Correct Helm index keys (#474)

Signed-off-by: Andrew Block <andy.block@gmail.com>

Correct Helm index keys (#474)
317e88db · Andrew Block · GitHub · 0c2b37c1 · 317e88db · 317e88db
Unverified Commit 317e88db authored 3 years ago by Andrew Block Committed by GitHub 3 years ago
--- a/pkg/types/helm/provenance_test.go
+++ b/pkg/types/helm/provenance_test.go
@@ -20,6 +20,7 @@ import (
 	"os"
 	"testing"
+	"github.com/sigstore/rekor/pkg/generated/models"
 	"github.com/sigstore/rekor/pkg/pki"
 	"github.com/sigstore/rekor/pkg/pki/pgp"
 )
@@ -37,12 +38,16 @@ func TestProvenance(t *testing.T) {
 		t.Fatalf("unmarshal error: %v", err)
 	}
-	checksum, err := provenance.GetChartHash()
+	algorithm, checksum, err := provenance.GetChartAlgorithmHash()
 	if err != nil {
 		t.Fatalf("Error retrieving chart hash: %v", err)
 	}
+	if models.HelmV001SchemaChartHashAlgorithmSha256 != algorithm {
+		t.Fatalf("Unexpected checksum algorithm. Expected %s, found %s", models.HelmV001SchemaChartHashAlgorithmSha256, algorithm)
+	}
 	if len(checksum) == 0 {
 		t.Fatal("Empty checksum")
 	}

--- a/pkg/types/helm/providence.go
+++ b/pkg/types/helm/providence.go
@@ -94,10 +94,10 @@ func (p *Provenance) parseMessageBlock(data []byte) error {
 	return nil
 }
-func (p *Provenance) GetChartHash() (string, error) {
+func (p *Provenance) GetChartAlgorithmHash() (string, string, error) {
 	if p.SumCollection == nil || p.SumCollection.Files == nil {
-		return "", errors.New("Unable to locate chart hash")
+		return "", "", errors.New("Unable to locate chart hash")
 	}
@@ -108,13 +108,13 @@ func (p *Provenance) GetChartHash() (string, error) {
 		parts := strings.Split(value, ":")
 		if len(parts) != 2 {
-			return "", errors.New("Invalid hash found in Provenance file")
+			return "", "", errors.New("Invalid hash found in Provenance file")
 		}
-		return parts[1], nil
+		return parts[0], parts[1], nil
 	}
 	// Return error if no keys found
-	return "", errors.New("No checksums found")
+	return "", "", errors.New("No checksums found")
 }
--- a/pkg/types/helm/v0.0.1/entry.go
+++ b/pkg/types/helm/v0.0.1/entry.go
@@ -87,16 +87,15 @@ func (v V001Entry) IndexKeys() []string {
 	result = append(result, v.keyObj.EmailAddresses()...)
-	chartHash, err := v.provenanceObj.GetChartHash()
+	algorithm, chartHash, err := v.provenanceObj.GetChartAlgorithmHash()
 	if err != nil {
 		log.Logger.Error(err)
 	} else {
-		result = append(result, chartHash)
+		hashKey := strings.ToLower(fmt.Sprintf("%s:%s", algorithm, chartHash))
+		result = append(result, hashKey)
 	}
-	//TODO: Store signature as index
 	return result
 }
@@ -274,16 +273,14 @@ func (v *V001Entry) Canonicalize(ctx context.Context) ([]byte, error) {
 	canonicalEntry.Chart = &models.HelmV001SchemaChart{}
-	chartHash, err := v.provenanceObj.GetChartHash()
+	algorithm, chartHash, err := v.provenanceObj.GetChartAlgorithmHash()
 	if err != nil {
 		return nil, err
 	}
-	sha256 := models.AlpineV001SchemaPackageHashAlgorithmSha256
 	canonicalEntry.Chart.Hash = &models.HelmV001SchemaChartHash{}
-	canonicalEntry.Chart.Hash.Algorithm = &sha256
+	canonicalEntry.Chart.Hash.Algorithm = &algorithm
 	canonicalEntry.Chart.Hash.Value = &chartHash
 	canonicalEntry.Chart.Provenance = &models.HelmV001SchemaChartProvenance{}