Fix brittle splitting of GUN and target

[radu-matei]

closes #48 closes #49 closes #50

TODO:

• [x] test with local registry and port numbers
• [x] test with with multi-path hierarchy structure
• [x] test with Docker Hub and Notary
• [x] test list command

[radu-matei]

• local registry and trust server, with port number in URL:

 $ signy 
   --tlscacert=$NOTARY_CA 
   --server https://localhost:4443 
   sign testdata/cnab/bundle.json localhost:5000/thin-bundle:v1

INFO[0000] Starting to copy image cnab/helloworld:0.1.1
INFO[0001] Completed image cnab/helloworld:0.1.1 copy
INFO[0001] Generated relocation map: relocation.ImageRelocationMap{"cnab/helloworld:0.1.1":"localhost:5000/thin-bundle@sha256:a59a4e74d9cc89e4e75dfb2cc7ea5c108e4236ba6231b53081a9e2506d1197b6"}
INFO[0002] Pushed successfully, with digest "sha256:b4936e42304c184bafc9b06dde9ea1f979129e09a021a8f40abc07f736de9268"
INFO[0002] Root key found, using: ac20f61a2b72960d46f3c3bacbfe63ae1064165f477fc343911ebfdca7baf345
INFO[0002] Pushed trust data for localhost:5000/thin-bundle:v1: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5

 $ signy 
   --tlscacert=$NOTARY_CA 
   --server https://localhost:4443 
   verify localhost:5000/thin-bundle:v1
INFO[0000] Pulled trust data for localhost:5000/thin-bundle:v1, with role targets - SHA256: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5
INFO[0000] Pulling bundle from registry: localhost:5000/thin-bundle:v1
INFO[0000] Computed SHA: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5
INFO[0000] The SHA sums are equal: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5

$ signy 
   --tlscacert=$NOTARY_CA 
   --server https://localhost:4443 
   list localhost:5000/thin-bundle
v1      c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5

• local registry and trust server, with port number, and multiple paths:

 $ signy 
   --tlscacert=$NOTARY_CA 
   --server https://localhost:4443 
   sign testdata/cnab/bundle.json localhost:5000/multi-path-repo/thin-bundle:v1

INFO[0000] Starting to copy image cnab/helloworld:0.1.1
INFO[0001] Completed image cnab/helloworld:0.1.1 copy
INFO[0001] Generated relocation map: relocation.ImageRelocationMap{"cnab/helloworld:0.1.1":"localhost:5000/multi-path-repo/thin-bundle@sha256:a59a4e74d9cc89e4e75dfb2cc7ea5c108e4236ba6231b53081a9e2506d1197b6"}
INFO[0001] Pushed successfully, with digest "sha256:b4936e42304c184bafc9b06dde9ea1f979129e09a021a8f40abc07f736de9268"
INFO[0001] Root key found, using: ac20f61a2b72960d46f3c3bacbfe63ae1064165f477fc343911ebfdca7baf345
INFO[0001] Pushed trust data for localhost:5000/multi-path-repo/thin-bundle:v1: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5

$ signy 
   --tlscacert=$NOTARY_CA 
   --server https://localhost:4443 
   verify localhost:5000/multi-path-repo/thin-bundle:v1

INFO[0000] Pulled trust data for localhost:5000/multi-path-repo/thin-bundle:v1, with role targets - SHA256: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5
INFO[0000] Pulling bundle from registry: localhost:5000/multi-path-repo/thin-bundle:v1
INFO[0000] Computed SHA: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5
INFO[0000] The SHA sums are equal: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5

$ signy 
   --tlscacert=$NOTARY_CA 
   --server https://localhost:4443 
   list localhost:5000/multi-path-repo/thin-bundle

v1      c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5

• Docker Hub and Notary:

$ signy sign testdata/cnab/bundle.json radumatei/test-signy-ref:v1

INFO[0000] Starting to copy image cnab/helloworld:0.1.1
INFO[0002] Completed image cnab/helloworld:0.1.1 copy
INFO[0002] Generated relocation map: relocation.ImageRelocationMap{"cnab/helloworld:0.1.1":"docker.io/radumatei/test-signy-ref@sha256:a59a4e74d9cc89e4e75dfb2cc7ea5c108e4236ba6231b53081a9e2506d1197b6"}
INFO[0004] Pushed successfully, with digest "sha256:bc9ee7c4f564aaa22ece941e9188186da270e872074d7475b1db8f8b9364c212"
INFO[0005] Root key found, using: ac20f61a2b72960d46f3c3bacbfe63ae1064165f477fc343911ebfdca7baf345
INFO[0006] Pushed trust data for radumatei/test-signy-ref:v1: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5

$ signy verify radumatei/test-signy-ref:v1

INFO[0001] Pulled trust data for radumatei/test-signy-ref:v1, with role targets - SHA256: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5
INFO[0001] Pulling bundle from registry: radumatei/test-signy-ref:v1
INFO[0002] Computed SHA: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5
INFO[0002] The SHA sums are equal: c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5

$ signy list radumatei/test-signy-ref

Error: cannot list targets:notary.docker.io does not have trust data for radumatei/test-signy-ref

$ signy list docker.io/radumatei/test-signy-ref

v1      c7e92bd51f059d60b15ad456edf194648997d739f60799b37e08edafd88a81b5

Notice that the list command for Docker Hub still requires you to prepend docker.io to the username and repository.

[radu-matei]

Added a test, PTAL.