From af35d61a98412ff56da98c11b603a9ec54f101c1 Mon Sep 17 00:00:00 2001
From: Matt Farina <matt@mattfarina.com>
Date: Fri, 28 Feb 2020 12:52:21 -0500
Subject: [PATCH] Add verification output to the verify command

This complements the verification output fixed in #7706. On verify
there should be some detail about the verification rather than
no information.

Signed-off-by: Matt Farina <matt@mattfarina.com>
---
 cmd/helm/verify.go      | 10 +++++++++-
 cmd/helm/verify_test.go |  2 +-
 pkg/action/verify.go    | 24 ++++++++++++++++++++++--
 3 files changed, 32 insertions(+), 4 deletions(-)

diff --git a/cmd/helm/verify.go b/cmd/helm/verify.go
index d3ae517c9..f26fb377f 100644
--- a/cmd/helm/verify.go
+++ b/cmd/helm/verify.go
@@ -16,6 +16,7 @@ limitations under the License.
 package main
 
 import (
+	"fmt"
 	"io"
 
 	"github.com/spf13/cobra"
@@ -44,7 +45,14 @@ func newVerifyCmd(out io.Writer) *cobra.Command {
 		Long:  verifyDesc,
 		Args:  require.ExactArgs(1),
 		RunE: func(cmd *cobra.Command, args []string) error {
-			return client.Run(args[0])
+			err := client.Run(args[0])
+			if err != nil {
+				return err
+			}
+
+			fmt.Fprint(out, client.Out)
+
+			return nil
 		},
 	}
 
diff --git a/cmd/helm/verify_test.go b/cmd/helm/verify_test.go
index a70051ff6..ccbcb3cf2 100644
--- a/cmd/helm/verify_test.go
+++ b/cmd/helm/verify_test.go
@@ -65,7 +65,7 @@ func TestVerifyCmd(t *testing.T) {
 		{
 			name:      "verify validates a properly signed chart",
 			cmd:       "verify testdata/testcharts/signtest-0.1.0.tgz --keyring testdata/helm-test-key.pub",
-			expect:    "",
+			expect:    "Signed by: Helm Testing (This key should only be used for testing. DO NOT TRUST.) <helm-testing@helm.sh>\nUsing Key With Fingerprint: 5E615389B53CA37F0EE60BD3843BBF981FC18762\nChart Hash Verified: sha256:e5ef611620fb97704d8751c16bab17fedb68883bfb0edc76f78a70e9173f9b55\n",
 			wantError: false,
 		},
 	}
diff --git a/pkg/action/verify.go b/pkg/action/verify.go
index c66b14b47..f36239496 100644
--- a/pkg/action/verify.go
+++ b/pkg/action/verify.go
@@ -17,6 +17,9 @@ limitations under the License.
 package action
 
 import (
+	"fmt"
+	"strings"
+
 	"helm.sh/helm/v3/pkg/downloader"
 )
 
@@ -25,6 +28,7 @@ import (
 // It provides the implementation of 'helm verify'.
 type Verify struct {
 	Keyring string
+	Out     string
 }
 
 // NewVerify creates a new Verify object with the given configuration.
@@ -34,6 +38,22 @@ func NewVerify() *Verify {
 
 // Run executes 'helm verify'.
 func (v *Verify) Run(chartfile string) error {
-	_, err := downloader.VerifyChart(chartfile, v.Keyring)
-	return err
+	var out strings.Builder
+	p, err := downloader.VerifyChart(chartfile, v.Keyring)
+	if err != nil {
+		return err
+	}
+
+	for name := range p.SignedBy.Identities {
+		fmt.Fprintf(&out, "Signed by: %v\n", name)
+	}
+	fmt.Fprintf(&out, "Using Key With Fingerprint: %X\n", p.SignedBy.PrimaryKey.Fingerprint)
+	fmt.Fprintf(&out, "Chart Hash Verified: %s\n", p.FileHash)
+
+	// TODO(mattfarina): The output is set as a property rather than returned
+	// to maintain the Go API. In Helm v4 this function should return the out
+	// and the property on the struct can be removed.
+	v.Out = out.String()
+
+	return nil
 }