Skip to content

Commit

Permalink
Move verification probe into rekorWriteEndpoint
Browse files Browse the repository at this point in the history 
Signed-off-by: Cody Soyland <codysoyland@github.com>
  • Loading branch information
@codysoyland
codysoyland committed Sep 29, 2022
1 parent 7450665 commit 9fac9ae
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 72 deletions.
4 changes: 0 additions & 4 deletions cmd/prober/prober.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,10 +102,6 @@ func runProbers(ctx context.Context, freq int, runOnce bool) {
hasErr = true
fmt.Printf("error running rekor write prober: %v\n", err)
}
if err := rekorVerification(ctx); err != nil {
hasErr = true
fmt.Printf("error running rekor verification prober: %v\n", err)
}
}

if runOnce {
Expand Down
60 changes: 0 additions & 60 deletions cmd/prober/verification.go
View file

This file was deleted.

33 changes: 25 additions & 8 deletions cmd/prober/write.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,16 +25,17 @@ import (
"encoding/hex"
"encoding/json"
"fmt"
"io"
"net/http"
"time"

"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
"github.com/prometheus/client_golang/prometheus"

"github.com/sigstore/cosign/pkg/cosign"
"github.com/sigstore/cosign/pkg/providers"
"github.com/sigstore/fulcio/pkg/api"
rclient "github.com/sigstore/rekor/pkg/client"
"github.com/sigstore/rekor/pkg/generated/models"
hashedrekord "github.com/sigstore/rekor/pkg/types/hashedrekord/v0.0.1"
"github.com/sigstore/sigstore/pkg/cryptoutils"
Expand Down Expand Up @@ -125,17 +126,33 @@ func rekorWriteEndpoint(ctx context.Context) error {
t := time.Now()
resp, err := http.DefaultClient.Do(req)
latency := time.Since(t).Milliseconds()
exportDataToPrometheus(resp, rekorURL, endpoint, POST, latency)
if err != nil {
fmt.Printf("error adding entry: %v\n", err.Error())
return fmt.Errorf("error adding entry: %w", err)
}

// Export data to prometheus
exportDataToPrometheus(resp, rekorURL, endpoint, POST, latency)

// If entry was added successfully, we should verify it
rekorClient, err := rclient.GetRekorClient(rekorURL, rclient.WithUserAgent(fmt.Sprintf("Sigstore_Scaffolding_Prober/%s", versionInfo.GitVersion)))
if err != nil {
return fmt.Errorf("creating rekor client: %w", err)
}
defer resp.Body.Close()
body, _ = io.ReadAll(resp.Body)
fmt.Println(string(body))
return nil
var logEntry models.LogEntry
err = json.NewDecoder(resp.Body).Decode(&logEntry)
if err != nil {
return fmt.Errorf("unmarshal: %w", err)
}
var logEntryAnon models.LogEntryAnon
for _, e := range logEntry {
logEntryAnon = e
break
}
verified := "true"
if err = cosign.VerifyTLogEntry(ctx, rekorClient, &logEntryAnon); err != nil {
verified = "false"
}
verificationCounter.With(prometheus.Labels{verifiedLabel: verified}).Inc()
return err
}

func rekorEntryRequest() (models.ProposedEntry, error) {
Expand Down

0 comments on commit 9fac9ae

Please sign in to comment.