notation 1.1.0 support

.github/workflows/installer-tests.yml

@@ -7,11 +7,58 @@ on:
   pull_request:
 
 env:
-  NOTATION_VERSION: 1.0.1
+  NOTATION_VERSION: 1.1.0
+  PLUGIN_VERSION: 0.3.0
+  PLUGIN_LINUX_AMD64_SHA256: "03771794643f18c286b6db3a25a4d0b8e7c401e685b1e95a19f03c9356344f5a"
+  PLUGIN_DARWIN_AMD64_SHA256: "2b8293bdfc706a8acbb1fb3b3ce7b37a300d8c2f26e2ecf158db0104fc152348"
+  PLUGIN_WINDOWS_AMD64_SHA256: "81fd7e5b200a072c2fd69cf45d6e2de83930e3346debdcfd47c9c45d843d6b3e"
 
 jobs:
+  ubuntu-installer-test:
+    name: Ubuntu installer test
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Setup notation CLI
+        uses: notaryproject/notation-action/setup@v1
+        with:
+          version: ${{ env.NOTATION_VERSION }}
+      - name: Install Venafi plugin
+        run: |
+          notation plugin install --url https://github.com/Venafi/notation-venafi-csp/releases/download/v${{ env.PLUGIN_VERSION }}/notation-venafi-csp-linux-amd64.tar.gz --sha256sum ${{ env.PLUGIN_LINUX_AMD64_SHA256 }}
+          notation plugin ls
+  macos-installer-test:
+    name: MacOS installer test
+    runs-on: macos-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Setup notation CLI
+        uses: notaryproject/notation-action/setup@v1
+        with:
+          version: ${{ env.NOTATION_VERSION }}
+      - name: Install Venafi plugin
+        run: |
+          notation plugin install --url https://github.com/Venafi/notation-venafi-csp/releases/download/v${{ env.PLUGIN_VERSION }}/notation-venafi-csp-darwin-amd64.tar.gz --sha256sum ${{ env.PLUGIN_DARWIN_AMD64_SHA256 }}
+          notation plugin ls
   windows-installer-test:
-    name: Run tests
+      name: Windows installer test
+      runs-on: windows-latest
+      permissions:
+        contents: read
+      steps:
+        - name: Setup notation CLI
+          uses: notaryproject/notation-action/setup@v1
+          with:
+            version: ${{ env.NOTATION_VERSION }}
+        - name: Install Venafi plugin
+          run: |
+            notation plugin install --url https://github.com/Venafi/notation-venafi-csp/releases/download/v${{ env.PLUGIN_VERSION }}/notation-venafi-csp-darwin-amd64.tar.gz --sha256sum ${{ env.PLUGIN_WINDOWS_AMD64_SHA256 }}
+            notation plugin ls
+
+  windows-old-installer-test:
+    name: Windows (OLD) installer test
     runs-on: windows-latest
     permissions:
       contents: read

README.md

@@ -29,25 +29,18 @@ This is a plugin that aims to be compliant with the plugin [spec](https://github
 The following summarizes the steps to configure the Venafi CodeSign Protect notation plugin and sign and verify a container image.  The following steps are based off of the Notation hello-signing [example](https://github.com/notaryproject/notation/blob/main/docs/hello-signing.md#getting-started).
 
 - This plugin leverages the [Venafi vSign SDK](https://github.com/venafi/vsign), which means you'll need to meet the pre-requisites as well as customize the config.ini in terms of `tpp_url`, `access_token`, and `tpp_project`.
-- Install notation [CLI](https://github.com/notaryproject/notation/releases/tag/v1.0.1).  Version v1.0.1 has been tested. Note that `make install` creates the plugin directory structure based on a MacOS environment.  Update the Makefile based on your OS.  It then copies the plugin to the appropriate location based on the notation plugin directory structure spec.
+- Install notation [CLI](https://github.com/notaryproject/notation/releases/tag/v1.1.0).  Version v1.1.0 has been tested. Note that `make install` creates the plugin directory structure based on a MacOS environment.  Update the Makefile based on your OS.  It then copies the plugin to the appropriate location based on the notation plugin directory structure spec.
 
 ## Installation
 
-Install the notation-venafi-csp plugin for remote signing and verification, depending on your requirements:
+Install the notation-venafi-csp plugin for remote signing and verification, using the `notation plugin install` command:
 
+```bash
+notation plugin install --url https://github.com/Venafi/notation-venafi-csp/releases/download/v0.3.0/notation-venafi-csp-linux-amd64.tar.gz --sha256sum 03771794643f18c286b6db3a25a4d0b8e7c401e685b1e95a19f03c9356344f5a
 
-#### Windows PowerShell
-- First, ensure you are using an administrative shell
-- Run the following command:
-  ```powershell
-  Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://github.com/venafi/notation-venafi-csp/install/install.ps1'))
-  ```
+```
 
-#### MacOS and Linux
-- Run the following command:
-  ```bash
-  curl -sfL https://github.com/venafi/notation-venafi-csp/install/install.sh | sh -
-  ```
+Adjust the `--url` and `--sha256sum` parameters based on the release and platform you are deploying the plugin for.
 
 #### Build and Install from Source
  ```bash

go.mod

@@ -3,7 +3,7 @@ module github.com/venafi/notation-venafi-csp
 go 1.21
 
 require (
-	github.com/notaryproject/notation-go v1.0.1
+	github.com/notaryproject/notation-go v1.1.0
 	github.com/venafi/vsign v1.0.2-0.20230722225009-faa05c2d8377
 )
 
@@ -28,7 +28,7 @@ require (
 	github.com/subosito/gotenv v1.4.2 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
-	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/sys v0.16.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
@@ -40,8 +40,8 @@ require (
 	github.com/fxamacker/cbor/v2 v2.5.0
 	github.com/go-ldap/ldap/v3 v3.4.6
 	github.com/golang-jwt/jwt/v4 v4.5.0
-	github.com/notaryproject/notation-core-go v1.0.1
+	github.com/notaryproject/notation-core-go v1.0.2
 	github.com/urfave/cli/v2 v2.25.3
 	github.com/veraison/go-cose v1.1.0
-	golang.org/x/crypto v0.17.0
+	golang.org/x/crypto v0.18.0
 )

go.sum

@@ -164,10 +164,10 @@ github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0V
 github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
 github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
 github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
-github.com/notaryproject/notation-core-go v1.0.1 h1:01doxjDERbd0vocLQrlJdusKrRLNNn50OJzp0c5I4Cw=
-github.com/notaryproject/notation-core-go v1.0.1/go.mod h1:rayl8WlKgS4YxOZgDO0iGGB4Ef515ZFZUFaZDmsPXgE=
-github.com/notaryproject/notation-go v1.0.1 h1:D3fqG3eaBKVESRySV/Tg//MyTg2Q1nTKPh/t2q9LpSw=
-github.com/notaryproject/notation-go v1.0.1/go.mod h1:VonyZsbocRQQNIDq/VPV5jKJOQwDH3gvfK4cXNpUA0U=
+github.com/notaryproject/notation-core-go v1.0.2 h1:VEt+mbsgdANd9b4jqgmx2C7U0DmwynOuD2Nhxh3bANw=
+github.com/notaryproject/notation-core-go v1.0.2/go.mod h1:2HkQzUwg08B3x9oVIztHsEh7Vil2Rj+tYgxH+JObLX4=
+github.com/notaryproject/notation-go v1.1.0 h1:7WBeH8FGoA+GkeUwmBIBnlJc/PpdYaUKfiXu6ZZeEeg=
+github.com/notaryproject/notation-go v1.1.0/go.mod h1:ZSk34URQar5fnWflaFByzpDvuefgZKm/mp8Q2tQpBaw=
 github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ=
 github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@@ -234,8 +234,8 @@ golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
-golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
-golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
+golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -368,8 +368,8 @@ golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
-golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
+golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=