pack: scaffolding for integrity check file generation

This patch provides a noop `integrity` module intended to be used as a
scaffolding for generating integrity check files. The logic of `tt pack`
command is modified to perform calls to appropriate `integrity` methods
wherever it is required. It is designed as a separate module to allow
easy replacement via directive in `go.mod` file.

Author: AlgebraicWolf

cli/cmd/pack.go

@@ -7,6 +7,7 @@ import (
 	"github.com/apex/log"
 	"github.com/spf13/cobra"
 	"github.com/tarantool/tt/cli/cmdcontext"
+	"github.com/tarantool/tt/cli/integrity"
 	"github.com/tarantool/tt/cli/modules"
 	"github.com/tarantool/tt/cli/pack"
 )
@@ -88,6 +89,9 @@ The supported types are: tgz, deb, rpm`,
 		packCtx.TarantoolVersion,
 		"Version of the tarantool for pack in docker (only with --use-docker flag).")
 
+	// Integrity flags.
+	integrity.RegisterWithIntegrityFlag(packCmd.Flags(), &packCtx.IntegrityPrivateKey)
+
 	return packCmd
 }
 

cli/integrity/go.mod

@@ -0,0 +1,17 @@
+module github.com/tarantool/tt/cli/integrity
+
+go 1.20
+
+require (
+	github.com/spf13/cobra v1.8.0
+	github.com/stretchr/testify v1.8.4
+)
+
+require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)

cli/integrity/go.sum

@@ -0,0 +1,24 @@
+github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
+github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
+github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=
+github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0=
+github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho=
+github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
+github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

cli/integrity/integrity.go

@@ -0,0 +1,22 @@
+package integrity
+
+import (
+	"errors"
+
+	"github.com/spf13/pflag"
+)
+
+// Signer implements high-level API for package signing.
+type Signer interface {
+	// Sign generates data to sign a package.
+	Sign(basePath string, appNames []string) error
+}
+
+// NewSigner constructs a noop Signer.
+func NewSigner(path string) (Signer, error) {
+	return nil, errors.New("integrity signer should never be created in ce")
+}
+
+// RegisterWithIntegrityFlag is a noop function that is intended to add
+// flags to `tt pack` command.
+func RegisterWithIntegrityFlag(flagset *pflag.FlagSet, dst *string) {}

cli/integrity/integrity_test.go

@@ -0,0 +1,75 @@
+package integrity_test
+
+import (
+	"testing"
+
+	"github.com/spf13/pflag"
+	"github.com/stretchr/testify/require"
+	"github.com/tarantool/tt/cli/integrity"
+)
+
+func TestNewSigner(t *testing.T) {
+	testCases := []struct {
+		name           string
+		privateKeyPath string
+	}{
+		{
+			name:           "Empty path",
+			privateKeyPath: "",
+		},
+		{
+			name:           "Arbitrary path",
+			privateKeyPath: "private.pem",
+		},
+	}
+
+	for _, testCase := range testCases {
+		t.Run(testCase.name, func(t *testing.T) {
+			signer, err := integrity.NewSigner(testCase.privateKeyPath)
+			require.Nil(t, signer, "signer must not be created")
+			require.EqualError(t, err, "integrity signer should never be created in ce", "an error should be produced")
+		})
+	}
+}
+
+func TestRegisterWithIntegritySigner(t *testing.T) {
+	someStr := ""
+
+	testCases := []struct {
+		name    string
+		flagSet *pflag.FlagSet
+		dst     *string
+	}{
+		{
+			name:    "Empty flagSet and dst",
+			flagSet: nil,
+			dst:     nil,
+		},
+		{
+			name:    "Empty dst",
+			flagSet: &pflag.FlagSet{},
+			dst:     nil,
+		},
+		{
+			name:    "Empty flagSet",
+			flagSet: nil,
+			dst:     &someStr,
+		},
+		{
+			name:    "Nothing empty",
+			flagSet: &pflag.FlagSet{},
+			dst:     nil,
+		},
+	}
+
+	for _, testCase := range testCases {
+		t.Run(testCase.name, func(t *testing.T) {
+			integrity.RegisterWithIntegrityFlag(testCase.flagSet, testCase.dst)
+
+			if testCase.flagSet != nil {
+				require.False(t, testCase.flagSet.HasFlags(),
+					"command must not be modified")
+			}
+		})
+	}
+}

cli/pack/common.go

@@ -14,6 +14,7 @@ import (
 	"github.com/tarantool/tt/cli/cmdcontext"
 	"github.com/tarantool/tt/cli/config"
 	"github.com/tarantool/tt/cli/configure"
+	"github.com/tarantool/tt/cli/integrity"
 	"github.com/tarantool/tt/cli/running"
 	"github.com/tarantool/tt/cli/util"
 	lua "github.com/yuin/gopher-lua"
@@ -113,6 +114,16 @@ func skipArtifacts(cliOpts *config.CliOpts) func(src string) (bool, error) {
 func prepareBundle(cmdCtx *cmdcontext.CmdCtx, packCtx *PackCtx,
 	cliOpts *config.CliOpts, buildRocks bool) (string, error) {
 	var err error
+	var signer integrity.Signer = nil
+
+	// If integrity checks are enabled, create an IntegritySigner.
+	if packCtx.IntegrityPrivateKey != "" {
+		signer, err = integrity.NewSigner(packCtx.IntegrityPrivateKey)
+
+		if err != nil {
+			return "", err
+		}
+	}
 
 	// Create temporary directory step.
 	basePath, err := os.MkdirTemp("", "tt_pack")
@@ -257,6 +268,19 @@ func prepareBundle(cmdCtx *cmdcontext.CmdCtx, packCtx *PackCtx,
 	if err != nil {
 		return "", err
 	}
+
+	var appNames []string
+	for _, app := range appList {
+		appNames = append(appNames, app.Name)
+	}
+
+	if packCtx.IntegrityPrivateKey != "" {
+		err = signer.Sign(basePath, appNames)
+		if err != nil {
+			return "", err
+		}
+	}
+
 	return basePath, nil
 }
 

cli/pack/opts.go

@@ -1,6 +1,8 @@
 package pack
 
 import (
+	"errors"
+
 	"github.com/tarantool/tt/cli/cmdcontext"
 )
 
@@ -17,6 +19,10 @@ const (
 func FillCtx(cmdCtx *cmdcontext.CmdCtx, packCtx *PackCtx,
 	args []string) error {
 
+	if (packCtx.IntegrityPrivateKey != "") && packCtx.CartridgeCompat {
+		return errors.New("cannot pack with integrity checks in cartridge-compat mode")
+	}
+
 	packCtx.TarantoolIsSystem = cmdCtx.Cli.IsSystem
 	packCtx.TarantoolExecutable = cmdCtx.Cli.TarantoolCli.Executable
 	packCtx.Type = args[0]

cli/pack/pack.go

@@ -32,6 +32,8 @@ type PackCtx struct {
 	CartridgeCompat bool
 	// TarantoolVersion specifies the version of the tarantool for pack in docker.
 	TarantoolVersion string
+	// IntegrityPrivateKey contains the path to private key for signing hash files.
+	IntegrityPrivateKey string
 }
 
 // ArchiveCtx contains flags specific for tgz type.

go.mod

@@ -18,11 +18,12 @@ require (
 	github.com/mitchellh/mapstructure v1.4.3
 	github.com/moby/term v0.0.0-20221105221325-4eb28fa6025c
 	github.com/otiai10/copy v1.7.1
-	github.com/spf13/cobra v1.3.0
+	github.com/spf13/cobra v1.8.0
 	github.com/stretchr/testify v1.8.4
 	github.com/tarantool/cartridge-cli v0.0.0-20220605082730-53e6a5be9a61
 	github.com/tarantool/go-prompt v1.0.0
 	github.com/tarantool/go-tarantool v1.10.1-0.20230309143354-e257ff30dd4d
+	github.com/tarantool/tt/cli/integrity v0.0.0-00010101000000-000000000000
 	github.com/vmihailenco/msgpack/v5 v5.3.5
 	github.com/yuin/gopher-lua v1.1.1-0.20230219103905-71163b697a8f
 	go.etcd.io/etcd/api/v3 v3.5.9
@@ -55,7 +56,7 @@ require (
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/hpcloud/tail v1.0.0 // indirect
-	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/klauspost/compress v1.11.13 // indirect
 	github.com/mattn/go-colorable v0.1.12 // indirect
 	github.com/mattn/go-pointer v0.0.1 // indirect
@@ -100,4 +101,5 @@ require (
 replace (
 	github.com/c-bata/go-prompt => github.com/tarantool/go-prompt v0.2.6-tarantool
 	github.com/tarantool/cartridge-cli => ./cli/cartridge/third_party/cartridge-cli
+	github.com/tarantool/tt/cli/integrity => ./cli/integrity
 )