Merge pull request #62 from mstg/keykeeper-fix

Import RPM key to verify signature and stop blocking on failure
2024-12-21 02:08:29 +00:00 · 2022-11-07 01:00:46 +00:00 · 2022-11-07 01:00:46 +00:00 · 96d2a2d736
commit 96d2a2d736
parent 6e752a3704 6e77412823
2 changed files with 41 additions and 5 deletions
--- a/peridot/keykeeper/v1/keywarming.go
+++ b/peridot/keykeeper/v1/keywarming.go
@ -38,6 +38,8 @@ import (
 	"fmt"
 	"github.com/ProtonMail/gopenpgp/v2/crypto"
 	"github.com/google/uuid"
+	"io/ioutil"
+	"os"
 	"os/exec"
 	"peridot.resf.org/peridot/db/models"
 	"peridot.resf.org/utils"
@ -75,6 +77,24 @@ func (s *Server) importGpgKey(armoredKey string) error {
 	return err
 }

+func (s *Server) importRpmKey(publicKey string) error {
+	tmpFile, err := ioutil.TempFile("/tmp", "peridot-key-")
+	if err != nil {
+		return err
+	}
+	defer os.Remove(tmpFile.Name())
+	_, err = tmpFile.Write([]byte(publicKey))
+	if err != nil {
+		return err
+	}
+	cmd := gpgCmdEnv(exec.Command("rpm", "--import", tmpFile.Name()))
+	out, err := logCmdRun(cmd)
+	if err != nil {
+		s.log.Errorf("failed to import rpm key: %s", out.String())
+	}
+	return err
+}
+
 // WarmGPGKey warms up a specific GPG key
 // This involves shelling out to GPG to import the key
 func (s *Server) WarmGPGKey(key string, armoredKey string, gpgKey *crypto.Key, db *models.Key) (*LoadedKey, error) {
@ -89,6 +109,11 @@ func (s *Server) WarmGPGKey(key string, armoredKey string, gpgKey *crypto.Key, d
 		return nil, err
 	}

+	err = s.importRpmKey(db.PublicKey)
+	if err != nil {
+		return nil, err
+	}
+
 	cachedKey := &LoadedKey{
 		keyUuid: db.ID,
 		gpgId:   gpgKey.GetHexKeyID(),
--- a/peridot/keykeeper/v1/sign.go
+++ b/peridot/keykeeper/v1/sign.go
@ -188,6 +188,13 @@ func (s *Server) SignArtifactActivity(ctx context.Context, artifactId string, ke

 	switch ext {
 	case ".rpm":
+		beginTx, err := s.db.Begin()
+		if err != nil {
+			s.log.Errorf("failed to begin transaction: %v", err)
+			return nil, status.Error(codes.Internal, "failed to begin transaction")
+		}
+		tx := s.db.UseTransaction(beginTx)
+
 		rpmSign := func() (*keykeeperpb.SignedArtifact, error) {
 			var outBuf bytes.Buffer
 			opts := []string{
@ -233,7 +240,7 @@ func (s *Server) SignArtifactActivity(ctx context.Context, artifactId string, ke
 			}
 			hash := hex.EncodeToString(hasher.Sum(nil))

-			err = s.db.CreateTaskArtifactSignature(artifact.ID.String(), key.keyUuid.String(), hash)
+			err = tx.CreateTaskArtifactSignature(artifact.ID.String(), key.keyUuid.String(), hash)
 			if err != nil {
 				s.log.Errorf("failed to create task artifact signature: %v", err)
 				return nil, fmt.Errorf("failed to create task artifact signature: %v", err)
@ -257,22 +264,26 @@ func (s *Server) SignArtifactActivity(ctx context.Context, artifactId string, ke
 			err := cmd.Run()
 			if err != nil {
 				s.log.Errorf("failed to verify artifact %s: %v", artifact.Name, err)
+				s.log.Errorf("buf: %s", outBuf.String())
 				return fmt.Errorf("failed to verify artifact %s: %v", artifact.Name, err)
 			}
-			if !strings.Contains(outBuf.String(), "digest signatures OK") {
-				s.log.Errorf("artifact %s not signed(?), retrying", artifact.Name)
-				return fmt.Errorf("artifact %s not signed(?), retrying", artifact.Name)
-			}
 			return nil
 		}
 		res, err := rpmSign()
 		if err != nil {
+			_ = beginTx.Rollback()
 			return nil, err
 		}
 		err = verifySig()
 		if err != nil {
+			_ = beginTx.Rollback()
 			return nil, err
 		}
+		err = beginTx.Commit()
+		if err != nil {
+			s.log.Errorf("failed to commit transaction: %v", err)
+			return nil, status.Error(codes.Internal, "failed to commit transaction")
+		}

 		return res, nil
 	default: