updated based on notation-go

Signed-off-by: Patrick Zheng <[email protected]>

cmd/notation/verify.go

@@ -158,16 +158,24 @@ func runVerify(command *cobra.Command, opts *verifyOpts) error {
 func checkVerificationFailure(outcomes []*notation.VerificationOutcome, printOut string, err error) error {
 	// write out on failure
 	if err != nil {
-		for _, outcome := range outcomes {
-			var errTrustStore truststore.ErrorTrustStore
-			var errCertificate truststore.ErrorCertificate
-			if (errors.As(outcome.Error, &errTrustStore) && errors.Is(errTrustStore, fs.ErrNotExist)) ||
-				(errors.As(outcome.Error, &errCertificate) && errors.Is(errCertificate, fs.ErrNotExist)) {
-				fmt.Fprintf(os.Stderr, "Error: %v. Use command 'notation cert add' to create and add trusted certificates to the trust store.\n", outcome.Error)
-			} else {
-				fmt.Fprintf(os.Stderr, "Error: %v\n", outcome.Error)
+		// reference: https://pkg.go.dev/errors#Join
+		if joinedError, ok := err.(interface{ Unwrap() []error }); ok {
+			errArray := joinedError.Unwrap()
+			// if err is a joined error, then there are at least 2 errors in the
+			// array, always starting with a general error message followed by
+			// indivisual notation.VerificationOutcome errors.
+			for _, outcomeError := range errArray[1:] {
+				var errTrustStore truststore.ErrorTrustStore
+				var errCertificate truststore.ErrorCertificate
+				if (errors.As(outcomeError, &errTrustStore) && errors.Is(errTrustStore, fs.ErrNotExist)) ||
+					(errors.As(outcomeError, &errCertificate) && errors.Is(errCertificate, fs.ErrNotExist)) {
+					fmt.Fprintf(os.Stderr, "Error: %v. Use command 'notation cert add' to create and add trusted certificates to the trust store.\n", outcomeError)
+				} else {
+					fmt.Fprintf(os.Stderr, "Error: %v\n", outcomeError)
+				}
 			}
 		}
+
 		var errorVerificationFailed notation.ErrorVerificationFailed
 		if !errors.As(err, &errorVerificationFailed) {
 			return fmt.Errorf("signature verification failed: %w", err)

go.mod

@@ -30,4 +30,4 @@ require (
 	golang.org/x/sys v0.11.0 // indirect
 )
 
-replace github.com/notaryproject/notation-go => github.com/Two-Hearts/notation-go v0.0.0-20230830040707-06b9ea427f0e
+replace github.com/notaryproject/notation-go => github.com/Two-Hearts/notation-go v0.0.0-20230914064925-33af9c76fdc9

go.sum

@@ -1,7 +1,7 @@
 github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8=
 github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
-github.com/Two-Hearts/notation-go v0.0.0-20230830040707-06b9ea427f0e h1:CS85l8f1kPkq5uwfFLtLl9kLK16RfoeepSR2jnZqA3U=
-github.com/Two-Hearts/notation-go v0.0.0-20230830040707-06b9ea427f0e/go.mod h1:nk9Wa8cwIkpajw3J+2axNzk/bOuIGa446gTyjjbalWs=
+github.com/Two-Hearts/notation-go v0.0.0-20230914064925-33af9c76fdc9 h1:19UPfblLCIl7z240rY+jHeJ9BkYCN2M/uT+VcJm/MCs=
+github.com/Two-Hearts/notation-go v0.0.0-20230914064925-33af9c76fdc9/go.mod h1:nk9Wa8cwIkpajw3J+2axNzk/bOuIGa446gTyjjbalWs=
 github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74 h1:Kk6a4nehpJ3UuJRqlA3JxYxBZEqCeOmATOvrbT4p9RA=
 github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4=
 github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=