From 48fcc52a3db50f019b5adabc3fbb7c335534b9f9 Mon Sep 17 00:00:00 2001 From: Hidde Beydals Date: Sat, 2 May 2020 21:44:27 +0200 Subject: [PATCH] controllers: factor out GitRepository verification --- controllers/gitrepository_controller.go | 67 +++++++++++++------------ 1 file changed, 35 insertions(+), 32 deletions(-) diff --git a/controllers/gitrepository_controller.go b/controllers/gitrepository_controller.go index b8179af0..a31eeefb 100644 --- a/controllers/gitrepository_controller.go +++ b/controllers/gitrepository_controller.go @@ -25,6 +25,7 @@ import ( "github.com/blang/semver" "github.com/go-git/go-git/v5" "github.com/go-git/go-git/v5/plumbing" + "github.com/go-git/go-git/v5/plumbing/object" "github.com/go-git/go-git/v5/plumbing/transport" "github.com/go-logr/logr" corev1 "k8s.io/api/core/v1" @@ -129,6 +130,7 @@ func (r *GitRepositoryReconciler) sync(ctx context.Context, repository sourcev1. // determine ref refName := plumbing.NewBranchReferenceName(branch) + if repository.Spec.Reference != nil { if repository.Spec.Reference.Branch != "" { branch = repository.Spec.Reference.Branch @@ -280,41 +282,19 @@ func (r *GitRepositoryReconciler) sync(ctx context.Context, repository sourcev1. return sourcev1.GitRepositoryNotReady(repository, sourcev1.GitOperationFailedReason, err.Error()), err } + commit, err := repo.CommitObject(ref.Hash()) + if err != nil { + err = fmt.Errorf("git resolve HEAD error: %w", err) + return sourcev1.GitRepositoryNotReady(repository, sourcev1.GitOperationFailedReason, err.Error()), err + } + // verify PGP signature if repository.Spec.Verification != nil { - commit, err := repo.CommitObject(ref.Hash()) + err := r.verify(ctx, types.NamespacedName{ + Namespace: repository.Namespace, + Name: repository.Spec.Verification.SecretRef.Name, + }, commit) if err != nil { - err = fmt.Errorf("git resolve HEAD error: %w", err) - return sourcev1.GitRepositoryNotReady(repository, sourcev1.GitOperationFailedReason, err.Error()), err - } - - if commit.PGPSignature == "" { - err = fmt.Errorf("PGP signature not found for commit '%s'", ref.Hash()) - return sourcev1.GitRepositoryNotReady(repository, sourcev1.VerificationFailedReason, err.Error()), err - } - - name := types.NamespacedName{ - Namespace: repository.GetNamespace(), - Name: repository.Spec.Verification.SecretRef.Name, - } - - var secret corev1.Secret - err = r.Client.Get(ctx, name, &secret) - if err != nil { - err = fmt.Errorf("PGP public keys secret error: %w", err) - return sourcev1.GitRepositoryNotReady(repository, sourcev1.VerificationFailedReason, err.Error()), err - } - - var verified bool - for _, bytes := range secret.Data { - if _, err := commit.Verify(string(bytes)); err == nil { - verified = true - break - } - } - - if !verified { - err = fmt.Errorf("PGP signature of '%s' can't be verified", commit.Author) return sourcev1.GitRepositoryNotReady(repository, sourcev1.VerificationFailedReason, err.Error()), err } } @@ -388,6 +368,29 @@ func (r *GitRepositoryReconciler) shouldResetStatus(repository sourcev1.GitRepos } } +func (r *GitRepositoryReconciler) verify(ctx context.Context, publicKeySecret types.NamespacedName, commit *object.Commit) error { + if commit.PGPSignature == "" { + return fmt.Errorf("no PGP signature found for commit: %s", commit.Hash) + } + + var secret corev1.Secret + if err := r.Client.Get(ctx, publicKeySecret, &secret); err != nil { + return fmt.Errorf("PGP public keys secret error: %w", err) + } + + var verified bool + for _, bytes := range secret.Data { + if _, err := commit.Verify(string(bytes)); err == nil { + verified = true + break + } + } + if !verified { + return fmt.Errorf("PGP signature '%s' of '%s' can't be verified", commit.PGPSignature, commit.Author) + } + return nil +} + // gc performs a garbage collection on all but current artifacts of // the given repository. func (r *GitRepositoryReconciler) gc(repository sourcev1.GitRepository) error {