Added support for validation of signed pipelines

README.md

@@ -36,7 +36,7 @@
     - [Using Artifactory Services](#using-artifactory-services)
       - [Uploading Files to Artifactory](#uploading-files-to-artifactory)
       - [Downloading Files from Artifactory](#downloading-files-from-artifactory)
-      - [Downloading Release Bundles from Artifactory](#downloading-release-bundles-v1-from-artifactory)
+      - [Downloading Release Bundles v1 from Artifactory](#downloading-release-bundles-v1-from-artifactory)
       - [Uploading and Downloading Files with Summary](#uploading-and-downloading-files-with-summary)
       - [Copying Files in Artifactory](#copying-files-in-artifactory)
       - [Moving Files in Artifactory](#moving-files-in-artifactory)
@@ -127,14 +127,14 @@
       - [Creating New Distribution Service Manager](#creating-new-distribution-service-manager)
     - [Using Distribution Services](#using-distribution-services)
       - [Setting Distribution Signing Key](#setting-distribution-signing-key)
-      - [Creating a Release Bundle](#creating-a-release-bundle-v1)
-      - [Updating a Release Bundle](#updating-a-release-bundle-v1)
-      - [Signing a Release Bundle](#signing-a-release-bundle-v1)
-      - [Async Distributing a Release Bundle](#async-distributing-a-release-bundle-v1)
-      - [Sync Distributing a Release Bundle](#sync-distributing-a-release-bundle-v1)
+      - [Creating a Release Bundle v1](#creating-a-release-bundle-v1)
+      - [Updating a Release Bundle v1](#updating-a-release-bundle-v1)
+      - [Signing a Release Bundle v1](#signing-a-release-bundle-v1)
+      - [Async Distributing a Release Bundle v1](#async-distributing-a-release-bundle-v1)
+      - [Sync Distributing a Release Bundle v1](#sync-distributing-a-release-bundle-v1)
       - [Getting Distribution Status](#getting-distribution-status)
-      - [Deleting a Remote Release Bundle](#deleting-a-remote-release-bundle-v1)
-      - [Deleting a Local Release Bundle](#deleting-a-local-release-bundle-v1)
+      - [Deleting a Remote Release Bundle v1](#deleting-a-remote-release-bundle-v1)
+      - [Deleting a Local Release Bundle v1](#deleting-a-local-release-bundle-v1)
   - [Using ContentReader](#using-contentreader)
   - [Xray APIs](#xray-apis)
     - [Creating Xray Service Manager](#creating-xray-service-manager)
@@ -168,7 +168,7 @@
       - [Get Violations Report Content](#get-violations-report-content)
       - [Delete Violations Report](#delete-violations-report)
       - [Get Artifact Summary](#get-artifact-summary)
-      - [Get Entitlement info](#get-entitlement-info)
+      - [Get Entitlement Info](#get-entitlement-info)
   - [Pipelines APIs](#pipelines-apis)
     - [Creating Pipelines Service Manager](#creating-pipelines-service-manager)
       - [Creating Pipelines Details](#creating-pipelines-details)
@@ -192,12 +192,13 @@
       - [Trigger Pipeline Sync](#trigger-pipeline-sync)
       - [Get Pipeline Sync Status](#get-pipeline-sync-status)
       - [Cancel Run](#cancel-run)
+      - [Validate Signed Pipelines](#validate-signed-pipelines)
   - [Lifecycle APIs](#lifecycle-apis)
-    - [Creating Lifecycle Service Manager](#creating-lifeCycle-service-manager)
-      - [Creating Lifecycle Details](#creating-lifeCycle-details)
-      - [Creating Lifecycle Service Config](#creating-lifeCycle-service-config)
-      - [Creating New Lifecycle Service Manager](#creating-new-lifeCycle-service-manager)
-    - [Using Lifecycle Services](#using-lifeCycle-services)
+    - [Creating Lifecycle Service Manager](#creating-lifecycle-service-manager)
+      - [Creating Lifecycle Details](#creating-lifecycle-details)
+      - [Creating Lifecycle Service Config](#creating-lifecycle-service-config)
+      - [Creating New Lifecycle Service Manager](#creating-new-lifecycle-service-manager)
+    - [Using Lifecycle Services](#using-lifecycle-services)
       - [Creating a Release Bundle From Published Builds](#creating-a-release-bundle-from-published-builds)
       - [Creating a Release Bundle From Release Bundles](#creating-a-release-bundle-from-release-bundles)
       - [Promoting a Release Bundle](#promoting-a-release-bundle)
@@ -2358,6 +2359,30 @@ runID := 234 // run id of pipeline
 err := pipelinesManager.CancelRun(runID)
 ```
 
+#### Validate Signed Pipelines
+
+```go
+// artifactType describes how is the artifact information stored in artifactory
+// artifactType can be one of Artifact, BuildInfo, or ReleaseBundle
+artifactTypeInfo := ArtifactTypeInfo{}
+
+// Option 1: Artifact
+artifactType := services.Artifact
+artifactTypeInfo.ArtifactPath := "go-app/myApp"
+
+// Option 2: Build Info
+artifactType := services.BuildInfo
+artifactTypeInfo.BuildName := "appBuild"
+artifactTypeInfo.BuildNumber := "31"
+artifactTypeInfo.ProjectKey := "default"
+
+// Option 3: Release Bundle
+artifactType := services.ReleaseBundle
+artifactTypeInfo.RbName := "artifactory"
+artifactTypeInfo.RbVersion := "7.53.1"
+err := pipelinesManager.ValidateSignedPipelines(artifactTypeInfo, artifactType)
+```
+
 ## Lifecycle APIs
 
 ### Creating Lifecycle Service Manager

pipelines/manager.go

@@ -136,3 +136,9 @@ func (sm *PipelinesServicesManager) CancelRun(runID int) error {
 	runService.ServiceDetails = sm.config.GetServiceDetails()
 	return runService.CancelRun(runID)
 }
+
+func (sm *PipelinesServicesManager) ValidateSignedPipelines(artifactTypeInfo services.ArtifactTypeInfo, artifactType services.ArtifactType) error {
+	signedPipelinesService := services.NewSignedPipelinesService(sm.client)
+	signedPipelinesService.ServiceDetails = sm.config.GetServiceDetails()
+	return signedPipelinesService.ValidateSignedPipelines(artifactTypeInfo, artifactType)
+}

pipelines/services/signedpipelines.go

@@ -0,0 +1,118 @@
+package services
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"github.com/jfrog/jfrog-client-go/auth"
+	"github.com/jfrog/jfrog-client-go/http/jfroghttpclient"
+	"github.com/jfrog/jfrog-client-go/utils/errorutils"
+	"github.com/jfrog/jfrog-client-go/utils/io/httputils"
+	"github.com/jfrog/jfrog-client-go/utils/log"
+)
+
+type SignedPipelinesService struct {
+	client *jfroghttpclient.JfrogHttpClient
+	auth.ServiceDetails
+}
+
+type ArtifactType int
+
+const (
+	Artifact ArtifactType = iota
+	BuildInfo
+	ReleaseBundle
+)
+
+const (
+	validatePipelines           = "api/v1/pipeinfo/verify"
+	signedPipelinesArtifactType = "artifactType"
+)
+
+type SignedPipelinesValidation struct {
+	Result   bool     `json:"result"`
+	Messages []string `json:"messages"`
+	Message  string   `json:"message"`
+}
+
+func (a ArtifactType) String() string {
+	switch a {
+	case Artifact:
+		return "artifact"
+	case BuildInfo:
+		return "buildInfo"
+	case ReleaseBundle:
+		return "releaseBundle"
+	}
+	return ""
+}
+
+func (sp *SignedPipelinesService) getHttpDetails() httputils.HttpClientDetails {
+	return sp.ServiceDetails.CreateHttpClientDetails()
+}
+
+func NewSignedPipelinesService(client *jfroghttpclient.JfrogHttpClient) *SignedPipelinesService {
+	return &SignedPipelinesService{client: client}
+}
+
+func (sp *SignedPipelinesService) ValidateSignedPipelines(artifactTypeInfo ArtifactTypeInfo, artifactType ArtifactType) error {
+	// Fetch pipeline resource to retrieve resource ID
+	log.Info("Validating signed pipelines for", artifactType)
+	httpDetails := sp.getHttpDetails()
+	queryParams := sp.constructQueryParamsBasedOnArtifactType(artifactTypeInfo, artifactType)
+	uriVal, err := constructPipelinesURL(queryParams, sp.GetUrl(), validatePipelines)
+	if err != nil {
+		return err
+	}
+	resp, body, _, httpErr := sp.client.SendGet(uriVal, true, &httpDetails)
+	if httpErr != nil {
+		return httpErr
+	}
+	if err := errorutils.CheckResponseStatusWithBody(resp, body, http.StatusOK); err != nil {
+		return err
+	}
+	return parseValidateSignedPipelinesResponse(body)
+}
+
+func (sp *SignedPipelinesService) constructQueryParamsBasedOnArtifactType(artifactTypeInfo ArtifactTypeInfo, artifactType ArtifactType) map[string]string {
+	queryParams := map[string]string{}
+	switch artifactType {
+	case BuildInfo:
+		queryParams = map[string]string{
+			"buildName":                 artifactTypeInfo.BuildName,
+			"buildNumber":               artifactTypeInfo.BuildNumber,
+			"projectKey":                artifactTypeInfo.ProjectKey,
+			signedPipelinesArtifactType: BuildInfo.String(),
+		}
+	case Artifact:
+		queryParams = map[string]string{
+			"artifactPath":              artifactTypeInfo.ArtifactPath,
+			signedPipelinesArtifactType: Artifact.String(),
+		}
+	case ReleaseBundle:
+		queryParams = map[string]string{
+			"rbName":                    artifactTypeInfo.RbName,
+			"rbVersion":                 artifactTypeInfo.RbVersion,
+			signedPipelinesArtifactType: ReleaseBundle.String(),
+		}
+	}
+	return queryParams
+}
+
+func parseValidateSignedPipelinesResponse(body []byte) error {
+	signedPipelinesValidationResponse := SignedPipelinesValidation{}
+	jsonErr := json.Unmarshal(body, &signedPipelinesValidationResponse)
+	if jsonErr != nil {
+		return errorutils.CheckError(jsonErr)
+	}
+	if !signedPipelinesValidationResponse.Result {
+		log.Output("Signed Pipelines validation failed with below message/messages")
+		for _, message := range signedPipelinesValidationResponse.Messages {
+			log.Output(message)
+		}
+		log.Output(signedPipelinesValidationResponse.Message)
+		return errorutils.CheckErrorf("signed pipelines validation failed")
+	}
+	log.Output("Signed Pipelines validation is completed successfully")
+	return nil
+}

pipelines/services/types.go

@@ -87,3 +87,12 @@ type PipelineResources struct {
 	CreatedAt                time.Time   `json:"createdAt,omitempty"`
 	UpdatedAt                time.Time   `json:"updatedAt,omitempty"`
 }
+
+type ArtifactTypeInfo struct {
+	BuildName    string
+	BuildNumber  string
+	ProjectKey   string
+	ArtifactPath string
+	RbName       string
+	RbVersion    string
+}