Update loginfo API endpoint to return information about inactive shards

[priyawadhwa]

I updated the LogInfo object in the openapi spec to also return information about inactive shards.

This PR also updates rekor-cli loginfo to verify inactive shards if they exist. loginfo will now first attempt to store state in state.json by TreeID instead of URL (that's because the URL for different shards is the same so this will prevent shards overwriting each other). If no TreeID is present then it will fall back to using the URL, so this change is backwards compatible.

This PR also updates the sharding integration test to run loginfo on inactive shards to ensure this works as expected.

cc @lkatalin @bobcallaway

fixes #713

Signed-off-by: Priya Wadhwa priya@chainguard.dev

Return loginfo data for inactive shards if they exist when calling `/api/v1/log`.

[codecov-commenter]

Codecov Report

Merging #738 (94efbc5) into main (ebc1d7a) will decrease coverage by 0.26%.
The diff coverage is 0.00%.

@@            Coverage Diff             @@
##             main     #738      +/-   ##
==========================================
- Coverage   47.48%   47.21%   -0.27%     
==========================================
  Files          66       66              
  Lines        5716     5742      +26     
==========================================
- Hits         2714     2711       -3     
- Misses       2713     2741      +28     
- Partials      289      290       +1     

Impacted Files	Coverage Δ
cmd/rekor-cli/app/log_info.go	2.09% <0.00%> (-0.47%)	⬇️
pkg/types/helm/v0.0.1/entry.go	52.41% <0.00%> (-1.21%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ebc1d7a...94efbc5. Read the comment docs.

[dlorenc]

One tiny not, otherwise LGTM!

[lkatalin]

Awesome!
I had a couple of informational questions that would help me understand some of the code.

[lkatalin]

How does this get the log root signature?

[priyawadhwa]

So this calls the Sign function, which stores the signature in the struct:

rekor/pkg/util/signed_note.go

Line 69 in ebc1d7a

s.Signatures = append(s.Signatures, signature)

To access it you would call sth.Signatures. Sorry if that wasn't clear, let me know if that doesn't answer your question!

[lkatalin]

Ah okay, I think I get it, this enables us to get the signature later (not in this line of code) with sth.Signatures - the lack of clarity is just from me being less familiar here, I appreciate the explanation.

[lkatalin]

If there is no treeID this will just dump from the URL, but if there is both a treeID and a URL, what happens? Does the URL only cover the active tree and only in the case of an older client? Or does some state get stored twice?

[priyawadhwa]

Some state will get stored twice! But when reading from the file the client will always prefer the treeID over the URL.

[lkatalin]

Okay cool, yeah I see that in oldState. Just trying to understand the mechanism here - the URL covers all trees, right? What does dumping by treeID (if available) add?

[priyawadhwa]

So if we have two shards, they'll be accessed at the same URL (e.g. rekor.sigstore.dev). We can't store state for both of them, because the key by URL would be the same. The TreeID is unique for each shard, so we can store state for all shards at once if we use treeID as the key.

[lkatalin]

I think this makes sense, I see it is a hash map so we're giving it differentiated keys. I will try to get some output to see it for myself. Thanks for the explanation.