From 4e519ff57cb3ae84cf7755558fee3cc74cea9813 Mon Sep 17 00:00:00 2001 From: Joe Stuart Date: Mon, 6 Nov 2023 11:53:35 -0600 Subject: [PATCH] acceptance test fixes --- acceptance/image/image.go | 10 +++++++ acceptance/kubernetes/kubernetes.go | 2 +- features/__snapshots__/validate_image.snap | 35 +++++++++++++++++----- 3 files changed, 39 insertions(+), 8 deletions(-) diff --git a/acceptance/image/image.go b/acceptance/image/image.go index cfb446f1e..36e0c501c 100644 --- a/acceptance/image/image.go +++ b/acceptance/image/image.go @@ -79,6 +79,7 @@ type Signature struct { Certificate string `json:"certificate,omitempty"` Chain []string `json:"chain,omitempty"` Metadata map[string]string `json:"metadata,omitempty"` + Digest string `json:"digest,omitempty"` } // imageState holds the state of images used in acceptance tests keyed by the @@ -209,10 +210,15 @@ func createAndPushImageSignature(ctx context.Context, imageName string, keyName return ctx, err } + sigDigest, err := signatureLayer.Digest() + if err != nil { + return ctx, err + } state.Signatures[imageName] = ref.String() state.ImageSignatures[imageName] = Signature{ KeyID: "", Signature: signatureBase64, + Digest: sigDigest.String(), } return ctx, nil @@ -270,6 +276,9 @@ func createAndPushAttestationWithPatches(ctx context.Context, imageName, keyName if sig, err := unmarshallSignatures(signedAttestation); err != nil { return ctx, err } else { + if err != nil { + return ctx, err + } state.AttestationSignatures[imageName] = Signature{ KeyID: sig.KeyID, Signature: sig.Sig, @@ -857,6 +866,7 @@ func RawImageSignaturesFrom(ctx context.Context) map[string]string { ret := map[string]string{} for ref, signature := range state.ImageSignatures { ret[fmt.Sprintf("IMAGE_SIGNATURE_%s", ref)] = signature.Signature + ret[fmt.Sprintf("SIGNATURE_DIGEST_%s", ref)] = signature.Digest } return ret diff --git a/acceptance/kubernetes/kubernetes.go b/acceptance/kubernetes/kubernetes.go index 9b73483aa..eb714edd5 100644 --- a/acceptance/kubernetes/kubernetes.go +++ b/acceptance/kubernetes/kubernetes.go @@ -22,12 +22,12 @@ import ( "encoding/json" "errors" "fmt" + "maps" "strings" "text/tabwriter" "github.com/cucumber/godog" clr "github.com/doiit/picocolors" - "golang.org/x/exp/maps" "github.com/enterprise-contract/ec-cli/acceptance/crypto" "github.com/enterprise-contract/ec-cli/acceptance/image" diff --git a/features/__snapshots__/validate_image.snap b/features/__snapshots__/validate_image.snap index acf80a6a4..3498259b3 100755 --- a/features/__snapshots__/validate_image.snap +++ b/features/__snapshots__/validate_image.snap @@ -49,7 +49,10 @@ "keyid": "", "sig": "${ATTESTATION_SIGNATURE_acceptance/ec-happy-day}" } - ] + ], + "digest": { + "sha256": "${SIGNATURE_DIGEST_acceptance/ec-happy-day}" + } } ] } @@ -151,7 +154,10 @@ Error: success criteria not met "keyid": "", "sig": "${ATTESTATION_SIGNATURE_acceptance/ec-happy-day}" } - ] + ], + "digest": { + "sha256": "${SIGNATURE_DIGEST_acceptance/ec-happy-day}" + } } ] } @@ -240,7 +246,10 @@ Error: success criteria not met "keyid": "", "sig": "${ATTESTATION_SIGNATURE_acceptance/ec-happy-day}" } - ] + ], + "digest": { + "sha256": "${SIGNATURE_DIGEST_acceptance/ec-happy-day}" + } } ] } @@ -317,7 +326,10 @@ Error: success criteria not met "keyid": "", "sig": "${ATTESTATION_SIGNATURE_acceptance/ec-happy-day}" } - ] + ], + "digest": { + "sha256": "${SIGNATURE_DIGEST_acceptance/ec-happy-day}" + } } ] } @@ -396,7 +408,10 @@ Error: success criteria not met "keyid": "", "sig": "${ATTESTATION_SIGNATURE_acceptance/ec-happy-day}" } - ] + ], + "digest": { + "sha256": "${SIGNATURE_DIGEST_acceptance/ec-happy-day}" + } } ] } @@ -467,7 +482,10 @@ Error: success criteria not met "keyid": "", "sig": "${ATTESTATION_SIGNATURE_acceptance/image}" } - ] + ], + "digest": { + "sha256": "${SIGNATURE_DIGEST_acceptance/image}" + } } ] } @@ -580,7 +598,10 @@ Error: success criteria not met "keyid": "", "sig": "${ATTESTATION_SIGNATURE_acceptance/ec-multiple-sources}" } - ] + ], + "digest": { + "sha256": "${SIGNATURE_DIGEST_acceptance/ec-multiple-sources}" + } } ] }