chore: signatures working, time to refactor

Emyrk · Emyrk · commit d65ef9a24cde · 2024-12-11T18:02:08.000-06:00
diff --git a/cli/add.go b/cli/add.go
@@ -2,6 +2,7 @@ package cli
 
 import (
 	"context"
+	"encoding/json"
 	"fmt"
 	"os"
 	"path/filepath"
@@ -23,7 +24,6 @@ func add() *cobra.Command {
 		artifactory string
 		extdir      string
 		repo        string
-		signature   bool
 	)
 
 	cmd := &cobra.Command{
@@ -75,7 +75,7 @@ func add() *cobra.Command {
 					return err
 				}
 				for _, file := range files {
-					s, err := doAdd(ctx, filepath.Join(args[0], file.Name()), signature, store)
+					s, err := doAdd(ctx, filepath.Join(args[0], file.Name()), store)
 					if err != nil {
 						_, _ = fmt.Fprintf(cmd.OutOrStdout(), "Failed to unpack %s: %s\n", file.Name(), err.Error())
 						failed = append(failed, file.Name())
@@ -84,7 +84,7 @@ func add() *cobra.Command {
 					}
 				}
 			} else {
-				s, err := doAdd(ctx, args[0], signature, store)
+				s, err := doAdd(ctx, args[0], store)
 				if err != nil {
 					return err
 				}
@@ -104,12 +104,11 @@ func add() *cobra.Command {
 	cmd.Flags().StringVar(&extdir, "extensions-dir", "", "The path to extensions.")
 	cmd.Flags().StringVar(&artifactory, "artifactory", "", "Artifactory server URL.")
 	cmd.Flags().StringVar(&repo, "repo", "", "Artifactory repository.")
-	cmd.Flags().BoolVar(&signature, "signature", true, "Include signature")
 
 	return cmd
 }
 
-func doAdd(ctx context.Context, source string, includeSignature bool, store storage.Storage) ([]string, error) {
+func doAdd(ctx context.Context, source string, store storage.Storage) ([]string, error) {
 	// Read in the extension.  In the future we might support stdin as well.
 	vsix, err := storage.ReadVSIX(ctx, source)
 	if err != nil {
@@ -123,31 +122,28 @@ func doAdd(ctx context.Context, source string, includeSignature bool, store stor
 		return nil, err
 	}
 
-	var extra []storage.File
-	if includeSignature {
-		sigManifest, err := extensionsign.GenerateSignatureManifest(vsix)
-		if err != nil {
-			return nil, xerrors.Errorf("generate signature manifest: %w", err)
-		}
+	sigManifest, err := extensionsign.GenerateSignatureManifest(vsix)
+	if err != nil {
+		return nil, xerrors.Errorf("zip signature manifest: %w", err)
+	}
 
-		zipped, err := extensionsign.Zip(sigManifest)
-		if err != nil {
-			return nil, xerrors.Errorf("zip signature manifest: %w", err)
-		}
+	data, err := json.Marshal(sigManifest)
+	if err != nil {
+		return nil, xerrors.Errorf("encode manifest: %w", err)
+	}
 
-		extra = append(extra, storage.File{
-			RelativePath: "extension.sigzip",
-			Content:      zipped,
-		})
+	key, _ := extensionsign.GenerateKey()
+	sigZip, _ := extensionsign.SignAndZipVSIX(key, vsix)
 
-		manifest.Assets.Asset = append(manifest.Assets.Asset, storage.VSIXAsset{
-			Type:        storage.VSIXSignatureType,
-			Path:        "extension.sigzip",
-			Addressable: "true", // TODO: Idk if this is right
+	location, err := store.AddExtension(ctx, manifest, vsix,
+		storage.File{
+			RelativePath: "extension.sigzip",
+			Content:      sigZip,
+		},
+		storage.File{
+			RelativePath: ".signature.manifest",
+			Content:      data,
 		})
-	}
-
-	location, err := store.AddExtension(ctx, manifest, vsix, extra...)
 	if err != nil {
 		return nil, err
 	}
diff --git a/internal/extensionsign/sigzip.go b/internal/extensionsign/sigzip.go
@@ -26,10 +26,18 @@ func ExtractSignatureManifest(zip []byte) (SignatureManifest, error) {
 	return manifest, nil
 }
 
+func SignAndZipVSIX(key ed25519.PrivateKey, vsix []byte) ([]byte, error) {
+	manifest, err := GenerateSignatureManifest(vsix)
+	if err != nil {
+		return nil, xerrors.Errorf("generate manifest: %w", err)
+	}
+	return SignAndZipManifest(key, manifest)
+}
+
 // SignAndZip signs a manifest and zips it up
 // Should be a PCKS8 key
 // TODO: Support other key types
-func SignAndZip(key ed25519.PrivateKey, manifest SignatureManifest) ([]byte, error) {
+func SignAndZipManifest(key ed25519.PrivateKey, manifest SignatureManifest) ([]byte, error) {
 	var buf bytes.Buffer
 	w := zip.NewWriter(&buf)
 
diff --git a/storage/local.go b/storage/local.go
@@ -164,6 +164,12 @@ func (s *Local) Manifest(ctx context.Context, publisher, name string, version Ve
 		Addressable: "true",
 	})
 
+	manifest.Assets.Asset = append(manifest.Assets.Asset, VSIXAsset{
+		Type:        VSIXSignatureType,
+		Path:        "extension.sigzip",
+		Addressable: "true",
+	})
+
 	return manifest, nil
 }
 
diff --git a/testutil/mockstorage.go b/testutil/mockstorage.go
@@ -17,7 +17,7 @@ func NewMockStorage() *MockStorage {
 	return &MockStorage{}
 }
 
-func (s *MockStorage) AddExtension(ctx context.Context, manifest *storage.VSIXManifest, vsix []byte, extra ...storage.File) (string, error) {
+func (s *MockStorage) AddExtension(ctx context.Context, manifest *storage.VSIXManifest, vsix []byte) (string, error) {
 	return "", errors.New("not implemented")
 }
 

Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@ func NewMockStorage() *MockStorage {`
`17`	`17`	`return &MockStorage{}`
`18`	`18`	`}`
`19`	`19`
`20`		`-func (s MockStorage) AddExtension(ctx context.Context, manifest storage.VSIXManifest, vsix []byte, extra ...storage.File) (string, error) {`
	`20`	`+func (s MockStorage) AddExtension(ctx context.Context, manifest storage.VSIXManifest, vsix []byte) (string, error) {`
`21`	`21`	`return "", errors.New("not implemented")`
`22`	`22`	`}`
`23`	`23`