From 0a70844b33e62fcd5986d9fa6afefb46ed28646b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= <mitr@redhat.com>
Date: Mon, 7 Jul 2025 23:47:10 +0200
Subject: [PATCH] Update tests to work with the Sequoia c/image backend
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Currently, if a key is not found, the GPG mechanism reports
> Invalid GPG signature: {$GoStructDump}
while the Sequoia one reports
> $keyFingerprint was not found

Accept both.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
---
 integration/copy_test.go    | 8 ++++----
 systemtest/050-signing.bats | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/integration/copy_test.go b/integration/copy_test.go
index 4eb5eb8d..e801cd1a 100644
--- a/integration/copy_test.go
+++ b/integration/copy_test.go
@@ -776,9 +776,9 @@ func (s *copySuite) TestCopySignatures() {
 	// Verify that mis-signed images are rejected
 	assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "atomic:localhost:5006/myns/personal:personal", "atomic:localhost:5006/myns/official:attack")
 	assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "atomic:localhost:5006/myns/official:official", "atomic:localhost:5006/myns/personal:attack")
-	assertSkopeoFails(t, ".*Source image rejected: Invalid GPG signature.*",
+	assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|.* was not found).*",
 		"--tls-verify=false", "--policy", policy, "copy", "atomic:localhost:5006/myns/personal:attack", dirDest)
-	assertSkopeoFails(t, ".*Source image rejected: Invalid GPG signature.*",
+	assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|.* was not found).*",
 		"--tls-verify=false", "--policy", policy, "copy", "atomic:localhost:5006/myns/official:attack", dirDest)
 
 	// Verify that signed identity is verified.
@@ -791,7 +791,7 @@ func (s *copySuite) TestCopySignatures() {
 
 	// Verify that cosigning requirements are enforced
 	assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "atomic:localhost:5006/myns/official:official", "atomic:localhost:5006/myns/cosigned:cosigned")
-	assertSkopeoFails(t, ".*Source image rejected: Invalid GPG signature.*",
+	assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|.* was not found).*",
 		"--tls-verify=false", "--policy", policy, "copy", "atomic:localhost:5006/myns/cosigned:cosigned", dirDest)
 
 	assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "--sign-by", "personal@example.com", "atomic:localhost:5006/myns/official:official", "atomic:localhost:5006/myns/cosigned:cosigned")
@@ -836,7 +836,7 @@ func (s *copySuite) TestCopyDirSignatures() {
 	// Verify that correct images are accepted
 	assertSkopeoSucceeds(t, "", "--policy", policy, "copy", topDirDest+"/restricted/official", topDirDest+"/dest")
 	// ... and that mis-signed images are rejected.
-	assertSkopeoFails(t, ".*Source image rejected: Invalid GPG signature.*",
+	assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|.* was not found).*",
 		"--policy", policy, "copy", topDirDest+"/restricted/personal", topDirDest+"/dest")
 
 	// Verify that the signed identity is verified.
diff --git a/systemtest/050-signing.bats b/systemtest/050-signing.bats
index 5d51b552..2f12cb9b 100644
--- a/systemtest/050-signing.bats
+++ b/systemtest/050-signing.bats
@@ -154,7 +154,7 @@ END_PUSH
         fi
     done <<END_TESTS
 /myns/alice:signed
-/myns/bob:signedbyalice    Invalid GPG signature
+/myns/bob:signedbyalice    (Invalid GPG signature|.* not found)
 /myns/alice:unsigned       Signature for identity \\\\\\\\"localhost:5000/myns/alice:signed\\\\\\\\" is not accepted
 /myns/carol:latest         Running image docker://localhost:5000/myns/carol:latest is rejected by policy.
 /open/forall:latest