From 7c5db83261fc15547e6d282c34ed7c360d40e852 Mon Sep 17 00:00:00 2001 From: Antonio Murdaca Date: Tue, 17 May 2016 20:19:27 +0200 Subject: [PATCH] Remove signature/fixtures subpackage This will make the output of godoc cleaner, we can't filter out the subpackage otherwise. Also copy the needed fixture into the integration subpackage, instead of referring to it using ../signature/fixtures (and we can't import signature/fixtures_info-test.go now). Signed-off-by: Antonio Murdaca --- integration/fixtures/image.manifest.json | 26 +++++++++++++++++ integration/fixtures_info_test.go | 6 ++++ integration/signing_test.go | 5 ++-- signature/docker_test.go | 29 +++++++++---------- .../info.go => fixtures_info_test.go} | 2 +- signature/mechanism_test.go | 7 ++--- signature/signature_test.go | 23 +++++++-------- 7 files changed, 63 insertions(+), 35 deletions(-) create mode 100644 integration/fixtures/image.manifest.json create mode 100644 integration/fixtures_info_test.go rename signature/{fixtures/info.go => fixtures_info_test.go} (96%) diff --git a/integration/fixtures/image.manifest.json b/integration/fixtures/image.manifest.json new file mode 100644 index 00000000..198da23f --- /dev/null +++ b/integration/fixtures/image.manifest.json @@ -0,0 +1,26 @@ +{ + "schemaVersion": 2, + "mediaType": "application/vnd.docker.distribution.manifest.v2+json", + "config": { + "mediaType": "application/vnd.docker.container.image.v1+json", + "size": 7023, + "digest": "sha256:b5b2b2c507a0944348e0303114d8d93aaaa081732b86451d9bce1f432a537bc7" + }, + "layers": [ + { + "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip", + "size": 32654, + "digest": "sha256:e692418e4cbaf90ca69d05a66403747baa33ee08806650b51fab815ad7fc331f" + }, + { + "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip", + "size": 16724, + "digest": "sha256:3c3a4604a545cdc127456d94e421cd355bca5b528f4a9c1905b15da2eb4a4c6b" + }, + { + "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip", + "size": 73109, + "digest": "sha256:ec4b8955958665577945c89419d1af06b5f7636b4ac3da7f12184802ad867736" + } + ] +} \ No newline at end of file diff --git a/integration/fixtures_info_test.go b/integration/fixtures_info_test.go new file mode 100644 index 00000000..d1048168 --- /dev/null +++ b/integration/fixtures_info_test.go @@ -0,0 +1,6 @@ +package main + +const ( + // TestImageManifestDigest is the Docker manifest digest of "fixtures/image.manifest.json" + TestImageManifestDigest = "sha256:20bf21ed457b390829cdbeec8795a7bea1626991fda603e0d01b4e7f60427e55" +) diff --git a/integration/signing_test.go b/integration/signing_test.go index 47de0dcd..672299c5 100644 --- a/integration/signing_test.go +++ b/integration/signing_test.go @@ -9,7 +9,6 @@ import ( "strings" "github.com/go-check/check" - "github.com/projectatomic/skopeo/signature/fixtures" ) const ( @@ -97,7 +96,7 @@ func (s *SigningSuite) TearDownTest(c *check.C) { } func (s *SigningSuite) TestSignVerifySmoke(c *check.C) { - manifestPath := "../signature/fixtures/image.manifest.json" + manifestPath := "fixtures/image.manifest.json" dockerReference := "testing/smoketest" sigOutput, err := ioutil.TempFile("", "sig") @@ -111,5 +110,5 @@ func (s *SigningSuite) TestSignVerifySmoke(c *check.C) { out, err = exec.Command(skopeoBinary, "standalone-verify", manifestPath, dockerReference, s.fingerprint, sigOutput.Name()).CombinedOutput() c.Assert(err, check.IsNil, check.Commentf("%s", out)) - c.Assert(string(out), check.Equals, "Signature verified, digest "+fixtures.TestImageManifestDigest+"\n") + c.Assert(string(out), check.Equals, "Signature verified, digest "+TestImageManifestDigest+"\n") } diff --git a/signature/docker_test.go b/signature/docker_test.go index 205d74ff..ec4c858d 100644 --- a/signature/docker_test.go +++ b/signature/docker_test.go @@ -4,7 +4,6 @@ import ( "io/ioutil" "testing" - "github.com/projectatomic/skopeo/signature/fixtures" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -16,26 +15,26 @@ func TestSignDockerManifest(t *testing.T) { require.NoError(t, err) // Successful signing - signature, err := SignDockerManifest(manifest, fixtures.TestImageSignatureReference, mech, fixtures.TestKeyFingerprint) + signature, err := SignDockerManifest(manifest, TestImageSignatureReference, mech, TestKeyFingerprint) require.NoError(t, err) - verified, err := VerifyDockerManifestSignature(signature, manifest, fixtures.TestImageSignatureReference, mech, fixtures.TestKeyFingerprint) + verified, err := VerifyDockerManifestSignature(signature, manifest, TestImageSignatureReference, mech, TestKeyFingerprint) assert.NoError(t, err) - assert.Equal(t, fixtures.TestImageSignatureReference, verified.DockerReference) - assert.Equal(t, fixtures.TestImageManifestDigest, verified.DockerManifestDigest) + assert.Equal(t, TestImageSignatureReference, verified.DockerReference) + assert.Equal(t, TestImageManifestDigest, verified.DockerManifestDigest) // Error computing Docker manifest invalidManifest, err := ioutil.ReadFile("fixtures/v2s1-invalid-signatures.manifest.json") require.NoError(t, err) - _, err = SignDockerManifest(invalidManifest, fixtures.TestImageSignatureReference, mech, fixtures.TestKeyFingerprint) + _, err = SignDockerManifest(invalidManifest, TestImageSignatureReference, mech, TestKeyFingerprint) assert.Error(t, err) // Error creating blob to sign - _, err = SignDockerManifest(manifest, "", mech, fixtures.TestKeyFingerprint) + _, err = SignDockerManifest(manifest, "", mech, TestKeyFingerprint) assert.Error(t, err) // Error signing - _, err = SignDockerManifest(manifest, fixtures.TestImageSignatureReference, mech, "this fingerprint doesn't exist") + _, err = SignDockerManifest(manifest, TestImageSignatureReference, mech, "this fingerprint doesn't exist") assert.Error(t, err) } @@ -48,33 +47,33 @@ func TestVerifyDockerManifestSignature(t *testing.T) { require.NoError(t, err) // Successful verification - sig, err := VerifyDockerManifestSignature(signature, manifest, fixtures.TestImageSignatureReference, mech, fixtures.TestKeyFingerprint) + sig, err := VerifyDockerManifestSignature(signature, manifest, TestImageSignatureReference, mech, TestKeyFingerprint) require.NoError(t, err) - assert.Equal(t, fixtures.TestImageSignatureReference, sig.DockerReference) - assert.Equal(t, fixtures.TestImageManifestDigest, sig.DockerManifestDigest) + assert.Equal(t, TestImageSignatureReference, sig.DockerReference) + assert.Equal(t, TestImageManifestDigest, sig.DockerManifestDigest) // For extra paranoia, test that we return nil data on error. // Error computing Docker manifest invalidManifest, err := ioutil.ReadFile("fixtures/v2s1-invalid-signatures.manifest.json") require.NoError(t, err) - sig, err = VerifyDockerManifestSignature(signature, invalidManifest, fixtures.TestImageSignatureReference, mech, fixtures.TestKeyFingerprint) + sig, err = VerifyDockerManifestSignature(signature, invalidManifest, TestImageSignatureReference, mech, TestKeyFingerprint) assert.Error(t, err) assert.Nil(t, sig) // Error verifying signature corruptSignature, err := ioutil.ReadFile("fixtures/corrupt.signature") - sig, err = VerifyDockerManifestSignature(corruptSignature, manifest, fixtures.TestImageSignatureReference, mech, fixtures.TestKeyFingerprint) + sig, err = VerifyDockerManifestSignature(corruptSignature, manifest, TestImageSignatureReference, mech, TestKeyFingerprint) assert.Error(t, err) assert.Nil(t, sig) // Key fingerprint mismatch - sig, err = VerifyDockerManifestSignature(signature, manifest, fixtures.TestImageSignatureReference, mech, "unexpected fingerprint") + sig, err = VerifyDockerManifestSignature(signature, manifest, TestImageSignatureReference, mech, "unexpected fingerprint") assert.Error(t, err) assert.Nil(t, sig) // Docker manifest digest mismatch - sig, err = VerifyDockerManifestSignature(signature, []byte("unexpected manifest"), fixtures.TestImageSignatureReference, mech, fixtures.TestKeyFingerprint) + sig, err = VerifyDockerManifestSignature(signature, []byte("unexpected manifest"), TestImageSignatureReference, mech, TestKeyFingerprint) assert.Error(t, err) assert.Nil(t, sig) } diff --git a/signature/fixtures/info.go b/signature/fixtures_info_test.go similarity index 96% rename from signature/fixtures/info.go rename to signature/fixtures_info_test.go index fedbde77..2ffbbe21 100644 --- a/signature/fixtures/info.go +++ b/signature/fixtures_info_test.go @@ -1,4 +1,4 @@ -package fixtures +package signature const ( // TestImageManifestDigest is the Docker manifest digest of "image.manifest.json" diff --git a/signature/mechanism_test.go b/signature/mechanism_test.go index 72ee042e..f9c69756 100644 --- a/signature/mechanism_test.go +++ b/signature/mechanism_test.go @@ -4,7 +4,6 @@ import ( "io/ioutil" "testing" - "github.com/projectatomic/skopeo/signature/fixtures" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -32,13 +31,13 @@ func TestGPGSigningMechanismSign(t *testing.T) { // Successful signing content := []byte("content") - signature, err := mech.Sign(content, fixtures.TestKeyFingerprint) + signature, err := mech.Sign(content, TestKeyFingerprint) require.NoError(t, err) signedContent, signingFingerprint, err := mech.Verify(signature) require.NoError(t, err) assert.EqualValues(t, content, signedContent) - assert.Equal(t, fixtures.TestKeyFingerprint, signingFingerprint) + assert.Equal(t, TestKeyFingerprint, signingFingerprint) // Error signing _, err = mech.Sign(content, "this fingerprint doesn't exist") @@ -62,7 +61,7 @@ func TestGPGSigningMechanismVerify(t *testing.T) { content, signingFingerprint, err := mech.Verify(signature) require.NoError(t, err) assert.Equal(t, []byte("This is not JSON\n"), content) - assert.Equal(t, fixtures.TestKeyFingerprint, signingFingerprint) + assert.Equal(t, TestKeyFingerprint, signingFingerprint) // For extra paranoia, test that we return nil data on error. diff --git a/signature/signature_test.go b/signature/signature_test.go index fd258548..471e8b9f 100644 --- a/signature/signature_test.go +++ b/signature/signature_test.go @@ -5,7 +5,6 @@ import ( "io/ioutil" "testing" - "github.com/projectatomic/skopeo/signature/fixtures" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -147,16 +146,16 @@ func TestSign(t *testing.T) { } // Successful signing - signature, err := sig.sign(mech, fixtures.TestKeyFingerprint) + signature, err := sig.sign(mech, TestKeyFingerprint) require.NoError(t, err) - verified, err := verifyAndExtractSignature(mech, signature, fixtures.TestKeyFingerprint, sig.DockerReference) + verified, err := verifyAndExtractSignature(mech, signature, TestKeyFingerprint, sig.DockerReference) require.NoError(t, err) assert.Equal(t, sig.Signature, *verified) // Error creating blob to sign - _, err = privateSignature{}.sign(mech, fixtures.TestKeyFingerprint) + _, err = privateSignature{}.sign(mech, TestKeyFingerprint) assert.Error(t, err) // Error signing @@ -172,36 +171,36 @@ func TestVerifyAndExtractSignature(t *testing.T) { require.NoError(t, err) // Successful verification - sig, err := verifyAndExtractSignature(mech, signature, fixtures.TestKeyFingerprint, fixtures.TestImageSignatureReference) + sig, err := verifyAndExtractSignature(mech, signature, TestKeyFingerprint, TestImageSignatureReference) require.NoError(t, err) - assert.Equal(t, fixtures.TestImageSignatureReference, sig.DockerReference) - assert.Equal(t, fixtures.TestImageManifestDigest, sig.DockerManifestDigest) + assert.Equal(t, TestImageSignatureReference, sig.DockerReference) + assert.Equal(t, TestImageManifestDigest, sig.DockerManifestDigest) // For extra paranoia, test that we return a nil signature object on error. // Completely invalid signature. - sig, err = verifyAndExtractSignature(mech, []byte{}, fixtures.TestKeyFingerprint, fixtures.TestImageSignatureReference) + sig, err = verifyAndExtractSignature(mech, []byte{}, TestKeyFingerprint, TestImageSignatureReference) assert.Error(t, err) assert.Nil(t, sig) - sig, err = verifyAndExtractSignature(mech, []byte("invalid signature"), fixtures.TestKeyFingerprint, fixtures.TestImageSignatureReference) + sig, err = verifyAndExtractSignature(mech, []byte("invalid signature"), TestKeyFingerprint, TestImageSignatureReference) assert.Error(t, err) assert.Nil(t, sig) // Valid signature of non-JSON invalidBlobSignature, err := ioutil.ReadFile("./fixtures/invalid-blob.signature") require.NoError(t, err) - sig, err = verifyAndExtractSignature(mech, invalidBlobSignature, fixtures.TestKeyFingerprint, fixtures.TestImageSignatureReference) + sig, err = verifyAndExtractSignature(mech, invalidBlobSignature, TestKeyFingerprint, TestImageSignatureReference) assert.Error(t, err) assert.Nil(t, sig) // Valid signature with a wrong key - sig, err = verifyAndExtractSignature(mech, signature, "unexpected fingerprint", fixtures.TestImageSignatureReference) + sig, err = verifyAndExtractSignature(mech, signature, "unexpected fingerprint", TestImageSignatureReference) assert.Error(t, err) assert.Nil(t, sig) // Valid signature with a wrong image reference - sig, err = verifyAndExtractSignature(mech, signature, fixtures.TestKeyFingerprint, "unexpected docker reference") + sig, err = verifyAndExtractSignature(mech, signature, TestKeyFingerprint, "unexpected docker reference") assert.Error(t, err) assert.Nil(t, sig) }