Print manifests as part of the `--debug` option

[toddysm]

What is the areas you would like to add the new feature to?

Notation CLI

Is your feature request related to a problem?

Pushing Notary signatures to Docker Hub is failing at the moment with a non-descriptive error:

ERRO[2023-03-24T07:34:17-07:00] Failed to push the signature                 
Error: failed to push signature to registry with error: failed to push manifest: PUT "https://registry-1.docker.io/v2/toddysm/kubeconeu23-python/manifests/sha256:ec62b6eafefe1514bd5c67889ede1fdb6094aa2e0759f110dd575a7c2701fedd": response status code 404: notfound: not found

This is the command I am using:

notation sign --signature-format cose --key $KEY_NAME --debug docker.io/toddysm/kubeconeu23-python:3.11.2-slim

What solution do you propose?

With the changes in OCI spec it will be good to be able to troubleshoot the manifests that are sent to the registries. having the ability to print the manifests and their digests as part of the --debug output would be helpful with troubleshooting if pushing the signature fails to a particular registry.

It will be good if after each HTTP request, we print the payload and the payload digest for troubleshooting purposes.

DEBU[2023-03-23T16:37:04-07:00] > Request: "PUT" "https://registry-1.docker.io/v2/toddysm/kubeconeu23-python/blobs/uploads/218dcc86-d3b2-4cde-aed3-c4507c78345a?_state=Xzu3aK7hNWFEeFLiBpYyE4XKJENIzfDWFmIz99iYZN97Ik5hbWUiOiJ0b2RkeXNtL2t1YmVjb25ldTIzLXB5dGhvbiIsIlVVSUQiOiIyMThkY2M4Ni1kM2IyLTRjZGUtYWVkMy1jNDUwN2M3ODM0NWEiLCJPZmZzZXQiOjAsIlN0YXJ0ZWRBdCI6IjIwMjMtMDMtMjNUMjM6Mzc6MDQuNzY1MjI4OTFaIn0%3D&digest=sha256%3A44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a" 

Digest: <digest goes here>
Payload: <payload goes here>

What alternatives have you considered?

With the changes in OCI spec it will be good to be able to troubleshoot the manifests that are sent to the registries. having the ability to print the manifests and their digests as part of the --debug output would be helpful with troubleshooting if pushing the signature fails to a particular registry.

It will be good if after each HTTP request, we print the payload and the paylod digest

Any additional context?

Right now I need to install and configure MITM proxy to track those requests.

[yizha1]

Per discussion in community meeting on Mar 19, 2024, we would like to print out the digest of signature manifest and signature manifest during pushing signatures if --verbose flag is used. --verbose flag is recommended for all the diagnostic logs. @toddysm do you have any comments? /cc @priteshbandi @shizhMSFT @sajayantony

[yizha1]

duplicated with notaryproject/notation#695

[github-actions]

This issue is stale because it has been opened for 60 days with no activity. Remove stale label or comment. Otherwise, it will be closed in 30 days.