...

Source file src/github.com/sigstore/cosign/v2/pkg/oci/layout/write_test.go

Documentation: github.com/sigstore/cosign/v2/pkg/oci/layout 

     1  //
     2  // Copyright 2021 The Sigstore Authors.
     3  //
     4  // Licensed under the Apache License, Version 2.0 (the "License");
     5  // you may not use this file except in compliance with the License.
     6  // You may obtain a copy of the License at
     7  //
     8  //     http://www.apache.org/licenses/LICENSE-2.0
     9  //
    10  // Unless required by applicable law or agreed to in writing, software
    11  // distributed under the License is distributed on an "AS IS" BASIS,
    12  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  // See the License for the specific language governing permissions and
    14  // limitations under the License.
    15  
    16  package layout
    17  
    18  import (
    19  	"fmt"
    20  	"runtime"
    21  	"testing"
    22  
    23  	"github.com/google/go-cmp/cmp"
    24  	v1 "github.com/google/go-containerregistry/pkg/v1"
    25  	"github.com/google/go-containerregistry/pkg/v1/random"
    26  	"github.com/sigstore/cosign/v2/pkg/oci"
    27  	"github.com/sigstore/cosign/v2/pkg/oci/mutate"
    28  	"github.com/sigstore/cosign/v2/pkg/oci/signed"
    29  	"github.com/sigstore/cosign/v2/pkg/oci/static"
    30  )
    31  
    32  func TestReadWrite(t *testing.T) {
    33  	if runtime.GOOS == "windows" {
    34  		t.Skip("test is flaky on windows, see https://github.com/sigstore/cosign/v2/issues/1389")
    35  	}
    36  	// write random signed image to disk
    37  	si := randomSignedImage(t)
    38  	tmp := t.TempDir()
    39  	if err := WriteSignedImage(tmp, si); err != nil {
    40  		t.Fatal(err)
    41  	}
    42  
    43  	// read the image and make sure the signatures exist
    44  	imageIndex, err := SignedImageIndex(tmp)
    45  	if err != nil {
    46  		t.Fatal(err)
    47  	}
    48  	gotSignedImage, err := imageIndex.SignedImage(v1.Hash{})
    49  	if err != nil {
    50  		t.Fatal(err)
    51  	}
    52  	// compare the image we read with the one we wrote
    53  	compareDigests(t, si, gotSignedImage)
    54  
    55  	// make sure we have 5 attestations
    56  	attImg, err := imageIndex.Attestations()
    57  	if err != nil {
    58  		t.Fatal(err)
    59  	}
    60  	atts, err := attImg.Get()
    61  	if err != nil {
    62  		t.Fatal(err)
    63  	}
    64  	if len(atts) != 5 {
    65  		t.Fatal("expected 5 attestations")
    66  	}
    67  
    68  	// make sure signatures are correct
    69  	sigImage, err := imageIndex.Signatures()
    70  	if err != nil {
    71  		t.Fatal(err)
    72  	}
    73  	sigs, err := sigImage.Get()
    74  	if err != nil {
    75  		t.Fatal(err)
    76  	}
    77  	want := 6
    78  	if len(sigs) != want {
    79  		t.Fatal("didn't get the expected number of signatures")
    80  	}
    81  	// make sure the annotation is correct
    82  	for i, sig := range sigs {
    83  		annotations, err := sig.Annotations()
    84  		if err != nil {
    85  			t.Fatal(err)
    86  		}
    87  		val, ok := annotations["layer"]
    88  		if !ok {
    89  			t.Fatal("expected annotation doesn't exist on signature")
    90  		}
    91  		if val != fmt.Sprintf("%d", i) {
    92  			t.Fatal("expected annotation isn't correct")
    93  		}
    94  	}
    95  }
    96  
    97  func randomSignedImage(t *testing.T) oci.SignedImage {
    98  	i, err := random.Image(300 /* byteSize */, 7 /* layers */)
    99  	if err != nil {
   100  		t.Fatalf("random.Image() = %v", err)
   101  	}
   102  	si := signed.Image(i)
   103  
   104  	want := 6 // Add 6 signatures
   105  	for i := 0; i < want; i++ {
   106  		annotationOption := static.WithAnnotations(map[string]string{"layer": fmt.Sprintf("%d", i)})
   107  		sig, err := static.NewSignature(nil, fmt.Sprintf("%d", i), annotationOption)
   108  		if err != nil {
   109  			t.Fatalf("static.NewSignature() = %v", err)
   110  		}
   111  		si, err = mutate.AttachSignatureToImage(si, sig)
   112  		if err != nil {
   113  			t.Fatalf("SignEntity() = %v", err)
   114  		}
   115  	}
   116  
   117  	want = 5 // Add 5 attestations
   118  	for i := 0; i < want; i++ {
   119  		sig, err := static.NewAttestation([]byte(fmt.Sprintf("%d", i)))
   120  		if err != nil {
   121  			t.Fatalf("static.NewSignature() = %v", err)
   122  		}
   123  		si, err = mutate.AttachAttestationToImage(si, sig)
   124  		if err != nil {
   125  			t.Fatalf("SignEntity() = %v", err)
   126  		}
   127  	}
   128  
   129  	return si
   130  }
   131  
   132  func compareDigests(t *testing.T, img1 oci.SignedImage, img2 oci.SignedImage) {
   133  	d1, err := img1.Digest()
   134  	if err != nil {
   135  		t.Fatal(err)
   136  	}
   137  	d2, err := img2.Digest()
   138  	if err != nil {
   139  		t.Fatal(err)
   140  	}
   141  	if d := cmp.Diff(d1, d2); d != "" {
   142  		t.Fatalf("digests are different: %s", d)
   143  	}
   144  }
   145  

View as plain text