Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature cli (#56) #127

Merged
merged 8 commits into from
Sep 17, 2021
Merged

Feature cli (#56) #127

merged 8 commits into from
Sep 17, 2021

Conversation

pxp928
Copy link
Member

@pxp928 pxp928 commented Sep 13, 2021
edited by adityasaky
Loading

Added CLI support for in-toto-golang. Updated Readme and added Makefile support. Supports ITE-7 implementation for certificate constraints. Functionality testing of the CLI done via the Makefile. Second PR of the Boxboat fork.

Please fill in the fields below to submit a pull request. The more
information that is provided, the better.

Fixes issue #: #106

Description of pull request:

Please verify and check that the pull request fulfills the following
requirements:

  • Tests have been added for the bug fix or new feature
  • Docs have been added for the bug fix or new feature

shibumi
shibumi approved these changes Sep 13, 2021
View reviewed changes
Copy link
Collaborator

@shibumi shibumi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

adityasaky
adityasaky requested changes Sep 14, 2021
View reviewed changes
Copy link
Member

@adityasaky adityasaky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR @pxp928! This looks great, and I think we should borrow some things from here for the CLI in https://github.com/in-toto/in-toto. However, I've marked some changes I think we need for consistency etc...

README.md Outdated Show resolved Hide resolved
cmd/in-toto/run.go Outdated Show resolved Hide resolved
cmd/in-toto/run.go Outdated Show resolved Hide resolved
cmd/in-toto/run.go Outdated
func runPreRun(cmd *cobra.Command, args []string) error {
key = intoto.Key{}
cert = intoto.Key{}
if err := key.LoadKeyDefaults(keyPath); err != nil {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we better handle the error if neither key, nor cert is supplied? Right now, it looks like invalid key at : open : no such file or directory.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added check and error for file not found.

cmd/in-toto/record.go Show resolved Hide resolved
cmd/in-toto/record.go Show resolved Hide resolved
cmd/in-toto/record.go Outdated Show resolved Hide resolved
cmd/in-toto/key.go Show resolved Hide resolved
@mikhailswift
Copy link
Member

I think the key layout command should be modified to exclude the private field of the keyval struct to be consistent with what the layout model expects

@adityasaky
Copy link
Member

Good point @mikhailswift.

@pxp928
Copy link
Member Author

pxp928 commented Sep 15, 2021

I will work through the fixes and changes today. Thanks for the feedback!

@pxp928 pxp928 mentioned this pull request Sep 15, 2021
Closed
2 tasks
@adityasaky adityasaky self-requested a review September 15, 2021 20:19
@pxp928
Copy link
Member Author

pxp928 commented Sep 15, 2021
edited
Loading

I think the key layout command should be modified to exclude the private field of the keyval struct to be consistent with what the layout model expects

@mikhailswift Should this just be changing the Private filed to string json:"private,omitempty"? Or did you have some other thoughts in mind?

@mikhailswift
Copy link
Member

I think the key layout command should be modified to exclude the private field of the keyval struct to be consistent with what the layout model expects

@mikhailswift Should this just be changing the Private filed to string json:"private,omitempty"? Or did you have some other thoughts in mind?

I think that should do it :)

@pxp928
Copy link
Member Author

pxp928 commented Sep 16, 2021

I think the key layout command should be modified to exclude the private field of the keyval struct to be consistent with what the layout model expects

@mikhailswift Should this just be changing the Private filed to string json:"private,omitempty"? Or did you have some other thoughts in mind?

I think that should do it :)

@mikhailswift I just did a replace to remove the empty private field. Using the omitempty caused many of the tests to fail. Is that what you were looking to do? The key layout is now properly formatted with the private field.

@adityasaky
Copy link
Member

adityasaky commented Sep 16, 2021
edited
Loading

If in-toto key layout is pointed to a private key, it should still only print the public key. As it stands, it currently prints both, because private is not empty in this case. The command is meant to be used with the layout, where we only ever add public keys, so we don't want it to ever print the private key.

Also, I wonder if we can enhance it to output <KEYID>: <KEYOBJ> rather than just <KEYOBJ>. This makes it easier to paste into the pubkeys field of a layout.

@adityasaky
Copy link
Member

I'll take another look at the PR as a whole today afternoon, thanks for addressing the comments @pxp928. 😄

adityasaky
adityasaky requested changes Sep 16, 2021
View reviewed changes
cmd/in-toto/run.go Show resolved Hide resolved
cmd/in-toto/record.go Show resolved Hide resolved
cmd/in-toto/record.go Show resolved Hide resolved
README.md Show resolved Hide resolved
@pxp928
Copy link
Member Author

pxp928 commented Sep 16, 2021

If in-toto key layout is pointed to a private key, it should still only print the public key. As it stands, it currently prints both, because private is not empty in this case. The command is meant to be used with the layout, where we only ever add public keys, so we don't want it to ever print the private key.

Also, I wonder if we can enhance it to output <KEYID>: <KEYOBJ> rather than just <KEYOBJ>. This makes it easier to paste into the pubkeys field of a layout.

Updated such that in-toto key layout now does not print out the private field. Also changed the output to <KEYID>: <KEYOBJ> such that it can be added directly to the layout. Changed the Makefile to reflect this new substitution into the layout for testing.

adityasaky
adityasaky approved these changes Sep 16, 2021
View reviewed changes
Copy link
Member

@adityasaky adityasaky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @pxp928! This looks fine to me. I'm happy to merge tonight or so, but if you get a chance before then, could I ask you to squash some commits?

@pxp928
parent 4869a0a
6862711 
author pxp928 <[email protected]> 1631470550 -0400
committer pxp928 <[email protected]> 1631823796 -0400

go mod tidy using go version 1.17

updated record/run commands and readme

added omitempty to private field

removed omitempty as test fails

added replace to remove empty private field in key layout

updated key layout and added check for key or cert in run/record
@adityasaky
Copy link
Member

Thanks for your work on this, @pxp928!

@adityasaky adityasaky merged commit 6b6d786 into in-toto:master Sep 17, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adityasaky adityasaky adityasaky approved these changes

@shibumi shibumi shibumi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@pxp928 @mikhailswift @adityasaky @shibumi