mirror of
https://github.com/project-zot/zot.git
synced 2026-06-17 12:58:02 +08:00
feat: upload certificates and public keys for verifying signatures (#1485)
In order to verify signatures, users could upload their certificates and public keys using these routes: -> for public keys: /v2/_zot/ext/mgmt?resource=signatures&tool=cosign -> for certificates: /v2/_zot/ext/mgmt?resource=signatures&tool=notation&truststoreType=ca&truststoreName=name Then the public keys will be stored under $rootdir/_cosign and the certificates will be stored under $rootdir/_notation/truststore/x509/$truststoreType/$truststoreName. Also, for notation case, the "truststores" field of $rootir/_notation/trustpolicy.json file will be updated with a new entry "$truststoreType:$truststoreName". Also based on the uploaded files, the information about the signatures validity will be updated periodically. Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
This commit is contained in:
Andreea Lupu
@@ -151,6 +151,17 @@ const docTemplate = `{
|
||||
"application/json"
|
||||
],
|
||||
"summary": "Get current server configuration",
|
||||
"parameters": [
|
||||
{
|
||||
"enum": [
|
||||
"config"
|
||||
],
|
||||
"type": "string",
|
||||
"description": "specify resource",
|
||||
"name": "resource",
|
||||
"in": "query"
|
||||
}
|
||||
],
|
||||
"responses": {
|
||||
"200": {
|
||||
"description": "OK",
|
||||
@@ -165,6 +176,80 @@ const docTemplate = `{
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"post": {
|
||||
"description": "Upload certificates and public keys for verifying signatures",
|
||||
"consumes": [
|
||||
"application/octet-stream"
|
||||
],
|
||||
"produces": [
|
||||
"application/json"
|
||||
],
|
||||
"summary": "Upload certificates and public keys for verifying signatures",
|
||||
"parameters": [
|
||||
{
|
||||
"enum": [
|
||||
"signatures"
|
||||
],
|
||||
"type": "string",
|
||||
"description": "specify resource",
|
||||
"name": "resource",
|
||||
"in": "query",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"enum": [
|
||||
"cosign",
|
||||
"notation"
|
||||
],
|
||||
"type": "string",
|
||||
"description": "specify signing tool",
|
||||
"name": "tool",
|
||||
"in": "query",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"description": "truststore type",
|
||||
"name": "truststoreType",
|
||||
"in": "query"
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"description": "truststore name",
|
||||
"name": "truststoreName",
|
||||
"in": "query"
|
||||
},
|
||||
{
|
||||
"description": "Public key or Certificate content",
|
||||
"name": "requestBody",
|
||||
"in": "body",
|
||||
"required": true,
|
||||
"schema": {
|
||||
"type": "string"
|
||||
}
|
||||
}
|
||||
],
|
||||
"responses": {
|
||||
"200": {
|
||||
"description": "ok",
|
||||
"schema": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"400": {
|
||||
"description": "bad request\".",
|
||||
"schema": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"500": {
|
||||
"description": "internal server error\".",
|
||||
"schema": {
|
||||
"type": "string"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"/v2/_zot/ext/userprefs": {
|
||||
|
||||
Reference in New Issue
Block a user