From 174f426857c6ed27b3d901d5adbbf6defb8a8235 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Tue, 28 Sep 2021 14:59:39 +0300 Subject: [PATCH 01/14] Add informative message for command - tuf sign Signed-off-by: Radoslav Dimitrov --- repo.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/repo.go b/repo.go index 03832c22..a99eeeef 100644 --- a/repo.go +++ b/repo.go @@ -537,7 +537,11 @@ func (r *Repo) Sign(roleFilename string) error { return err } r.meta[roleFilename] = b - return r.local.SetMeta(roleFilename, b) + err = r.local.SetMeta(roleFilename, b) + if err == nil { + fmt.Println("Signed", roleFilename, "with", len(keys), "key(s)") + } + return err } // AddOrUpdateSignature allows users to add or update a signature generated with an external tool. From e567e3c668190d74b663843633681a6bcaf3e1a8 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Tue, 28 Sep 2021 15:18:11 +0300 Subject: [PATCH 02/14] Add informative message for command - tuf init Signed-off-by: Radoslav Dimitrov --- repo.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/repo.go b/repo.go index a99eeeef..1c2bc87a 100644 --- a/repo.go +++ b/repo.go @@ -103,7 +103,11 @@ func (r *Repo) Init(consistentSnapshot bool) error { } root := data.NewRoot() root.ConsistentSnapshot = consistentSnapshot - return r.setMeta("root.json", root) + err = r.setMeta("root.json", root) + if err == nil { + fmt.Println("Repository initialized") + } + return err } func (r *Repo) db() (*verify.DB, error) { From d9004fa470dc5b26665d02ce3d9cee403d6f7b5d Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Tue, 28 Sep 2021 16:15:19 +0300 Subject: [PATCH 03/14] Add informative message for command - tuf revoke-key Signed-off-by: Radoslav Dimitrov --- repo.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/repo.go b/repo.go index 1c2bc87a..fcc5c4b2 100644 --- a/repo.go +++ b/repo.go @@ -476,7 +476,11 @@ func (r *Repo) RevokeKeyWithExpires(keyRole, id string, expires time.Time) error r.versionUpdated["root.json"] = struct{}{} } - return r.setMeta("root.json", root) + err = r.setMeta("root.json", root) + if err == nil { + fmt.Println("Revoked", keyRole, "key with ID", id) + } + return err } func (r *Repo) jsonMarshal(v interface{}) ([]byte, error) { From c0912b1990ffed41a62b8a9f4288209751750ae6 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Tue, 28 Sep 2021 16:41:11 +0300 Subject: [PATCH 04/14] Add informative message for command - tuf add Signed-off-by: Radoslav Dimitrov --- repo.go | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/repo.go b/repo.go index fcc5c4b2..a22cb1c8 100644 --- a/repo.go +++ b/repo.go @@ -715,7 +715,15 @@ func (r *Repo) AddTargetsWithExpires(paths []string, custom json.RawMessage, exp t.Version++ r.versionUpdated["targets.json"] = struct{}{} } - return r.setMeta("targets.json", t) + + err = r.setMeta("targets.json", t) + if err == nil { + fmt.Println("Targets that are currently added/staged:") + for k := range t.Targets { + fmt.Println("*", k) + } + } + return err } func (r *Repo) RemoveTarget(path string) error { From 6c32d45cf25c74decd4af731156bb65917fe6df9 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Tue, 28 Sep 2021 17:04:38 +0300 Subject: [PATCH 05/14] Add informative message for command - tuf remove Signed-off-by: Radoslav Dimitrov --- repo.go | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/repo.go b/repo.go index a22cb1c8..b6e85f89 100644 --- a/repo.go +++ b/repo.go @@ -718,7 +718,7 @@ func (r *Repo) AddTargetsWithExpires(paths []string, custom json.RawMessage, exp err = r.setMeta("targets.json", t) if err == nil { - fmt.Println("Targets that are currently added/staged:") + fmt.Println("Added/staged targets:") for k := range t.Targets { fmt.Println("*", k) } @@ -748,19 +748,25 @@ func (r *Repo) RemoveTargetsWithExpires(paths []string, expires time.Time) error if err != nil { return err } + removed_targets := []string{} if len(paths) == 0 { + for rt := range t.Targets { + removed_targets = append(removed_targets, rt) + } t.Targets = make(data.TargetFiles) } else { removed := false for _, path := range paths { path = util.NormalizeTarget(path) if _, ok := t.Targets[path]; !ok { + fmt.Println("The following target is not present:", path) continue } removed = true // G2 -> we no longer desire any readers to ever observe non-prefix targets. delete(t.Targets, "/"+path) delete(t.Targets, path) + removed_targets = append(removed_targets, path) } if !removed { return nil @@ -771,7 +777,23 @@ func (r *Repo) RemoveTargetsWithExpires(paths []string, expires time.Time) error t.Version++ r.versionUpdated["targets.json"] = struct{}{} } - return r.setMeta("targets.json", t) + + err = r.setMeta("targets.json", t) + if err == nil { + fmt.Println("Removed targets:") + for _, v := range removed_targets { + fmt.Println("*", v) + } + if len(t.Targets) != 0 { + fmt.Println("Added/staged targets:") + for k := range t.Targets { + fmt.Println("*", k) + } + } else { + fmt.Println("There are no added/staged targets") + } + } + return err } func (r *Repo) Snapshot() error { From 56c269bd05e5f03865c21df7674f3ce587285a53 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Tue, 28 Sep 2021 17:17:07 +0300 Subject: [PATCH 06/14] Add informative message for command - tuf snapshot Signed-off-by: Radoslav Dimitrov --- repo.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/repo.go b/repo.go index b6e85f89..05662499 100644 --- a/repo.go +++ b/repo.go @@ -829,7 +829,11 @@ func (r *Repo) SnapshotWithExpires(expires time.Time) error { snapshot.Version++ r.versionUpdated["snapshot.json"] = struct{}{} } - return r.setMeta("snapshot.json", snapshot) + err = r.setMeta("snapshot.json", snapshot) + if err == nil { + fmt.Println("Staged snapshot.json metadata with expiration date:", snapshot.Expires) + } + return err } func (r *Repo) Timestamp() error { From 4588de922731b811326762ac986fde9995fa1adb Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Tue, 28 Sep 2021 17:26:35 +0300 Subject: [PATCH 07/14] Add informative message for command - tuf timestamp Signed-off-by: Radoslav Dimitrov --- README.md | 5 +++-- repo.go | 7 ++++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index f758c0f1..b8175315 100644 --- a/README.md +++ b/README.md @@ -80,10 +80,11 @@ Expects a staged, fully signed `targets` metadata file and stages an appropriate `snapshot` metadata file. Optionally one can set number of days after which the `snapshot` metadata will expire. -#### `tuf timestamp` +#### `tuf timestamp [--expires=]` Stages an appropriate `timestamp` metadata file. If a `snapshot` metadata file is staged, -it must be fully signed. +it must be fully signed. Optionally one can set number of days after which +the timestamp metadata will expire. #### `tuf sign ` diff --git a/repo.go b/repo.go index 05662499..11ec2886 100644 --- a/repo.go +++ b/repo.go @@ -865,7 +865,12 @@ func (r *Repo) TimestampWithExpires(expires time.Time) error { timestamp.Version++ r.versionUpdated["timestamp.json"] = struct{}{} } - return r.setMeta("timestamp.json", timestamp) + + err = r.setMeta("timestamp.json", timestamp) + if err == nil { + fmt.Println("Staged timestamp.json metadata with expiration date:", timestamp.Expires) + } + return err } func (r *Repo) fileVersions() (map[string]int, error) { From 3e5b0be32c40b3875bd21447d68442574f0f778c Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Wed, 29 Sep 2021 13:07:02 +0300 Subject: [PATCH 08/14] Add informative message for command - tuf commit Signed-off-by: Radoslav Dimitrov --- repo.go | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/repo.go b/repo.go index 11ec2886..4be00ad2 100644 --- a/repo.go +++ b/repo.go @@ -993,15 +993,14 @@ func (r *Repo) Commit() error { return err } - if err := r.local.Commit(root.ConsistentSnapshot, versions, hashes); err != nil { - return err + err = r.local.Commit(root.ConsistentSnapshot, versions, hashes) + if err == nil { + // We can start incrementing version numbers again now that we've + // successfully committed the metadata to the local store. + r.versionUpdated = make(map[string]struct{}) + fmt.Println("Committed successfully") } - - // We can start incrementing version numbers again now that we've - // successfully committed the metadata to the local store. - r.versionUpdated = make(map[string]struct{}) - - return nil + return err } func (r *Repo) Clean() error { From dc8ef1ab232adf915695a8a63205671fc0566f37 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Wed, 29 Sep 2021 13:12:25 +0300 Subject: [PATCH 09/14] Add informative message for command - tuf clean Signed-off-by: Radoslav Dimitrov --- repo.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/repo.go b/repo.go index 4be00ad2..a93b7dda 100644 --- a/repo.go +++ b/repo.go @@ -1004,7 +1004,11 @@ func (r *Repo) Commit() error { } func (r *Repo) Clean() error { - return r.local.Clean() + err := r.local.Clean() + if err == nil { + fmt.Println("Removed all staged metadata and target files") + } + return err } func (r *Repo) verifySignature(roleFilename string, db *verify.DB) error { From 54a26ad201ebce112eac5aa239622e76a9edb6ba Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Wed, 29 Sep 2021 13:28:31 +0300 Subject: [PATCH 10/14] Add informative message for command - tuf root-keys Signed-off-by: Radoslav Dimitrov --- cmd/tuf/root_keys.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/cmd/tuf/root_keys.go b/cmd/tuf/root_keys.go index 77ab5dc2..0a34e972 100644 --- a/cmd/tuf/root_keys.go +++ b/cmd/tuf/root_keys.go @@ -2,7 +2,7 @@ package main import ( "encoding/json" - "os" + "fmt" "github.com/flynn/go-docopt" "github.com/theupdateframework/go-tuf" @@ -23,5 +23,9 @@ func cmdRootKeys(args *docopt.Args, repo *tuf.Repo) error { if err != nil { return err } - return json.NewEncoder(os.Stdout).Encode(keys) + data, err := json.Marshal(keys) + if err == nil { + fmt.Printf("The resulting JSON should be distributed to clients for performing initial updates:\n\n%s\n", string(data)) + } + return err } From 99a3e94941cae6ad92dc9cd6c73a593632205ad3 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Wed, 29 Sep 2021 13:38:36 +0300 Subject: [PATCH 11/14] Add informative message for command - tuf get/set-threshold Signed-off-by: Radoslav Dimitrov --- README.md | 6 +++++- cmd/tuf/get_threshold.go | 2 +- cmd/tuf/main.go | 1 + cmd/tuf/set_threshold.go | 2 +- 4 files changed, 8 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index b8175315..a572f4fc 100644 --- a/README.md +++ b/README.md @@ -115,9 +115,13 @@ should be distributed to clients for performing initial updates. #### `tuf set-threshold ` -Sets the `role` threshold, the required number of keys for signing, to +Sets the `role` threshold (required number of keys for signing) to `threshold`. +#### `tuf get-threshold ` + +Outputs the `role` threshold (required number of keys for signing). + #### Usage of environment variables The `tuf` CLI supports receiving passphrases via environment variables in diff --git a/cmd/tuf/get_threshold.go b/cmd/tuf/get_threshold.go index 8eba7999..e40ec26e 100644 --- a/cmd/tuf/get_threshold.go +++ b/cmd/tuf/get_threshold.go @@ -23,6 +23,6 @@ func cmdGetThreshold(args *docopt.Args, repo *tuf.Repo) error { return err } - fmt.Println("Got", role, "threshold", threshold) + fmt.Println("The threshold for", role, "role is", threshold) return nil } diff --git a/cmd/tuf/main.go b/cmd/tuf/main.go index 5bc0f93d..a168dc8c 100644 --- a/cmd/tuf/main.go +++ b/cmd/tuf/main.go @@ -42,6 +42,7 @@ Commands: clean Remove all staged metadata files root-keys Output a JSON serialized array of root keys to STDOUT set-threshold Sets the threshold for a role + get-threshold Outputs the threshold for a role See "tuf help " for more information on a specific command ` diff --git a/cmd/tuf/set_threshold.go b/cmd/tuf/set_threshold.go index bfc40fa0..75e40dc1 100644 --- a/cmd/tuf/set_threshold.go +++ b/cmd/tuf/set_threshold.go @@ -28,6 +28,6 @@ func cmdSetThreshold(args *docopt.Args, repo *tuf.Repo) error { return err } - fmt.Println("Set ", role, "threshold to", threshold) + fmt.Println("The treshold for", role, "role is", threshold) return nil } From ea8ff0cd0c95d13172470d3bb9701f172bf1ef69 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Wed, 6 Oct 2021 13:37:20 +0300 Subject: [PATCH 12/14] Refactor the informative messages for set/get threshold commands Signed-off-by: Radoslav Dimitrov --- README.md | 4 ++-- cmd/tuf/set_threshold.go | 2 +- repo.go | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index a572f4fc..4bff66fc 100644 --- a/README.md +++ b/README.md @@ -115,12 +115,12 @@ should be distributed to clients for performing initial updates. #### `tuf set-threshold ` -Sets the `role` threshold (required number of keys for signing) to +Sets `role`'s threshold (required number of keys for signing) to `threshold`. #### `tuf get-threshold ` -Outputs the `role` threshold (required number of keys for signing). +Outputs `role`'s threshold (required number of keys for signing). #### Usage of environment variables diff --git a/cmd/tuf/set_threshold.go b/cmd/tuf/set_threshold.go index 75e40dc1..57754d24 100644 --- a/cmd/tuf/set_threshold.go +++ b/cmd/tuf/set_threshold.go @@ -28,6 +28,6 @@ func cmdSetThreshold(args *docopt.Args, repo *tuf.Repo) error { return err } - fmt.Println("The treshold for", role, "role is", threshold) + fmt.Println("The threshold for", role, "role is now", threshold) return nil } diff --git a/repo.go b/repo.go index a93b7dda..2345d9f8 100644 --- a/repo.go +++ b/repo.go @@ -478,7 +478,7 @@ func (r *Repo) RevokeKeyWithExpires(keyRole, id string, expires time.Time) error err = r.setMeta("root.json", root) if err == nil { - fmt.Println("Revoked", keyRole, "key with ID", id) + fmt.Println("Revoked", keyRole, "key with ID", id, "in root metadata") } return err } From 6fef0de15ade87a0008631a2c27b8bfbf573e746 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Thu, 7 Oct 2021 17:38:49 +0300 Subject: [PATCH 13/14] Add [-q|--quiet] mode for `tuf root-keys` and also print info msg to stderr Signed-off-by: Radoslav Dimitrov --- cmd/tuf/root_keys.go | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/cmd/tuf/root_keys.go b/cmd/tuf/root_keys.go index 0a34e972..4ebcc9e1 100644 --- a/cmd/tuf/root_keys.go +++ b/cmd/tuf/root_keys.go @@ -3,6 +3,7 @@ package main import ( "encoding/json" "fmt" + "os" "github.com/flynn/go-docopt" "github.com/theupdateframework/go-tuf" @@ -10,11 +11,14 @@ import ( func init() { register("root-keys", cmdRootKeys, ` -usage: tuf root-keys +usage: tuf root-keys [-q|--quiet] Outputs a JSON serialized array of root keys to STDOUT. The resulting JSON should be distributed to clients for performing initial updates. + +Options: + [-q|--quiet] Run command in quiet/less verbose mode `) } @@ -25,7 +29,10 @@ func cmdRootKeys(args *docopt.Args, repo *tuf.Repo) error { } data, err := json.Marshal(keys) if err == nil { - fmt.Printf("The resulting JSON should be distributed to clients for performing initial updates:\n\n%s\n", string(data)) + if !args.Bool["-q"] && !args.Bool["--quiet"] { + fmt.Fprintf(os.Stderr, "The resulting JSON should be distributed to clients for performing initial updates:\n\n") + } + fmt.Fprintln(os.Stdout, string(data)) } return err } From 6b4af2352bf71c76224602e1dbd6c6b4a8de245b Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Fri, 8 Oct 2021 13:07:11 +0300 Subject: [PATCH 14/14] Revert adding the -q|--quiet mode for `tuf root-keys` Not necessary because the informative msg is streamed to stderr ergo it won't break piping the output Signed-off-by: Radoslav Dimitrov --- cmd/tuf/root_keys.go | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/cmd/tuf/root_keys.go b/cmd/tuf/root_keys.go index 4ebcc9e1..e3397648 100644 --- a/cmd/tuf/root_keys.go +++ b/cmd/tuf/root_keys.go @@ -11,14 +11,11 @@ import ( func init() { register("root-keys", cmdRootKeys, ` -usage: tuf root-keys [-q|--quiet] +usage: tuf root-keys Outputs a JSON serialized array of root keys to STDOUT. The resulting JSON should be distributed to clients for performing initial updates. - -Options: - [-q|--quiet] Run command in quiet/less verbose mode `) } @@ -29,9 +26,7 @@ func cmdRootKeys(args *docopt.Args, repo *tuf.Repo) error { } data, err := json.Marshal(keys) if err == nil { - if !args.Bool["-q"] && !args.Bool["--quiet"] { - fmt.Fprintf(os.Stderr, "The resulting JSON should be distributed to clients for performing initial updates:\n\n") - } + fmt.Fprintf(os.Stderr, "The resulting JSON should be distributed to clients for performing initial updates:\n\n") fmt.Fprintln(os.Stdout, string(data)) } return err