diff --git a/icons/notation.png b/icons/notation.png new file mode 100644 index 000000000..7dda51605 Binary files /dev/null and b/icons/notation.png differ diff --git a/src/controller/icon/controller.go b/src/controller/icon/controller.go index 8927aa136..81af7f6f7 100644 --- a/src/controller/icon/controller.go +++ b/src/controller/icon/controller.go @@ -57,6 +57,10 @@ var ( path: "./icons/cosign.png", resize: false, }, + icon.DigestOfIconAccNotation: { + path: "./icons/notation.png", + resize: false, + }, icon.DigestOfIconAccNydus: { path: "./icons/nydus.png", resize: false, diff --git a/src/core/main.go b/src/core/main.go index 58482dbbe..bf68a8497 100644 --- a/src/core/main.go +++ b/src/core/main.go @@ -58,6 +58,7 @@ import ( "github.com/goharbor/harbor/src/migration" _ "github.com/goharbor/harbor/src/pkg/accessory/model/base" _ "github.com/goharbor/harbor/src/pkg/accessory/model/cosign" + _ "github.com/goharbor/harbor/src/pkg/accessory/model/notation" _ "github.com/goharbor/harbor/src/pkg/accessory/model/subject" "github.com/goharbor/harbor/src/pkg/audit" dbCfg "github.com/goharbor/harbor/src/pkg/config/db" diff --git a/src/lib/icon/const.go b/src/lib/icon/const.go index 029202674..adaabc144 100644 --- a/src/lib/icon/const.go +++ b/src/lib/icon/const.go @@ -23,7 +23,8 @@ const ( DigestOfIconWASM = "sha256:badd7693bcaf115be202748241dd0ea6ee3b0524bfab9ac22d1e1c43721afec6" // ToDo add the accessories images - DigestOfIconAccDefault = "" - DigestOfIconAccCosign = "sha256:20401d5b3a0f6dbc607c8d732eb08471af4ae6b19811a4efce8c6a724aed2882" - DigestOfIconAccNydus = "sha256:dfcb6617cd9c144358dc1b305b87bbe34f0b619f1e329116e6aee2e41f2e34cf" + DigestOfIconAccDefault = "" + DigestOfIconAccCosign = "sha256:20401d5b3a0f6dbc607c8d732eb08471af4ae6b19811a4efce8c6a724aed2882" + DigestOfIconAccNotation = "sha256:3ac706e102bbe9362b400aa162df58135d35e66b9c3bee2165de92022d25fe34" + DigestOfIconAccNydus = "sha256:dfcb6617cd9c144358dc1b305b87bbe34f0b619f1e329116e6aee2e41f2e34cf" ) diff --git a/src/pkg/accessory/manager.go b/src/pkg/accessory/manager.go index f2bf3edc8..6c1d68d27 100644 --- a/src/pkg/accessory/manager.go +++ b/src/pkg/accessory/manager.go @@ -30,8 +30,9 @@ var ( // icon digests for each known type defaultIcons = map[string]string{ - model.TypeCosignSignature: icon.DigestOfIconAccCosign, - model.TypeNydusAccelerator: icon.DigestOfIconAccNydus, + model.TypeCosignSignature: icon.DigestOfIconAccCosign, + model.TypeNotationSignature: icon.DigestOfIconAccNotation, + model.TypeNydusAccelerator: icon.DigestOfIconAccNydus, } ) diff --git a/src/pkg/accessory/model/accessory.go b/src/pkg/accessory/model/accessory.go index a960a75a2..4d6052532 100644 --- a/src/pkg/accessory/model/accessory.go +++ b/src/pkg/accessory/model/accessory.go @@ -68,6 +68,9 @@ const ( // TypeCosignSignature ... TypeCosignSignature = "signature.cosign" + // TypeNotationSignature ... + TypeNotationSignature = "signature.notation" + // TypeNydusAccelerator ... TypeNydusAccelerator = "accelerator.nydus" diff --git a/src/pkg/accessory/model/notation/notation.go b/src/pkg/accessory/model/notation/notation.go new file mode 100644 index 000000000..832384234 --- /dev/null +++ b/src/pkg/accessory/model/notation/notation.go @@ -0,0 +1,46 @@ +// Copyright Project Harbor Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package notation + +import ( + "github.com/goharbor/harbor/src/pkg/accessory/model" + "github.com/goharbor/harbor/src/pkg/accessory/model/base" +) + +// Signature signature model +type Signature struct { + base.Default +} + +// Kind gives the reference type of notation signature. +func (c *Signature) Kind() string { + return model.RefHard +} + +// IsHard ... +func (c *Signature) IsHard() bool { + return true +} + +// New returns notation signature +func New(data model.AccessoryData) model.Accessory { + return &Signature{base.Default{ + Data: data, + }} +} + +func init() { + model.Register(model.TypeNotationSignature, New) +} diff --git a/src/pkg/accessory/model/notation/notation_test.go b/src/pkg/accessory/model/notation/notation_test.go new file mode 100644 index 000000000..d15ea6425 --- /dev/null +++ b/src/pkg/accessory/model/notation/notation_test.go @@ -0,0 +1,73 @@ +package notation + +import ( + "testing" + + "github.com/stretchr/testify/suite" + + "github.com/goharbor/harbor/src/pkg/accessory/model" + htesting "github.com/goharbor/harbor/src/testing" +) + +type NotationTestSuite struct { + htesting.Suite + accessory model.Accessory + digest string + subDigest string +} + +func (suite *NotationTestSuite) SetupSuite() { + suite.digest = suite.DigestString() + suite.subDigest = suite.DigestString() + suite.accessory, _ = model.New(model.TypeNotationSignature, + model.AccessoryData{ + ArtifactID: 1, + SubArtifactDigest: suite.subDigest, + Size: 4321, + Digest: suite.digest, + }) +} + +func (suite *NotationTestSuite) TestGetID() { + suite.Equal(int64(0), suite.accessory.GetData().ID) +} + +func (suite *NotationTestSuite) TestGetArtID() { + suite.Equal(int64(1), suite.accessory.GetData().ArtifactID) +} + +func (suite *NotationTestSuite) TestSubGetArtID() { + suite.Equal(suite.subDigest, suite.accessory.GetData().SubArtifactDigest) +} + +func (suite *NotationTestSuite) TestSubGetSize() { + suite.Equal(int64(4321), suite.accessory.GetData().Size) +} + +func (suite *NotationTestSuite) TestSubGetDigest() { + suite.Equal(suite.digest, suite.accessory.GetData().Digest) +} + +func (suite *NotationTestSuite) TestSubGetType() { + suite.Equal(model.TypeNotationSignature, suite.accessory.GetData().Type) +} + +func (suite *NotationTestSuite) TestSubGetRefType() { + suite.Equal(model.RefHard, suite.accessory.Kind()) +} + +func (suite *NotationTestSuite) TestIsSoft() { + suite.False(suite.accessory.IsSoft()) +} + +func (suite *NotationTestSuite) TestIsHard() { + suite.True(suite.accessory.IsHard()) +} + +func (suite *NotationTestSuite) TestDisplay() { + suite.False(suite.accessory.Display()) +} + +func TestCacheTestSuite(t *testing.T) { + suite.Run(t, new(NotationTestSuite)) +} diff --git a/src/server/middleware/subject/subject.go b/src/server/middleware/subject/subject.go index cc7dac862..9aa344698 100644 --- a/src/server/middleware/subject/subject.go +++ b/src/server/middleware/subject/subject.go @@ -32,6 +32,11 @@ import ( "github.com/goharbor/harbor/src/server/middleware" ) +var ( + // the media type of notation signature layer + mediaTypeNotationLayer = "application/vnd.cncf.notary.signature" +) + /* { "schemaVersion": 2, @@ -115,7 +120,12 @@ func Middleware() func(http.Handler) http.Handler { SubArtifactDigest: mf.Subject.Digest.String(), Size: art.Size, Digest: art.Digest, - Type: model.TypeSubject, + } + switch mf.Config.MediaType { + case mediaTypeNotationLayer: + accData.Type = model.TypeNotationSignature + default: + accData.Type = model.TypeSubject } if subjectArt != nil { accData.SubArtifactID = subjectArt.ID