Skip to content

Commit

Permalink
Set rekor env variable in Go test suite
Browse files Browse the repository at this point in the history
Move the setting of SIGSTORE_REKOR_PUBLIC_KEY from the e2e shell script
to the Go test suite, so that only the tests that need it have it set
and the shell script is doing less setup. Also remove unnecessary
instances of os.RemoveAll for temporary directories that the Go testing
framework will automatically clean up.

Signed-off-by: Colleen Murphy <[email protected]>
  • Loading branch information
cmurphy committed Feb 6, 2024
1 parent 775396c commit 62c0d1a
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 20 deletions.
48 changes: 31 additions & 17 deletions test/e2e_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -1168,6 +1168,12 @@ func TestRFC3161Timestamp(t *testing.T) {
}

func TestRekorBundleAndRFC3161Timestamp(t *testing.T) {
td := t.TempDir()
err := downloadAndSetEnv(t, rekorURL+"/api/v1/log/publicKey", env.VariableSigstoreRekorPublicKey.String(), td)
if err != nil {
t.Fatal(err)
}

// TSA server needed to create timestamp
viper.Set("timestamp-signer", "memory")
viper.Set("timestamp-signer-hash", "sha256")
Expand Down Expand Up @@ -1197,7 +1203,6 @@ func TestRekorBundleAndRFC3161Timestamp(t *testing.T) {

repo, stop := reg(t)
defer stop()
td := t.TempDir()

imgName := path.Join(repo, "cosign-e2e")

Expand Down Expand Up @@ -1373,13 +1378,14 @@ func TestMultipleSignatures(t *testing.T) {
}

func TestSignBlob(t *testing.T) {
td := t.TempDir()
err := downloadAndSetEnv(t, rekorURL+"/api/v1/log/publicKey", env.VariableSigstoreRekorPublicKey.String(), td)
if err != nil {
t.Fatal(err)
}
blob := "someblob"
td1 := t.TempDir()
td2 := t.TempDir()
t.Cleanup(func() {
os.RemoveAll(td1)
os.RemoveAll(td2)
})
bp := filepath.Join(td1, blob)

if err := os.WriteFile(bp, []byte(blob), 0644); err != nil {
Expand Down Expand Up @@ -1430,16 +1436,18 @@ func TestSignBlob(t *testing.T) {
func TestSignBlobBundle(t *testing.T) {
blob := "someblob"
td1 := t.TempDir()
t.Cleanup(func() {
os.RemoveAll(td1)
})
bp := filepath.Join(td1, blob)
bundlePath := filepath.Join(td1, "bundle.sig")

if err := os.WriteFile(bp, []byte(blob), 0644); err != nil {
t.Fatal(err)
}

err := downloadAndSetEnv(t, rekorURL+"/api/v1/log/publicKey", env.VariableSigstoreRekorPublicKey.String(), td1)
if err != nil {
t.Fatal(err)
}

_, privKeyPath1, pubKeyPath1 := keypair(t, td1)

ctx := context.Background()
Expand Down Expand Up @@ -1481,6 +1489,11 @@ func TestSignBlobBundle(t *testing.T) {
}

func TestSignBlobRFC3161TimestampBundle(t *testing.T) {
td := t.TempDir()
err := downloadAndSetEnv(t, rekorURL+"/api/v1/log/publicKey", env.VariableSigstoreRekorPublicKey.String(), td)
if err != nil {
t.Fatal(err)
}
// TSA server needed to create timestamp
viper.Set("timestamp-signer", "memory")
viper.Set("timestamp-signer-hash", "sha256")
Expand All @@ -1489,13 +1502,9 @@ func TestSignBlobRFC3161TimestampBundle(t *testing.T) {
t.Cleanup(server.Close)

blob := "someblob"
td1 := t.TempDir()
t.Cleanup(func() {
os.RemoveAll(td1)
})
bp := filepath.Join(td1, blob)
bundlePath := filepath.Join(td1, "bundle.sig")
tsPath := filepath.Join(td1, "rfc3161Timestamp.json")
bp := filepath.Join(td, blob)
bundlePath := filepath.Join(td, "bundle.sig")
tsPath := filepath.Join(td, "rfc3161Timestamp.json")

if err := os.WriteFile(bp, []byte(blob), 0644); err != nil {
t.Fatal(err)
Expand All @@ -1521,7 +1530,7 @@ func TestSignBlobRFC3161TimestampBundle(t *testing.T) {
t.Fatalf("error writing chain payload to temp file: %v", err)
}

_, privKeyPath1, pubKeyPath1 := keypair(t, td1)
_, privKeyPath1, pubKeyPath1 := keypair(t, td)

ctx := context.Background()

Expand Down Expand Up @@ -2461,9 +2470,14 @@ func TestAttestBlobSignVerify(t *testing.T) {
}

func TestOffline(t *testing.T) {
td := t.TempDir()
err := downloadAndSetEnv(t, rekorURL+"/api/v1/log/publicKey", env.VariableSigstoreRekorPublicKey.String(), td)
if err != nil {
t.Fatal(err)
}

regName, stop := reg(t)
defer stop()
td := t.TempDir()

img1 := path.Join(regName, "cosign-e2e")

Expand Down
3 changes: 0 additions & 3 deletions test/e2e_test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -86,9 +86,6 @@ cleanup_services() {
}
trap cleanup_services EXIT

curl http://127.0.0.1:3000/api/v1/log/publicKey > rekor.pub
export SIGSTORE_REKOR_PUBLIC_KEY=$(pwd)/rekor.pub

echo
echo "running tests"

Expand Down

0 comments on commit 62c0d1a

Please sign in to comment.