cache: add verified field to cache lookup

Get all binaries for the requested SR
Indicate which are verified by the certificate list

slapos/cli/cache.py

@@ -87,9 +87,8 @@ def do_lookup(logger, cache_dir, cache_url, signature_certificate_list,
     else:
         md5 = hashlib.md5(str2bytes(software_url)).hexdigest()
     try:
-        entries = list(
-            networkcache.download_entry_list(cache_url, cache_dir, md5, logger,
-                signature_certificate_list, software_url))
+        entries = networkcache.download_entry_list(cache_url, cache_dir,
+            md5, logger, signature_certificate_list, software_url)
     except Exception:
         logger.critical('Error while looking object %s', software_url,
             exc_info=True)
@@ -99,12 +98,13 @@ def do_lookup(logger, cache_dir, cache_url, signature_certificate_list,
         logger.info('Object found in cache, but has no binary entries.')
         return 0
 
-    pt = prettytable.PrettyTable(['multiarch', 'distribution', 'version', 'id', 'compatible?'])
+    pt = prettytable.PrettyTable(['multiarch', 'distribution', 'version', 'id', 'compatible?', 'verified?'])
     machine_info = networkcache.machine_info_tuple()
 
     for multiarch, os, verified in sorted(map(infotuple, entries)):
         row = [multiarch] + os
         row.append('yes' if networkcache.is_compatible(machine_info, (multiarch, os)) else 'no')
+        row.append('yes' if verified else 'no')
         pt.add_row(row)
 
     meta = json.loads(entries[0][0])

slapos/grid/networkcache.py

@@ -80,7 +80,9 @@ def download_entry_list(cache_url, dir_url, key, logger,
                         signature_certificate_list, software_url):
     nc = NetworkcacheClient(cache_url, dir_url,
         signature_certificate_list=signature_certificate_list or None)
-    return nc.select_generic(key)
+    entry_list = nc.select_generic(key, filter=False)
+    return [(entry[0], nc.verifySignatureInCertificateList(*entry))
+            for entry in entry_list]
 
 
 @fallback_call

slapos/tests/test_cli.py

@@ -103,13 +103,13 @@ class TestCliCache(CliMixin):
     self.logger.info.assert_any_call('Software URL: %s', 
             u'https://lab.nexedi.com/nexedi/slapos/raw/1.0.102/software/slaprunner/software.cfg')
     self.logger.info.assert_any_call('MD5:          %s', 'cccdc51a07e8c575c880f2d70dd4d458')
-    self.logger.info.assert_any_call(u'-----------------------------------------------------------')
-    self.logger.info.assert_any_call(u'    multiarch     distribution version    id   compatible? ')
-    self.logger.info.assert_any_call(u'-----------------------------------------------------------')
-    self.logger.info.assert_any_call(u' x86_64-linux-gnu CentOS Linux 7.5.1804  Core       no     ')
-    self.logger.info.assert_any_call(u' x86_64-linux-gnu    Ubuntu     18.04   bionic      no     ')
+    self.logger.info.assert_any_call(u'---------------------------------------------------------------------')
+    self.logger.info.assert_any_call(u'    multiarch     distribution version    id   compatible? verified? ')
+    self.logger.info.assert_any_call(u'---------------------------------------------------------------------')
+    self.logger.info.assert_any_call(u' x86_64-linux-gnu CentOS Linux 7.5.1804  Core       no        yes    ')
+    self.logger.info.assert_any_call(u' x86_64-linux-gnu    Ubuntu     18.04   bionic      no        yes    ')
     # Omit some lines as it may fail depending of the OS
-    self.logger.info.assert_any_call(u'-----------------------------------------------------------')
+    self.logger.info.assert_any_call(u'---------------------------------------------------------------------')
 
   def test_uncached_binary(self):
     self.assertEqual(10, cache_do_lookup(