Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add integration test
Browse files Browse the repository at this point in the history
Signed-off-by: Priya Wadhwa <[email protected]>
Priya Wadhwa committed Jun 1, 2021
1 parent 06d70e1 commit a9af05a
Showing 2 changed files with 36 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .github/workflows/tests.yaml
Original file line number Diff line number Diff line change
@@ -47,6 +47,10 @@ jobs:
run: |
curl -L https://github.com/google/ko/releases/download/v0.8.1/ko_0.8.1_Linux_x86_64.tar.gz | tar xzf - ko && \
chmod +x ./ko && sudo mv ko /usr/local/bin/
- name: setup kind cluster
run: |
go install sigs.k8s.io/[email protected]
kind create cluster
# Required for `make cosign-pivkey`
# - name: deps
# run: sudo apt-get update && sudo apt-get install -yq libpcsclite-dev
32 changes: 32 additions & 0 deletions test/e2e_test.go
Original file line number Diff line number Diff line change
@@ -22,6 +22,7 @@ import (
"context"
"encoding/base64"
"encoding/json"
"fmt"
"io/ioutil"
"net/http/httptest"
"net/url"
@@ -40,8 +41,12 @@ import (
"github.com/sigstore/cosign/cmd/cosign/cli"
sget "github.com/sigstore/cosign/cmd/sget/cli"
"github.com/sigstore/cosign/pkg/cosign"
"github.com/sigstore/cosign/pkg/cosign/kubernetes"
cremote "github.com/sigstore/cosign/pkg/cosign/remote"
"github.com/sigstore/sigstore/pkg/signature/payload"

kubernetesclient "github.com/GoogleContainerTools/skaffold/pkg/skaffold/kubernetes/client"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

var keyPass = []byte("hello")
@@ -223,6 +228,33 @@ func TestGenerateKeyPairEnvVar(t *testing.T) {
}
}

func TestGenerateKeyPairK8s(t *testing.T) {
td := t.TempDir()
if err := os.Chdir(td); err != nil {
t.Fatal(err)
}
password := "foo"
defer setenv(t, "COSIGN_PASSWORD", password)()
ctx := context.Background()
name := "cosign-secret"
namespace := "default"
if err := kubernetes.KeyPairSecret(fmt.Sprintf("%s/%s", namespace, name), cli.GetPass); err != nil {
t.Fatal(err)
}
// make sure the secret actually exists
client, err := kubernetesclient.Client()
if err != nil {
t.Fatal(err)
}
s, err := client.CoreV1().Secrets(namespace).Get(ctx, name, metav1.GetOptions{})
if err != nil {
t.Fatal(err)
}
if v, ok := s.Data["cosign.password"]; !ok || string(v) != password {
t.Fatalf("password is incorrect, got %v expected %v", v, "foo")
}
}

func TestMultipleSignatures(t *testing.T) {
repo, stop := reg(t)
defer stop()

0 comments on commit a9af05a

Please sign in to comment.