From ecb1a83ac570b4acd23dbaf7fdf8ef97aa4bfac7 Mon Sep 17 00:00:00 2001 From: guillaume Date: Fri, 6 Sep 2024 09:48:21 -0400 Subject: [PATCH] feat: add notary snap Signed-off-by: guillaume --- README.md | 19 ++++++++++++++++++ notary.yaml | 5 +++++ service/bin/notaryd-start | 5 +++++ service/notary.yaml | 5 +++++ snap/hooks/install | 4 ++++ snap/snapcraft.yaml | 41 +++++++++++++++++++++++++++++++++++++++ 6 files changed, 79 insertions(+) create mode 100644 notary.yaml create mode 100755 service/bin/notaryd-start create mode 100644 service/notary.yaml create mode 100755 snap/hooks/install create mode 100644 snap/snapcraft.yaml diff --git a/README.md b/README.md index cb27b78..b2f487f 100644 --- a/README.md +++ b/README.md @@ -38,6 +38,25 @@ pebble_notifications: true ## Installation +### From Snap + +Install the snap: +```bash +sudo snap install notary +``` + +Generate (or copy) a certificate and private key to the following location: +```bash +sudo openssl req -newkey rsa:2048 -nodes -keyout /var/snap/notary/common/key.pem -x509 -days 1 -out /var/snap/notary/common/cert.pem -subj "/CN=example.com" +``` + +Start the service: +```bash +sudo snap start notary.notaryd +``` + +Navigate to `https://localhost:3000` to access the Notary UI. + ### From OCI Image ```bash diff --git a/notary.yaml b/notary.yaml new file mode 100644 index 0000000..ae8dcfa --- /dev/null +++ b/notary.yaml @@ -0,0 +1,5 @@ +key_path: "key.pem" +cert_path: "cert.pem" +db_path: "certs.db" +port: 3000 +pebble_notifications: false diff --git a/service/bin/notaryd-start b/service/bin/notaryd-start new file mode 100755 index 0000000..8cbcd86 --- /dev/null +++ b/service/bin/notaryd-start @@ -0,0 +1,5 @@ +#!/bin/bash + +set -ex + +"$SNAP"/bin/notary -config "$SNAP_COMMON"/notary.yaml diff --git a/service/notary.yaml b/service/notary.yaml new file mode 100644 index 0000000..58ecd76 --- /dev/null +++ b/service/notary.yaml @@ -0,0 +1,5 @@ +key_path: "/var/snap/notary/common/key.pem" +cert_path: "/var/snap/notary/common/cert.pem" +db_path: "/var/snap/notary/common/certs.db" +port: 3000 +pebble_notifications: false diff --git a/snap/hooks/install b/snap/hooks/install new file mode 100755 index 0000000..08a506a --- /dev/null +++ b/snap/hooks/install @@ -0,0 +1,4 @@ +#!/bin/sh -e + +# Create Notary config file +cp "$SNAP/notary.yaml" "$SNAP_COMMON/notary.yaml" diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml new file mode 100644 index 0000000..f3d118c --- /dev/null +++ b/snap/snapcraft.yaml @@ -0,0 +1,41 @@ +name: notary +base: core24 +version: '0.0.3' +summary: Notary is a certificate management tool. +description: Notary is a certificate management tool. + +grade: stable +confinement: strict + +apps: + notary: + command: bin/notary + plugs: + - network + - network-bind + - home + notaryd: + daemon: simple + install-mode: disable + command: bin/notaryd-start + refresh-mode: endure + plugs: + - network + - network-bind + +parts: + notary: + plugin: go + source: . + source-type: local + build-snaps: + - go/1.22/stable + - node/20/stable + override-build: | + npm install --prefix ui + npm run build --prefix ui + craftctl default + + service-files: + plugin: dump + source: service