diff --git a/cmd/notation/cert/add.go b/cmd/notation/cert/add.go index 3ddccc9c4..cc0582271 100644 --- a/cmd/notation/cert/add.go +++ b/cmd/notation/cert/add.go @@ -28,7 +28,7 @@ func certAddCommand(opts *certAddOpts) *cobra.Command { opts.path = args return nil }, - Long: `Manage certificates in trust store + Long: `Add certificates to the trust store Example - Add a certificate to the "ca" type of a named store "acme-rockets": notation cert add --type ca --store acme-rockets acme-rockets.crt diff --git a/cmd/notation/cert/generateTest.go b/cmd/notation/cert/generateTest.go index ec99b1ce2..3c9aa5a24 100644 --- a/cmd/notation/cert/generateTest.go +++ b/cmd/notation/cert/generateTest.go @@ -22,9 +22,8 @@ import ( var ( keyDefaultFlag = &pflag.Flag{ - Name: "default", - Shorthand: "d", - Usage: "mark as default signing key", + Name: "default", + Usage: "mark as default signing key", } setKeyDefaultFlag = func(fs *pflag.FlagSet, p *bool) { fs.BoolVarP(p, keyDefaultFlag.Name, keyDefaultFlag.Shorthand, false, keyDefaultFlag.Usage) @@ -51,7 +50,7 @@ func certGenerateTestCommand(opts *certGenerateTestOpts) *cobra.Command { opts.name = args[0] return nil }, - Long: `Manage certificates in trust store + Long: `Generate a test RSA key and a corresponding self-signed certificate Example - Generate a test RSA key and a corresponding self-signed certificate named "wabbit-networks.io": notation cert generate-test "wabbit-networks.io" diff --git a/cmd/notation/cert/list.go b/cmd/notation/cert/list.go index a4b73b27b..6b6723fd9 100644 --- a/cmd/notation/cert/list.go +++ b/cmd/notation/cert/list.go @@ -1,15 +1,19 @@ package cert import ( + "context" "fmt" "github.com/notaryproject/notation-go/dir" + "github.com/notaryproject/notation-go/log" notationgoTruststore "github.com/notaryproject/notation-go/verifier/truststore" "github.com/notaryproject/notation/cmd/notation/internal/truststore" + "github.com/notaryproject/notation/internal/cmd" "github.com/spf13/cobra" ) type certListOpts struct { + cmd.LoggingFlagOpts storeType string namedStore string } @@ -22,7 +26,7 @@ func certListCommand(opts *certListOpts) *cobra.Command { Use: "list", Aliases: []string{"ls"}, Short: "List certificates in the trust store.", - Long: `List certificates in trust store + Long: `List certificates in the trust store Example - List all certificate files stored in the trust store notation cert ls @@ -37,15 +41,20 @@ Example - List all certificate files from trust store "wabbit-networks" of type notation cert ls --type signingAuthority --store "wabbit-networks" `, RunE: func(cmd *cobra.Command, args []string) error { - return listCerts(opts) + return listCerts(cmd.Context(), opts) }, } + opts.LoggingFlagOpts.ApplyFlags(command.Flags()) command.Flags().StringVarP(&opts.storeType, "type", "t", "", "specify trust store type, options: ca, signingAuthority") command.Flags().StringVarP(&opts.namedStore, "store", "s", "", "specify named store") return command } -func listCerts(opts *certListOpts) error { +func listCerts(ctx context.Context, opts *certListOpts) error { + // set log level + ctx = opts.LoggingFlagOpts.SetLoggerLevel(ctx) + logger := log.GetLogger(ctx) + namedStore := opts.namedStore storeType := opts.storeType configFS := dir.ConfigFS() @@ -58,6 +67,7 @@ func listCerts(opts *certListOpts) error { return err } if err := truststore.CheckNonErrNotExistError(truststore.ListCerts(path, 2)); err != nil { + logger.Debugln("Failed to complete list at path:", path) return fmt.Errorf("failed to list all certificates stored in the trust store, with error: %s", err.Error()) } @@ -72,7 +82,8 @@ func listCerts(opts *certListOpts) error { return err } if err := truststore.CheckNonErrNotExistError(truststore.ListCerts(path, 0)); err != nil { - return fmt.Errorf("failed to list certificates stored in the named store %s of type %s, with error: %s", namedStore, storeType, err.Error()) + logger.Debugln("Failed to complete list at path:", path) + return fmt.Errorf("failed to list all certificates stored in the named store %s of type %s, with error: %s", namedStore, storeType, err.Error()) } return nil @@ -86,7 +97,8 @@ func listCerts(opts *certListOpts) error { return err } if err := truststore.CheckNonErrNotExistError(truststore.ListCerts(path, 1)); err != nil { - return fmt.Errorf("failed to list certificates stored of type %s, with error: %s", storeType, err.Error()) + logger.Debugln("Failed to complete list at path:", path) + return fmt.Errorf("failed to list all certificates stored of type %s, with error: %s", storeType, err.Error()) } } else { // List all certificates under named store namedStore, display empty if @@ -97,7 +109,8 @@ func listCerts(opts *certListOpts) error { return err } if err := truststore.CheckNonErrNotExistError(truststore.ListCerts(path, 0)); err != nil { - return fmt.Errorf("failed to list certificates stored in the named store %s, with error: %s", namedStore, err.Error()) + logger.Debugln("Failed to complete list at path:", path) + return fmt.Errorf("failed to list all certificates stored in the named store %s, with error: %s", namedStore, err.Error()) } } } diff --git a/cmd/notation/cert/show.go b/cmd/notation/cert/show.go index c68faeaa1..99d001cb9 100644 --- a/cmd/notation/cert/show.go +++ b/cmd/notation/cert/show.go @@ -1,16 +1,20 @@ package cert import ( + "context" "errors" "fmt" corex509 "github.com/notaryproject/notation-core-go/x509" "github.com/notaryproject/notation-go/dir" + "github.com/notaryproject/notation-go/log" "github.com/notaryproject/notation/cmd/notation/internal/truststore" + "github.com/notaryproject/notation/internal/cmd" "github.com/spf13/cobra" ) type certShowOpts struct { + cmd.LoggingFlagOpts storeType string namedStore string cert string @@ -33,7 +37,7 @@ func certShowCommand(opts *certShowOpts) *cobra.Command { opts.cert = args[0] return nil }, - Long: `Show details of a certain certificate file + Long: `Show certificate details of given trust store name, trust store type, and certificate file name. If the certificate file contains multiple certificates, then all certificates are displayed Example - Show details of certificate "cert1.pem" with type "ca" from trust store "acme-rockets": notation cert show --type ca --store acme-rockets cert1.pem @@ -42,15 +46,20 @@ Example - Show details of certificate "cert2.pem" with type "signingAuthority" f notation cert show --type signingAuthority --store wabbit-networks cert2.pem `, RunE: func(cmd *cobra.Command, args []string) error { - return showCerts(opts) + return showCerts(cmd.Context(), opts) }, } + opts.LoggingFlagOpts.ApplyFlags(command.Flags()) command.Flags().StringVarP(&opts.storeType, "type", "t", "", "specify trust store type, options: ca, signingAuthority") command.Flags().StringVarP(&opts.namedStore, "store", "s", "", "specify named store") return command } -func showCerts(opts *certShowOpts) error { +func showCerts(ctx context.Context, opts *certShowOpts) error { + // set log level + ctx = opts.LoggingFlagOpts.SetLoggerLevel(ctx) + logger := log.GetLogger(ctx) + storeType := opts.storeType if storeType == "" { return errors.New("store type cannot be empty") @@ -71,6 +80,7 @@ func showCerts(opts *certShowOpts) error { if err != nil { return fmt.Errorf("failed to show details of certificate %s, with error: %s", cert, err.Error()) } + logger.Debugln("Showing details of certificate:", path) certs, err := corex509.ReadCertificateFile(path) if err != nil { return fmt.Errorf("failed to show details of certificate %s, with error: %s", cert, err.Error()) diff --git a/cmd/notation/key.go b/cmd/notation/key.go index 1dad8cda8..fecc06432 100644 --- a/cmd/notation/key.go +++ b/cmd/notation/key.go @@ -8,6 +8,7 @@ import ( "github.com/notaryproject/notation-go/config" "github.com/notaryproject/notation-go/dir" + "github.com/notaryproject/notation-go/log" "github.com/notaryproject/notation-go/plugin" "github.com/notaryproject/notation/internal/cmd" "github.com/notaryproject/notation/internal/ioutil" @@ -19,9 +20,8 @@ import ( var ( keyDefaultFlag = &pflag.Flag{ - Name: "default", - Shorthand: "d", - Usage: "mark as default", + Name: "default", + Usage: "mark as default", } setKeyDefaultFlag = func(fs *pflag.FlagSet, p *bool) { fs.BoolVarP(p, keyDefaultFlag.Name, keyDefaultFlag.Shorthand, false, keyDefaultFlag.Usage) @@ -29,6 +29,7 @@ var ( ) type keyAddOpts struct { + cmd.LoggingFlagOpts name string plugin string id string @@ -37,11 +38,13 @@ type keyAddOpts struct { } type keyUpdateOpts struct { + cmd.LoggingFlagOpts name string isDefault bool } type keyDeleteOpts struct { + cmd.LoggingFlagOpts names []string } @@ -84,9 +87,10 @@ func keyAddCommand(opts *keyAddOpts) *cobra.Command { return nil }, RunE: func(cmd *cobra.Command, args []string) error { - return addKey(cmd, opts) + return addKey(cmd.Context(), opts) }, } + opts.LoggingFlagOpts.ApplyFlags(command.Flags()) command.Flags().StringVarP(&opts.plugin, "plugin", "p", "", "signing plugin name") command.MarkFlagRequired("plugin") @@ -114,10 +118,11 @@ func keyUpdateCommand(opts *keyUpdateOpts) *cobra.Command { return nil }, RunE: func(cmd *cobra.Command, args []string) error { - return updateKey(opts) + return updateKey(cmd.Context(), opts) }, } + opts.LoggingFlagOpts.ApplyFlags(command.Flags()) setKeyDefaultFlag(command.Flags(), &opts.isDefault) return command @@ -139,7 +144,7 @@ func keyDeleteCommand(opts *keyDeleteOpts) *cobra.Command { opts = &keyDeleteOpts{} } - return &cobra.Command{ + command := &cobra.Command{ Use: "delete [flags] ...", Short: "Delete key from signing key list", Args: func(cmd *cobra.Command, args []string) error { @@ -150,12 +155,19 @@ func keyDeleteCommand(opts *keyDeleteOpts) *cobra.Command { return nil }, RunE: func(cmd *cobra.Command, args []string) error { - return deleteKeys(opts) + return deleteKeys(cmd.Context(), opts) }, } + opts.LoggingFlagOpts.ApplyFlags(command.Flags()) + + return command } -func addKey(command *cobra.Command, opts *keyAddOpts) error { +func addKey(ctx context.Context, opts *keyAddOpts) error { + // set log level + ctx = opts.LoggingFlagOpts.SetLoggerLevel(ctx) + logger := log.GetLogger(ctx) + signingKeys, err := configutil.LoadSigningkeysOnce() if err != nil { return err @@ -167,7 +179,8 @@ func addKey(command *cobra.Command, opts *keyAddOpts) error { } pluginName := opts.plugin if pluginName != "" { - key, err = addExternalKey(command.Context(), opts, pluginName, name) + logger.Debugf("Adding key with name %v and plugin name %v", name, pluginName) + key, err = addExternalKey(ctx, opts, pluginName, name) if err != nil { return err } @@ -186,6 +199,7 @@ func addKey(command *cobra.Command, opts *keyAddOpts) error { } // write out + logger.Debugf("Added key with name %s - {%+v}", key.Name, key.ExternalKey) if isDefault { fmt.Printf("%s: marked as default\n", key.Name) } else { @@ -232,7 +246,11 @@ func addKeyCore(signingKeys *config.SigningKeys, key config.KeySuite, markDefaul return nil } -func updateKey(opts *keyUpdateOpts) error { +func updateKey(ctx context.Context, opts *keyUpdateOpts) error { + // set log level + ctx = opts.LoggingFlagOpts.SetLoggerLevel(ctx) + logger := log.GetLogger(ctx) + // initialize name := opts.name // core process @@ -244,6 +262,7 @@ func updateKey(opts *keyUpdateOpts) error { return errors.New(name + ": not found") } if !opts.isDefault { + logger.Warn("--default flag is not set, command did not take effect") return nil } if signingKeys.Default != name { @@ -269,7 +288,11 @@ func listKeys() error { return ioutil.PrintKeyMap(os.Stdout, signingKeys.Default, signingKeys.Keys) } -func deleteKeys(opts *keyDeleteOpts) error { +func deleteKeys(ctx context.Context, opts *keyDeleteOpts) error { + // set log level + ctx = opts.LoggingFlagOpts.SetLoggerLevel(ctx) + logger := log.GetLogger(ctx) + // core process signingKeys, err := configutil.LoadSigningkeysOnce() if err != nil { @@ -281,6 +304,7 @@ func deleteKeys(opts *keyDeleteOpts) error { for _, name := range opts.names { idx := slices.Index(signingKeys.Keys, name) if idx < 0 { + logger.Warnf("Key %s not found, command did not take effect", name) return errors.New(name + ": not found") } signingKeys.Keys = slices.Delete(signingKeys.Keys, idx) diff --git a/specs/commandline/certificate.md b/specs/commandline/certificate.md index fb51ce734..aaa43d078 100644 --- a/specs/commandline/certificate.md +++ b/specs/commandline/certificate.md @@ -80,23 +80,27 @@ Aliases: list, ls Flags: + -d, --debug debug mode -h, --help help for list -s, --store string specify named store -t, --type string specify trust store type, options: ca, signingAuthority + -v, --verbose verbose mode ``` ### notation certificate show ```text -Show certificate details given trust store type, named store, and certificate file name. If the certificate file contains multiple certificates, then all certificates are displayed. +Show certificate details of given trust store name, trust store type, and certificate file name. If the certificate file contains multiple certificates, then all certificates are displayed. Usage: notation certificate show --type --store [flags] Flags: + -d, --debug debug mode -h, --help help for show -s, --store string specify named store -t, --type string specify trust store type, options: ca, signingAuthority + -v, --verbose verbose mode ``` ### notation certificate delete @@ -124,9 +128,9 @@ Usage: notation certificate generate-test [flags] Flags: - -b, --bits int RSA key bits (default 2048) - -d, --default mark as default signing key - -h, --help help for generate-test + -b, --bits int RSA key bits (default 2048) + --default mark as default signing key + -h, --help help for generate-test ``` ## Usage diff --git a/specs/commandline/key.md b/specs/commandline/key.md index 35222b06d..de83f5bfb 100644 --- a/specs/commandline/key.md +++ b/specs/commandline/key.md @@ -33,11 +33,13 @@ Usage: notation key add --plugin [flags] Flags: - -d, --default mark as default - -h, --help help for add - --id string key id (required if --plugin is set) - -p, --plugin string signing plugin name - --plugin-config strings {key}={value} pairs that are passed as it is to a plugin, refer plugin's documentation to set appropriate values + -d, --debug debug mode + --default mark as default + -h, --help help for add + --id string key id (required if --plugin is set) + -p, --plugin string signing plugin name + -c, --plugin-config stringArray {key}={value} pairs that are passed as it is to a plugin, refer plugin's documentation to set appropriate values + -v, --verbose verbose mode ``` ### notation key delete @@ -49,8 +51,9 @@ Usage: notation key delete [flags] ... Flags: - -h, --help help for delete - + -d, --debug debug mode + -h, --help help for delete + -v, --verbose verbose mode ``` ### notation key list @@ -65,8 +68,7 @@ Aliases: list, ls Flags: - -h, --help help for list - + -h, --help help for list ``` ### notation key update @@ -81,9 +83,10 @@ Aliases: update, set Flags: - -d, --default mark as default + -d, --debug debug mode + --default mark as default -h, --help help for update - + -v, --verbose verbose mode ``` ## Usage