diff --git a/cli/trust/trust.go b/cli/trust/trust.go index bf7896638..7af2a2735 100644 --- a/cli/trust/trust.go +++ b/cli/trust/trust.go @@ -3,6 +3,8 @@ package trust import ( "context" "encoding/json" + "errors" + "fmt" "io" "net" "net/http" @@ -21,7 +23,6 @@ import ( "github.com/docker/go-connections/tlsconfig" registrytypes "github.com/moby/moby/api/types/registry" "github.com/opencontainers/go-digest" - "github.com/pkg/errors" "github.com/sirupsen/logrus" "github.com/theupdateframework/notary" "github.com/theupdateframework/notary/client" @@ -67,7 +68,7 @@ func Server(index *registrytypes.IndexInfo) (string, error) { if s := os.Getenv("DOCKER_CONTENT_TRUST_SERVER"); s != "" { urlObj, err := url.Parse(s) if err != nil || urlObj.Scheme != "https" { - return "", errors.Errorf("valid https URL required for trust server, got %s", s) + return "", fmt.Errorf("valid https URL required for trust server, got %s", s) } return s, nil @@ -212,27 +213,27 @@ func NotaryError(repoName string, err error) error { switch err.(type) { case *json.SyntaxError: logrus.Debugf("Notary syntax error: %s", err) - return errors.Errorf("Error: no trust data available for remote repository %s. Try running notary server and setting DOCKER_CONTENT_TRUST_SERVER to its HTTPS address?", repoName) + return fmt.Errorf("error: no trust data available for remote repository %s. Try running notary server and setting DOCKER_CONTENT_TRUST_SERVER to its HTTPS address", repoName) case signed.ErrExpired: - return errors.Errorf("Error: remote repository %s out-of-date: %v", repoName, err) + return fmt.Errorf("error: remote repository %s out-of-date: %v", repoName, err) case trustmanager.ErrKeyNotFound: - return errors.Errorf("Error: signing keys for remote repository %s not found: %v", repoName, err) + return fmt.Errorf("error: signing keys for remote repository %s not found: %v", repoName, err) case storage.NetworkError: - return errors.Errorf("Error: error contacting notary server: %v", err) + return fmt.Errorf("error: error contacting notary server: %v", err) case storage.ErrMetaNotFound: - return errors.Errorf("Error: trust data missing for remote repository %s or remote repository not found: %v", repoName, err) + return fmt.Errorf("error: trust data missing for remote repository %s or remote repository not found: %v", repoName, err) case trustpinning.ErrRootRotationFail, trustpinning.ErrValidationFail, signed.ErrInvalidKeyType: - return errors.Errorf("Warning: potential malicious behavior - trust data mismatch for remote repository %s: %v", repoName, err) + return fmt.Errorf("warning: potential malicious behavior - trust data mismatch for remote repository %s: %v", repoName, err) case signed.ErrNoKeys: - return errors.Errorf("Error: could not find signing keys for remote repository %s, or could not decrypt signing key: %v", repoName, err) + return fmt.Errorf("error: could not find signing keys for remote repository %s, or could not decrypt signing key: %v", repoName, err) case signed.ErrLowVersion: - return errors.Errorf("Warning: potential malicious behavior - trust data version is lower than expected for remote repository %s: %v", repoName, err) + return fmt.Errorf("warning: potential malicious behavior - trust data version is lower than expected for remote repository %s: %v", repoName, err) case signed.ErrRoleThreshold: - return errors.Errorf("Warning: potential malicious behavior - trust data has insufficient signatures for remote repository %s: %v", repoName, err) + return fmt.Errorf("warning: potential malicious behavior - trust data has insufficient signatures for remote repository %s: %v", repoName, err) case client.ErrRepositoryNotExist: - return errors.Errorf("Error: remote trust data does not exist for %s: %v", repoName, err) + return fmt.Errorf("error: remote trust data does not exist for %s: %v", repoName, err) case signed.ErrInsufficientSignatures: - return errors.Errorf("Error: could not produce valid signature for %s. If Yubikey was used, was touch input provided?: %v", repoName, err) + return fmt.Errorf("error: could not produce valid signature for %s. If Yubikey was used, was touch input provided?: %v", repoName, err) } return err @@ -293,7 +294,7 @@ func GetSignableRoles(repo client.Repository, target *client.Target) ([]data.Rol } if len(signableRoles) == 0 { - return signableRoles, errors.Errorf("no valid signing keys for delegation roles") + return signableRoles, errors.New("no valid signing keys for delegation roles") } return signableRoles, nil diff --git a/cli/trust/trust_push.go b/cli/trust/trust_push.go index 65aee25d2..47057b3f4 100644 --- a/cli/trust/trust_push.go +++ b/cli/trust/trust_push.go @@ -4,6 +4,7 @@ import ( "context" "encoding/hex" "encoding/json" + "errors" "fmt" "io" "sort" @@ -14,7 +15,6 @@ import ( "github.com/moby/moby/api/types" registrytypes "github.com/moby/moby/api/types/registry" "github.com/opencontainers/go-digest" - "github.com/pkg/errors" "github.com/theupdateframework/notary/client" "github.com/theupdateframework/notary/tuf/data" ) @@ -82,18 +82,18 @@ func PushTrustedReference(ctx context.Context, ioStreams Streams, repoInfo *Repo } if cnt > 1 { - return errors.Errorf("internal error: only one call to handleTarget expected") + return errors.New("internal error: only one call to handleTarget expected") } if notaryTarget == nil { - return errors.Errorf("no targets found, provide a specific tag in order to sign it") + return errors.New("no targets found, provide a specific tag in order to sign it") } _, _ = fmt.Fprintln(ioStreams.Out(), "Signing and pushing trust metadata") repo, err := GetNotaryRepository(ioStreams.In(), ioStreams.Out(), userAgent, repoInfo, &authConfig, "push", "pull") if err != nil { - return errors.Wrap(err, "error establishing connection to trust repository") + return fmt.Errorf("error establishing connection to trust repository: %w", err) } // get the latest repository metadata so we can figure out which roles to sign @@ -133,7 +133,7 @@ func PushTrustedReference(ctx context.Context, ioStreams Streams, repoInfo *Repo } if err != nil { - err = errors.Wrapf(err, "failed to sign %s:%s", repoInfo.Name.Name(), tag) + err = fmt.Errorf("failed to sign %s:%s: %w", repoInfo.Name.Name(), tag, err) return NotaryError(repoInfo.Name.Name(), err) }