unknown_test.go

Documentation: github.com/sigstore/cosign/v2/pkg/oci/remote

     1  //
     2  // Copyright 2023 The Sigstore Authors.
     3  //
     4  // Licensed under the Apache License, Version 2.0 (the "License");
     5  // you may not use this file except in compliance with the License.
     6  // You may obtain a copy of the License at
     7  //
     8  //     http://www.apache.org/licenses/LICENSE-2.0
     9  //
    10  // Unless required by applicable law or agreed to in writing, software
    11  // distributed under the License is distributed on an "AS IS" BASIS,
    12  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  // See the License for the specific language governing permissions and
    14  // limitations under the License.
    15  
    16  package remote
    17  
    18  import (
    19  	"testing"
    20  
    21  	"github.com/google/go-containerregistry/pkg/name"
    22  	v1 "github.com/google/go-containerregistry/pkg/v1"
    23  	"github.com/google/go-containerregistry/pkg/v1/random"
    24  	"github.com/google/go-containerregistry/pkg/v1/remote"
    25  )
    26  
    27  func TestSignedUnknown(t *testing.T) {
    28  	ri := remote.Image
    29  	t.Cleanup(func() {
    30  		remoteImage = ri
    31  	})
    32  	wantLayers := int64(7)
    33  
    34  	remoteImage = func(_ name.Reference, _ ...remote.Option) (v1.Image, error) {
    35  		// Only called for signature images
    36  		return random.Image(300 /* byteSize */, wantLayers)
    37  	}
    38  
    39  	// :nonroot as of 2023/05/07
    40  	digest, err := name.NewDigest("gcr.io/distroless/static@sha256:9ecc53c269509f63c69a266168e4a687c7eb8c0cfd753bd8bfcaa4f58a90876f")
    41  	if err != nil {
    42  		t.Fatalf("ParseRef() = %v", err)
    43  	}
    44  	si := SignedUnknown(digest)
    45  
    46  	sigs, err := si.Signatures()
    47  	if err != nil {
    48  		t.Fatalf("Signatures() = %v", err)
    49  	}
    50  
    51  	if sl, err := sigs.Get(); err != nil {
    52  		t.Errorf("Get() = %v", err)
    53  	} else if got := int64(len(sl)); got != wantLayers {
    54  		t.Errorf("len(Get()) = %d, wanted %d", got, wantLayers)
    55  	}
    56  
    57  	atts, err := si.Attestations()
    58  	if err != nil {
    59  		t.Fatalf("Signatures() = %v", err)
    60  	}
    61  
    62  	if al, err := atts.Get(); err != nil {
    63  		t.Errorf("Get() = %v", err)
    64  	} else if got := int64(len(al)); got != wantLayers {
    65  		t.Errorf("len(Get()) = %d, wanted %d", got, wantLayers)
    66  	}
    67  }
    68  
    69  func TestSignedUnknownWithAttachment(t *testing.T) {
    70  	ri := remote.Image
    71  	t.Cleanup(func() {
    72  		remoteImage = ri
    73  	})
    74  	wantLayers := int64(1) // File must have a single layer
    75  
    76  	remoteImage = func(_ name.Reference, _ ...remote.Option) (v1.Image, error) {
    77  		// Only called for signature images
    78  		return random.Image(300 /* byteSize */, wantLayers)
    79  	}
    80  
    81  	// :nonroot as of 2023/05/07
    82  	digest, err := name.NewDigest("gcr.io/distroless/static@sha256:9ecc53c269509f63c69a266168e4a687c7eb8c0cfd753bd8bfcaa4f58a90876f")
    83  	if err != nil {
    84  		t.Fatalf("ParseRef() = %v", err)
    85  	}
    86  	si := SignedUnknown(digest)
    87  
    88  	file, err := si.Attachment("sbom")
    89  	if err != nil {
    90  		t.Fatalf("Signatures() = %v", err)
    91  	}
    92  
    93  	payload, err := file.Payload()
    94  	if err != nil {
    95  		t.Errorf("Payload() = %v", err)
    96  	}
    97  	// We check greater than because it's wrapped in a tarball with `random.Layer`
    98  	if len(payload) < 300 {
    99  		t.Errorf("Payload() = %d bytes, wanted %d", len(payload), 300)
   100  	}
   101  }
   102
View as plain text