Skip to content

Commit e8a041e

Browse files
bitokubitoku
committed
Refactor TestPutSignaturesWithFormat to use table-driven tests for improved readability and maintainability.
Signed-off-by: Ayato Tokubi <[email protected]>
1 parent e9f9da1 commit e8a041e

File tree

1 file changed

+156
-126
lines changed

1 file changed

+156
-126
lines changed

image/oci/layout/oci_dest_test.go

Lines changed: 156 additions & 126 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@ import (
1313
imgspecv1 "github.com/opencontainers/image-spec/specs-go/v1"
1414
"github.com/stretchr/testify/assert"
1515
"github.com/stretchr/testify/require"
16+
"go.podman.io/image/v5/internal/imagedestination"
17+
"go.podman.io/image/v5/internal/imagesource"
1618
"go.podman.io/image/v5/internal/private"
1719
"go.podman.io/image/v5/internal/signature"
1820
"go.podman.io/image/v5/pkg/blobinfocache/memory"
@@ -220,133 +222,161 @@ func TestPutblobFromLocalFile(t *testing.T) {
220222

221223
// TestPutSignaturesWithFormat tests that sigstore signatures are properly stored in OCI layout
222224
func TestPutSignaturesWithFormat(t *testing.T) {
223-
tmpDir := loadFixture(t, "single_image_layout")
224-
ref, err := NewReference(tmpDir, "latest")
225-
require.NoError(t, err)
226-
dest, err := ref.NewImageDestination(context.Background(), nil)
227-
require.NoError(t, err)
228-
defer dest.Close()
229-
ociDest, ok := dest.(*ociImageDestination)
230-
require.True(t, ok)
231-
232-
desc, _, err := ociDest.ref.getManifestDescriptor()
233-
require.NoError(t, err)
234-
require.NotNil(t, desc)
235-
236-
sigstoreSign := signature.SigstoreFromComponents(
237-
"application/vnd.dev.cosign.simplesigning.v1+json",
238-
[]byte("test-payload"),
239-
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
240-
)
241-
242-
err = ociDest.PutSignaturesWithFormat(context.Background(), []signature.Signature{sigstoreSign}, &desc.Digest)
243-
require.NoError(t, err)
244-
245-
err = ociDest.Commit(context.Background(), nil)
246-
require.NoError(t, err)
247-
248-
src, err := ref.NewImageSource(context.Background(), nil)
249-
require.NoError(t, err)
250-
ociSrc, ok := src.(*ociImageSource)
251-
require.True(t, ok)
252-
sign, err := ociSrc.GetSignaturesWithFormat(context.Background(), &desc.Digest)
253-
require.NoError(t, err)
254-
require.Len(t, sign, 1)
255-
require.Equal(t, sigstoreSign, sign[0])
256-
}
257-
258-
// TestPutSignaturesWithFormatTwice tests PutSignaturesWithFormat twice and checks
259-
func TestPutSignaturesWithFormatTwice(t *testing.T) {
260-
tmpDir := loadFixture(t, "single_image_layout")
261-
ref, err := NewReference(tmpDir, "latest")
262-
require.NoError(t, err)
263-
dest, err := ref.NewImageDestination(context.Background(), nil)
264-
require.NoError(t, err)
265-
defer dest.Close()
266-
ociDest, ok := dest.(*ociImageDestination)
267-
require.True(t, ok)
268-
269-
desc, _, err := ociDest.ref.getManifestDescriptor()
270-
require.NoError(t, err)
271-
require.NotNil(t, desc)
272-
273-
sigstoreSign := signature.SigstoreFromComponents(
274-
"application/vnd.dev.cosign.simplesigning.v1+json",
275-
[]byte("test-payload"),
276-
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
277-
)
278-
sigstoreSign2 := signature.SigstoreFromComponents(
279-
"application/vnd.dev.cosign.simplesigning.v1+json",
280-
[]byte("test-payload2"),
281-
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
282-
)
283-
284-
err = ociDest.PutSignaturesWithFormat(context.Background(), []signature.Signature{sigstoreSign}, &desc.Digest)
285-
require.NoError(t, err)
286-
287-
err = ociDest.Commit(context.Background(), nil)
288-
require.NoError(t, err)
289-
290-
err = ociDest.PutSignaturesWithFormat(context.Background(), []signature.Signature{sigstoreSign, sigstoreSign2}, &desc.Digest)
291-
require.NoError(t, err)
292-
293-
err = ociDest.Commit(context.Background(), nil)
294-
require.NoError(t, err)
295-
296-
src, err := ref.NewImageSource(context.Background(), nil)
297-
require.NoError(t, err)
298-
ociSrc, ok := src.(*ociImageSource)
299-
require.True(t, ok)
300-
sign, err := ociSrc.GetSignaturesWithFormat(context.Background(), &desc.Digest)
301-
require.NoError(t, err)
302-
require.Len(t, sign, 2)
303-
require.Equal(t, sigstoreSign, sign[0])
304-
require.Equal(t, sigstoreSign2, sign[1])
305-
}
306-
307-
// TestPutSignaturesWithFormatNilDigest tests error handling when instanceDigest is nil
308-
func TestPutSignaturesWithFormatNilDigest(t *testing.T) {
309-
ref, _ := refToTempOCI(t, false)
310-
311-
dest, err := ref.NewImageDestination(context.Background(), nil)
312-
require.NoError(t, err)
313-
defer dest.Close()
225+
for _, test := range []struct {
226+
name string
227+
fixture string
228+
manifestDigest digest.Digest
229+
signaturesList [][]signature.Signature
230+
expectedSignatures []signature.Signature
231+
expectedError string
232+
}{
233+
{
234+
name: "single signature, single PutSignaturesWithFormat",
235+
fixture: "single_image_layout",
236+
signaturesList: [][]signature.Signature{
237+
{
238+
signature.SigstoreFromComponents(
239+
"application/vnd.dev.cosign.simplesigning.v1+json",
240+
[]byte("test-payload"),
241+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
242+
),
243+
},
244+
},
245+
expectedSignatures: []signature.Signature{
246+
signature.SigstoreFromComponents(
247+
"application/vnd.dev.cosign.simplesigning.v1+json",
248+
[]byte("test-payload"),
249+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
250+
),
251+
},
252+
},
253+
{
254+
name: "multiple signatures",
255+
fixture: "single_image_layout",
256+
signaturesList: [][]signature.Signature{
257+
{
258+
signature.SigstoreFromComponents(
259+
"application/vnd.dev.cosign.simplesigning.v1+json",
260+
[]byte("test-payload1"),
261+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature1"},
262+
),
263+
signature.SigstoreFromComponents(
264+
"application/vnd.dev.cosign.simplesigning.v1+json",
265+
[]byte("test-payload2"),
266+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature2"},
267+
),
268+
},
269+
},
270+
expectedSignatures: []signature.Signature{
271+
signature.SigstoreFromComponents(
272+
"application/vnd.dev.cosign.simplesigning.v1+json",
273+
[]byte("test-payload1"),
274+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature1"},
275+
),
276+
signature.SigstoreFromComponents(
277+
"application/vnd.dev.cosign.simplesigning.v1+json",
278+
[]byte("test-payload2"),
279+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature2"},
280+
),
281+
},
282+
},
283+
{
284+
name: "multiple PutSignaturesWithFormat with the same image",
285+
fixture: "single_image_layout",
286+
signaturesList: [][]signature.Signature{
287+
{
288+
signature.SigstoreFromComponents(
289+
"application/vnd.dev.cosign.simplesigning.v1+json",
290+
[]byte("test-payload"),
291+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
292+
),
293+
},
294+
{
295+
signature.SigstoreFromComponents(
296+
"application/vnd.dev.cosign.simplesigning.v1+json",
297+
[]byte("test-payload"),
298+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
299+
),
300+
},
301+
},
302+
expectedSignatures: []signature.Signature{
303+
signature.SigstoreFromComponents(
304+
"application/vnd.dev.cosign.simplesigning.v1+json",
305+
[]byte("test-payload"),
306+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
307+
),
308+
},
309+
},
310+
{
311+
name: "multiple PutSignaturesWithFormat with the different images",
312+
fixture: "single_image_layout",
313+
signaturesList: [][]signature.Signature{
314+
{
315+
signature.SigstoreFromComponents(
316+
"application/vnd.dev.cosign.simplesigning.v1+json",
317+
[]byte("test-payload1"),
318+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature1"},
319+
),
320+
},
321+
{
322+
signature.SigstoreFromComponents(
323+
"application/vnd.dev.cosign.simplesigning.v1+json",
324+
[]byte("test-payload2"),
325+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature2"},
326+
),
327+
},
328+
},
329+
expectedSignatures: []signature.Signature{
330+
signature.SigstoreFromComponents(
331+
"application/vnd.dev.cosign.simplesigning.v1+json",
332+
[]byte("test-payload1"),
333+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature1"},
334+
),
335+
signature.SigstoreFromComponents(
336+
"application/vnd.dev.cosign.simplesigning.v1+json",
337+
[]byte("test-payload2"),
338+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature2"},
339+
),
340+
},
341+
},
342+
} {
343+
t.Run(test.name, func(t *testing.T) {
344+
tmpDir := t.TempDir()
345+
ref, err := NewReference(tmpDir, "latest")
346+
require.NoError(t, err)
347+
ociRef := ref.(ociReference)
348+
putTestManifest(t, ociRef, tmpDir)
349+
350+
dest, err := ref.NewImageDestination(context.Background(), nil)
351+
require.NoError(t, err)
352+
defer dest.Close()
353+
ociDest := imagedestination.FromPublic(dest)
354+
355+
// get digest of the manifest
356+
desc, _, err := ociRef.getManifestDescriptor()
357+
require.NoError(t, err)
358+
359+
for _, sigs := range test.signaturesList {
360+
err = ociDest.PutSignaturesWithFormat(context.Background(), sigs, &desc.Digest)
361+
if test.expectedError != "" {
362+
require.Error(t, err)
363+
require.Contains(t, err.Error(), test.expectedError)
364+
continue
365+
}
366+
require.NoError(t, err)
367+
err = ociDest.Commit(context.Background(), nil)
368+
require.NoError(t, err)
369+
}
314370

315-
// Cast to ociImageDestination to access PutSignaturesWithFormat
316-
ociDest, ok := dest.(*ociImageDestination)
317-
require.True(t, ok)
371+
src, err := ref.NewImageSource(context.Background(), nil)
372+
require.NoError(t, err)
373+
ociSrc := imagesource.FromPublic(src)
374+
sign, err := ociSrc.GetSignaturesWithFormat(context.Background(), &desc.Digest)
375+
require.NoError(t, err)
318376

319-
// Create a test signature
320-
testPayload := []byte(`{"test": "payload"}`)
321-
testAnnotations := map[string]string{
322-
"dev.cosignproject.cosign/signature": "test-signature",
377+
for i, sig := range test.expectedSignatures {
378+
require.Equal(t, sig, sign[i])
379+
}
380+
})
323381
}
324-
sig := signature.SigstoreFromComponents("application/vnd.dev.cosign.simplesigning.v1+json", testPayload, testAnnotations)
325-
326-
// Test that PutSignaturesWithFormat fails when instanceDigest is nil
327-
err = ociDest.PutSignaturesWithFormat(context.Background(), []signature.Signature{sig}, nil)
328-
require.Error(t, err)
329-
require.Contains(t, err.Error(), "unknown manifest digest, can't add signatures")
330-
}
331-
332-
// TestPutSignaturesWithFormatNonSigstore tests error handling for non-sigstore signatures
333-
func TestPutSignaturesWithFormatNonSigstore(t *testing.T) {
334-
ref, _ := refToTempOCI(t, false)
335-
336-
dest, err := ref.NewImageDestination(context.Background(), nil)
337-
require.NoError(t, err)
338-
defer dest.Close()
339-
340-
// Cast to ociImageDestination to access PutSignaturesWithFormat
341-
ociDest, ok := dest.(*ociImageDestination)
342-
require.True(t, ok)
343-
344-
// Create a non-sigstore signature (simple signing)
345-
simpleSig := signature.SimpleSigningFromBlob([]byte("simple signature data"))
346-
testDigest := digest.FromString("test-manifest")
347-
348-
// Test that PutSignaturesWithFormat fails for non-sigstore signatures
349-
err = ociDest.PutSignaturesWithFormat(context.Background(), []signature.Signature{simpleSig}, &testDigest)
350-
require.Error(t, err)
351-
require.Contains(t, err.Error(), "oci: layout only supports sigstore signatures")
352382
}

0 commit comments

Comments
 (0)