From c159d260dbe2c0a95e810c19a3f770b4f62eed16 Mon Sep 17 00:00:00 2001 From: Kevin McDermott Date: Wed, 28 Jun 2023 09:21:26 +0100 Subject: [PATCH] Add verification key to repository verified status This adds the ID of the key that was successful to the verified status for GitRepository resources. Signed-off-by: Kevin McDermott --- internal/controller/gitrepository_controller.go | 7 ++++--- internal/controller/gitrepository_controller_test.go | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/internal/controller/gitrepository_controller.go b/internal/controller/gitrepository_controller.go index 4edd480fe..d620c82fb 100644 --- a/internal/controller/gitrepository_controller.go +++ b/internal/controller/gitrepository_controller.go @@ -903,7 +903,8 @@ func (r *GitRepositoryReconciler) verifyCommitSignature(ctx context.Context, obj keyRings = append(keyRings, string(v)) } // Verify commit with GPG data from secret - if _, err := commit.Verify(keyRings...); err != nil { + entity, err := commit.Verify(keyRings...) + if err != nil { e := serror.NewGeneric( fmt.Errorf("signature verification of commit '%s' failed: %w", commit.Hash.String(), err), "InvalidCommitSignature", @@ -914,9 +915,9 @@ func (r *GitRepositoryReconciler) verifyCommitSignature(ctx context.Context, obj } conditions.MarkTrue(obj, sourcev1.SourceVerifiedCondition, meta.SucceededReason, - "verified signature of commit '%s'", commit.Hash.String()) + "verified signature of commit '%s' with key '%s'", commit.Hash.String(), entity) r.eventLogf(ctx, obj, eventv1.EventTypeTrace, "VerifiedCommit", - "verified signature of commit '%s'", commit.Hash.String()) + "verified signature of commit '%s' with key '%s'", commit.Hash.String(), entity) return sreconcile.ResultSuccess, nil } diff --git a/internal/controller/gitrepository_controller_test.go b/internal/controller/gitrepository_controller_test.go index 717527371..62c90b6d5 100644 --- a/internal/controller/gitrepository_controller_test.go +++ b/internal/controller/gitrepository_controller_test.go @@ -1519,7 +1519,7 @@ func TestGitRepositoryReconciler_verifyCommitSignature(t *testing.T) { }, want: sreconcile.ResultSuccess, assertConditions: []metav1.Condition{ - *conditions.TrueCondition(sourcev1.SourceVerifiedCondition, meta.SucceededReason, "verified signature of commit 'shasum'"), + *conditions.TrueCondition(sourcev1.SourceVerifiedCondition, meta.SucceededReason, "verified signature of commit 'shasum' with key '3299AEB0E4085BAF'"), }, }, {