feat: change public key value to string (#328)

Author: Skarlso

Dockerfile

@@ -14,6 +14,7 @@ COPY main.go main.go
 COPY api/ api/
 COPY controllers/ controllers/
 COPY pkg/ pkg/
+COPY internal/ internal/
 
 # Build
 RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go

api/v1alpha1/componentversion_types.go

@@ -5,10 +5,8 @@
 package v1alpha1
 
 import (
-	"bytes"
 	"encoding/base64"
 	"fmt"
-	"io"
 	"time"
 
 	"github.com/fluxcd/pkg/apis/meta"
@@ -93,22 +91,15 @@ type PublicKey struct {
 
 	// Value defines a PEM/base64 encoded public key value.
 	// +optional
-	Value []byte `json:"value,omitempty"`
+	Value string `json:"value,omitempty"`
 }
 
 func (p *PublicKey) DecodePublicValue() ([]byte, error) {
 	if len(p.Value) == 0 {
 		return nil, fmt.Errorf("key value not provided")
 	}
 
-	decoder := base64.NewDecoder(base64.StdEncoding, bytes.NewBuffer(p.Value))
-
-	content, err := io.ReadAll(decoder)
-	if err != nil {
-		return nil, fmt.Errorf("failed to decode public key pem: %w", err)
-	}
-
-	return content, nil
+	return base64.StdEncoding.DecodeString(p.Value)
 }
 
 // Version specifies version information that can be used to resolve a Component Version.

api/v1alpha1/zz_generated.deepcopy.go

@@ -126,7 +126,6 @@ spec:
                         value:
                           description: Value defines a PEM/base64 encoded public key
                             value.
-                          format: byte
                           type: string
                       type: object
                   required:

config/crd/bases/delivery.ocm.software_componentversions.yaml

@@ -326,7 +326,7 @@ func (c *Client) VerifyComponent(
 			err  error
 		)
 
-		if signature.PublicKey.Value != nil {
+		if signature.PublicKey.Value != "" {
 			cert, err = signature.PublicKey.DecodePublicValue()
 		} else {
 			if signature.PublicKey.SecretRef == nil {

pkg/ocm/ocm.go

@@ -613,11 +613,7 @@ func TestClient_VerifyComponentWithValueKey(t *testing.T) {
 	}
 	require.NoError(t, octx.AddComponent(c))
 	//var buffer []byte
-	buf := bytes.Buffer{}
-	encoder := base64.NewEncoder(base64.StdEncoding, &buf)
-	_, err = encoder.Write(publicKey1)
-	require.NoError(t, encoder.Close())
-	require.NoError(t, err)
+	pubKey := base64.StdEncoding.EncodeToString(publicKey1)
 	cv := &v1alpha1.ComponentVersion{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      "test-name",
@@ -635,7 +631,7 @@ func TestClient_VerifyComponentWithValueKey(t *testing.T) {
 				{
 					Name: Signature,
 					PublicKey: v1alpha1.PublicKey{
-						Value: buf.Bytes(),
+						Value: pubKey,
 					},
 				},
 			},
@@ -688,15 +684,15 @@ func TestClient_VerifyComponentWithValueKeyFailsIfValueIsEmpty(t *testing.T) {
 				{
 					Name: Signature,
 					PublicKey: v1alpha1.PublicKey{
-						Value: []byte{},
+						Value: "",
 					},
 				},
 			},
 		},
 	}
 
 	_, err = ocmClient.VerifyComponent(context.Background(), octx, cv, "v0.0.1")
-	assert.EqualError(t, err, "failed to get public key for verification: key value not provided")
+	assert.EqualError(t, err, "kubernetes secret reference not provided")
 }
 
 func TestClient_VerifyComponentDifferentPublicKey(t *testing.T) {