Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verify digest of artifact in storage #1088

Merged
merged 3 commits into from
May 10, 2023
Merged

Verify digest of artifact in storage #1088

merged 3 commits into from
May 10, 2023

Commits on May 10, 2023

  1. storage: add VerifyArtifact method 

    Signed-off-by: Hidde Beydals <hidde@hhh.computer>
    @hiddeco
    hiddeco committed May 10, 2023
    Configuration menu
    Copy the full SHA
    67e9c94 View commit details
    Browse the repository at this point in the history

  2. controller: verify digest of artifact in storage 

    This commits adds verification of the digest of the artifact in storage
to all reconcilers which manage artifacts.

When the artifact does not have a digest or if it mismatches with the
file in storage, the file is removed from the storage and status of the
object.

This hardens the storage against potential tampering, in addition to
resolving an issue where users upgrading from a (much) older version of
the controller would run into an error after the checksum field was
removed from the API.

This would cause the controller to not advertise any checksum at all,
while not producing a new one until a new revision was detected.
Resulting in fetch failures for consumers while they would try to
verify the digest of the advertised artifact.

While not strictly part of this exercise, some of the tests were
altered to prepare the storage used in test cases to become isolated
by strictly using the `storage` provided via the callback. Actually
isolating this has however been left as a task at a later moment.

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
    @hiddeco
    hiddeco committed May 10, 2023
    Configuration menu
    Copy the full SHA
    3c87ad6 View commit details
    Browse the repository at this point in the history

  3. storage: change methods to value receiver 

    Given:

- None of the methods of the `Storage` are mutating the storage
  itself.
- It must be instantiated to be usable, as there is a strict
  reliance on values.
- The struct itself is light.

This seems to be more fitting.

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
    @hiddeco
    hiddeco committed May 10, 2023
    Configuration menu
    Copy the full SHA
    6f762c7 View commit details
    Browse the repository at this point in the history