Closed Two-Hearts closed 9 months ago
Attention: 129 lines
in your changes are missing coverage. Please review.
Comparison is base (
df8596d
) 64.39% compared to head (45788ae
) 63.59%.
:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Are we missing functionality to copy/install plugin executable not zip or tar.gz ?
@priteshbandi This is a good question, it is tracked by this issue created by @FeynmanZhou : https://github.com/notaryproject/specifications/issues/284. Basically, we need to be clear in the notaryproject spec
on how should a vendor release their plugins in what kind of format.
Therefore, in this iteration, I think we could just support zip/tar.gz as a first step. We can add the support for executable in the future once we have a decision on the spec.
Are we missing functionality to copy/install plugin executable not zip or tar.gz ?
@priteshbandi This is a good question, it is tracked by this issue created by @FeynmanZhou : notaryproject/specifications#284. Basically, we need to be clear in the
notaryproject spec
on how should a vendor release their plugins in what kind of format.Therefore, in this iteration, I think we could just support zip/tar.gz as a first step. We can add the support for executable in the future once we have a decision on the spec.
I mean the functionality to copy plugin from a location on disk. This should be easy and straightforward.
I mean the functionality to copy plugin from a location on disk. This should be easy and straightforward. Hi @priteshbandi ,
Just want to clarify it: Do you mean support installing a plugin from an executable file (like .exe
)?
If so, this has not been included in the plugin management CLI spec. Notation v1.1.0 will only support .zip
and .tar.gz
format of the plugin file as we aligned in the CLI spec.
IMO, if there is an executable plugin file, users should be able to install the plugin without notation plugin install
. But in that case it is not secured by Notation plugin system.
Have you seen any plugin vendor or customer needs relying on executable file format? How about we put the executable file format in the notation plugin spec as its roadmap first and considering it until received vendor/customer needs on this format?
I mean the functionality to copy plugin from a location on disk. This should be easy and straightforward. Hi @priteshbandi ,
Just want to clarify it: Do you mean support installing a plugin from an executable file (like
.exe
)? If so, this has not been included in the plugin management CLI spec. Notation v1.1.0 will only support.zip
and.tar.gz
format of the plugin file as we aligned in the CLI spec.yes, install command would just need to copy file from user provided location to notation's location. It is part of the spec with following flag
--file install plugin from a file in file system
yes, install command would just need to copy file from user provided location to notation's location. It is part of the spec with following flag
--file install plugin from a file in file system
@priteshbandi Added this logic.
@priteshbandi As discussed, issue created: https://github.com/notaryproject/notation/issues/853
This PR is based on the new spec: https://github.com/notaryproject/notation/pull/809
It supports following notation plugin installations:
.tar.gz/.zip
file in file systemHTTPS URL
, SHA256 checksum is requiredTest: Corresponding E2E test cases are added in this PR as well.
Note: This PR depends on the notation-go PR: https://github.com/notaryproject/notation-go/pull/364The notation-go PR: https://github.com/notaryproject/notation-go/pull/364 has been Merged.