added nearexpiry functionality and removed an unused testutil function

Signed-off-by: avaid96 <avaid1996@gmail.com>

client/client.go

@@ -463,13 +463,13 @@ func (r *NotaryRepository) GetTargetByName(name string, roles ...string) (*Targe
 }
 
 // GetAllTargetMetadataByName searches the entire delegation role tree to find the specified target by name for all
-// roles, and returns a map of role strings to Target structs for each time it finds the specified target.
-func (r *NotaryRepository) GetAllTargetMetadataByName(name string) (map[string]Target, error) {
+// roles, and returns a list of TargetWithRole structs for each time it finds the specified target.
+func (r *NotaryRepository) GetAllTargetMetadataByName(name string) ([]*TargetWithRole, error) {
 	if err := r.Update(false); err != nil {
 		return nil, err
 	}
 
-	targetInfoMap := make(map[string]Target)
+	var targetInfo []*TargetWithRole
 
 	// Define a visitor function to find the specified target
 	getAllTargetInfoByNameVisitorFunc := func(tgt *data.SignedTargets, validRole data.DelegationRole) interface{} {
@@ -479,7 +479,7 @@ func (r *NotaryRepository) GetAllTargetMetadataByName(name string) (map[string]T
 		// We found the target and validated path compatibility in our walk,
 		// so add it to our list
 		if resultMeta, foundTarget := tgt.Signed.Targets[name]; foundTarget {
-			targetInfoMap[validRole.Name] = Target{Name: name, Hashes: resultMeta.Hashes, Length: resultMeta.Length}
+			targetInfo = append(targetInfo, &TargetWithRole{Target: Target{Name: name, Hashes: resultMeta.Hashes, Length: resultMeta.Length}, Role: validRole.Name})
 		}
 		// continue walking to all child roles
 		return nil
@@ -489,10 +489,10 @@ func (r *NotaryRepository) GetAllTargetMetadataByName(name string) (map[string]T
 	if err := r.tufRepo.WalkTargets(name, "", getAllTargetInfoByNameVisitorFunc); err != nil {
 		return nil, err
 	}
-	if len(targetInfoMap) == 0 {
+	if len(targetInfo) == 0 {
 		return nil, fmt.Errorf("No trust data for %s", name)
 	}
-	return targetInfoMap, nil
+	return targetInfo, nil
 }
 
 // GetChangelist returns the list of the repository's unpublished changes
@@ -612,7 +612,7 @@ func (r *NotaryRepository) publish(cl changelist.Changelist) error {
 	// check if our root file is nearing expiry or dirty. Resign if it is.  If
 	// root is not dirty but we are publishing for the first time, then just
 	// publish the existing root we have.
-	if nearExpiry(r.tufRepo.Root) || r.tufRepo.Root.Dirty {
+	if nearExpiry(r.tufRepo.Root.Signed.SignedCommon) || r.tufRepo.Root.Dirty {
 		rootJSON, err := serializeCanonicalRole(r.tufRepo, data.CanonicalRootRole)
 		if err != nil {
 			return err
@@ -781,7 +781,10 @@ func (r *NotaryRepository) Update(forWrite bool) error {
 		}
 		return err
 	}
+	// we can be assured if we are at this stage that the repo we built is good
+	// no need to test the following function call for an error as it will always be fine should the repo be good- it is!
 	r.tufRepo = repo
+	rolesNearExpiry(repo)
 	return nil
 }
 

client/helpers.go

@@ -190,9 +190,32 @@ func applyRootRoleChange(repo *tuf.Repo, c changelist.Change) error {
 	return nil
 }
 
-func nearExpiry(r *data.SignedRoot) bool {
+func nearExpiry(r data.SignedCommon) bool {
 	plus6mo := time.Now().AddDate(0, 6, 0)
-	return r.Signed.Expires.Before(plus6mo)
+	return r.Expires.Before(plus6mo)
+}
+
+func rolesNearExpiry(r *tuf.Repo) error {
+	//get every role and its respective signed common and call nearExpiry on it
+	//Root check
+	//Reset levels to display warnings through logrus
+	logrus.SetLevel(logrus.WarnLevel)
+	if nearExpiry(r.Root.Signed.SignedCommon) {
+		logrus.Warn("root is nearing expiry, you should re-sign the key")
+	}
+	//Targets and delegations check
+	for role,signedTOrD := range r.Targets {
+		//signedTOrD is of type *data.SignedTargets
+		if nearExpiry(signedTOrD.Signed.SignedCommon) {
+			logrus.Warn(role," metadata is nearing expiry, you should re-sign the key")
+		}
+	}
+	//Snapshot check
+	if nearExpiry(r.Snapshot.Signed.SignedCommon) {
+		logrus.Warn("snapshot is nearing expiry, you should re-sign the key")
+	}
+	return nil
+	//Timestamp is not checked since the user doesn't need to worry about it, we deal with it
 }
 
 // Fetches a public key from a remote store, given a gun and role

client/helpers_test.go

@@ -4,11 +4,13 @@ import (
 	"crypto/sha256"
 	"encoding/json"
 	"testing"
-
 	"github.com/docker/notary/client/changelist"
 	"github.com/docker/notary/tuf/data"
 	"github.com/docker/notary/tuf/testutils"
 	"github.com/stretchr/testify/require"
+	"time"
+	"bytes"
+	log "github.com/Sirupsen/logrus"
 )
 
 func TestApplyTargetsChange(t *testing.T) {
@@ -968,3 +970,41 @@ func TestChangeTargetMetaFailsIfPrefixError(t *testing.T) {
 	require.Empty(t, repo.Targets[data.CanonicalTargetsRole].Signed.Targets)
 	require.Empty(t, repo.Targets["targets/level1"].Signed.Targets)
 }
+
+func TestAllNearExpiry (t *testing.T) {
+	repo, _, err := testutils.EmptyRepo("docker.com/notary")
+	require.NoError(t, err)
+	nearexpdate := time.Now().AddDate(0, 1, 0)
+	repo.Root.Signed.SignedCommon.Expires=nearexpdate
+	repo.Snapshot.Signed.SignedCommon.Expires=nearexpdate
+	repo.Targets["targets"].Signed.Expires=nearexpdate
+	_, err1 := repo.InitTargets("targets/exp")
+	require.NoError(t, err1)
+	repo.Targets["targets/exp"].Signed.Expires=nearexpdate
+	b:= bytes.NewBuffer(nil)
+	log.SetOutput(b)
+	rolesNearExpiry(repo)
+	require.Contains(t, b.String(), "targets metadata is nearing expiry, you should re-sign the key", "targets should show near expiry")
+	require.Contains(t, b.String(), "targets/exp metadata is nearing expiry, you should re-sign the key", b.String(), "targets/exp should show near expiry")
+	require.Contains(t, b.String(), "root is nearing expiry, you should re-sign the key", "Root should show near expiry")
+	require.Contains(t, b.String(), "snapshot is nearing expiry, you should re-sign the key", "Snapshot should show near expiry")
+}
+
+func TestAllNotNearExpiry(t *testing.T)  {
+	repo, _, err := testutils.EmptyRepo("docker.com/notary")
+	require.NoError(t, err)
+	notnearexpdate := time.Now().AddDate(0, 10, 0)
+	repo.Root.Signed.SignedCommon.Expires=notnearexpdate
+	repo.Snapshot.Signed.SignedCommon.Expires=notnearexpdate
+	repo.Targets["targets"].Signed.Expires=notnearexpdate
+	_, err1 := repo.InitTargets("targets/noexp")
+	require.NoError(t, err1)
+	repo.Targets["targets/noexp"].Signed.Expires=notnearexpdate
+	a:= bytes.NewBuffer(nil)
+	log.SetOutput(a)
+	rolesNearExpiry(repo)
+	require.NotContains(t, a.String(), "targets metadata is nearing expiry, you should re-sign the key", "targets should not show near expiry")
+	require.NotContains(t, a.String(), "targets/noexp metadata is nearing expiry, you should re-sign the key", "targets/noexp should not show near expiry")
+	require.NotContains(t, a.String(), "root is nearing expiry, you should re-sign the key", "Root should not show near expiry")
+	require.NotContains(t, a.String(), "snapshot is nearing expiry, you should re-sign the key", "Snapshot should not show near expiry")
+}

tuf/testutils/repo.go

@@ -12,8 +12,6 @@ import (
 	"github.com/docker/notary/passphrase"
 	"github.com/docker/notary/trustmanager"
 	"github.com/docker/notary/tuf/data"
-	"github.com/docker/notary/tuf/utils"
-	fuzz "github.com/google/gofuzz"
 	"github.com/stretchr/testify/require"
 
 	tuf "github.com/docker/notary/tuf"
@@ -142,23 +140,6 @@ func CopyRepoMetadata(from map[string][]byte) map[string][]byte {
 	return copied
 }
 
-// AddTarget generates a fake target and adds it to a repo.
-func AddTarget(role string, r *tuf.Repo) (name string, meta data.FileMeta, content []byte, err error) {
-	randness := fuzz.Continue{}
-	content = RandomByteSlice(1024)
-	name = randness.RandString()
-	t := data.FileMeta{
-		Length: int64(len(content)),
-		Hashes: data.Hashes{
-			"sha256": utils.DoHash("sha256", content),
-			"sha512": utils.DoHash("sha512", content),
-		},
-	}
-	files := data.Files{name: t}
-	_, err = r.AddTargets(role, files)
-	return
-}
-
 // RandomByteSlice generates some random data to be used for testing only
 func RandomByteSlice(maxSize int) []byte {
 	r := rand.New(rand.NewSource(time.Now().UnixNano()))