Project

Profile

Help

Task #5944

closed

[Epic] As a plugin writer, I can use a SigningService to produce ascii-armored signatures

Added by dkliban@redhat.com almost 5 years ago. Updated almost 5 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
Category:
-
Sprint/Milestone:
Start date:
Due date:
% Done:

100%

Estimated time:
(Total: 0:00 h)
Platform Release:
Groomed:
Yes
Sprint Candidate:
Yes
Tags:
Documentation
Sprint:
Sprint 66
Quarter:

Description

This is an epic that will enable plugin writers to use scripts provided by Pulp administrators to sign files.

Pulp Administrators will use django-admin shell_plus or a python script to CRUD an instance of a SigningService model.

Pulp Administrators will be able to retrieve an instance of a SigningService using the REST API.

Plugin writers will be able to use SigningService.sign_file(filename) to retrieve an ascii-armored detached gpg signature and public key for verifying it.

Administrators will have documentation that states the signing script needs to print a dictionary that looks like this:

{"file": "repomd.xml", "signature": "repomd.xml.asc", "key": "public.key"}

Sub-issues 2 (0 open2 closed)

Story #5943: Add a SigningService model, viewset, and serializerCLOSED - CURRENTRELEASElmjachky

Actions
Task #5946: Add sign_file(filename) interface to SigningService modelCLOSED - CURRENTRELEASElmjachky

Actions
Actions #1

Updated by bmbouter almost 5 years ago

Could we get away with having users use shell_plus for the nearterm? Otherwise we'll need to made the create, list, and delete interfaces too.

Actions #2

Updated by dkliban@redhat.com almost 5 years ago

  • Subject changed from As an administrator I can create a Signing Service to Document how an administrator can create a Signing Service
  • Description updated (diff)
  • Tags Documentation added

bmbouter, yes we can get away with having admins use django-admin shell_plus command to create the Signing Service. I updated the description to reflect that this is simply a documentation task.

Actions #3

Updated by bmbouter almost 5 years ago

  • Sprint/Milestone set to 3.1.0
  • Sprint Candidate changed from No to Yes
Actions #4

Updated by bmbouter almost 5 years ago

  • Groomed changed from No to Yes
Actions #5

Updated by rchan almost 5 years ago

  • Sprint set to Sprint 64
Actions #6

Updated by daviddavis almost 5 years ago

  • Tracker changed from Issue to Task
  • % Done set to 0
Actions #7

Updated by dkliban@redhat.com almost 5 years ago

  • Subject changed from Document how an administrator can create a Signing Service to As a plugin writer, I can use a SigningService to produce ascii-armored signatures
  • Description updated (diff)
Actions #8

Updated by lmjachky almost 5 years ago

  • Status changed from NEW to ASSIGNED
  • Assignee set to lmjachky
Actions #9

Updated by bmbouter almost 5 years ago

  • Subject changed from As a plugin writer, I can use a SigningService to produce ascii-armored signatures to [Epic] As a plugin writer, I can use a SigningService to produce ascii-armored signatures
Actions #10

Updated by rchan almost 5 years ago

  • Sprint changed from Sprint 64 to Sprint 65
Actions #11

Updated by lmjachky almost 5 years ago

  • At the end, it was decided that a detached signature will have the same name as a signed file. This consensus will be mentioned in the docs. The file type ".asc" shall be then appended to the signed filename, like so:
  "repomd.xml" -> "repomd.xml.asc"
  
  • Furthermore, in the future, there might be used a different signing method for a different type of content. Due to that, the model SigningService should be a parent class of more specific models (in our case, we currently have one example of such a model - AsciiArmorDetachedSigningService). The interface for the signing method remains untouched:
  SigningService(Model):

      def sign():
          """Invoke an external signing service."""

  AsciiArmorDetachedSigningService(SigningService):

      def sign():
          """"Invoke inherited SigningService.sign() and validate returned data."""
  
Actions #12

Updated by rchan almost 5 years ago

  • Sprint changed from Sprint 65 to Sprint 66
Actions #13

Updated by daviddavis almost 5 years ago

  • Sprint/Milestone changed from 3.1.0 to 3.2.0
Actions #14

Updated by bmbouter almost 5 years ago

  • Description updated (diff)
  • Status changed from ASSIGNED to CLOSED - CURRENTRELEASE
  • Sprint/Milestone deleted (3.2.0)

All subtasks are complete, so I'm moving to CLOSED - CURRENT RELEASE

Actions #15

Updated by bmbouter almost 5 years ago

  • Sprint/Milestone set to 3.1.0

Also available in: Atom PDF