Skip to content

feat: add local sign/list/verification for OCI layout directory#595

Merged
shizhMSFT merged 61 commits intonotaryproject:mainfrom
patrickzheng200:local-rc4
Apr 20, 2023
Merged

feat: add local sign/list/verification for OCI layout directory#595
shizhMSFT merged 61 commits intonotaryproject:mainfrom
patrickzheng200:local-rc4

Conversation

@patrickzheng200
Copy link
Contributor

@patrickzheng200 patrickzheng200 commented Mar 23, 2023
edited
Loading

This PR adds local sign/list/verification for OCI image layout directory.
For RC.4:

  1. It only supports storing the generated signature into the target OCI layout directory.
  2. It supports listing signatures within the OCI layout directory.
  3. It only supports verifying signatures within the target OCI layout directory.

This PR is based on spec PR: #601 (Merged).

This PR is dependent on the corresponding notation-go PR: notaryproject/notation-go#288.
Please review the notation-go PR first.

Resolves #283.

Both remote registry and oci-layout scenario are tested. E2E tests are also included.

Patrick Zheng added 23 commits March 1, 2023 14:44
added local sign for oci layout folder
7370052 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
added local verification for OCI layout folder
fa008ca 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
update
9ea0f18 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
resolved conflicts
4306629 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
update
3412287 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
added local sign for descriptor.json
c4c5a8e 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
Merge branch 'notaryproject:main' into local
09651d3
update
7493a51 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
update
58e3864 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
Merge branch 'notaryproject:main' into local
34d0889
Merge branch 'local' of https://github.com/patrickzheng200/notation i…
3612b4d 
…nto local
Merge branch 'notaryproject:main' into local
a90819f
added verification for descriptor.json
e9e0757 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
Merge branch 'local' of https://github.com/patrickzheng200/notation i…
410617e 
…nto local
update
06e400a 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
Merge branch 'notaryproject:main' into local
853eac1
update
dfe8e91 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
Merge branch 'notaryproject:main' into local
f16b4a6
added local sign/verification on OCI layout directory
1f78788 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
Merge branch 'notaryproject:main' into local-rc4
74cd415
update e2e test
48180a5 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
refactored local sign/verification
27abde2 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
update
7f8e420 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
Patrick Zheng added 12 commits April 13, 2023 16:12
added tests
8d2272e 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
fix
42762ca 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
fix
31aaa8b 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
added verify tests
70bea37 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
update
3c4ac54 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
fix test
1443c16 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
fixed bug in experimental
2eb02b4 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
Merge branch 'notaryproject:main' into local-rc4
9e3e70a
Merge branch 'notaryproject:main' into local-rc4
8b18726
updated based on spec
1c4378b 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
Merge branch 'notaryproject:main' into local-rc4
54583e4
updated dependency as notation-go PR has been merged
9332d0f 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
priteshbandi
priteshbandi reviewed Apr 19, 2023
View reviewed changes
Patrick Zheng added 2 commits April 19, 2023 17:05
updated per code review
f6d1c1d 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
fix
e39882d 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
shizhMSFT
shizhMSFT reviewed Apr 19, 2023
View reviewed changes
priteshbandi
priteshbandi previously approved these changes Apr 20, 2023
View reviewed changes
Copy link
Contributor

@priteshbandi priteshbandi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

updated warning msg
529a6df 
Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
shizhMSFT
shizhMSFT approved these changes Apr 20, 2023
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@shizhMSFT shizhMSFT merged commit 17d3525 into notaryproject:main Apr 20, 2023
@patrickzheng200 patrickzheng200 deleted the local-rc4 branch April 20, 2023 05:09
@patrickzheng200 patrickzheng200 mentioned this pull request Apr 20, 2023
Closed
7h3-3mp7y-m4n pushed a commit to 7h3-3mp7y-m4n/notation that referenced this pull request Mar 29, 2025
@7h3-3mp7y-m4n
feat: add local sign/list/verification for OCI layout directory (nota…
1987be0 
…ryproject#595)

This PR adds local sign/list/verification for OCI image layout
directory.
For RC.4:
1. It only supports storing the generated signature into the target OCI
layout directory.
2. It supports listing signatures within the OCI layout directory.
3. It only supports verifying signatures within the target OCI layout
directory.

This PR is based on spec PR:
notaryproject#601 (Merged).

This PR is dependent on the corresponding notation-go PR:
notaryproject/notation-go#288.
Please review the notation-go PR first.

Resolves notaryproject#283.

Both remote registry and oci-layout scenario are tested. E2E tests are
also included.

---------

Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
FeynmanZhou pushed a commit to FeynmanZhou/notation that referenced this pull request May 15, 2025
@FeynmanZhou
feat: add local sign/list/verification for OCI layout directory (nota…
0ff9a3a 
…ryproject#595)

This PR adds local sign/list/verification for OCI image layout
directory.
For RC.4:
1. It only supports storing the generated signature into the target OCI
layout directory.
2. It supports listing signatures within the OCI layout directory.
3. It only supports verifying signatures within the target OCI layout
directory.

This PR is based on spec PR:
notaryproject#601 (Merged).

This PR is dependent on the corresponding notation-go PR:
notaryproject/notation-go#288.
Please review the notation-go PR first.

Resolves notaryproject#283.

Both remote registry and oci-layout scenario are tested. E2E tests are
also included.

---------

Signed-off-by: Patrick Zheng <patrickzheng@microsoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@priteshbandi priteshbandi priteshbandi approved these changes

@shizhMSFT shizhMSFT shizhMSFT approved these changes

@gokarnm gokarnm Awaiting requested review from gokarnm gokarnm is a code owner

@justincormack justincormack Awaiting requested review from justincormack

@NiazFK NiazFK Awaiting requested review from NiazFK NiazFK is a code owner

@rgnote rgnote Awaiting requested review from rgnote rgnote is a code owner

@SteveLasker SteveLasker Awaiting requested review from SteveLasker

@byronchien byronchien Awaiting requested review from byronchien

@qweeah qweeah Awaiting requested review from qweeah

@JeyJeyGao JeyJeyGao Awaiting requested review from JeyJeyGao

Assignees

@patrickzheng200 patrickzheng200

Labels

enhancement New feature or request

Projects

None yet

Milestone

RC-4

Development

Successfully merging this pull request may close these issues.

notation sign/verify to work with local storage

8 participants

@patrickzheng200 @codecov-commenter @yizha1 @qweeah @priteshbandi @byronchien @shizhMSFT @JeyJeyGao

Comments