2023-08-19 00:52:03 -05:00
|
|
|
//go:build !imagetrust
|
|
|
|
|
|
|
|
package imagetrust_test
|
|
|
|
|
|
|
|
import (
|
2023-09-08 02:03:58 -05:00
|
|
|
"encoding/json"
|
2023-08-19 00:52:03 -05:00
|
|
|
"os"
|
|
|
|
"path"
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
. "github.com/smartystreets/goconvey/convey"
|
|
|
|
|
|
|
|
"zotregistry.io/zot/pkg/extensions/imagetrust"
|
2023-09-27 13:34:48 -05:00
|
|
|
"zotregistry.io/zot/pkg/test/deprecated"
|
2023-08-19 00:52:03 -05:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestImageTrust(t *testing.T) {
|
|
|
|
Convey("binary doesn't include imagetrust", t, func() {
|
|
|
|
rootDir := t.TempDir()
|
|
|
|
|
|
|
|
cosignDir := path.Join(rootDir, "_cosign")
|
2023-09-08 02:03:58 -05:00
|
|
|
_, err := os.Stat(cosignDir)
|
2023-08-19 00:52:03 -05:00
|
|
|
So(os.IsNotExist(err), ShouldBeTrue)
|
|
|
|
|
|
|
|
notationDir := path.Join(rootDir, "_notation")
|
|
|
|
_, err = os.Stat(notationDir)
|
|
|
|
So(os.IsNotExist(err), ShouldBeTrue)
|
|
|
|
|
2023-09-08 02:03:58 -05:00
|
|
|
repo := "repo"
|
|
|
|
|
2023-09-27 13:34:48 -05:00
|
|
|
image, err := deprecated.GetRandomImage() //nolint:staticcheck
|
2023-09-08 02:03:58 -05:00
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
|
|
|
manifestContent, err := json.Marshal(image.Manifest)
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
|
|
|
manifestDigest := image.Digest()
|
|
|
|
|
|
|
|
localImgTrustStore, err := imagetrust.NewLocalImageTrustStore(rootDir)
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
|
|
|
author, expTime, ok, err := localImgTrustStore.VerifySignature("cosign",
|
|
|
|
[]byte(""), "", manifestDigest, manifestContent, repo,
|
|
|
|
)
|
|
|
|
So(author, ShouldBeEmpty)
|
|
|
|
So(expTime, ShouldBeZeroValue)
|
|
|
|
So(ok, ShouldBeFalse)
|
2023-08-19 00:52:03 -05:00
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
|
|
|
_, err = os.Stat(cosignDir)
|
|
|
|
So(os.IsNotExist(err), ShouldBeTrue)
|
2023-09-08 02:03:58 -05:00
|
|
|
|
2023-08-19 00:52:03 -05:00
|
|
|
_, err = os.Stat(notationDir)
|
|
|
|
So(os.IsNotExist(err), ShouldBeTrue)
|
|
|
|
|
2023-09-08 02:03:58 -05:00
|
|
|
cloudImgTrustStore, err := imagetrust.NewAWSImageTrustStore("region",
|
|
|
|
"endpoint",
|
|
|
|
)
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
|
|
|
author, expTime, ok, err = cloudImgTrustStore.VerifySignature("cosign",
|
|
|
|
[]byte(""), "", manifestDigest, manifestContent, repo,
|
|
|
|
)
|
2023-08-19 00:52:03 -05:00
|
|
|
So(author, ShouldBeEmpty)
|
|
|
|
So(expTime, ShouldBeZeroValue)
|
|
|
|
So(ok, ShouldBeFalse)
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
})
|
|
|
|
}
|