[]string, usage string) { fs.StringArrayVarP(p, PflagUserMetadata.Name, PflagUserMetadata.Shorthand, nil, usage) diff --git a/internal/ioutil/print.go b/internal/ioutil/print.go index c7661d76e..5c2e6f061 100644 --- a/internal/ioutil/print.go +++ b/internal/ioutil/print.go @@ -32,3 +32,14 @@ func PrintKeyMap(w io.Writer, target string, v []config.KeySuite) error { } return tw.Flush() } + +func PrintMetadataMap(w io.Writer, metadata map[string]string) error { + tw := newTabWriter(w) + fmt.Fprintln(tw, "\nKEY\tVALUE\t") + + for k, v := range metadata { + fmt.Fprintf(tw, "%v\t%v\t\n", k, v) + } + + return tw.Flush() +} \ No newline at end of file From 7e3e9e42f226ab470895fcadbf163f0b8e89686f Mon Sep 17 00:00:00 2001 From: Byron Chien Date: Tue, 17 Jan 2023 13:55:50 -0800 Subject: [PATCH 03/11] Ignore envelope parsing error and explain in comment Signed-off-by: Byron Chien --- cmd/notation/verify.go | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/cmd/notation/verify.go b/cmd/notation/verify.go index a5de11b32..5b7c51d92 100644 --- a/cmd/notation/verify.go +++ b/cmd/notation/verify.go @@ -159,11 +159,10 @@ func resolveReference(ctx context.Context, opts *SecureFlagOpts, reference strin } func printMetadataIfPresent(outcome *notation.VerificationOutcome) { - metadata, err := outcome.GetUserMetadata() - if err != nil { - fmt.Println("Warning: unable to parse metadata from signature") - return - } + // the signature envelope is parsed as part of verification. + // since user metadata is only printed on successful verification, + // this error can be ignored + metadata, _ := outcome.GetUserMetadata() fmt.Println("\nThe artifact was signed with the following user metadata.") ioutil.PrintMetadataMap(os.Stdout, metadata) From 5fa6511262e5e97c99197c4f42d02edd0e30568d Mon Sep 17 00:00:00 2001 From: Byron Chien Date: Wed, 18 Jan 2023 18:28:03 -0800 Subject: [PATCH 04/11] use RemoteSignOptions and fix verify error Signed-off-by: Byron Chien --- cmd/notation/sign.go | 14 +++++++------- cmd/notation/verify.go | 9 ++++++--- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/cmd/notation/sign.go b/cmd/notation/sign.go index 775396a51..40cc17f77 100644 --- a/cmd/notation/sign.go +++ b/cmd/notation/sign.go @@ -100,34 +100,34 @@ func runSign(command *cobra.Command, cmdOpts *signOpts) error { return nil } -func prepareSigningContent(ctx context.Context, opts *signOpts, sigRepo notationregistry.Repository) (notation.SignOptions, registry.Reference, error) { +func prepareSigningContent(ctx context.Context, opts *signOpts, sigRepo notationregistry.Repository) (notation.RemoteSignOptions, registry.Reference, error) { ref, err := resolveReference(ctx, &opts.SecureFlagOpts, opts.reference, sigRepo, func(ref registry.Reference, manifestDesc ocispec.Descriptor) { fmt.Printf("Warning: Always sign the artifact using digest(`@sha256:...`) rather than a tag(`:%s`) because tags are mutable and a tag reference can point to a different artifact than the one signed.\n", ref.Reference) fmt.Printf("Resolved artifact tag `%s` to digest `%s` before signing.\n", ref.Reference, manifestDesc.Digest.String()) }) if err != nil { - return notation.SignOptions{}, registry.Reference{}, err + return notation.RemoteSignOptions{}, registry.Reference{}, err } mediaType, err := envelope.GetEnvelopeMediaType(opts.SignerFlagOpts.SignatureFormat) if err != nil { - return notation.SignOptions{}, registry.Reference{}, err + return notation.RemoteSignOptions{}, registry.Reference{}, err } pluginConfig, err := cmd.ParseFlagMap(opts.pluginConfig, cmd.PflagPluginConfig.Name) if err != nil { - return notation.SignOptions{}, registry.Reference{}, err + return notation.RemoteSignOptions{}, registry.Reference{}, err } userMetadata, err := cmd.ParseFlagMap(opts.userMetadata, cmd.PflagUserMetadata.Name) if err != nil { - return notation.SignOptions{}, registry.Reference{}, err + return notation.RemoteSignOptions{}, registry.Reference{}, err } - signOpts := notation.SignOptions{ + signOpts := notation.RemoteSignOptions{ ArtifactReference: ref.String(), SignatureMediaType: mediaType, ExpiryDuration: opts.expiry, PluginConfig: pluginConfig, - UserMetadata: userMetadata, + UserMetadata: userMetadata, } return signOpts, ref, nil diff --git a/cmd/notation/verify.go b/cmd/notation/verify.go index 5b7c51d92..0853b0dbb 100644 --- a/cmd/notation/verify.go +++ b/cmd/notation/verify.go @@ -107,7 +107,7 @@ func runVerify(command *cobra.Command, opts *verifyOpts) error { // TODO: need to change MaxSignatureAttempts as a user input flag or // a field in config.json MaxSignatureAttempts: math.MaxInt64, - UserMetadata: userMetadata, + UserMetadata: userMetadata, } // core verify process @@ -115,7 +115,10 @@ func runVerify(command *cobra.Command, opts *verifyOpts) error { // write out on failure if err != nil || len(outcomes) == 0 { if err != nil { - return fmt.Errorf("signature verification failed: %w", err) + var errorVerificationFailed notation.ErrorVerificationFailed + if !errors.As(err, &errorVerificationFailed) { + return fmt.Errorf("signature verification failed: %w", err) + } } return fmt.Errorf("signature verification failed for all the signatures associated with %s", ref.String()) } @@ -166,4 +169,4 @@ func printMetadataIfPresent(outcome *notation.VerificationOutcome) { fmt.Println("\nThe artifact was signed with the following user metadata.") ioutil.PrintMetadataMap(os.Stdout, metadata) -} \ No newline at end of file +} From 9a54cbc73c64edac01fe014443d5bcc82adc90b6 Mon Sep 17 00:00:00 2001 From: Byron Chien Date: Thu, 19 Jan 2023 15:16:16 -0800 Subject: [PATCH 05/11] Use embedded struct Signed-off-by: Byron Chien --- cmd/notation/sign.go | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/cmd/notation/sign.go b/cmd/notation/sign.go index 40cc17f77..3107cdc2a 100644 --- a/cmd/notation/sign.go +++ b/cmd/notation/sign.go @@ -122,13 +122,12 @@ func prepareSigningContent(ctx context.Context, opts *signOpts, sigRepo notation return notation.RemoteSignOptions{}, registry.Reference{}, err } - signOpts := notation.RemoteSignOptions{ - ArtifactReference: ref.String(), - SignatureMediaType: mediaType, - ExpiryDuration: opts.expiry, - PluginConfig: pluginConfig, - UserMetadata: userMetadata, - } + signOpts := notation.RemoteSignOptions{} + signOpts.ArtifactReference = ref.String() + signOpts.SignatureMediaType = mediaType + signOpts.ExpiryDuration = opts.expiry + signOpts.PluginConfig = pluginConfig + signOpts.UserMetadata = userMetadata return signOpts, ref, nil } From 431ecbf16b3a3660e722b958b8fae92e7d3647d5 Mon Sep 17 00:00:00 2001 From: Byron Chien Date: Mon, 30 Jan 2023 16:27:49 -0800 Subject: [PATCH 06/11] Update UserMetadata() usage Signed-off-by: Byron Chien --- cmd/notation/verify.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/notation/verify.go b/cmd/notation/verify.go index 0853b0dbb..fa90383f9 100644 --- a/cmd/notation/verify.go +++ b/cmd/notation/verify.go @@ -165,7 +165,7 @@ func printMetadataIfPresent(outcome *notation.VerificationOutcome) { // the signature envelope is parsed as part of verification. // since user metadata is only printed on successful verification, // this error can be ignored - metadata, _ := outcome.GetUserMetadata() + metadata, _ := outcome.UserMetadata() fmt.Println("\nThe artifact was signed with the following user metadata.") ioutil.PrintMetadataMap(os.Stdout, metadata) From 5ae32bb7e212f173ed0d172de54b5f4b08e3850c Mon Sep 17 00:00:00 2001 From: byronchien Date: Thu, 2 Feb 2023 17:42:41 -0800 Subject: [PATCH 07/11] Update cmd/notation/sign.go Co-authored-by: Patrick Zheng Signed-off-by: Byron Chien --- cmd/notation/sign.go | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/cmd/notation/sign.go b/cmd/notation/sign.go index 3107cdc2a..38c6ba4f4 100644 --- a/cmd/notation/sign.go +++ b/cmd/notation/sign.go @@ -122,12 +122,12 @@ func prepareSigningContent(ctx context.Context, opts *signOpts, sigRepo notation return notation.RemoteSignOptions{}, registry.Reference{}, err } - signOpts := notation.RemoteSignOptions{} - signOpts.ArtifactReference = ref.String() - signOpts.SignatureMediaType = mediaType - signOpts.ExpiryDuration = opts.expiry - signOpts.PluginConfig = pluginConfig - signOpts.UserMetadata = userMetadata - + signOpts := notation.RemoteSignOptions{ + ArtifactReference: ref.String(), + SignatureMediaType: mediaType, + ExpiryDuration: opts.expiry, + PluginConfig: pluginConfig, + UserMetadata: userMetadata, + } return signOpts, ref, nil } From 1c3cddf0482584ce0b4e039bba3a8e635129c057 Mon Sep 17 00:00:00 2001 From: Byron Chien Date: Mon, 6 Feb 2023 16:21:34 -0800 Subject: [PATCH 08/11] Fix RemoteSignOptions initialization Signed-off-by: Byron Chien --- cmd/notation/sign.go | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/cmd/notation/sign.go b/cmd/notation/sign.go index 38c6ba4f4..46a6b5fc1 100644 --- a/cmd/notation/sign.go +++ b/cmd/notation/sign.go @@ -123,11 +123,13 @@ func prepareSigningContent(ctx context.Context, opts *signOpts, sigRepo notation } signOpts := notation.RemoteSignOptions{ - ArtifactReference: ref.String(), - SignatureMediaType: mediaType, - ExpiryDuration: opts.expiry, - PluginConfig: pluginConfig, - UserMetadata: userMetadata, + SignOptions: notation.SignOptions{ + ArtifactReference: ref.String(), + SignatureMediaType: mediaType, + ExpiryDuration: opts.expiry, + PluginConfig: pluginConfig, + }, + UserMetadata: userMetadata, } return signOpts, ref, nil } From 27606603328748d6ce6e0398c8b478132250006e Mon Sep 17 00:00:00 2001 From: Byron Chien Date: Mon, 6 Feb 2023 17:49:14 -0800 Subject: [PATCH 09/11] Spacing nit, check metadata presence Signed-off-by: Byron Chien --- cmd/notation/verify.go | 6 ++++-- internal/cmd/flags.go | 2 -- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cmd/notation/verify.go b/cmd/notation/verify.go index fa90383f9..39dc9f38f 100644 --- a/cmd/notation/verify.go +++ b/cmd/notation/verify.go @@ -167,6 +167,8 @@ func printMetadataIfPresent(outcome *notation.VerificationOutcome) { // this error can be ignored metadata, _ := outcome.UserMetadata() - fmt.Println("\nThe artifact was signed with the following user metadata.") - ioutil.PrintMetadataMap(os.Stdout, metadata) + if len(metadata) > 0 { + fmt.Println("\nThe artifact was signed with the following user metadata.") + ioutil.PrintMetadataMap(os.Stdout, metadata) + } } diff --git a/internal/cmd/flags.go b/internal/cmd/flags.go index 763f92569..561d206e9 100644 --- a/internal/cmd/flags.go +++ b/internal/cmd/flags.go @@ -76,10 +76,8 @@ var ( Name: "user-metadata", Shorthand: "m", } - PflagUserMetadataSignUsage = "{key}={value} pairs that are added to the signature payload" PflagUserMetadataVerifyUsage = "user defined {key}={value} pairs that must be present in the signature for successful verification if provided" - SetPflagUserMetadata = func(fs *pflag.FlagSet, p *[]string, usage string) { fs.StringArrayVarP(p, PflagUserMetadata.Name, PflagUserMetadata.Shorthand, nil, usage) } From 8b8ea5233bd0a32c2239b108edefaed39f1b6d59 Mon Sep 17 00:00:00 2001 From: Byron Chien Date: Wed, 8 Feb 2023 08:28:23 -0800 Subject: [PATCH 10/11] Use ParseFlagMap instead of ParseFlagPluginConfig Signed-off-by: Byron Chien --- cmd/notation/key.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/notation/key.go b/cmd/notation/key.go index 1ca8677a2..28462009b 100644 --- a/cmd/notation/key.go +++ b/cmd/notation/key.go @@ -163,7 +163,7 @@ func addKey(ctx context.Context, opts *keyAddOpts) error { // set log level ctx = opts.LoggingFlagOpts.SetLoggerLevel(ctx) - pluginConfig, err := cmd.ParseFlagPluginConfig(opts.pluginConfig) + pluginConfig, err := cmd.ParseFlagMap(opts.pluginConfig, cmd.PflagPluginConfig.Name) if err != nil { return err } From de7057b982ca9d9e760c04dc589f8a976a622377 Mon Sep 17 00:00:00 2001 From: Byron Chien Date: Wed, 8 Feb 2023 09:10:01 -0800 Subject: [PATCH 11/11] Update go.mod for notation-go changes Signed-off-by: Byron Chien --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 2f825c0fc..7b5a1655e 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.20 require ( github.com/docker/docker-credential-helpers v0.7.0 github.com/notaryproject/notation-core-go v1.0.0-rc.1 - github.com/notaryproject/notation-go v1.0.0-rc.1.0.20230203031935-510def1a3f48 + github.com/notaryproject/notation-go v1.0.0-rc.1.0.20230208032042-6ef3544efa06 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.0-rc2 github.com/sirupsen/logrus v1.9.0 diff --git a/go.sum b/go.sum index 2525aad58..376669868 100644 --- a/go.sum +++ b/go.sum @@ -22,6 +22,8 @@ github.com/notaryproject/notation-core-go v1.0.0-rc.1 h1:ACi0gr6mD1bzp9+gu3P0meJ github.com/notaryproject/notation-core-go v1.0.0-rc.1/go.mod h1:n8Gbvl9sKa00KptkKEL5XKUyMTIALe74QipKauE2rj4= github.com/notaryproject/notation-go v1.0.0-rc.1.0.20230203031935-510def1a3f48 h1:MHjaRqAn+uCBYkDuIGaVo91CnJY9MlTcZdYFfoE4yek= github.com/notaryproject/notation-go v1.0.0-rc.1.0.20230203031935-510def1a3f48/go.mod h1:B/26FcjJ9GVXm1j7z+/pWKck80LdFi3KiX4Zu7gixB8= +github.com/notaryproject/notation-go v1.0.0-rc.1.0.20230208032042-6ef3544efa06 h1:0AuNQ3303yvINJSEzHUrLHSsJOyAEJvCGUit44GhERk= +github.com/notaryproject/notation-go v1.0.0-rc.1.0.20230208032042-6ef3544efa06/go.mod h1:B/26FcjJ9GVXm1j7z+/pWKck80LdFi3KiX4Zu7gixB8= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc2 h1:2zx/Stx4Wc5pIPDvIxHXvXtQFW/7XWJGmnM7r3wg034=