Skip to content

Commit

Permalink
Correct Helm index keys (#474)
Browse files Browse the repository at this point in the history
Signed-off-by: Andrew Block <andy.block@gmail.com>
  • Loading branch information
sabre1041 authored Nov 2, 2021
1 parent 0c2b37c commit 317e88d
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 14 deletions.
7 changes: 6 additions & 1 deletion pkg/types/helm/provenance_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (
"os"
"testing"

"github.com/sigstore/rekor/pkg/generated/models"
"github.com/sigstore/rekor/pkg/pki"
"github.com/sigstore/rekor/pkg/pki/pgp"
)
Expand All @@ -37,12 +38,16 @@ func TestProvenance(t *testing.T) {
t.Fatalf("unmarshal error: %v", err)
}

checksum, err := provenance.GetChartHash()
algorithm, checksum, err := provenance.GetChartAlgorithmHash()

if err != nil {
t.Fatalf("Error retrieving chart hash: %v", err)
}

if models.HelmV001SchemaChartHashAlgorithmSha256 != algorithm {
t.Fatalf("Unexpected checksum algorithm. Expected %s, found %s", models.HelmV001SchemaChartHashAlgorithmSha256, algorithm)
}

if len(checksum) == 0 {
t.Fatal("Empty checksum")
}
Expand Down
10 changes: 5 additions & 5 deletions pkg/types/helm/providence.go
Original file line number Diff line number Diff line change
Expand Up @@ -94,10 +94,10 @@ func (p *Provenance) parseMessageBlock(data []byte) error {
return nil
}

func (p *Provenance) GetChartHash() (string, error) {
func (p *Provenance) GetChartAlgorithmHash() (string, string, error) {

if p.SumCollection == nil || p.SumCollection.Files == nil {
return "", errors.New("Unable to locate chart hash")
return "", "", errors.New("Unable to locate chart hash")

}

Expand All @@ -108,13 +108,13 @@ func (p *Provenance) GetChartHash() (string, error) {
parts := strings.Split(value, ":")

if len(parts) != 2 {
return "", errors.New("Invalid hash found in Provenance file")
return "", "", errors.New("Invalid hash found in Provenance file")
}

return parts[1], nil
return parts[0], parts[1], nil
}

// Return error if no keys found
return "", errors.New("No checksums found")
return "", "", errors.New("No checksums found")

}
13 changes: 5 additions & 8 deletions pkg/types/helm/v0.0.1/entry.go
Original file line number Diff line number Diff line change
Expand Up @@ -87,16 +87,15 @@ func (v V001Entry) IndexKeys() []string {

result = append(result, v.keyObj.EmailAddresses()...)

chartHash, err := v.provenanceObj.GetChartHash()
algorithm, chartHash, err := v.provenanceObj.GetChartAlgorithmHash()

if err != nil {
log.Logger.Error(err)
} else {
result = append(result, chartHash)
hashKey := strings.ToLower(fmt.Sprintf("%s:%s", algorithm, chartHash))
result = append(result, hashKey)
}

//TODO: Store signature as index

return result
}

Expand Down Expand Up @@ -274,16 +273,14 @@ func (v *V001Entry) Canonicalize(ctx context.Context) ([]byte, error) {

canonicalEntry.Chart = &models.HelmV001SchemaChart{}

chartHash, err := v.provenanceObj.GetChartHash()
algorithm, chartHash, err := v.provenanceObj.GetChartAlgorithmHash()

if err != nil {
return nil, err
}

sha256 := models.AlpineV001SchemaPackageHashAlgorithmSha256

canonicalEntry.Chart.Hash = &models.HelmV001SchemaChartHash{}
canonicalEntry.Chart.Hash.Algorithm = &sha256
canonicalEntry.Chart.Hash.Algorithm = &algorithm
canonicalEntry.Chart.Hash.Value = &chartHash

canonicalEntry.Chart.Provenance = &models.HelmV001SchemaChartProvenance{}
Expand Down

0 comments on commit 317e88d

Please # to comment.