sherpack 0.4.0

The Kubernetes package manager with Jinja2 templates
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49

//! Sign command - sign an archive with minisign

use console::style;
use miette::Result;
use std::path::Path;

use super::keygen::default_key_dir;
use super::signing::sign_archive;

pub fn run(archive_path: &Path, key_path: Option<&Path>, comment: Option<&str>) -> Result<()> {
    // Determine key path
    let key_path = key_path
        .map(|p| p.to_path_buf())
        .unwrap_or_else(|| default_key_dir().join("sherpack.key"));

    if !key_path.exists() {
        return Err(miette::miette!(
            "Secret key not found at {}.\nRun 'sherpack keygen' to generate keys.",
            key_path.display()
        ));
    }

    if !archive_path.exists() {
        return Err(miette::miette!(
            "Archive not found: {}",
            archive_path.display()
        ));
    }

    println!(
        "{} {}...",
        style("Signing").cyan().bold(),
        archive_path.display()
    );

    // Sign the archive
    let sig_path = sign_archive(archive_path, &key_path, comment)?;

    // Show trusted comment if we can read the signature
    if let Ok(sig_content) = std::fs::read_to_string(&sig_path)
        && let Ok(sig_box) = minisign::SignatureBox::from_string(&sig_content)
        && let Ok(trusted_comment) = sig_box.trusted_comment()
    {
        println!();
        println!("{}: {}", style("Trusted comment").dim(), trusted_comment);
    }

    Ok(())
}