fix: resolve comments

Signed-off-by: Junjie Gao <junjiegao@microsoft.com>
notaryproject · Dec 1, 2022 · 1756afe · 1756afe
1 parent ee2ba52
commit 1756afe
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 19 deletions.
diff --git a/notation.go b/notation.go
@@ -196,7 +196,7 @@ func Verify(ctx context.Context, verifier Verifier, repo registry.Repository, re
 				break
 			}
 			numOfSignatureProcessed++
-			logger.Infof("Processing signature: %v", sigManifestDesc.Digest)
+			logger.Infof("Processing signature with digest: %v", sigManifestDesc.Digest)
 			// get signature envelope
 			sigBlob, sigDesc, err := repo.FetchSignatureBlob(ctx, sigManifestDesc)
 			if err != nil {
@@ -214,10 +214,10 @@ func Verify(ctx context.Context, verifier Verifier, repo registry.Repository, re
 				}
 				continue
 			}
-			logger.Debugf("Signature %v verify successfully.", sigManifestDesc.Digest)
 			// at this point, the signature is verified successfully. Add
 			// it to the verificationOutcomes.
 			verificationOutcomes = append(verificationOutcomes, outcome)
+			logger.Debugf("Successfully verified signature with digest %v", sigManifestDesc.Digest)
 
 			// early break on success
 			return errDoneVerification

diff --git a/verifier/verifier.go b/verifier/verifier.go
@@ -85,6 +85,19 @@ func (v *verifier) Verify(ctx context.Context, desc ocispec.Descriptor, signatur
 		return outcome, nil
 	}
 	err = v.processSignature(ctx, signature, envelopeMediaType, trustPolicy, pluginConfig, outcome)
+	// log verification result
+	logger := log.GetLogger(ctx)
+	for _, result := range outcome.VerificationResults {
+		if result.Error == nil {
+			continue
+		}
+		switch result.Action {
+		case trustpolicy.ActionLog:
+			logger.Warnf("  %v validation failed with verification action set to \"logged\". Failure reason: %v", result.Type, result.Error)
+		case trustpolicy.ActionEnforce:
+			logger.Errorf("  %v validation failed. Failure reason: %v", result.Type, result.Error)
+		}
+	}
 	if err != nil {
 		outcome.Error = err
 		return outcome, err
@@ -205,28 +218,14 @@ func (v *verifier) processSignature(ctx context.Context, sigBlob []byte, envelop
 		}
 
 		if len(capabilitiesToVerify) > 0 {
-			var response *proto.VerifySignatureResponse
-			response, err = executePlugin(ctx, installedPlugin, trustPolicy, capabilitiesToVerify, outcome.EnvelopeContent, pluginConfig)
+			response, err := executePlugin(ctx, installedPlugin, trustPolicy, capabilitiesToVerify, outcome.EnvelopeContent, pluginConfig)
 			if err != nil {
 				return err
 			}
-			err = processPluginResponse(capabilitiesToVerify, response, outcome)
+			return processPluginResponse(capabilitiesToVerify, response, outcome)
 		}
 	}
-	// log verification result
-	logger := log.GetLogger(ctx)
-	for _, result := range outcome.VerificationResults {
-		if result.Error == nil {
-			continue
-		}
-		switch result.Action {
-		case trustpolicy.ActionLog:
-			logger.Warnf("  %v validation failed but is set to verification action \"logged\". Failure reason: %v", result.Type, result.Error)
-		case trustpolicy.ActionEnforce:
-			logger.Errorf("  %v validation failed. Failure reason: %v", result.Type, result.Error)
-		}
-	}
-	return err
+	return nil
 }
 
 func processPluginResponse(capabilitiesToVerify []proto.Capability, response *proto.VerifySignatureResponse, outcome *notation.VerificationOutcome) error {