Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: Improve output when there is no signature associated (notaryproj…
…ect#666) Fixes: notaryproject#624 ``` ➜ notation git:(no-sig) ✗ ./notation inspect $IMAGE Warning: Always inspect the artifact using digest(@sha256:...) rather than a tag(:v1) because resolved digest may not point to the same signed artifact, as tags are mutable. localhost:6000/net-monitor@sha256:52cc9cf0f2e0cadf49337acc7a45a07a2ce5a0ef37702efb0a851884bc32b7b1 has no associated signature ➜ notation git:(no-sig) ✗ ./notation ls $IMAGE Warning: Always list the artifact using digest(@sha256:...) rather than a tag(:v1) because resolved digest may not point to the same signed artifact, as tags are mutable. localhost:6000/net-monitor@sha256:52cc9cf0f2e0cadf49337acc7a45a07a2ce5a0ef37702efb0a851884bc32b7b1 has no associated signature ➜ notation git:(no-sig) ✗ ./notation sign $IMAGE -e 123h Warning: Always sign the artifact using digest(@sha256:...) rather than a tag(:v1) because tags are mutable and a tag reference can point to a different artifact than the one signed. Successfully signed localhost:6000/net-monitor@sha256:52cc9cf0f2e0cadf49337acc7a45a07a2ce5a0ef37702efb0a851884bc32b7b1 ➜ notation git:(no-sig) ✗ ./notation ls $IMAGE Warning: Always list the artifact using digest(@sha256:...) rather than a tag(:v1) because resolved digest may not point to the same signed artifact, as tags are mutable. localhost:6000/net-monitor@sha256:52cc9cf0f2e0cadf49337acc7a45a07a2ce5a0ef37702efb0a851884bc32b7b1 └── application/vnd.cncf.notary.signature └── sha256:be23f992f68a6b3003c83506eb9275188355a451294006e4cac651d2a1b7c716 ➜ notation git:(no-sig) ✗ ./notation inspect $IMAGE Warning: Always inspect the artifact using digest(@sha256:...) rather than a tag(:v1) because resolved digest may not point to the same signed artifact, as tags are mutable. Inspecting all signatures for signed artifact localhost:6000/net-monitor@sha256:52cc9cf0f2e0cadf49337acc7a45a07a2ce5a0ef37702efb0a851884bc32b7b1 └── application/vnd.cncf.notary.signature └── sha256:be23f992f68a6b3003c83506eb9275188355a451294006e4cac651d2a1b7c716 ├── media type: application/jose+json ├── signature algorithm: RSASSA-PSS-SHA-256 ├── signed attributes │ ├── signingTime: Fri May 12 20:16:27 2023 │ ├── expiry: Wed May 17 23:16:27 2023 │ └── signingScheme: notary.x509 ├── user defined attributes │ └── (empty) ├── unsigned attributes │ └── signingAgent: Notation/1.0.0 ├── certificates │ └── SHA1 fingerprint: 091c1a5e57aa401de7fb22ac52b56d79f211bd03 │ ├── issued to: CN=wabbit-networks.io,O=Notary,L=Seattle,ST=WA,C=US │ ├── issued by: CN=wabbit-networks.io,O=Notary,L=Seattle,ST=WA,C=US │ └── expiry: Sun May 14 00:58:40 2023 └── signed artifact ├── media type: application/vnd.docker.distribution.manifest.v2+json ├── digest: sha256:52cc9cf0f2e0cadf49337acc7a45a07a2ce5a0ef37702efb0a851884bc32b7b1 └── size: 942 ``` Signed-off-by: Pritesh Bandi <[email protected]>
- Loading branch information