1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
//go:build debian_no_fulcio
// +build debian_no_fulcio
package signer
import (
"context"
"errors"
"testing"
"github.com/containers/image/v5/docker/reference"
"github.com/containers/image/v5/internal/signature"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
// mockSignerImplementation is a SignerImplementation used only for tests.
type mockSignerImplementation struct {
progressMessage func() string
signImageManifest func(ctx context.Context, m []byte, dockerReference reference.Named) (signature.Signature, error)
close func() error
}
func (ms *mockSignerImplementation) Close() error {
return ms.close()
}
func (ms *mockSignerImplementation) ProgressMessage() string {
return ms.progressMessage()
}
func (ms *mockSignerImplementation) SignImageManifest(ctx context.Context, m []byte, dockerReference reference.Named) (signature.Signature, error) {
return ms.signImageManifest(ctx, m, dockerReference)
}
func TestNewSigner(t *testing.T) {
closeError := errors.New("unique error")
si := mockSignerImplementation{
// Other functions are nil, so this ensures they are not called.
close: func() error { return closeError },
}
s := NewSigner(&si)
// Verify SignerImplementation methods are not visible even to determined callers
_, visible := any(s).(SignerImplementation)
assert.False(t, visible)
err := s.Close()
assert.Equal(t, closeError, err)
}
func TestProgressMessage(t *testing.T) {
si := mockSignerImplementation{
// Other functions are nil, so this ensures they are not called.
close: func() error { return nil },
}
s := NewSigner(&si)
defer s.Close()
const testMessage = "some unique string"
si.progressMessage = func() string {
return testMessage
}
message := ProgressMessage(s)
assert.Equal(t, testMessage, message)
}
func TestSignImageManifest(t *testing.T) {
si := mockSignerImplementation{
// Other functions are nil, so this ensures they are not called.
close: func() error { return nil },
}
s := NewSigner(&si)
defer s.Close()
testManifest := []byte("some manifest")
testDR, err := reference.ParseNormalizedNamed("busybox")
require.NoError(t, err)
testContext := context.WithValue(context.Background(), struct{}{}, "make this context unique")
testSig := signature.SigstoreFromComponents(signature.SigstoreSignatureMIMEType, []byte("payload"), nil)
testErr := errors.New("some unique error")
si.signImageManifest = func(ctx context.Context, m []byte, dockerReference reference.Named) (signature.Signature, error) {
assert.Equal(t, testContext, ctx)
assert.Equal(t, testManifest, m)
assert.Equal(t, testDR, dockerReference)
return testSig, testErr
}
sig, err := SignImageManifest(testContext, s, testManifest, testDR)
assert.Equal(t, testSig, sig)
assert.Equal(t, testErr, err)
}
|
