e2e_test.go

Documentation: github.com/sigstore/rekor/pkg/pki/x509

     1  //
     2  // Copyright 2022 The Sigstore Authors.
     3  //
     4  // Licensed under the Apache License, Version 2.0 (the "License");
     5  // you may not use this file except in compliance with the License.
     6  // You may obtain a copy of the License at
     7  //
     8  //     http://www.apache.org/licenses/LICENSE-2.0
     9  //
    10  // Unless required by applicable law or agreed to in writing, software
    11  // distributed under the License is distributed on an "AS IS" BASIS,
    12  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  // See the License for the specific language governing permissions and
    14  // limitations under the License.
    15  
    16  //go:build e2e
    17  // +build e2e
    18  
    19  package x509
    20  
    21  import (
    22  	"os"
    23  	"path/filepath"
    24  	"testing"
    25  
    26  	"github.com/sigstore/rekor/pkg/util"
    27  )
    28  
    29  func TestX509(t *testing.T) {
    30  	td := t.TempDir()
    31  	artifactPath := filepath.Join(td, "artifact")
    32  	sigPath := filepath.Join(td, "signature")
    33  	certPath := filepath.Join(td, "cert.pem")
    34  	pubKeyPath := filepath.Join(td, "key.pem")
    35  
    36  	CreatedX509SignedArtifact(t, artifactPath, sigPath)
    37  
    38  	if err := os.WriteFile(certPath, []byte(RSACert), 0o644); err != nil {
    39  		t.Fatal(err)
    40  	}
    41  	if err := os.WriteFile(pubKeyPath, []byte(PubKey), 0o644); err != nil {
    42  		t.Fatal(err)
    43  	}
    44  
    45  	// If we do it twice, it should already exist
    46  	out := util.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath,
    47  		"--public-key", certPath, "--pki-format", "x509")
    48  	util.OutputContains(t, out, "Created entry at")
    49  	out = util.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath,
    50  		"--public-key", certPath, "--pki-format", "x509")
    51  	util.OutputContains(t, out, "Entry already exists")
    52  
    53  	// Now upload with the public key rather than the cert. They should NOT be deduped.
    54  	out = util.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath,
    55  		"--public-key", pubKeyPath, "--pki-format", "x509")
    56  	util.OutputContains(t, out, "Created entry at")
    57  
    58  	// Now let's go the other order to be sure. New artifact, key first then cert.
    59  	CreatedX509SignedArtifact(t, artifactPath, sigPath)
    60  
    61  	out = util.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath,
    62  		"--public-key", pubKeyPath, "--pki-format", "x509")
    63  	util.OutputContains(t, out, "Created entry at")
    64  	out = util.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath,
    65  		"--public-key", pubKeyPath, "--pki-format", "x509")
    66  	util.OutputContains(t, out, "Entry already exists")
    67  	// This should NOT already exist
    68  	out = util.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath,
    69  		"--public-key", certPath, "--pki-format", "x509")
    70  	util.OutputContains(t, out, "Created entry at")
    71  	uuid := util.GetUUIDFromUploadOutput(t, out)
    72  
    73  	// Search via email
    74  	out = util.RunCli(t, "search", "--email", "test@rekor.dev")
    75  	util.OutputContains(t, out, uuid)
    76  }
    77
View as plain text