Fix docker trust signer removal#1112
Conversation
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
|
/cc @vdemeester @thaJeztah @moscowrage @endophage @vieux this is a very high priority btw for the next release. |
| cli := test.NewFakeCli(&fakeClient{}) | ||
| cli.SetNotaryClient(notaryfake.GetLoadedNotaryRepository) | ||
| err := removeSingleSigner(cli, "signed-repo", "test", true) | ||
| _, err := removeSingleSigner(cli, "signed-repo", "test", true) |
There was a problem hiding this comment.
Don't we want to check the returned boolean?
cli/command/trust/signer_remove.go
Outdated
| errRepos = append(errRepos, repo) | ||
| } else { | ||
| fmt.Fprintf(cli.Out(), "Successfully removed %s from %s\n\n", options.signer, repo) | ||
| if didRemove { |
There was a problem hiding this comment.
nit: you can do
} else if didRemove {
| } | ||
| return notaryRepo.Publish() | ||
|
|
||
| return true, nil |
There was a problem hiding this comment.
Wouldn't it be simpler to move the logged success message before this return?
fmt.Fprintf(cli.Out(), "Successfully removed %s from %s\n\n", signerName, repoName)
return nil
?
There was a problem hiding this comment.
I'd say that I prefer to have it outside as it makes it more maintainable in the case where there are different codepaths that lead to a successful removal in this function and simply have this one return whether or not a removal happened.
There was a problem hiding this comment.
OK but for now there is only one code path which does that, this would minimize the changes required and there is already output logged in a similar way in the function e.g.
fmt.Fprintf(cli.Out(), "\nAborting action.\n")
Anyway it's just my personal view, obviously :)
vdemeester
added
status/2-code-review
priority/P0
priority/P1
and removed
status/0-triage
priority/P0
labels
cli/command/trust/signer_remove.go
Outdated
| } else { | ||
| fmt.Fprintf(cli.Out(), "Successfully removed %s from %s\n\n", options.signer, repo) | ||
| } else if didRemove { | ||
| fmt.Fprintf(cli.Out(), "Successfully removed %s from %s\n\n", options.signer, repo) |
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
n4ss
force-pushed
the
fix-trust-signer-remove
branch
from
ccd0697 to
5ebb7a6
Compare
|
@vdemeester done |
|
cc @andrewhsu as well |
cli/command/trust/signer_remove.go
Outdated
| for _, repo := range options.repos { | ||
| fmt.Fprintf(cli.Out(), "Removing signer \"%s\" from %s...\n", options.signer, repo) | ||
| if err := removeSingleSigner(cli, repo, options.signer, options.forceYes); err != nil { | ||
| if didRemove, err := removeSingleSigner(cli, repo, options.signer, options.forceYes); err != nil { |
|
|
||
| _, err = removeSingleSigner(cli, "signed-repo", "releases", true) | ||
| assert.Error(t, err, "releases is a reserved keyword and cannot be removed") | ||
| assert.Equal(t, didRemove, false, "No signer should be removed") |
There was a problem hiding this comment.
I may miss something, but I think didRemove was not updated on the second call here (as the boolean result is dropped _, err = removeSingleSigner)
There was a problem hiding this comment.
good catch thanks, done.
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
| for _, repo := range options.repos { | ||
| fmt.Fprintf(cli.Out(), "Removing signer \"%s\" from %s...\n", options.signer, repo) | ||
| if err := removeSingleSigner(cli, repo, options.signer, options.forceYes); err != nil { | ||
| if _, err := removeSingleSigner(cli, repo, options.signer, options.forceYes); err != nil { |
There was a problem hiding this comment.
I would argue that there is no need to return a bool as all now that it's dropped here.
There was a problem hiding this comment.
I will implement more tests that need to know if the signer got actually removed, and I need the information through this boolean.
cli/command/trust/signer_remove.go
Outdated
|
|
||
| func removeSingleSigner(cli command.Cli, repoName, signerName string, forceYes bool) error { | ||
| // removeSingleSigner returns whether the signer has been removed during this operation and an error | ||
| // Note: the signer not being removed doesn't necessarily raise an error (eg. User saying "No" to the confirmation prompt) |
There was a problem hiding this comment.
Besides dropping the bool I would remove the Note: and add punctuation, something like:
removeSingleSigner attempts to remove a single signer.
The signer not being removed doesn't necessarily raise an error e.g. user choosing "No" when prompted for confirmation.
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
thaJeztah
left a comment
thaJeztah
left a comment
There was a problem hiding this comment.
LGTM, but not very fond of the boolean return. Looks like there may be a bit too much logic in that function, so we should do some refactoring in a follow up
|
Arf; probably should've needed some squashing 😞 |
6 participants
Signed-off-by: Nassim 'Nass' Eddequiouaq eddequiouaq.nassim@gmail.com
- What I did
Only print
"Successfully removed "if the signer is removed.- How I did it
Make
trust.removeSingleSignerreturn a second value besides the error; whether or not a removal actually happened and decides on output printing based on it.- How to verify it