Merge branch 'jfrog:main' into feature/ide-setup-clean-v2

Author: agrasth

cliutils/flagkit/flags.go

@@ -902,7 +902,7 @@ var flagsMap = map[string]components.Flag{
 	propsRecursive:    components.NewBoolFlag(Recursive, "[Default: true] When false, artifacts inside sub-folders in Artifactory will not be affected.", components.WithBoolDefaultValueFalse()),
 	propsProps:        components.NewStringFlag(props, "[Optional] List of semicolon-separated(;) properties in the form of \"key1=value1;key2=value2;...\". Only artifacts with these properties are affected.", components.SetMandatoryFalse()),
 	propsExcludeProps: components.NewStringFlag(excludeProps, "[Optional] List of semicolon-separated(;) properties in the form of \"key1=value1;key2=value2;...\". Only artifacts without the specified properties are affected.", components.SetMandatoryFalse()),
-	repoOnly:          components.NewBoolFlag(repoOnly, "[Default: true] When false, artifacts inside sub-folders in Artifactory will be affected.", components.WithBoolDefaultValueFalse()),
+	repoOnly:          components.NewBoolFlag(repoOnly, "When true, properties will be applicable only on repository level.", components.WithBoolDefaultValueFalse()),
 
 	// Build Publish and Append specific commands flags
 	buildUrl:          components.NewStringFlag(buildUrl, "[Optional] Can be used for setting the CI server build URL in the build-info.", components.SetMandatoryFalse()),

evidence/cli/command.go

@@ -4,9 +4,10 @@ package cli
 
 import (
 	"github.com/jfrog/jfrog-cli-core/v2/plugins/components"
-	coreConfig "github.com/jfrog/jfrog-cli-core/v2/utils/config"
+	"github.com/jfrog/jfrog-cli-core/v2/utils/config"
 )
 
 type EvidenceCommands interface {
-	CreateEvidence(ctx *components.Context, serverDetails *coreConfig.ServerDetails) error
+	CreateEvidence(ctx *components.Context, serverDetails *config.ServerDetails) error
+	VerifyEvidences(ctx *components.Context, serverDetails *config.ServerDetails) error
 }

evidence/cli/command_build.go

@@ -1,9 +1,10 @@
 package cli
 
 import (
-	"github.com/jfrog/jfrog-cli-artifactory/evidence"
+	"github.com/jfrog/jfrog-cli-artifactory/evidence/create"
+	"github.com/jfrog/jfrog-cli-artifactory/evidence/verify"
 	"github.com/jfrog/jfrog-cli-core/v2/plugins/components"
-	coreConfig "github.com/jfrog/jfrog-cli-core/v2/utils/config"
+	"github.com/jfrog/jfrog-cli-core/v2/utils/config"
 	"github.com/jfrog/jfrog-client-go/utils/errorutils"
 )
 
@@ -19,13 +20,13 @@ func NewEvidenceBuildCommand(ctx *components.Context, execute execCommandFunc) E
 	}
 }
 
-func (ebc *evidenceBuildCommand) CreateEvidence(ctx *components.Context, serverDetails *coreConfig.ServerDetails) error {
+func (ebc *evidenceBuildCommand) CreateEvidence(ctx *components.Context, serverDetails *config.ServerDetails) error {
 	err := ebc.validateEvidenceBuildContext(ctx)
 	if err != nil {
 		return err
 	}
 
-	createCmd := evidence.NewCreateEvidenceBuild(
+	createCmd := create.NewCreateEvidenceBuild(
 		serverDetails,
 		ebc.ctx.GetStringFlagValue(predicate),
 		ebc.ctx.GetStringFlagValue(predicateType),
@@ -38,6 +39,24 @@ func (ebc *evidenceBuildCommand) CreateEvidence(ctx *components.Context, serverD
 	return ebc.execute(createCmd)
 }
 
+func (ebc *evidenceBuildCommand) VerifyEvidences(ctx *components.Context, serverDetails *config.ServerDetails) error {
+	err := ebc.validateEvidenceBuildContext(ctx)
+	if err != nil {
+		return err
+	}
+
+	verifyCmd := verify.NewVerifyEvidencesBuild(
+		serverDetails,
+		ebc.ctx.GetStringFlagValue(project),
+		ebc.ctx.GetStringFlagValue(buildName),
+		ebc.ctx.GetStringFlagValue(buildNumber),
+		ebc.ctx.GetStringFlagValue(format),
+		ebc.ctx.GetStringsArrFlagValue(publicKeys),
+		ebc.ctx.GetBoolFlagValue(useArtifactoryKeys),
+	)
+	return ebc.execute(verifyCmd)
+}
+
 func (ebc *evidenceBuildCommand) validateEvidenceBuildContext(ctx *components.Context) error {
 	if !ctx.IsFlagSet(buildNumber) || assertValueProvided(ctx, buildNumber) != nil {
 		return errorutils.CheckErrorf("--%s is a mandatory field for creating a Release Bundle evidence", buildNumber)

evidence/cli/command_cli.go

@@ -2,13 +2,15 @@ package cli
 
 import (
 	"errors"
+	"fmt"
 	"github.com/jfrog/jfrog-cli-artifactory/evidence/cli/docs/create"
+	"github.com/jfrog/jfrog-cli-artifactory/evidence/cli/docs/verify"
 	jfrogArtClient "github.com/jfrog/jfrog-cli-artifactory/evidence/utils"
 	commonCliUtils "github.com/jfrog/jfrog-cli-core/v2/common/cliutils"
 	"github.com/jfrog/jfrog-cli-core/v2/common/commands"
 	pluginsCommon "github.com/jfrog/jfrog-cli-core/v2/plugins/common"
 	"github.com/jfrog/jfrog-cli-core/v2/plugins/components"
-	coreConfig "github.com/jfrog/jfrog-cli-core/v2/utils/config"
+	"github.com/jfrog/jfrog-cli-core/v2/utils/config"
 	coreUtils "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils"
 	"github.com/jfrog/jfrog-client-go/utils"
 	"github.com/jfrog/jfrog-client-go/utils/errorutils"
@@ -27,6 +29,14 @@ func GetCommands() []components.Command {
 			Arguments:   create.GetArguments(),
 			Action:      createEvidence,
 		},
+		{
+			Name:        "verify-evidences",
+			Aliases:     []string{"verify"},
+			Flags:       GetCommandFlags(VerifyEvidence),
+			Description: verify.GetDescription(),
+			Arguments:   verify.GetArguments(),
+			Action:      verifyEvidences,
+		},
 	}
 }
 
@@ -66,6 +76,39 @@ func createEvidence(ctx *components.Context) error {
 	return errors.New("unsupported subject")
 }
 
+func verifyEvidences(ctx *components.Context) error {
+	// validate common context
+	serverDetails, err := evidenceDetailsByFlags(ctx)
+	if err != nil {
+		return err
+	}
+	subjectType, err := getAndValidateSubject(ctx)
+	if err != nil {
+		return err
+	}
+	err = validateKeys(ctx)
+	if err != nil {
+		return err
+	}
+	evidenceCommands := map[string]func(*components.Context, execCommandFunc) EvidenceCommands{
+		subjectRepoPath: NewEvidenceCustomCommand,
+		releaseBundle:   NewEvidenceReleaseBundleCommand,
+		buildName:       NewEvidenceBuildCommand,
+		packageName:     NewEvidencePackageCommand,
+	}
+	if commandFunc, exists := evidenceCommands[subjectType[0]]; exists {
+		err = commandFunc(ctx, execFunc).VerifyEvidences(ctx, serverDetails)
+		if err != nil {
+			if err.Error() != "" {
+				return fmt.Errorf("evidence verification failed: %w", err)
+			}
+			return err
+		}
+		return nil
+	}
+	return errors.New("unsupported subject")
+}
+
 func validateCreateEvidenceCommonContext(ctx *components.Context) error {
 	if show, err := pluginsCommon.ShowCmdHelpIfNeeded(ctx, ctx.Arguments); show || err != nil {
 		return err
@@ -156,6 +199,24 @@ func setBuildValue(ctx *components.Context, flag, envVar string) bool {
 	return false
 }
 
+func validateKeys(ctx *components.Context) error {
+	signingKeyValue, _ := jfrogArtClient.GetEnvVariable(coreUtils.SigningKey)
+	providedKeys := ctx.GetStringsArrFlagValue(publicKeys)
+	if signingKeyValue == "" {
+		if len(providedKeys) == 0 && !ctx.GetBoolFlagValue(useArtifactoryKeys) {
+			return errorutils.CheckErrorf("JFROG_CLI_SIGNING_KEY env variable or --public-keys flag or --use-artifactory-publicKeys must be provided when verifying evidence")
+		}
+		return nil
+	}
+	if len(providedKeys) > 0 {
+		joinedKeys := strings.Join(append(providedKeys, signingKeyValue), ";")
+		ctx.SetStringFlagValue(publicKeys, joinedKeys)
+	} else {
+		ctx.AddStringFlag(publicKeys, signingKeyValue)
+	}
+	return nil
+}
+
 func validateFoundSubjects(ctx *components.Context, foundSubjects []string) error {
 	if slices.Contains(foundSubjects, typeFlag) && slices.Contains(foundSubjects, buildName) {
 		return nil
@@ -171,7 +232,7 @@ func validateFoundSubjects(ctx *components.Context, foundSubjects []string) erro
 	return nil
 }
 
-func evidenceDetailsByFlags(ctx *components.Context) (*coreConfig.ServerDetails, error) {
+func evidenceDetailsByFlags(ctx *components.Context) (*config.ServerDetails, error) {
 	serverDetails, err := pluginsCommon.CreateServerDetailsWithConfigOffer(ctx, true, commonCliUtils.Platform)
 	if err != nil {
 		return nil, err
@@ -188,10 +249,11 @@ func evidenceDetailsByFlags(ctx *components.Context) (*coreConfig.ServerDetails,
 	return serverDetails, nil
 }
 
-func platformToEvidenceUrls(rtDetails *coreConfig.ServerDetails) {
+func platformToEvidenceUrls(rtDetails *config.ServerDetails) {
 	rtDetails.ArtifactoryUrl = utils.AddTrailingSlashIfNeeded(rtDetails.Url) + "artifactory/"
 	rtDetails.EvidenceUrl = utils.AddTrailingSlashIfNeeded(rtDetails.Url) + "evidence/"
 	rtDetails.MetadataUrl = utils.AddTrailingSlashIfNeeded(rtDetails.Url) + "metadata/"
+	rtDetails.OnemodelUrl = utils.AddTrailingSlashIfNeeded(rtDetails.Url) + "onemodel/"
 }
 
 func assertValueProvided(c *components.Context, fieldName string) error {

evidence/cli/command_cli_test.go

@@ -209,6 +209,146 @@ func TestCreateEvidence_Context(t *testing.T) {
 	}
 }
 
+func TestVerifyEvidence_Context(t *testing.T) {
+	ctrl := gomock.NewController(t)
+	defer ctrl.Finish()
+
+	assert.NoError(t, os.Setenv(coreUtils.SigningKey, "PGP"), "Failed to set env: "+coreUtils.SigningKey)
+	assert.NoError(t, os.Setenv(coreUtils.BuildName, buildName), "Failed to set env: JFROG_CLI_BUILD_NAME")
+	defer os.Unsetenv(coreUtils.SigningKey)
+	defer os.Unsetenv(coreUtils.BuildName)
+
+	app := cli.NewApp()
+	app.Commands = []cli.Command{
+		{
+			Name: "verify",
+		},
+	}
+	set := flag.NewFlagSet(predicate, 0)
+	ctx := cli.NewContext(app, set, nil)
+
+	tests := []struct {
+		name      string
+		flags     []components.Flag
+		expectErr bool
+	}{
+		{
+			name: "InvalidContext - Missing Subject",
+			flags: []components.Flag{
+				setDefaultValue(publicKeys, "PGP"),
+				setDefaultValue(format, "json"),
+			},
+			expectErr: true,
+		},
+		{
+			name: "InvalidContext - Subject Duplication",
+			flags: []components.Flag{
+				setDefaultValue(publicKeys, "PGP"),
+				setDefaultValue(subjectRepoPath, subjectRepoPath),
+				setDefaultValue(releaseBundle, releaseBundle),
+				setDefaultValue(releaseBundleVersion, releaseBundleVersion),
+			},
+			expectErr: true,
+		},
+		{
+			name: "ValidContext - ReleaseBundle",
+			flags: []components.Flag{
+				setDefaultValue(releaseBundle, releaseBundle),
+				setDefaultValue(releaseBundleVersion, releaseBundleVersion),
+				setDefaultValue("url", "url"),
+			},
+			expectErr: false,
+		},
+		{
+			name: "ValidContext - RepoPath",
+			flags: []components.Flag{
+				setDefaultValue(subjectRepoPath, subjectRepoPath),
+				setDefaultValue("url", "url"),
+			},
+			expectErr: false,
+		},
+		{
+			name: "ValidContext - Build",
+			flags: []components.Flag{
+				setDefaultValue(publicKeys, "PGP"),
+				setDefaultValue(format, "full"),
+				setDefaultValue(buildName, buildName),
+				setDefaultValue(buildNumber, buildNumber),
+				setDefaultValue("url", "url"),
+			},
+			expectErr: false,
+		},
+		{
+			name: "InvalidContext - Build",
+			flags: []components.Flag{
+				setDefaultValue(buildName, buildName),
+				setDefaultValue("url", "url"),
+			},
+			expectErr: true,
+		},
+		{
+			name: "ValidContext - Package",
+			flags: []components.Flag{
+				setDefaultValue(packageName, packageName),
+				setDefaultValue(packageVersion, packageVersion),
+				setDefaultValue(packageRepoName, packageRepoName),
+				setDefaultValue("url", "url"),
+			},
+			expectErr: false,
+		},
+		{
+			name: "InvalidContext - Missing package version",
+			flags: []components.Flag{
+				setDefaultValue(packageName, packageName),
+				setDefaultValue(packageRepoName, packageRepoName),
+				setDefaultValue("url", "url"),
+			},
+			expectErr: true,
+		},
+		{
+			name: "InvalidContext - Missing package repository key",
+			flags: []components.Flag{
+				setDefaultValue(packageName, packageName),
+				setDefaultValue(packageVersion, packageVersion),
+				setDefaultValue("url", "url"),
+			},
+			expectErr: true,
+		},
+		{
+			name: "InvalidContext - Unsupported Basic Auth",
+			flags: []components.Flag{
+				setDefaultValue(releaseBundle, releaseBundle),
+				setDefaultValue("url", "url"),
+				setDefaultValue("user", "testUser"),
+				setDefaultValue("password", "testPassword"),
+			},
+			expectErr: true,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			context, err1 := components.ConvertContext(ctx, tt.flags...)
+			if err1 != nil {
+				return
+			}
+
+			execFunc = func(command commands.Command) error {
+				return nil
+			}
+			// Replace execFunc with the mockExec function
+			defer func() { execFunc = exec }() // Restore original execFunc after test
+
+			err := verifyEvidences(context)
+			if tt.expectErr {
+				assert.Error(t, err)
+			} else {
+				assert.NoError(t, err)
+			}
+		})
+	}
+}
+
 func setDefaultValue(flag string, defaultValue string) components.Flag {
 	f := components.NewStringFlag(flag, flag)
 	f.DefaultValue = defaultValue

evidence/cli/command_custom.go

@@ -1,9 +1,10 @@
 package cli
 
 import (
-	"github.com/jfrog/jfrog-cli-artifactory/evidence"
+	"github.com/jfrog/jfrog-cli-artifactory/evidence/create"
+	"github.com/jfrog/jfrog-cli-artifactory/evidence/verify"
 	"github.com/jfrog/jfrog-cli-core/v2/plugins/components"
-	coreConfig "github.com/jfrog/jfrog-cli-core/v2/utils/config"
+	"github.com/jfrog/jfrog-cli-core/v2/utils/config"
 )
 
 type evidenceCustomCommand struct {
@@ -17,8 +18,8 @@ func NewEvidenceCustomCommand(ctx *components.Context, execute execCommandFunc)
 		execute: execute,
 	}
 }
-func (ecc *evidenceCustomCommand) CreateEvidence(_ *components.Context, serverDetails *coreConfig.ServerDetails) error {
-	createCmd := evidence.NewCreateEvidenceCustom(
+func (ecc *evidenceCustomCommand) CreateEvidence(_ *components.Context, serverDetails *config.ServerDetails) error {
+	createCmd := create.NewCreateEvidenceCustom(
 		serverDetails,
 		ecc.ctx.GetStringFlagValue(predicate),
 		ecc.ctx.GetStringFlagValue(predicateType),
@@ -30,3 +31,14 @@ func (ecc *evidenceCustomCommand) CreateEvidence(_ *components.Context, serverDe
 		ecc.ctx.GetStringFlagValue(providerId))
 	return ecc.execute(createCmd)
 }
+
+func (ecc *evidenceCustomCommand) VerifyEvidences(_ *components.Context, serverDetails *config.ServerDetails) error {
+	verifyCmd := verify.NewVerifyEvidenceCustom(
+		serverDetails,
+		ecc.ctx.GetStringFlagValue(subjectRepoPath),
+		ecc.ctx.GetStringFlagValue(format),
+		ecc.ctx.GetStringsArrFlagValue(publicKeys),
+		ecc.ctx.GetBoolFlagValue(useArtifactoryKeys),
+	)
+	return ecc.execute(verifyCmd)
+}