Project

Profile

Help

Task #5944

[Epic] As a plugin writer, I can use a SigningService to produce ascii-armored signatures

Added by dkliban@redhat.com 10 months ago. Updated 8 months ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
Category:
-
Sprint/Milestone:
Start date:
Due date:
% Done:

100%

Estimated time:
(Total: 0:00 h)
Platform Release:
Groomed:
Yes
Sprint Candidate:
Yes
Tags:
Documentation
Sprint:
Sprint 66
Quarter:

Description

This is an epic that will enable plugin writers to use scripts provided by Pulp administrators to sign files.

Pulp Administrators will use django-admin shell_plus or a python script to CRUD an instance of a SigningService model.

Pulp Administrators will be able to retrieve an instance of a SigningService using the REST API.

Plugin writers will be able to use SigningService.sign_file(filename) to retrieve an ascii-armored detached gpg signature and public key for verifying it.

Administrators will have documentation that states the signing script needs to print a dictionary that looks like this:

{"file": "repomd.xml", "signature": "repomd.xml.asc", "key": "public.key"}

Subtasks

Story #5943: Add a SigningService model, viewset, and serializerCLOSED - CURRENTRELEASElmjachky

Actions
Task #5946: Add sign_file(filename) interface to SigningService modelCLOSED - CURRENTRELEASElmjachky

Actions

History

#1 Updated by bmbouter 10 months ago

Could we get away with having users use shell_plus for the nearterm? Otherwise we'll need to made the create, list, and delete interfaces too.

#2 Updated by dkliban@redhat.com 10 months ago

  • Subject changed from As an administrator I can create a Signing Service to Document how an administrator can create a Signing Service
  • Description updated (diff)
  • Tags Documentation added

bmbouter, yes we can get away with having admins use django-admin shell_plus command to create the Signing Service. I updated the description to reflect that this is simply a documentation task.

#3 Updated by bmbouter 10 months ago

  • Sprint/Milestone set to 3.1.0
  • Sprint Candidate changed from No to Yes

#4 Updated by bmbouter 10 months ago

  • Groomed changed from No to Yes

#5 Updated by rchan 10 months ago

  • Sprint set to Sprint 64

#6 Updated by daviddavis 10 months ago

  • Tracker changed from Issue to Task
  • % Done set to 0

#7 Updated by dkliban@redhat.com 9 months ago

  • Subject changed from Document how an administrator can create a Signing Service to As a plugin writer, I can use a SigningService to produce ascii-armored signatures
  • Description updated (diff)

#8 Updated by lmjachky 9 months ago

  • Status changed from NEW to ASSIGNED
  • Assignee set to lmjachky

#9 Updated by bmbouter 9 months ago

  • Subject changed from As a plugin writer, I can use a SigningService to produce ascii-armored signatures to [Epic] As a plugin writer, I can use a SigningService to produce ascii-armored signatures

#10 Updated by rchan 9 months ago

  • Sprint changed from Sprint 64 to Sprint 65

#11 Updated by lmjachky 9 months ago

  • At the end, it was decided that a detached signature will have the same name as a signed file. This consensus will be mentioned in the docs. The file type ".asc" shall be then appended to the signed filename, like so:
  "repomd.xml" -> "repomd.xml.asc"
  
  • Furthermore, in the future, there might be used a different signing method for a different type of content. Due to that, the model SigningService should be a parent class of more specific models (in our case, we currently have one example of such a model - AsciiArmorDetachedSigningService). The interface for the signing method remains untouched:
  SigningService(Model):

      def sign():
          """Invoke an external signing service."""

  AsciiArmorDetachedSigningService(SigningService):

      def sign():
          """"Invoke inherited SigningService.sign() and validate returned data."""
  

#12 Updated by rchan 9 months ago

  • Sprint changed from Sprint 65 to Sprint 66

#13 Updated by daviddavis 9 months ago

  • Sprint/Milestone changed from 3.1.0 to 3.2.0

#14 Updated by bmbouter 8 months ago

  • Description updated (diff)
  • Status changed from ASSIGNED to CLOSED - CURRENTRELEASE
  • Sprint/Milestone deleted (3.2.0)

All subtasks are complete, so I'm moving to CLOSED - CURRENT RELEASE

#15 Updated by bmbouter 8 months ago

  • Sprint/Milestone set to 3.1.0

Please register to edit this issue

Also available in: Atom PDF