2017-08-24 18:45:20 -04:00
|
|
|
package trust
|
|
|
|
|
|
|
|
|
|
import (
|
2017-11-10 14:34:04 -05:00
|
|
|
"bytes"
|
2017-08-24 18:45:20 -04:00
|
|
|
"encoding/json"
|
2022-02-25 08:33:57 -05:00
|
|
|
"io"
|
2018-02-27 10:54:36 -05:00
|
|
|
"runtime"
|
2017-08-24 18:45:20 -04:00
|
|
|
"testing"
|
|
|
|
|
|
|
|
|
|
"github.com/docker/cli/cli/config"
|
|
|
|
|
"github.com/docker/cli/cli/trust"
|
|
|
|
|
"github.com/docker/cli/internal/test"
|
2018-03-08 08:35:17 -05:00
|
|
|
notaryfake "github.com/docker/cli/internal/test/notary"
|
2017-10-30 12:21:41 -04:00
|
|
|
"github.com/theupdateframework/notary"
|
|
|
|
|
"github.com/theupdateframework/notary/client"
|
|
|
|
|
"github.com/theupdateframework/notary/client/changelist"
|
|
|
|
|
"github.com/theupdateframework/notary/passphrase"
|
|
|
|
|
"github.com/theupdateframework/notary/trustpinning"
|
|
|
|
|
"github.com/theupdateframework/notary/tuf/data"
|
2020-02-22 12:12:14 -05:00
|
|
|
"gotest.tools/v3/assert"
|
|
|
|
|
is "gotest.tools/v3/assert/cmp"
|
|
|
|
|
"gotest.tools/v3/skip"
|
2017-08-24 18:45:20 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const passwd = "password"
|
|
|
|
|
|
2017-08-25 17:49:40 -04:00
|
|
|
func TestTrustSignCommandErrors(t *testing.T) {
|
2017-08-24 18:45:20 -04:00
|
|
|
testCases := []struct {
|
|
|
|
|
name string
|
|
|
|
|
args []string
|
|
|
|
|
expectedError string
|
|
|
|
|
}{
|
|
|
|
|
{
|
|
|
|
|
name: "not-enough-args",
|
2024-07-04 20:49:31 -04:00
|
|
|
expectedError: "requires 1 argument",
|
2017-08-24 18:45:20 -04:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
name: "too-many-args",
|
|
|
|
|
args: []string{"image", "tag"},
|
2024-07-04 20:49:31 -04:00
|
|
|
expectedError: "requires 1 argument",
|
2017-08-24 18:45:20 -04:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
name: "sha-reference",
|
|
|
|
|
args: []string{"870d292919d01a0af7e7f056271dc78792c05f55f49b9b9012b6d89725bd9abd"},
|
|
|
|
|
expectedError: "invalid repository name",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
name: "invalid-img-reference",
|
|
|
|
|
args: []string{"ALPINE:latest"},
|
|
|
|
|
expectedError: "invalid reference format",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
name: "no-tag",
|
2017-09-13 12:50:37 -04:00
|
|
|
args: []string{"reg/img"},
|
linting: ST1005: error strings should not be capitalized (stylecheck)
While fixing, also updated errors without placeholders to `errors.New()`, and
updated some code to use pkg/errors if it was already in use in the file.
cli/command/config/inspect.go:59:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/node/inspect.go:61:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/secret/inspect.go:57:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/trust/common.go:77:74: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signatures or cannot access %s", remote)
^
cli/command/trust/common.go:85:73: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signers for %s", remote)
^
cli/command/trust/sign.go:137:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("No tag specified for %s", imgRefAndAuth.Name())
^
cli/command/trust/sign.go:151:19: ST1005: error strings should not be capitalized (stylecheck)
return *target, fmt.Errorf("No tag specified")
^
cli/command/trust/signer_add.go:77:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Failed to add signer to: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:52:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Error removing signer from: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:67:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("All signed tags are currently revoked, use docker trust sign to fix")
^
cli/command/trust/signer_remove.go:108:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("No signer %s for repository %s", signerName, repoName)
^
opts/hosts.go:89:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", addr)
^
opts/hosts.go:100:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected %s: %s", proto, addr)
^
opts/hosts.go:119:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected tcp: %s", tryAddr)
^
opts/hosts.go:144:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
opts/hosts.go:155:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-02 18:04:53 -04:00
|
|
|
expectedError: "no tag specified for reg/img",
|
2017-08-24 18:45:20 -04:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
name: "digest-reference",
|
|
|
|
|
args: []string{"ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2"},
|
|
|
|
|
expectedError: "cannot use a digest reference for IMAGE:TAG",
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
// change to a tmpdir
|
2022-02-25 08:33:57 -05:00
|
|
|
config.SetDir(t.TempDir())
|
2017-08-24 18:45:20 -04:00
|
|
|
for _, tc := range testCases {
|
|
|
|
|
cmd := newSignCommand(
|
|
|
|
|
test.NewFakeCli(&fakeClient{}))
|
|
|
|
|
cmd.SetArgs(tc.args)
|
2022-02-25 08:33:57 -05:00
|
|
|
cmd.SetOut(io.Discard)
|
test spring-cleaning
This makes a quick pass through our tests;
Discard output/err
----------------------------------------------
Many tests were testing for error-conditions, but didn't discard output.
This produced a lot of noise when running the tests, and made it hard
to discover if there were actual failures, or if the output was expected.
For example:
=== RUN TestConfigCreateErrors
Error: "create" requires exactly 2 arguments.
See 'create --help'.
Usage: create [OPTIONS] CONFIG file|- [flags]
Create a config from a file or STDIN
Error: "create" requires exactly 2 arguments.
See 'create --help'.
Usage: create [OPTIONS] CONFIG file|- [flags]
Create a config from a file or STDIN
Error: error creating config
--- PASS: TestConfigCreateErrors (0.00s)
And after discarding output:
=== RUN TestConfigCreateErrors
--- PASS: TestConfigCreateErrors (0.00s)
Use sub-tests where possible
----------------------------------------------
Some tests were already set-up to use test-tables, and even had a usable
name (or in some cases "error" to check for). Change them to actual sub-
tests. Same test as above, but now with sub-tests and output discarded:
=== RUN TestConfigCreateErrors
=== RUN TestConfigCreateErrors/requires_exactly_2_arguments
=== RUN TestConfigCreateErrors/requires_exactly_2_arguments#01
=== RUN TestConfigCreateErrors/error_creating_config
--- PASS: TestConfigCreateErrors (0.00s)
--- PASS: TestConfigCreateErrors/requires_exactly_2_arguments (0.00s)
--- PASS: TestConfigCreateErrors/requires_exactly_2_arguments#01 (0.00s)
--- PASS: TestConfigCreateErrors/error_creating_config (0.00s)
PASS
It's not perfect in all cases (in the above, there's duplicate "expected"
errors, but Go conveniently adds "#01" for the duplicate). There's probably
also various tests I missed that could still use the same changes applied;
we can improve these in follow-ups.
Set cmd.Args to prevent test-failures
----------------------------------------------
When running tests from my IDE, it compiles the tests before running,
then executes the compiled binary to run the tests. Cobra doesn't like
that, because in that situation `os.Args` is taken as argument for the
command that's executed. The command that's tested now sees the test-
flags as arguments (`-test.v -test.run ..`), which causes various tests
to fail ("Command XYZ does not accept arguments").
# compile the tests:
go test -c -o foo.test
# execute the test:
./foo.test -test.v -test.run TestFoo
=== RUN TestFoo
Error: "foo" accepts no arguments.
The Cobra maintainers ran into the same situation, and for their own
use have added a special case to ignore `os.Args` in these cases;
https://github.com/spf13/cobra/blob/v1.8.1/command.go#L1078-L1083
args := c.args
// Workaround FAIL with "go test -v" or "cobra.test -test.v", see #155
if c.args == nil && filepath.Base(os.Args[0]) != "cobra.test" {
args = os.Args[1:]
}
Unfortunately, that exception is too specific (only checks for `cobra.test`),
so doesn't automatically fix the issue for other test-binaries. They did
provide a `cmd.SetArgs()` utility for this purpose
https://github.com/spf13/cobra/blob/v1.8.1/command.go#L276-L280
// SetArgs sets arguments for the command. It is set to os.Args[1:] by default, if desired, can be overridden
// particularly useful when testing.
func (c *Command) SetArgs(a []string) {
c.args = a
}
And the fix is to explicitly set the command's args to an empty slice to
prevent Cobra from falling back to using `os.Args[1:]` as arguments.
cmd := newSomeThingCommand()
cmd.SetArgs([]string{})
Some tests already take this issue into account, and I updated some tests
for this, but there's likely many other ones that can use the same treatment.
Perhaps the Cobra maintainers would accept a contribution to make their
condition less specific and to look for binaries ending with a `.test`
suffix (which is what compiled binaries usually are named as).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-07-03 19:29:04 -04:00
|
|
|
cmd.SetErr(io.Discard)
|
2018-03-06 14:03:47 -05:00
|
|
|
assert.ErrorContains(t, cmd.Execute(), tc.expectedError)
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-13 12:50:37 -04:00
|
|
|
func TestTrustSignCommandOfflineErrors(t *testing.T) {
|
2017-09-14 16:16:54 -04:00
|
|
|
cli := test.NewFakeCli(&fakeClient{})
|
2018-03-08 08:35:17 -05:00
|
|
|
cli.SetNotaryClient(notaryfake.GetOfflineNotaryRepository)
|
2017-09-13 12:50:37 -04:00
|
|
|
cmd := newSignCommand(cli)
|
|
|
|
|
cmd.SetArgs([]string{"reg-name.io/image:tag"})
|
2022-02-25 08:33:57 -05:00
|
|
|
cmd.SetOut(io.Discard)
|
test spring-cleaning
This makes a quick pass through our tests;
Discard output/err
----------------------------------------------
Many tests were testing for error-conditions, but didn't discard output.
This produced a lot of noise when running the tests, and made it hard
to discover if there were actual failures, or if the output was expected.
For example:
=== RUN TestConfigCreateErrors
Error: "create" requires exactly 2 arguments.
See 'create --help'.
Usage: create [OPTIONS] CONFIG file|- [flags]
Create a config from a file or STDIN
Error: "create" requires exactly 2 arguments.
See 'create --help'.
Usage: create [OPTIONS] CONFIG file|- [flags]
Create a config from a file or STDIN
Error: error creating config
--- PASS: TestConfigCreateErrors (0.00s)
And after discarding output:
=== RUN TestConfigCreateErrors
--- PASS: TestConfigCreateErrors (0.00s)
Use sub-tests where possible
----------------------------------------------
Some tests were already set-up to use test-tables, and even had a usable
name (or in some cases "error" to check for). Change them to actual sub-
tests. Same test as above, but now with sub-tests and output discarded:
=== RUN TestConfigCreateErrors
=== RUN TestConfigCreateErrors/requires_exactly_2_arguments
=== RUN TestConfigCreateErrors/requires_exactly_2_arguments#01
=== RUN TestConfigCreateErrors/error_creating_config
--- PASS: TestConfigCreateErrors (0.00s)
--- PASS: TestConfigCreateErrors/requires_exactly_2_arguments (0.00s)
--- PASS: TestConfigCreateErrors/requires_exactly_2_arguments#01 (0.00s)
--- PASS: TestConfigCreateErrors/error_creating_config (0.00s)
PASS
It's not perfect in all cases (in the above, there's duplicate "expected"
errors, but Go conveniently adds "#01" for the duplicate). There's probably
also various tests I missed that could still use the same changes applied;
we can improve these in follow-ups.
Set cmd.Args to prevent test-failures
----------------------------------------------
When running tests from my IDE, it compiles the tests before running,
then executes the compiled binary to run the tests. Cobra doesn't like
that, because in that situation `os.Args` is taken as argument for the
command that's executed. The command that's tested now sees the test-
flags as arguments (`-test.v -test.run ..`), which causes various tests
to fail ("Command XYZ does not accept arguments").
# compile the tests:
go test -c -o foo.test
# execute the test:
./foo.test -test.v -test.run TestFoo
=== RUN TestFoo
Error: "foo" accepts no arguments.
The Cobra maintainers ran into the same situation, and for their own
use have added a special case to ignore `os.Args` in these cases;
https://github.com/spf13/cobra/blob/v1.8.1/command.go#L1078-L1083
args := c.args
// Workaround FAIL with "go test -v" or "cobra.test -test.v", see #155
if c.args == nil && filepath.Base(os.Args[0]) != "cobra.test" {
args = os.Args[1:]
}
Unfortunately, that exception is too specific (only checks for `cobra.test`),
so doesn't automatically fix the issue for other test-binaries. They did
provide a `cmd.SetArgs()` utility for this purpose
https://github.com/spf13/cobra/blob/v1.8.1/command.go#L276-L280
// SetArgs sets arguments for the command. It is set to os.Args[1:] by default, if desired, can be overridden
// particularly useful when testing.
func (c *Command) SetArgs(a []string) {
c.args = a
}
And the fix is to explicitly set the command's args to an empty slice to
prevent Cobra from falling back to using `os.Args[1:]` as arguments.
cmd := newSomeThingCommand()
cmd.SetArgs([]string{})
Some tests already take this issue into account, and I updated some tests
for this, but there's likely many other ones that can use the same treatment.
Perhaps the Cobra maintainers would accept a contribution to make their
condition less specific and to look for binaries ending with a `.test`
suffix (which is what compiled binaries usually are named as).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-07-03 19:29:04 -04:00
|
|
|
cmd.SetErr(io.Discard)
|
2017-12-21 16:27:57 -05:00
|
|
|
assert.ErrorContains(t, cmd.Execute(), "client is offline")
|
2017-09-13 12:50:37 -04:00
|
|
|
}
|
|
|
|
|
|
2017-08-24 18:45:20 -04:00
|
|
|
func TestGetOrGenerateNotaryKey(t *testing.T) {
|
2022-02-25 08:33:57 -05:00
|
|
|
notaryRepo, err := client.NewFileCachedRepository(t.TempDir(), "gun", "https://localhost", nil, passphrase.ConstantRetriever(passwd), trustpinning.TrustPinConfig{})
|
2018-03-06 14:44:13 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
// repo is empty, try making a root key
|
|
|
|
|
rootKeyA, err := getOrGenerateNotaryKey(notaryRepo, data.CanonicalRootRole)
|
2018-03-06 14:44:13 -05:00
|
|
|
assert.NilError(t, err)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, rootKeyA != nil)
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
// we should only have one newly generated key
|
2017-09-11 17:07:00 -04:00
|
|
|
allKeys := notaryRepo.GetCryptoService().ListAllKeys()
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.Len(allKeys, 1))
|
|
|
|
|
assert.Check(t, notaryRepo.GetCryptoService().GetKey(rootKeyA.ID()) != nil)
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
// this time we should get back the same key if we ask for another root key
|
|
|
|
|
rootKeyB, err := getOrGenerateNotaryKey(notaryRepo, data.CanonicalRootRole)
|
2018-03-06 14:44:13 -05:00
|
|
|
assert.NilError(t, err)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, rootKeyB != nil)
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
// we should only have one newly generated key
|
2017-09-11 17:07:00 -04:00
|
|
|
allKeys = notaryRepo.GetCryptoService().ListAllKeys()
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.Len(allKeys, 1))
|
|
|
|
|
assert.Check(t, notaryRepo.GetCryptoService().GetKey(rootKeyB.ID()) != nil)
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
// The key we retrieved should be identical to the one we generated
|
2017-12-21 16:27:57 -05:00
|
|
|
assert.Check(t, is.DeepEqual(rootKeyA.Public(), rootKeyB.Public()))
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
// Now also try with a delegation key
|
2019-04-02 10:21:48 -04:00
|
|
|
releasesKey, err := getOrGenerateNotaryKey(notaryRepo, trust.ReleasesRole)
|
2018-03-06 14:44:13 -05:00
|
|
|
assert.NilError(t, err)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, releasesKey != nil)
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
// we should now have two keys
|
2017-09-11 17:07:00 -04:00
|
|
|
allKeys = notaryRepo.GetCryptoService().ListAllKeys()
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.Len(allKeys, 2))
|
|
|
|
|
assert.Check(t, notaryRepo.GetCryptoService().GetKey(releasesKey.ID()) != nil)
|
2017-08-24 18:45:20 -04:00
|
|
|
// The key we retrieved should be identical to the one we generated
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, releasesKey != rootKeyA)
|
|
|
|
|
assert.Check(t, releasesKey != rootKeyB)
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestAddStageSigners(t *testing.T) {
|
2018-02-27 10:54:36 -05:00
|
|
|
skip.If(t, runtime.GOOS == "windows", "FIXME: not supported currently")
|
2017-08-24 18:45:20 -04:00
|
|
|
|
2022-02-25 08:33:57 -05:00
|
|
|
notaryRepo, err := client.NewFileCachedRepository(t.TempDir(), "gun", "https://localhost", nil, passphrase.ConstantRetriever(passwd), trustpinning.TrustPinConfig{})
|
2018-03-06 14:44:13 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
// stage targets/user
|
|
|
|
|
userRole := data.RoleName("targets/user")
|
|
|
|
|
userKey := data.NewPublicKey("algoA", []byte("a"))
|
2017-10-10 13:16:01 -04:00
|
|
|
err = addStagedSigner(notaryRepo, userRole, []data.PublicKey{userKey})
|
2018-03-06 14:44:13 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:45:20 -04:00
|
|
|
// check the changelist for four total changes: two on targets/releases and two on targets/user
|
|
|
|
|
cl, err := notaryRepo.GetChangelist()
|
2018-03-06 14:44:13 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:45:20 -04:00
|
|
|
changeList := cl.List()
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.Len(changeList, 4))
|
2018-09-07 01:25:58 -04:00
|
|
|
// ordering is deterministic:
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
// first change is for targets/user key creation
|
|
|
|
|
newSignerKeyChange := changeList[0]
|
|
|
|
|
expectedJSON, err := json.Marshal(&changelist.TUFDelegation{
|
|
|
|
|
NewThreshold: notary.MinThreshold,
|
|
|
|
|
AddKeys: data.KeyList([]data.PublicKey{userKey}),
|
|
|
|
|
})
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:45:20 -04:00
|
|
|
expectedChange := changelist.NewTUFChange(
|
|
|
|
|
changelist.ActionCreate,
|
|
|
|
|
userRole,
|
|
|
|
|
changelist.TypeTargetsDelegation,
|
|
|
|
|
"", // no path for delegations
|
|
|
|
|
expectedJSON,
|
|
|
|
|
)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.DeepEqual(expectedChange, newSignerKeyChange))
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
// second change is for targets/user getting all paths
|
|
|
|
|
newSignerPathsChange := changeList[1]
|
|
|
|
|
expectedJSON, err = json.Marshal(&changelist.TUFDelegation{
|
|
|
|
|
AddPaths: []string{""},
|
|
|
|
|
})
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:45:20 -04:00
|
|
|
expectedChange = changelist.NewTUFChange(
|
|
|
|
|
changelist.ActionCreate,
|
|
|
|
|
userRole,
|
|
|
|
|
changelist.TypeTargetsDelegation,
|
|
|
|
|
"", // no path for delegations
|
|
|
|
|
expectedJSON,
|
|
|
|
|
)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.DeepEqual(expectedChange, newSignerPathsChange))
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
releasesRole := data.RoleName("targets/releases")
|
|
|
|
|
|
|
|
|
|
// third change is for targets/releases key creation
|
|
|
|
|
releasesKeyChange := changeList[2]
|
|
|
|
|
expectedJSON, err = json.Marshal(&changelist.TUFDelegation{
|
|
|
|
|
NewThreshold: notary.MinThreshold,
|
|
|
|
|
AddKeys: data.KeyList([]data.PublicKey{userKey}),
|
|
|
|
|
})
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:45:20 -04:00
|
|
|
expectedChange = changelist.NewTUFChange(
|
|
|
|
|
changelist.ActionCreate,
|
|
|
|
|
releasesRole,
|
|
|
|
|
changelist.TypeTargetsDelegation,
|
|
|
|
|
"", // no path for delegations
|
|
|
|
|
expectedJSON,
|
|
|
|
|
)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.DeepEqual(expectedChange, releasesKeyChange))
|
2017-08-24 18:45:20 -04:00
|
|
|
|
|
|
|
|
// fourth change is for targets/releases getting all paths
|
|
|
|
|
releasesPathsChange := changeList[3]
|
|
|
|
|
expectedJSON, err = json.Marshal(&changelist.TUFDelegation{
|
|
|
|
|
AddPaths: []string{""},
|
|
|
|
|
})
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:45:20 -04:00
|
|
|
expectedChange = changelist.NewTUFChange(
|
|
|
|
|
changelist.ActionCreate,
|
|
|
|
|
releasesRole,
|
|
|
|
|
changelist.TypeTargetsDelegation,
|
|
|
|
|
"", // no path for delegations
|
|
|
|
|
expectedJSON,
|
|
|
|
|
)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.DeepEqual(expectedChange, releasesPathsChange))
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestGetSignedManifestHashAndSize(t *testing.T) {
|
2022-02-25 08:33:57 -05:00
|
|
|
notaryRepo, err := client.NewFileCachedRepository(t.TempDir(), "gun", "https://localhost", nil, passphrase.ConstantRetriever(passwd), trustpinning.TrustPinConfig{})
|
2018-03-06 14:44:13 -05:00
|
|
|
assert.NilError(t, err)
|
2023-11-20 09:59:39 -05:00
|
|
|
_, _, err = getSignedManifestHashAndSize(notaryRepo, "test")
|
2018-03-06 15:54:24 -05:00
|
|
|
assert.Error(t, err, "client is offline")
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestGetReleasedTargetHashAndSize(t *testing.T) {
|
|
|
|
|
oneReleasedTgt := []client.TargetSignedStruct{}
|
|
|
|
|
// make and append 3 non-released signatures on the "unreleased" target
|
|
|
|
|
unreleasedTgt := client.Target{Name: "unreleased", Hashes: data.Hashes{notary.SHA256: []byte("hash")}}
|
|
|
|
|
for _, unreleasedRole := range []string{"targets/a", "targets/b", "targets/c"} {
|
|
|
|
|
oneReleasedTgt = append(oneReleasedTgt, client.TargetSignedStruct{Role: mockDelegationRoleWithName(unreleasedRole), Target: unreleasedTgt})
|
|
|
|
|
}
|
|
|
|
|
_, _, err := getReleasedTargetHashAndSize(oneReleasedTgt, "unreleased")
|
2018-03-06 15:54:24 -05:00
|
|
|
assert.Error(t, err, "No valid trust data for unreleased")
|
2017-08-24 18:45:20 -04:00
|
|
|
releasedTgt := client.Target{Name: "released", Hashes: data.Hashes{notary.SHA256: []byte("released-hash")}}
|
|
|
|
|
oneReleasedTgt = append(oneReleasedTgt, client.TargetSignedStruct{Role: mockDelegationRoleWithName("targets/releases"), Target: releasedTgt})
|
|
|
|
|
hash, _, _ := getReleasedTargetHashAndSize(oneReleasedTgt, "unreleased")
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.DeepEqual(data.Hashes{notary.SHA256: []byte("released-hash")}, hash))
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestCreateTarget(t *testing.T) {
|
2022-02-25 08:33:57 -05:00
|
|
|
notaryRepo, err := client.NewFileCachedRepository(t.TempDir(), "gun", "https://localhost", nil, passphrase.ConstantRetriever(passwd), trustpinning.TrustPinConfig{})
|
2018-03-06 14:44:13 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:45:20 -04:00
|
|
|
_, err = createTarget(notaryRepo, "")
|
linting: ST1005: error strings should not be capitalized (stylecheck)
While fixing, also updated errors without placeholders to `errors.New()`, and
updated some code to use pkg/errors if it was already in use in the file.
cli/command/config/inspect.go:59:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/node/inspect.go:61:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/secret/inspect.go:57:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/trust/common.go:77:74: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signatures or cannot access %s", remote)
^
cli/command/trust/common.go:85:73: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signers for %s", remote)
^
cli/command/trust/sign.go:137:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("No tag specified for %s", imgRefAndAuth.Name())
^
cli/command/trust/sign.go:151:19: ST1005: error strings should not be capitalized (stylecheck)
return *target, fmt.Errorf("No tag specified")
^
cli/command/trust/signer_add.go:77:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Failed to add signer to: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:52:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Error removing signer from: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:67:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("All signed tags are currently revoked, use docker trust sign to fix")
^
cli/command/trust/signer_remove.go:108:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("No signer %s for repository %s", signerName, repoName)
^
opts/hosts.go:89:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", addr)
^
opts/hosts.go:100:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected %s: %s", proto, addr)
^
opts/hosts.go:119:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected tcp: %s", tryAddr)
^
opts/hosts.go:144:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
opts/hosts.go:155:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-02 18:04:53 -04:00
|
|
|
assert.Error(t, err, "no tag specified")
|
2017-08-24 18:45:20 -04:00
|
|
|
_, err = createTarget(notaryRepo, "1")
|
2018-03-06 15:54:24 -05:00
|
|
|
assert.Error(t, err, "client is offline")
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestGetExistingSignatureInfoForReleasedTag(t *testing.T) {
|
2022-02-25 08:33:57 -05:00
|
|
|
notaryRepo, err := client.NewFileCachedRepository(t.TempDir(), "gun", "https://localhost", nil, passphrase.ConstantRetriever(passwd), trustpinning.TrustPinConfig{})
|
2018-03-06 14:44:13 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:45:20 -04:00
|
|
|
_, err = getExistingSignatureInfoForReleasedTag(notaryRepo, "test")
|
2018-03-06 15:54:24 -05:00
|
|
|
assert.Error(t, err, "client is offline")
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestPrettyPrintExistingSignatureInfo(t *testing.T) {
|
2017-09-26 12:53:21 -04:00
|
|
|
buf := bytes.NewBuffer(nil)
|
2017-08-24 18:45:20 -04:00
|
|
|
signers := []string{"Bob", "Alice", "Carol"}
|
|
|
|
|
existingSig := trustTagRow{trustTagKey{"tagName", "abc123"}, signers}
|
2017-09-26 12:53:21 -04:00
|
|
|
prettyPrintExistingSignatureInfo(buf, existingSig)
|
2017-08-24 18:45:20 -04:00
|
|
|
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.Contains(buf.String(), "Existing signatures for tag tagName digest abc123 from:\nAlice, Bob, Carol"))
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
|
|
|
|
|
2017-09-26 12:33:35 -04:00
|
|
|
func TestSignCommandChangeListIsCleanedOnError(t *testing.T) {
|
2022-02-25 08:33:57 -05:00
|
|
|
tmpDir := t.TempDir()
|
2017-09-26 12:33:35 -04:00
|
|
|
|
2017-08-24 18:45:20 -04:00
|
|
|
config.SetDir(tmpDir)
|
2017-09-26 12:33:35 -04:00
|
|
|
cli := test.NewFakeCli(&fakeClient{})
|
2018-03-08 08:35:17 -05:00
|
|
|
cli.SetNotaryClient(notaryfake.GetLoadedNotaryRepository)
|
2017-09-26 12:33:35 -04:00
|
|
|
cmd := newSignCommand(cli)
|
2017-08-24 18:45:20 -04:00
|
|
|
cmd.SetArgs([]string{"ubuntu:latest"})
|
2022-02-25 08:33:57 -05:00
|
|
|
cmd.SetOut(io.Discard)
|
test spring-cleaning
This makes a quick pass through our tests;
Discard output/err
----------------------------------------------
Many tests were testing for error-conditions, but didn't discard output.
This produced a lot of noise when running the tests, and made it hard
to discover if there were actual failures, or if the output was expected.
For example:
=== RUN TestConfigCreateErrors
Error: "create" requires exactly 2 arguments.
See 'create --help'.
Usage: create [OPTIONS] CONFIG file|- [flags]
Create a config from a file or STDIN
Error: "create" requires exactly 2 arguments.
See 'create --help'.
Usage: create [OPTIONS] CONFIG file|- [flags]
Create a config from a file or STDIN
Error: error creating config
--- PASS: TestConfigCreateErrors (0.00s)
And after discarding output:
=== RUN TestConfigCreateErrors
--- PASS: TestConfigCreateErrors (0.00s)
Use sub-tests where possible
----------------------------------------------
Some tests were already set-up to use test-tables, and even had a usable
name (or in some cases "error" to check for). Change them to actual sub-
tests. Same test as above, but now with sub-tests and output discarded:
=== RUN TestConfigCreateErrors
=== RUN TestConfigCreateErrors/requires_exactly_2_arguments
=== RUN TestConfigCreateErrors/requires_exactly_2_arguments#01
=== RUN TestConfigCreateErrors/error_creating_config
--- PASS: TestConfigCreateErrors (0.00s)
--- PASS: TestConfigCreateErrors/requires_exactly_2_arguments (0.00s)
--- PASS: TestConfigCreateErrors/requires_exactly_2_arguments#01 (0.00s)
--- PASS: TestConfigCreateErrors/error_creating_config (0.00s)
PASS
It's not perfect in all cases (in the above, there's duplicate "expected"
errors, but Go conveniently adds "#01" for the duplicate). There's probably
also various tests I missed that could still use the same changes applied;
we can improve these in follow-ups.
Set cmd.Args to prevent test-failures
----------------------------------------------
When running tests from my IDE, it compiles the tests before running,
then executes the compiled binary to run the tests. Cobra doesn't like
that, because in that situation `os.Args` is taken as argument for the
command that's executed. The command that's tested now sees the test-
flags as arguments (`-test.v -test.run ..`), which causes various tests
to fail ("Command XYZ does not accept arguments").
# compile the tests:
go test -c -o foo.test
# execute the test:
./foo.test -test.v -test.run TestFoo
=== RUN TestFoo
Error: "foo" accepts no arguments.
The Cobra maintainers ran into the same situation, and for their own
use have added a special case to ignore `os.Args` in these cases;
https://github.com/spf13/cobra/blob/v1.8.1/command.go#L1078-L1083
args := c.args
// Workaround FAIL with "go test -v" or "cobra.test -test.v", see #155
if c.args == nil && filepath.Base(os.Args[0]) != "cobra.test" {
args = os.Args[1:]
}
Unfortunately, that exception is too specific (only checks for `cobra.test`),
so doesn't automatically fix the issue for other test-binaries. They did
provide a `cmd.SetArgs()` utility for this purpose
https://github.com/spf13/cobra/blob/v1.8.1/command.go#L276-L280
// SetArgs sets arguments for the command. It is set to os.Args[1:] by default, if desired, can be overridden
// particularly useful when testing.
func (c *Command) SetArgs(a []string) {
c.args = a
}
And the fix is to explicitly set the command's args to an empty slice to
prevent Cobra from falling back to using `os.Args[1:]` as arguments.
cmd := newSomeThingCommand()
cmd.SetArgs([]string{})
Some tests already take this issue into account, and I updated some tests
for this, but there's likely many other ones that can use the same treatment.
Perhaps the Cobra maintainers would accept a contribution to make their
condition less specific and to look for binaries ending with a `.test`
suffix (which is what compiled binaries usually are named as).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-07-03 19:29:04 -04:00
|
|
|
cmd.SetErr(io.Discard)
|
2017-09-26 12:33:35 -04:00
|
|
|
|
2022-02-25 08:33:57 -05:00
|
|
|
err := cmd.Execute()
|
2018-03-06 15:49:00 -05:00
|
|
|
assert.Assert(t, err != nil)
|
2017-09-26 12:33:35 -04:00
|
|
|
|
2017-09-11 17:07:00 -04:00
|
|
|
notaryRepo, err := client.NewFileCachedRepository(tmpDir, "docker.io/library/ubuntu", "https://localhost", nil, passphrase.ConstantRetriever(passwd), trustpinning.TrustPinConfig{})
|
2018-03-06 14:44:13 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:45:20 -04:00
|
|
|
cl, err := notaryRepo.GetChangelist()
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.NilError(t, err)
|
|
|
|
|
assert.Check(t, is.Equal(len(cl.List()), 0))
|
2017-08-24 18:45:20 -04:00
|
|
|
}
|
2017-09-29 12:51:45 -04:00
|
|
|
|
|
|
|
|
func TestSignCommandLocalFlag(t *testing.T) {
|
|
|
|
|
cli := test.NewFakeCli(&fakeClient{})
|
2018-03-08 08:35:17 -05:00
|
|
|
cli.SetNotaryClient(notaryfake.GetEmptyTargetsNotaryRepository)
|
2017-09-29 12:51:45 -04:00
|
|
|
cmd := newSignCommand(cli)
|
|
|
|
|
cmd.SetArgs([]string{"--local", "reg-name.io/image:red"})
|
2022-02-25 08:33:57 -05:00
|
|
|
cmd.SetOut(io.Discard)
|
test spring-cleaning
This makes a quick pass through our tests;
Discard output/err
----------------------------------------------
Many tests were testing for error-conditions, but didn't discard output.
This produced a lot of noise when running the tests, and made it hard
to discover if there were actual failures, or if the output was expected.
For example:
=== RUN TestConfigCreateErrors
Error: "create" requires exactly 2 arguments.
See 'create --help'.
Usage: create [OPTIONS] CONFIG file|- [flags]
Create a config from a file or STDIN
Error: "create" requires exactly 2 arguments.
See 'create --help'.
Usage: create [OPTIONS] CONFIG file|- [flags]
Create a config from a file or STDIN
Error: error creating config
--- PASS: TestConfigCreateErrors (0.00s)
And after discarding output:
=== RUN TestConfigCreateErrors
--- PASS: TestConfigCreateErrors (0.00s)
Use sub-tests where possible
----------------------------------------------
Some tests were already set-up to use test-tables, and even had a usable
name (or in some cases "error" to check for). Change them to actual sub-
tests. Same test as above, but now with sub-tests and output discarded:
=== RUN TestConfigCreateErrors
=== RUN TestConfigCreateErrors/requires_exactly_2_arguments
=== RUN TestConfigCreateErrors/requires_exactly_2_arguments#01
=== RUN TestConfigCreateErrors/error_creating_config
--- PASS: TestConfigCreateErrors (0.00s)
--- PASS: TestConfigCreateErrors/requires_exactly_2_arguments (0.00s)
--- PASS: TestConfigCreateErrors/requires_exactly_2_arguments#01 (0.00s)
--- PASS: TestConfigCreateErrors/error_creating_config (0.00s)
PASS
It's not perfect in all cases (in the above, there's duplicate "expected"
errors, but Go conveniently adds "#01" for the duplicate). There's probably
also various tests I missed that could still use the same changes applied;
we can improve these in follow-ups.
Set cmd.Args to prevent test-failures
----------------------------------------------
When running tests from my IDE, it compiles the tests before running,
then executes the compiled binary to run the tests. Cobra doesn't like
that, because in that situation `os.Args` is taken as argument for the
command that's executed. The command that's tested now sees the test-
flags as arguments (`-test.v -test.run ..`), which causes various tests
to fail ("Command XYZ does not accept arguments").
# compile the tests:
go test -c -o foo.test
# execute the test:
./foo.test -test.v -test.run TestFoo
=== RUN TestFoo
Error: "foo" accepts no arguments.
The Cobra maintainers ran into the same situation, and for their own
use have added a special case to ignore `os.Args` in these cases;
https://github.com/spf13/cobra/blob/v1.8.1/command.go#L1078-L1083
args := c.args
// Workaround FAIL with "go test -v" or "cobra.test -test.v", see #155
if c.args == nil && filepath.Base(os.Args[0]) != "cobra.test" {
args = os.Args[1:]
}
Unfortunately, that exception is too specific (only checks for `cobra.test`),
so doesn't automatically fix the issue for other test-binaries. They did
provide a `cmd.SetArgs()` utility for this purpose
https://github.com/spf13/cobra/blob/v1.8.1/command.go#L276-L280
// SetArgs sets arguments for the command. It is set to os.Args[1:] by default, if desired, can be overridden
// particularly useful when testing.
func (c *Command) SetArgs(a []string) {
c.args = a
}
And the fix is to explicitly set the command's args to an empty slice to
prevent Cobra from falling back to using `os.Args[1:]` as arguments.
cmd := newSomeThingCommand()
cmd.SetArgs([]string{})
Some tests already take this issue into account, and I updated some tests
for this, but there's likely many other ones that can use the same treatment.
Perhaps the Cobra maintainers would accept a contribution to make their
condition less specific and to look for binaries ending with a `.test`
suffix (which is what compiled binaries usually are named as).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-07-03 19:29:04 -04:00
|
|
|
cmd.SetErr(io.Discard)
|
2018-11-08 05:37:49 -05:00
|
|
|
assert.ErrorContains(t, cmd.Execute(), "error contacting notary server: dial tcp: lookup reg-name.io")
|
2017-09-29 12:51:45 -04:00
|
|
|
}
|
