diff --git a/integration/copy_test.go b/integration/copy_test.go index 7b29a9e6..706b1393 100644 --- a/integration/copy_test.go +++ b/integration/copy_test.go @@ -780,10 +780,10 @@ func (s *copySuite) TestCopySignatures() { // Verify that mis-signed images are rejected assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "atomic:localhost:5006/myns/personal:personal", "atomic:localhost:5006/myns/official:attack") assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "atomic:localhost:5006/myns/official:official", "atomic:localhost:5006/myns/personal:attack") - // "Invalid GPG signature" is reported by the gpgme mechanism; "Missing key: $fingerprint" by Sequoia. - assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|Missing key:).*", + // "Invalid GPG signature" is reported by the gpgme mechanism; "Missing key: $fingerprint" or "Missing key $fingerprint" by Sequoia. + assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|Missing key).*", "--tls-verify=false", "--policy", policy, "copy", "atomic:localhost:5006/myns/personal:attack", dirDest) - assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|Missing key:).*", + assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|Missing key).*", "--tls-verify=false", "--policy", policy, "copy", "atomic:localhost:5006/myns/official:attack", dirDest) // Verify that signed identity is verified. @@ -796,8 +796,8 @@ func (s *copySuite) TestCopySignatures() { // Verify that cosigning requirements are enforced assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "atomic:localhost:5006/myns/official:official", "atomic:localhost:5006/myns/cosigned:cosigned") - // "Invalid GPG signature" is reported by the gpgme mechanism; "Missing key: $fingerprint" by Sequoia. - assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|Missing key:).*", + // "Invalid GPG signature" is reported by the gpgme mechanism; "Missing key: $fingerprint" or "Missing key $fingerprint" by Sequoia. + assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|Missing key).*", "--tls-verify=false", "--policy", policy, "copy", "atomic:localhost:5006/myns/cosigned:cosigned", dirDest) assertSkopeoSucceeds(t, "", "--tls-verify=false", "copy", "--sign-by", "personal@example.com", "atomic:localhost:5006/myns/official:official", "atomic:localhost:5006/myns/cosigned:cosigned") @@ -842,8 +842,8 @@ func (s *copySuite) TestCopyDirSignatures() { // Verify that correct images are accepted assertSkopeoSucceeds(t, "", "--policy", policy, "copy", topDirDest+"/restricted/official", topDirDest+"/dest") // ... and that mis-signed images are rejected. - // "Invalid GPG signature" is reported by the gpgme mechanism; "Missing key: $fingerprint" by Sequoia. - assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|Missing key:).*", + // "Invalid GPG signature" is reported by the gpgme mechanism; "Missing key: $fingerprint" or "Missing key $fingerprint" by Sequoia. + assertSkopeoFails(t, ".*Source image rejected: (Invalid GPG signature|Missing key).*", "--policy", policy, "copy", topDirDest+"/restricted/personal", topDirDest+"/dest") // Verify that the signed identity is verified. diff --git a/systemtest/050-signing.bats b/systemtest/050-signing.bats index 88c6cfaf..bcad8b72 100644 --- a/systemtest/050-signing.bats +++ b/systemtest/050-signing.bats @@ -137,7 +137,7 @@ END_PUSH # The table below lists the paths to fetch, and the expected errors (or # none, if we expect them to pass). # - # "Invalid GPG signature" is reported by the gpgme mechanism; "Missing key: $fingerprint" by Sequoia. + # "Invalid GPG signature" is reported by the gpgme mechanism; "Missing key: $fingerprint" or "Missing key $fingerprint" by Sequoia. while read path expected_error; do expected_rc= if [[ -n $expected_error ]]; then @@ -156,7 +156,7 @@ END_PUSH fi done <