Drop content trust and force security options

A cosign based signature verification will likely be named differently
to avoid confusion with existing implementations. For now, remove the
options entirely.

Author: agners

supervisor/api/addons.py

@@ -375,7 +375,7 @@ async def options_validate(self, request: web.Request) -> OptionsValidateRespons
                 data["pwned"] = None
             break
 
-        if self.sys_security.force and data["pwned"] in (None, True):
+        if data["pwned"] in (None, True):
             data["valid"] = False
             if data["pwned"] is None:
                 data["message"] = "Error happening on pwned secrets check!"

supervisor/api/security.py

@@ -7,16 +7,14 @@
 
 from supervisor.exceptions import APIGone
 
-from ..const import ATTR_CONTENT_TRUST, ATTR_FORCE_SECURITY, ATTR_PWNED
+from ..const import ATTR_PWNED
 from ..coresys import CoreSysAttributes
 from .utils import api_process, api_validate
 
 # pylint: disable=no-value-for-parameter
 SCHEMA_OPTIONS = vol.Schema(
     {
         vol.Optional(ATTR_PWNED): vol.Boolean(),
-        vol.Optional(ATTR_CONTENT_TRUST): vol.Boolean(),
-        vol.Optional(ATTR_FORCE_SECURITY): vol.Boolean(),
     }
 )
 
@@ -28,9 +26,7 @@ class APISecurity(CoreSysAttributes):
     async def info(self, request: web.Request) -> dict[str, Any]:
         """Return Security information."""
         return {
-            ATTR_CONTENT_TRUST: self.sys_security.content_trust,
             ATTR_PWNED: self.sys_security.pwned,
-            ATTR_FORCE_SECURITY: self.sys_security.force,
         }
 
     @api_process
@@ -40,10 +36,6 @@ async def options(self, request: web.Request) -> None:
 
         if ATTR_PWNED in body:
             self.sys_security.pwned = body[ATTR_PWNED]
-        if ATTR_CONTENT_TRUST in body:
-            self.sys_security.content_trust = body[ATTR_CONTENT_TRUST]
-        if ATTR_FORCE_SECURITY in body:
-            self.sys_security.force = body[ATTR_FORCE_SECURITY]
 
         await self.sys_security.save_data()
 

supervisor/api/supervisor.py

@@ -16,14 +16,12 @@
     ATTR_BLK_READ,
     ATTR_BLK_WRITE,
     ATTR_CHANNEL,
-    ATTR_CONTENT_TRUST,
     ATTR_COUNTRY,
     ATTR_CPU_PERCENT,
     ATTR_DEBUG,
     ATTR_DEBUG_BLOCK,
     ATTR_DETECT_BLOCKING_IO,
     ATTR_DIAGNOSTICS,
-    ATTR_FORCE_SECURITY,
     ATTR_HEALTHY,
     ATTR_ICON,
     ATTR_IP_ADDRESS,
@@ -69,8 +67,6 @@
         vol.Optional(ATTR_DEBUG): vol.Boolean(),
         vol.Optional(ATTR_DEBUG_BLOCK): vol.Boolean(),
         vol.Optional(ATTR_DIAGNOSTICS): vol.Boolean(),
-        vol.Optional(ATTR_CONTENT_TRUST): vol.Boolean(),
-        vol.Optional(ATTR_FORCE_SECURITY): vol.Boolean(),
         vol.Optional(ATTR_AUTO_UPDATE): vol.Boolean(),
         vol.Optional(ATTR_DETECT_BLOCKING_IO): vol.Coerce(DetectBlockingIO),
         vol.Optional(ATTR_COUNTRY): str,

supervisor/security/module.py

@@ -4,14 +4,8 @@
 
 import logging
 
-from ..const import (
-    ATTR_CONTENT_TRUST,
-    ATTR_FORCE_SECURITY,
-    ATTR_PWNED,
-    FILE_HASSIO_SECURITY,
-)
+from ..const import ATTR_PWNED, FILE_HASSIO_SECURITY
 from ..coresys import CoreSys, CoreSysAttributes
-from ..exceptions import PwnedError
 from ..utils.common import FileConfiguration
 from ..utils.pwned import check_pwned_password
 from ..validate import SCHEMA_SECURITY_CONFIG
@@ -27,26 +21,6 @@ def __init__(self, coresys: CoreSys):
         super().__init__(FILE_HASSIO_SECURITY, SCHEMA_SECURITY_CONFIG)
         self.coresys = coresys
 
-    @property
-    def content_trust(self) -> bool:
-        """Return if content trust is enabled/disabled."""
-        return self._data[ATTR_CONTENT_TRUST]
-
-    @content_trust.setter
-    def content_trust(self, value: bool) -> None:
-        """Set content trust is enabled/disabled."""
-        self._data[ATTR_CONTENT_TRUST] = value
-
-    @property
-    def force(self) -> bool:
-        """Return if force security is enabled/disabled."""
-        return self._data[ATTR_FORCE_SECURITY]
-
-    @force.setter
-    def force(self, value: bool) -> None:
-        """Set force security is enabled/disabled."""
-        self._data[ATTR_FORCE_SECURITY] = value
-
     @property
     def pwned(self) -> bool:
         """Return if pwned is enabled/disabled."""
@@ -63,9 +37,4 @@ async def verify_secret(self, pwned_hash: str) -> None:
             _LOGGER.warning("Disabled pwned, skip validation")
             return
 
-        try:
-            await check_pwned_password(self.sys_websession, pwned_hash)
-        except PwnedError:
-            if self.force:
-                raise
-            return
+        await check_pwned_password(self.sys_websession, pwned_hash)

supervisor/validate.py

@@ -12,7 +12,6 @@
     ATTR_AUTO_UPDATE,
     ATTR_CHANNEL,
     ATTR_CLI,
-    ATTR_CONTENT_TRUST,
     ATTR_COUNTRY,
     ATTR_DEBUG,
     ATTR_DEBUG_BLOCK,
@@ -21,7 +20,6 @@
     ATTR_DISPLAYNAME,
     ATTR_DNS,
     ATTR_ENABLE_IPV6,
-    ATTR_FORCE_SECURITY,
     ATTR_HASSOS,
     ATTR_HASSOS_UNRESTRICTED,
     ATTR_HASSOS_UPGRADE,
@@ -229,9 +227,7 @@ def validate_repository(repository: str) -> str:
 # pylint: disable=no-value-for-parameter
 SCHEMA_SECURITY_CONFIG = vol.Schema(
     {
-        vol.Optional(ATTR_CONTENT_TRUST, default=True): vol.Boolean(),
         vol.Optional(ATTR_PWNED, default=True): vol.Boolean(),
-        vol.Optional(ATTR_FORCE_SECURITY, default=False): vol.Boolean(),
     },
     extra=vol.REMOVE_EXTRA,
 )