Skip to content

Commit

Permalink
Merge remote-tracking branch 'upstream/main' into feat/blob_policy_cmd
Browse files Browse the repository at this point in the history 
Signed-off-by: Junjie Gao <[email protected]>
  • Loading branch information
@JeyJeyGao
JeyJeyGao committed Jan 14, 2025
2 parents 0cb99f7 + cd933da commit 6b9922a
Show file tree
Hide file tree
Showing 7 changed files with 60 additions and 37 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/codeql.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,8 @@ jobs:
go-version: ${{ matrix.go-version }}
check-latest: true
- name: Initialize CodeQL
uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
uses: github/codeql-action/init@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
with:
languages: go
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
uses: github/codeql-action/analyze@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
2 changes: 1 addition & 1 deletion .github/workflows/scorecard.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,6 @@ jobs:
retention-days: 5

- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
with:
sarif_file: results.sarif
5 changes: 0 additions & 5 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,6 @@ github.com/jcmturner/rpc/v2 v2.0.3 h1:7FXXj8Ti1IaVFpSAziCZWNzbNuZmnvw/i6CqLNdWfZ
github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc=
github.com/notaryproject/notation-core-go v1.2.0-rc.2 h1:0jOItalNwBNUhyuc5PPHQxO3jIZ5xRYq+IvRMQXNbuE=
github.com/notaryproject/notation-core-go v1.2.0-rc.2/go.mod h1:7aIcavfywFvBQoYyfVFJB501kt7Etqyubrt5mhJBG2c=
github.com/notaryproject/notation-go v1.2.0-beta.1.0.20250107003620-26ce0894a624 h1:JCJ+64H1A/aYhNaUak+1DV4dY2uL3L5GFMRLzrh9tDM=
github.com/notaryproject/notation-go v1.2.0-beta.1.0.20250107003620-26ce0894a624/go.mod h1:1QaHYG/UOeAYhfLBipsSxquu3BheRm7a+5RODcc5nQg=
github.com/notaryproject/notation-go v1.2.0-beta.1.0.20250114004447-851cbabbc40a h1:4YIVP+nzfUtT3JgDRuQKBeyKSHaCe8lRIbui+nQYchc=
github.com/notaryproject/notation-go v1.2.0-beta.1.0.20250114004447-851cbabbc40a/go.mod h1:JA4E4DjnL8ojwRu1VnGtiAWgcg69KFvRTlAAMZ/VQ58=
github.com/notaryproject/notation-plugin-framework-go v1.0.0 h1:6Qzr7DGXoCgXEQN+1gTZWuJAZvxh3p8Lryjn5FaLzi4=
Expand Down Expand Up @@ -79,7 +77,6 @@ golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
Expand Down Expand Up @@ -121,7 +118,6 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
Expand All @@ -133,7 +129,6 @@ golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg=
golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek=
Expand Down
10 changes: 5 additions & 5 deletions internal/cmd/flags.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,14 +44,14 @@ var (
Usage: "signature envelope format, options: \"jws\", \"cose\"",
}
SetPflagSignatureFormat = func(fs *pflag.FlagSet, p *string) {
defaultSignatureFormat := envelope.JWS
// load config to get signatureFormat
config, err := configutil.LoadConfigOnce()
if err == nil && config.SignatureFormat != "" {
defaultSignatureFormat = config.SignatureFormat
if err != nil || config.SignatureFormat == "" {
fs.StringVar(p, PflagSignatureFormat.Name, envelope.JWS, PflagSignatureFormat.Usage)
return
}

fs.StringVar(p, PflagSignatureFormat.Name, defaultSignatureFormat, PflagSignatureFormat.Usage)
// set signatureFormat from config
fs.StringVar(p, PflagSignatureFormat.Name, config.SignatureFormat, PflagSignatureFormat.Usage)
}

PflagID = &pflag.Flag{
Expand Down
36 changes: 18 additions & 18 deletions pkg/configutil/once.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,28 +21,28 @@ import (
"github.com/notaryproject/notation/internal/envelope"
)

var (
// configInfo is the config.json data
configInfo *config.Config
configOnce sync.Once
)
// loadConfigOnce is a function that invokes loadConfig only once.
var loadConfigOnce = sync.OnceValues(loadConfig)

// LoadConfigOnce returns the previously read config file.
// If previous config file does not exist, it reads the config from file
// or return a default config if not found.
// The returned config is only suitable for read only scenarios for short-lived processes.
func LoadConfigOnce() (*config.Config, error) {
var err error
configOnce.Do(func() {
configInfo, err = config.LoadConfig()
if err != nil {
return
}
// set default value
configInfo.SignatureFormat = strings.ToLower(configInfo.SignatureFormat)
if configInfo.SignatureFormat == "" {
configInfo.SignatureFormat = envelope.JWS
}
})
return configInfo, err
return loadConfigOnce()
}

// loadConfig reads the config from file or return a default config if not
// found.
func loadConfig() (*config.Config, error) {
configInfo, err := config.LoadConfig()
if err != nil {
return nil, err
}
// set default value
configInfo.SignatureFormat = strings.ToLower(configInfo.SignatureFormat)
if configInfo.SignatureFormat == "" {
configInfo.SignatureFormat = envelope.JWS
}
return configInfo, nil
}
31 changes: 30 additions & 1 deletion pkg/configutil/once_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,19 @@
package configutil

import (
"os"
"path/filepath"
"strings"
"sync"
"testing"

"github.com/notaryproject/notation-go/dir"
)

func TestLoadConfigOnce(t *testing.T) {
defer func() {
loadConfigOnce = sync.OnceValues(loadConfig)
}()
config1, err := LoadConfigOnce()
if err != nil {
t.Fatal("LoadConfigOnce failed.")
Expand All @@ -27,6 +36,26 @@ func TestLoadConfigOnce(t *testing.T) {
t.Fatal("LoadConfigOnce failed.")
}
if config1 != config2 {
t.Fatal("LoadConfigOnce is invalid.")
t.Fatal("LoadConfigOnce should return the same config.")
}
}

func TestLoadConfigOnceError(t *testing.T) {
dir.UserConfigDir = t.TempDir()
defer func() {
dir.UserConfigDir = ""
loadConfigOnce = sync.OnceValues(loadConfig)
}()
if err := os.WriteFile(filepath.Join(dir.UserConfigDir, dir.PathConfigFile), []byte("invalid json"), 0600); err != nil {
t.Fatal("Failed to create file.")
}

_, err := LoadConfigOnce()
if err == nil || !strings.Contains(err.Error(), "invalid character") {
t.Fatal("LoadConfigOnce should fail.")
}
_, err2 := LoadConfigOnce()
if err != err2 {
t.Fatal("LoadConfigOnce should return the same error.")
}
}
9 changes: 4 additions & 5 deletions pkg/configutil/util_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,11 +25,10 @@ import (
)

func TestIsRegistryInsecure(t *testing.T) {
configOnce = sync.Once{}
// for restore dir
defer func(oldDir string) {
dir.UserConfigDir = oldDir
configOnce = sync.Once{}
loadConfigOnce = sync.OnceValues(loadConfig)
}(dir.UserConfigDir)
// update config dir
dir.UserConfigDir = "testdata"
Expand All @@ -56,11 +55,10 @@ func TestIsRegistryInsecure(t *testing.T) {
}

func TestIsRegistryInsecureMissingConfig(t *testing.T) {
configOnce = sync.Once{}
// for restore dir
defer func(oldDir string) {
dir.UserConfigDir = oldDir
configOnce = sync.Once{}
loadConfigOnce = sync.OnceValues(loadConfig)
}(dir.UserConfigDir)
// update config dir
dir.UserConfigDir = "./testdata2"
Expand Down Expand Up @@ -93,7 +91,7 @@ func TestIsRegistryInsecureConfigPermissionError(t *testing.T) {
defer func(oldDir string) error {
// restore permission
dir.UserConfigDir = oldDir
configOnce = sync.Once{}
loadConfigOnce = sync.OnceValues(loadConfig)
return os.Chmod(filepath.Join(configDir, "config.json"), 0644)
}(dir.UserConfigDir)

Expand All @@ -113,6 +111,7 @@ func TestIsRegistryInsecureConfigPermissionError(t *testing.T) {
func TestResolveKey(t *testing.T) {
defer func(oldDir string) {
dir.UserConfigDir = oldDir
loadConfigOnce = sync.OnceValues(loadConfig)
}(dir.UserConfigDir)

t.Run("valid e2e key", func(t *testing.T) {
Expand Down

0 comments on commit 6b9922a

Please sign in to comment.