"rekor search --sha" should verify the format of a sha #379

sylvestre · 2021-07-20T08:08:01Z

@dlorenc explained me that rekor search --sha expects sha:. It should trigger an error:
Examples:
Works =>

$ ./rekor-cli search --sha sha256:e2e90d1a25f90a3156a27f00f3a4179578e3132ed4f010dc3498d09175b6071a
Found matching entries (listed by UUID):
af795d3d28375b3d310e76c0cfc48d1bb00555286eb7a9b9c9f2d10a1241065a

Fails without error

$ ./rekor-cli search --sha e2e90d1a25f90a3156a27f00f3a4179578e3132ed4f010dc3498d09175b6071a
No matching entries were found

The text was updated successfully, but these errors were encountered:

dlorenc · 2021-07-20T11:27:47Z

+1 to this. @bobcallaway any ideas how to plumb the index types through for earlier validation?

bobcallaway · 2021-07-21T11:38:54Z

I think the issue reported here is a regression from some of my cleanup work - as the API call always requires the sha256: prefix but in an effort to be backwards compatible I made it optional in the flag parsing.

Both are technically valid sha256 digests, but the reason the search fails is due to the lack of inserting the prefix ahead of the client making the API call to the server.

I'd have to think through abstracting and plumbing through validation from the index types.

bobcallaway mentioned this issue Jul 21, 2021

insert sha256: prefix if not provided #381

Merged

dlorenc closed this as completed in #381 Jul 21, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

"rekor search --sha" should verify the format of a sha #379

"rekor search --sha" should verify the format of a sha #379

sylvestre commented Jul 20, 2021

dlorenc commented Jul 20, 2021

bobcallaway commented Jul 21, 2021

"rekor search --sha" should verify the format of a sha #379

"rekor search --sha" should verify the format of a sha #379

Comments

sylvestre commented Jul 20, 2021

dlorenc commented Jul 20, 2021

bobcallaway commented Jul 21, 2021