Scott Rigby
|
9ea35da0d0
|
[HIP-0026] Plugin packaging, signing, and verification (#31176)
* Plugin packaging, signing and verification
Signed-off-by: Scott Rigby <scott@r6by.com>
* wrap keyring read error with more explicit message
Co-authored-by: Jesse Simpson <jesse.simpson36@gmail.com>
Signed-off-by: Scott Rigby <scott@r6by.com>
* skip unnecessary check
Co-authored-by: Evans Mungai <mbuevans@gmail.com>
Signed-off-by: Scott Rigby <scott@r6by.com>
* Change behavior for installing plugin with missing .prov file (now warns and continues instead of failing)
Signed-off-by: Scott Rigby <scott@r6by.com>
* Add comprehensive plugin verification tests
- Test missing .prov files (warns but continues)
- Test invalid .prov file formats (fails verification)
- Test hash mismatches in .prov files (fails verification)
- Test .prov file access errors (fails appropriately)
- Test directory plugins don't support verification
- Test installation without verification enabled (succeeds)
- Test with valid .prov files (fails on empty keyring as expected)
---------
Signed-off-by: Scott Rigby <scott@r6by.com>
Co-authored-by: Jesse Simpson <jesse.simpson36@gmail.com>
Co-authored-by: Evans Mungai <mbuevans@gmail.com>
|
2025-08-30 13:25:28 -04:00 |