notaryproject · priteshbandi · Oct 11, 2023 · Oct 9, 2023 · Oct 9, 2023 · Oct 10, 2023
@@ -16,12 +16,14 @@ package cert
 import (
 	"context"
 	"fmt"
+	"os"
 
 	"github.com/notaryproject/notation-go/dir"
 	"github.com/notaryproject/notation-go/log"
 	notationgoTruststore "github.com/notaryproject/notation-go/verifier/truststore"
 	"github.com/notaryproject/notation/cmd/notation/internal/truststore"
 	"github.com/notaryproject/notation/internal/cmd"
+	"github.com/notaryproject/notation/internal/ioutil"
 	"github.com/spf13/cobra"
 )
 
@@ -72,34 +74,35 @@ func listCerts(ctx context.Context, opts *certListOpts) error {
 	storeType := opts.storeType
 	configFS := dir.ConfigFS()
 
+	var certPaths []string
 	// List all certificates under truststore/x509, display empty if there's
 	// no certificate yet
 	if namedStore == "" && storeType == "" {
 		path, err := configFS.SysPath(dir.TrustStoreDir, "x509")
 		if err := truststore.CheckNonErrNotExistError(err); err != nil {
 			return err
 		}
-		if err := truststore.CheckNonErrNotExistError(truststore.ListCerts(path, 2)); err != nil {
+		if err := truststore.CheckNonErrNotExistError(truststore.ListCerts(path, 2, &certPaths)); err != nil {
 			logger.Debugln("Failed to complete list at path:", path)
 			return fmt.Errorf("failed to list all certificates stored in the trust store, with error: %s", err.Error())
 		}
 
-		return nil
+		return ioutil.PrintCertMap(os.Stdout, certPaths)
 	}
 
 	// List all certificates under truststore/x509/storeType/namedStore,
-	// display empty if there's no such certificate
+	// display empty if there's no certificate yet
 	if namedStore != "" && storeType != "" {
 		path, err := configFS.SysPath(dir.TrustStoreDir, "x509", storeType, namedStore)
 		if err := truststore.CheckNonErrNotExistError(err); err != nil {
 			return err
 		}
-		if err := truststore.CheckNonErrNotExistError(truststore.ListCerts(path, 0)); err != nil {
+		if err := truststore.CheckNonErrNotExistError(truststore.ListCerts(path, 0, &certPaths)); err != nil {
 			logger.Debugln("Failed to complete list at path:", path)
 			return fmt.Errorf("failed to list all certificates stored in the named store %s of type %s, with error: %s", namedStore, storeType, err.Error())
 		}
 
-		return nil
+		return ioutil.PrintCertMap(os.Stdout, certPaths)
 	}
 
 	// List all certificates under x509/storeType, display empty if
@@ -109,24 +112,24 @@ func listCerts(ctx context.Context, opts *certListOpts) error {
 		if err := truststore.CheckNonErrNotExistError(err); err != nil {
 			return err
 		}
-		if err := truststore.CheckNonErrNotExistError(truststore.ListCerts(path, 1)); err != nil {
+		if err := truststore.CheckNonErrNotExistError(truststore.ListCerts(path, 1, &certPaths)); err != nil {
 			logger.Debugln("Failed to complete list at path:", path)
 			return fmt.Errorf("failed to list all certificates stored of type %s, with error: %s", storeType, err.Error())
 		}
 	} else {
 		// List all certificates under named store namedStore, display empty if
-		// there's no such certificate
+		// there's no certificate yet
 		for _, t := range notationgoTruststore.Types {
 			path, err := configFS.SysPath(dir.TrustStoreDir, "x509", string(t), namedStore)
 			if err := truststore.CheckNonErrNotExistError(err); err != nil {
 				return err
 			}
-			if err := truststore.CheckNonErrNotExistError(truststore.ListCerts(path, 0)); err != nil {
+			if err := truststore.CheckNonErrNotExistError(truststore.ListCerts(path, 0, &certPaths)); err != nil {
 				logger.Debugln("Failed to complete list at path:", path)
 				return fmt.Errorf("failed to list all certificates stored in the named store %s, with error: %s", namedStore, err.Error())
 			}
 		}
 	}
 
-	return nil
+	return ioutil.PrintCertMap(os.Stdout, certPaths)
 }
@@ -87,9 +87,11 @@ func AddCert(path, storeType, namedStore string, display bool) error {
 
 // ListCerts walks through root and lists all x509 certificates in it,
 // sub-dirs are ignored.
-func ListCerts(root string, depth int) error {
+func ListCerts(root string, depth int, certPaths *[]string) error {
 	maxDepth := strings.Count(root, string(os.PathSeparator)) + depth
-
+	if certPaths == nil {
+		return errors.New("certPaths cannot be nil")
+	}
 	return filepath.WalkDir(root, func(path string, d fs.DirEntry, err error) error {
 		if err != nil {
 			return err
@@ -107,7 +109,7 @@ func ListCerts(root string, depth int) error {
 				return err
 			}
 			if len(certs) != 0 {
-				fmt.Println(path)
+				*certPaths = append(*certPaths, path)
 			}
 		}
 		return nil

@@ -17,6 +17,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
+	"path/filepath"
 	"text/tabwriter"
 
 	"github.com/notaryproject/notation-go/config"
@@ -58,6 +59,20 @@ func PrintMetadataMap(w io.Writer, metadata map[string]string) error {
 	return tw.Flush()
 }
 
+func PrintCertMap(w io.Writer, certPaths []string) error {
+	tw := newTabWriter(w)
+	fmt.Fprintln(tw, "STORE TYPE\tSTORE NAME\tCERTIFICATE\t")
+	for _, cert := range certPaths {
+		fileName := filepath.Base(cert)
+		dir := filepath.Dir(cert)
+		namedStore := filepath.Base(dir)
+		dir = filepath.Dir(dir)
+		storeType := filepath.Base(dir)
+		fmt.Fprintf(tw, "%s\t%s\t%s\t\n", storeType, namedStore, fileName)
+	}
+	return tw.Flush()
+}
+
 // PrintObjectAsJSON takes an interface and prints it as an indented JSON string
 func PrintObjectAsJSON(i interface{}) error {
 	jsonBytes, err := json.MarshalIndent(i, "", "    ")

@@ -151,31 +151,31 @@ Upon successful adding, the certificate files are added into directory`{NOTATION
 notation certificate list
 ```
 
-Upon successful listing, all the certificate files in the trust store are printed out in a format of absolute filepath. If the listing fails, an error message is printed out with specific reasons. Nothing is printed out if the trust store is empty.
+Upon successful listing, all the certificate files in the trust store are printed out with information of store type, store name and certificate file name. If the listing fails, an error message is printed out with specific reasons. Nothing is printed out if the trust store is empty.
 
 ### List all certificate files of a certain named store
 
 ```bash
 notation cert list --store <name>
 ```
 
-Upon successful listing, all the certificate files in the trust store named `<name>` are printed out in a format of absolute filepath. If the listing fails, an error message is printed out with specific reasons. Nothing is printed out if the trust store is empty.
+Upon successful listing, all the certificate files in the trust store named `<name>` are printed out with information of store type, store name and certificate file name. If the listing fails, an error message is printed out with specific reasons. Nothing is printed out if the trust store is empty.
 
 ### List all certificate files of a certain type of store
 
 ```bash
 notation cert list --type <type>
 ```
 
-Upon successful listing, all the certificate files in the trust store of type `<type>` are printed out in a format of absolute filepath. If the listing fails, an error message is printed out with specific reasons. Nothing is printed out if the trust store is empty.
+Upon successful listing, all the certificate files in the trust store of type `<type>` are printed out with information of store type, store name and certificate file name. If the listing fails, an error message is printed out with specific reasons. Nothing is printed out if the trust store is empty.
 
 ### List all certificate files of a certain named store of a certain type
 
 ```bash
 notation cert list --type <type> --store <name>
 ```
 
-Upon successful listing, all the certificate files in the trust store named `<name>` of type `<type>` are printed out in a format of absolute filepath. If the listing fails, an error message is printed out with specific reasons. Nothing is printed out if the trust store is empty.
+Upon successful listing, all the certificate files in the trust store named `<name>` of type `<type>` are printed out with information of store type, store name and certificate file name. If the listing fails, an error message is printed out with specific reasons. Nothing is printed out if the trust store is empty.
 
 ### Show details of a certain certificate file
 

@@ -62,7 +62,11 @@ var _ = Describe("notation quickstart E2E test", Ordered, func() {
 			)
 
 		notation.Exec("cert", "ls").
-			MatchKeyWords("notation/truststore/x509/ca/wabbit-networks.io/wabbit-networks.io.crt")
+			MatchKeyWords(
+				"ca",
+				"wabbit-networks.io",
+				"wabbit-networks.io.crt",
+			)
 	})
 
 	It("sign the container image with jws format (by default)", func() {