mirror of
https://github.com/project-zot/zot.git
synced 2024-12-16 21:56:37 -05:00
77149aa85c
BREAKING CHANGE: The functionality provided by the mgmt endpoint has beed redesigned - see details below BREAKING CHANGE: The API keys endpoint has been moved - see details below BREAKING CHANGE: The mgmt extension config has been removed - endpoint is now enabled by having both the search and the ui extensions enabled BREAKING CHANGE: The API keys configuration has been moved from extensions to http>auth>apikey mgmt and imagetrust extensions: - separate the _zot/ext/mgmt into 3 separate endpoints: _zot/ext/auth, _zot/ext/notation, _zot/ext/cosign - signature verification logic is in a separate `imagetrust` extension - better hanling or errors in case of signature uploads: logging and error codes (more 400 and less 500 errors) - add authz on signature uploads (and add a new middleware in common for this purpose) - remove the mgmt extension configuration - it is now enabled if the UI and the search extensions are enabled userprefs estension: - userprefs are enabled if both search and ui extensions are enabled (as opposed to just search) apikey extension is removed and logic moved into the api folder - Move apikeys code out of pkg/extensions and into pkg/api - Remove apikey configuration options from the extensions configuration and move it inside the http auth section - remove the build label apikeys other changes: - move most of the logic adding handlers to the extensions endpoints out of routes.go and into the extensions files. - add warnings in case the users are still using configurations with the obsolete settings for mgmt and api keys - add a new function in the extension package which could be a single point of starting backgroud tasks for all extensions - more clear methods for verifying specific extensions are enabled - fix http methods paired with the UI handlers - rebuild swagger docs Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
53 lines
1.5 KiB
Go
53 lines
1.5 KiB
Go
//go:build !imagetrust
|
|
|
|
package extensions_test
|
|
|
|
import (
|
|
"os"
|
|
"testing"
|
|
|
|
. "github.com/smartystreets/goconvey/convey"
|
|
|
|
"zotregistry.io/zot/pkg/api"
|
|
"zotregistry.io/zot/pkg/api/config"
|
|
extconf "zotregistry.io/zot/pkg/extensions/config"
|
|
"zotregistry.io/zot/pkg/test"
|
|
)
|
|
|
|
func TestImageTrustExtension(t *testing.T) {
|
|
Convey("periodic signature verification is skipped when binary doesn't include imagetrust", t, func() {
|
|
conf := config.New()
|
|
port := test.GetFreePort()
|
|
|
|
globalDir := t.TempDir()
|
|
defaultValue := true
|
|
|
|
logFile, err := os.CreateTemp(globalDir, "zot-log*.txt")
|
|
So(err, ShouldBeNil)
|
|
defer os.Remove(logFile.Name())
|
|
|
|
conf.HTTP.Port = port
|
|
conf.Storage.RootDirectory = globalDir
|
|
conf.Storage.Commit = true
|
|
conf.Extensions = &extconf.ExtensionConfig{}
|
|
conf.Extensions.Trust = &extconf.ImageTrustConfig{}
|
|
conf.Extensions.Trust.Enable = &defaultValue
|
|
conf.Extensions.Trust.Cosign = defaultValue
|
|
conf.Extensions.Trust.Notation = defaultValue
|
|
conf.Log.Level = "warn"
|
|
conf.Log.Output = logFile.Name()
|
|
|
|
ctlr := api.NewController(conf)
|
|
ctlrManager := test.NewControllerManager(ctlr)
|
|
|
|
ctlrManager.StartAndWait(port)
|
|
defer ctlrManager.StopServer()
|
|
|
|
data, err := os.ReadFile(logFile.Name())
|
|
So(err, ShouldBeNil)
|
|
|
|
So(string(data), ShouldContainSubstring,
|
|
"skipping adding to the scheduler a generator for updating signatures validity because "+
|
|
"given binary doesn't include this feature, please build a binary that does so")
|
|
})
|
|
}
|