-
Notifications
You must be signed in to change notification settings - Fork 512
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix auth login error messages and messaging when witnessing a delegation with 0 valid keys #972
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
This is so much better
🐳 $ notary publish riyaz/private-repo
Pushing changes to riyaz/private-repo
Enter username: riyaz
Enter password:
* fatal: unauthorized: incorrect username or password
4265df6
to
272b194
Compare
Is there an easy way to get Godep to exclude the distribution |
I can manually remove them - Godep tried to include the vendor dir :| |
switch { | ||
case len(e.MissingKeyIDs) < e.NeededKeys: | ||
return fmt.Sprintf( | ||
"cannot sign because while %d signatures are needed, an insufficient number of valid signing keys have been specified", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This reads a little verbosely. Maybe something like: "insufficient signing keys available. %d signatures are required but only %d keys are available"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm... that implies that we are missing keys. We may not be missing any keys - it's just that the role doesn't specify enough keys for anyone to sign.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe I should just say that the role is broken?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this case could be broken down further into len(e.MissingKeyIDS) + e.FoundKeys < e.NeededKeys
and len(e.MissingKeyIDS) + e.FoundKeys >= e.NeededKeys
right?
For len(e.MissingKeyIDS) + e.FoundKeys < e.NeededKeys
: role is broken
For len(e.MissingKeyIDS) + e.FoundKeys >= e.NeededKeys
: @endophage's suggestion of "insufficient signing keys available. %d signatures are required but only %d keys are available"
This could be the base case in default
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As per discussion IRL, this is basically just a role validity check. The only way we can get to this weird invalid state is with Witness, so we should just move this check to that functionality.
272b194
to
3352b85
Compare
Signed-off-by: Ying Li <ying.li@docker.com>
…h errors Signed-off-by: Ying Li <ying.li@docker.com>
… be less verbose Signed-off-by: Ying Li <ying.li@docker.com>
3352b85
to
d94ba8d
Compare
…essed is invalid Signed-off-by: Ying Li <ying.li@docker.com>
c270051
to
7772deb
Compare
@endophage @riyazdf sorry this took so long to update. Tried to fix some of the messaging around witnessing an invalid delegation role as suggested above. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks for the update 👍
require.NoError(t, err) | ||
_, err = runCommand(t, tempDir, "-s", server.URL, "witness", "-p", "gun", delgName) | ||
require.Error(t, err) | ||
require.Contains(t, err.Error(), "role does not specify enough valid signing keys to meet its required threshold") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
awesome, thanks for adding this test 👍
@@ -755,7 +757,8 @@ type passwordStore struct { | |||
} | |||
|
|||
func (ps passwordStore) Basic(u *url.URL) (string, string) { | |||
if ps.anonymous { | |||
// if it's not a terminal, don't wait on input | |||
if ps.anonymous || !terminal.IsTerminal(int(os.Stdin.Fd())) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shouldn't we be checking the input that was set on the command?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IRL: leave as is for now as we use os.Stdin
elsewhere too. Issue open already for looking into this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM Including incoming version bump
Signed-off-by: Ying Li <ying.li@docker.com>
f293fd7
to
220cfb5
Compare
When I remove a key from a delegation that has a single key, then I try to witness that delegation, signing fails because there are no valid keys for that delegation. The error message was:
* fatal: signing keys not available, need 1 keys out of:
- I've fixed the error message to say there are an insufficient number of valid signing keys for the threshold required, basically. We might want to move this error check up further to when we apply a witness change, since I think that might be the only time when we might have an invalid role.Fixes #969 - that format string was in distribution, so I re-vendored. I also added logic to check if the login username/password is a terminal, otherwise fail.
Note: possibly we want to rebase this to 0.4.0 so that it can be added to 0.4.1