github/skopeo
1
0
Fork 0
mirror of https://github.com/containers/skopeo.git synced 2025-08-28 11:03:19 +00:00
Code Issues Projects Releases Wiki Activity

Update tests to work with the Sequoia c/image backend

Browse Source 
Currently, if a key is not found, the GPG mechanism reports
> Invalid GPG signature: {$GoStructDump}
while the Sequoia one reports
> $keyFingerprint was not found

Accept both.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This commit is contained in:
Miloslav Trmač 2025-07-07 23:47:10 +02:00
parent 32f5d3dc9a
commit 0a70844b33
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
integration/copy_test.go
View File

@ -776,9 +776,9 @@ func (s *copySuite) TestCopySignatures() {
// Verify that mis-signed images are rejected // Verify that mis-signed images are rejected
assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "atomic:localhost:5006/myns/personal:personal", "atomic:localhost:5006/myns/official:attack") assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "atomic:localhost:5006/myns/personal:personal", "atomic:localhost:5006/myns/official:attack")
assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "atomic:localhost:5006/myns/official:official", "atomic:localhost:5006/myns/personal:attack") assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "atomic:localhost:5006/myns/official:official", "atomic:localhost:5006/myns/personal:attack")
assertSkopeoFails(t, ".*Source image rejected: Invalid GPG signature.*", assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|.* was not found).*",
"--tls-verify=false", "--policy", policy, "copy", "atomic:localhost:5006/myns/personal:attack", dirDest) "--tls-verify=false", "--policy", policy, "copy", "atomic:localhost:5006/myns/personal:attack", dirDest)
assertSkopeoFails(t, ".*Source image rejected: Invalid GPG signature.*", assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|.* was not found).*",
"--tls-verify=false", "--policy", policy, "copy", "atomic:localhost:5006/myns/official:attack", dirDest) "--tls-verify=false", "--policy", policy, "copy", "atomic:localhost:5006/myns/official:attack", dirDest)
// Verify that signed identity is verified. // Verify that signed identity is verified.
@ -791,7 +791,7 @@ func (s *copySuite) TestCopySignatures() {
// Verify that cosigning requirements are enforced // Verify that cosigning requirements are enforced
assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "atomic:localhost:5006/myns/official:official", "atomic:localhost:5006/myns/cosigned:cosigned") assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "atomic:localhost:5006/myns/official:official", "atomic:localhost:5006/myns/cosigned:cosigned")
assertSkopeoFails(t, ".*Source image rejected: Invalid GPG signature.*", assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|.* was not found).*",
"--tls-verify=false", "--policy", policy, "copy", "atomic:localhost:5006/myns/cosigned:cosigned", dirDest) "--tls-verify=false", "--policy", policy, "copy", "atomic:localhost:5006/myns/cosigned:cosigned", dirDest)
assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "--sign-by", "personal@example.com", "atomic:localhost:5006/myns/official:official", "atomic:localhost:5006/myns/cosigned:cosigned") assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "--sign-by", "personal@example.com", "atomic:localhost:5006/myns/official:official", "atomic:localhost:5006/myns/cosigned:cosigned")
@ -836,7 +836,7 @@ func (s *copySuite) TestCopyDirSignatures() {
// Verify that correct images are accepted // Verify that correct images are accepted
assertSkopeoSucceeds(t, "", "--policy", policy, "copy", topDirDest+"/restricted/official", topDirDest+"/dest") assertSkopeoSucceeds(t, "", "--policy", policy, "copy", topDirDest+"/restricted/official", topDirDest+"/dest")
// ... and that mis-signed images are rejected. // ... and that mis-signed images are rejected.
assertSkopeoFails(t, ".*Source image rejected: Invalid GPG signature.*", assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|.* was not found).*",
"--policy", policy, "copy", topDirDest+"/restricted/personal", topDirDest+"/dest") "--policy", policy, "copy", topDirDest+"/restricted/personal", topDirDest+"/dest")
// Verify that the signed identity is verified. // Verify that the signed identity is verified.

2
systemtest/050-signing.bats
View File

@ -154,7 +154,7 @@ END_PUSH
fi fi
done <<END_TESTS done <<END_TESTS
/myns/alice:signed /myns/alice:signed
/myns/bob:signedbyalice Invalid GPG signature /myns/bob:signedbyalice (Invalid GPG signature|.* not found)
/myns/alice:unsigned Signature for identity \\\\\\\\"localhost:5000/myns/alice:signed\\\\\\\\" is not accepted /myns/alice:unsigned Signature for identity \\\\\\\\"localhost:5000/myns/alice:signed\\\\\\\\" is not accepted
/myns/carol:latest Running image docker://localhost:5000/myns/carol:latest is rejected by policy. /myns/carol:latest Running image docker://localhost:5000/myns/carol:latest is rejected by policy.
/open/forall:latest /open/forall:latest