Skip to content

Commit 3b92209

Browse files
bitokubitoku
committed
Refactor TestPutSignaturesWithFormat to use table-driven tests for improved readability and maintainability.
Signed-off-by: Ayato Tokubi <[email protected]>
1 parent e9f9da1 commit 3b92209

File tree

1 file changed

+151
-126
lines changed

1 file changed

+151
-126
lines changed

image/oci/layout/oci_dest_test.go

Lines changed: 151 additions & 126 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@ import (
1313
imgspecv1 "github.com/opencontainers/image-spec/specs-go/v1"
1414
"github.com/stretchr/testify/assert"
1515
"github.com/stretchr/testify/require"
16+
"go.podman.io/image/v5/internal/imagedestination"
17+
"go.podman.io/image/v5/internal/imagesource"
1618
"go.podman.io/image/v5/internal/private"
1719
"go.podman.io/image/v5/internal/signature"
1820
"go.podman.io/image/v5/pkg/blobinfocache/memory"
@@ -220,133 +222,156 @@ func TestPutblobFromLocalFile(t *testing.T) {
220222

221223
// TestPutSignaturesWithFormat tests that sigstore signatures are properly stored in OCI layout
222224
func TestPutSignaturesWithFormat(t *testing.T) {
223-
tmpDir := loadFixture(t, "single_image_layout")
224-
ref, err := NewReference(tmpDir, "latest")
225-
require.NoError(t, err)
226-
dest, err := ref.NewImageDestination(context.Background(), nil)
227-
require.NoError(t, err)
228-
defer dest.Close()
229-
ociDest, ok := dest.(*ociImageDestination)
230-
require.True(t, ok)
231-
232-
desc, _, err := ociDest.ref.getManifestDescriptor()
233-
require.NoError(t, err)
234-
require.NotNil(t, desc)
235-
236-
sigstoreSign := signature.SigstoreFromComponents(
237-
"application/vnd.dev.cosign.simplesigning.v1+json",
238-
[]byte("test-payload"),
239-
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
240-
)
241-
242-
err = ociDest.PutSignaturesWithFormat(context.Background(), []signature.Signature{sigstoreSign}, &desc.Digest)
243-
require.NoError(t, err)
244-
245-
err = ociDest.Commit(context.Background(), nil)
246-
require.NoError(t, err)
247-
248-
src, err := ref.NewImageSource(context.Background(), nil)
249-
require.NoError(t, err)
250-
ociSrc, ok := src.(*ociImageSource)
251-
require.True(t, ok)
252-
sign, err := ociSrc.GetSignaturesWithFormat(context.Background(), &desc.Digest)
253-
require.NoError(t, err)
254-
require.Len(t, sign, 1)
255-
require.Equal(t, sigstoreSign, sign[0])
256-
}
257-
258-
// TestPutSignaturesWithFormatTwice tests PutSignaturesWithFormat twice and checks
259-
func TestPutSignaturesWithFormatTwice(t *testing.T) {
260-
tmpDir := loadFixture(t, "single_image_layout")
261-
ref, err := NewReference(tmpDir, "latest")
262-
require.NoError(t, err)
263-
dest, err := ref.NewImageDestination(context.Background(), nil)
264-
require.NoError(t, err)
265-
defer dest.Close()
266-
ociDest, ok := dest.(*ociImageDestination)
267-
require.True(t, ok)
268-
269-
desc, _, err := ociDest.ref.getManifestDescriptor()
270-
require.NoError(t, err)
271-
require.NotNil(t, desc)
272-
273-
sigstoreSign := signature.SigstoreFromComponents(
274-
"application/vnd.dev.cosign.simplesigning.v1+json",
275-
[]byte("test-payload"),
276-
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
277-
)
278-
sigstoreSign2 := signature.SigstoreFromComponents(
279-
"application/vnd.dev.cosign.simplesigning.v1+json",
280-
[]byte("test-payload2"),
281-
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
282-
)
283-
284-
err = ociDest.PutSignaturesWithFormat(context.Background(), []signature.Signature{sigstoreSign}, &desc.Digest)
285-
require.NoError(t, err)
286-
287-
err = ociDest.Commit(context.Background(), nil)
288-
require.NoError(t, err)
289-
290-
err = ociDest.PutSignaturesWithFormat(context.Background(), []signature.Signature{sigstoreSign, sigstoreSign2}, &desc.Digest)
291-
require.NoError(t, err)
292-
293-
err = ociDest.Commit(context.Background(), nil)
294-
require.NoError(t, err)
295-
296-
src, err := ref.NewImageSource(context.Background(), nil)
297-
require.NoError(t, err)
298-
ociSrc, ok := src.(*ociImageSource)
299-
require.True(t, ok)
300-
sign, err := ociSrc.GetSignaturesWithFormat(context.Background(), &desc.Digest)
301-
require.NoError(t, err)
302-
require.Len(t, sign, 2)
303-
require.Equal(t, sigstoreSign, sign[0])
304-
require.Equal(t, sigstoreSign2, sign[1])
305-
}
306-
307-
// TestPutSignaturesWithFormatNilDigest tests error handling when instanceDigest is nil
308-
func TestPutSignaturesWithFormatNilDigest(t *testing.T) {
309-
ref, _ := refToTempOCI(t, false)
310-
311-
dest, err := ref.NewImageDestination(context.Background(), nil)
312-
require.NoError(t, err)
313-
defer dest.Close()
225+
for _, test := range []struct {
226+
name string
227+
manifestDigest digest.Digest
228+
signaturesList [][]signature.Signature
229+
expectedSignatures []signature.Signature
230+
expectedError string
231+
}{
232+
{
233+
name: "single signature, single PutSignaturesWithFormat",
234+
signaturesList: [][]signature.Signature{
235+
{
236+
signature.SigstoreFromComponents(
237+
"application/vnd.dev.cosign.simplesigning.v1+json",
238+
[]byte("test-payload"),
239+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
240+
),
241+
},
242+
},
243+
expectedSignatures: []signature.Signature{
244+
signature.SigstoreFromComponents(
245+
"application/vnd.dev.cosign.simplesigning.v1+json",
246+
[]byte("test-payload"),
247+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
248+
),
249+
},
250+
},
251+
{
252+
name: "multiple signatures",
253+
signaturesList: [][]signature.Signature{
254+
{
255+
signature.SigstoreFromComponents(
256+
"application/vnd.dev.cosign.simplesigning.v1+json",
257+
[]byte("test-payload1"),
258+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature1"},
259+
),
260+
signature.SigstoreFromComponents(
261+
"application/vnd.dev.cosign.simplesigning.v1+json",
262+
[]byte("test-payload2"),
263+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature2"},
264+
),
265+
},
266+
},
267+
expectedSignatures: []signature.Signature{
268+
signature.SigstoreFromComponents(
269+
"application/vnd.dev.cosign.simplesigning.v1+json",
270+
[]byte("test-payload1"),
271+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature1"},
272+
),
273+
signature.SigstoreFromComponents(
274+
"application/vnd.dev.cosign.simplesigning.v1+json",
275+
[]byte("test-payload2"),
276+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature2"},
277+
),
278+
},
279+
},
280+
{
281+
name: "multiple PutSignaturesWithFormat with the same image",
282+
signaturesList: [][]signature.Signature{
283+
{
284+
signature.SigstoreFromComponents(
285+
"application/vnd.dev.cosign.simplesigning.v1+json",
286+
[]byte("test-payload"),
287+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
288+
),
289+
},
290+
{
291+
signature.SigstoreFromComponents(
292+
"application/vnd.dev.cosign.simplesigning.v1+json",
293+
[]byte("test-payload"),
294+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
295+
),
296+
},
297+
},
298+
expectedSignatures: []signature.Signature{
299+
signature.SigstoreFromComponents(
300+
"application/vnd.dev.cosign.simplesigning.v1+json",
301+
[]byte("test-payload"),
302+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature"},
303+
),
304+
},
305+
},
306+
{
307+
name: "multiple PutSignaturesWithFormat with the different images",
308+
signaturesList: [][]signature.Signature{
309+
{
310+
signature.SigstoreFromComponents(
311+
"application/vnd.dev.cosign.simplesigning.v1+json",
312+
[]byte("test-payload1"),
313+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature1"},
314+
),
315+
},
316+
{
317+
signature.SigstoreFromComponents(
318+
"application/vnd.dev.cosign.simplesigning.v1+json",
319+
[]byte("test-payload2"),
320+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature2"},
321+
),
322+
},
323+
},
324+
expectedSignatures: []signature.Signature{
325+
signature.SigstoreFromComponents(
326+
"application/vnd.dev.cosign.simplesigning.v1+json",
327+
[]byte("test-payload1"),
328+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature1"},
329+
),
330+
signature.SigstoreFromComponents(
331+
"application/vnd.dev.cosign.simplesigning.v1+json",
332+
[]byte("test-payload2"),
333+
map[string]string{"dev.cosignproject.cosign/signature": "test-signature2"},
334+
),
335+
},
336+
},
337+
} {
338+
t.Run(test.name, func(t *testing.T) {
339+
tmpDir := t.TempDir()
340+
ref, err := NewReference(tmpDir, "latest")
341+
require.NoError(t, err)
342+
ociRef := ref.(ociReference)
343+
putTestManifest(t, ociRef, tmpDir)
344+
345+
dest, err := ref.NewImageDestination(context.Background(), nil)
346+
require.NoError(t, err)
347+
defer dest.Close()
348+
ociDest := imagedestination.FromPublic(dest)
349+
350+
// get digest of the manifest
351+
desc, _, err := ociRef.getManifestDescriptor()
352+
require.NoError(t, err)
353+
354+
for _, sigs := range test.signaturesList {
355+
err = ociDest.PutSignaturesWithFormat(context.Background(), sigs, &desc.Digest)
356+
if test.expectedError != "" {
357+
require.Error(t, err)
358+
require.Contains(t, err.Error(), test.expectedError)
359+
continue
360+
}
361+
require.NoError(t, err)
362+
err = ociDest.Commit(context.Background(), nil)
363+
require.NoError(t, err)
364+
}
314365

315-
// Cast to ociImageDestination to access PutSignaturesWithFormat
316-
ociDest, ok := dest.(*ociImageDestination)
317-
require.True(t, ok)
366+
src, err := ref.NewImageSource(context.Background(), nil)
367+
require.NoError(t, err)
368+
ociSrc := imagesource.FromPublic(src)
369+
sign, err := ociSrc.GetSignaturesWithFormat(context.Background(), &desc.Digest)
370+
require.NoError(t, err)
318371

319-
// Create a test signature
320-
testPayload := []byte(`{"test": "payload"}`)
321-
testAnnotations := map[string]string{
322-
"dev.cosignproject.cosign/signature": "test-signature",
372+
for i, sig := range test.expectedSignatures {
373+
require.Equal(t, sig, sign[i])
374+
}
375+
})
323376
}
324-
sig := signature.SigstoreFromComponents("application/vnd.dev.cosign.simplesigning.v1+json", testPayload, testAnnotations)
325-
326-
// Test that PutSignaturesWithFormat fails when instanceDigest is nil
327-
err = ociDest.PutSignaturesWithFormat(context.Background(), []signature.Signature{sig}, nil)
328-
require.Error(t, err)
329-
require.Contains(t, err.Error(), "unknown manifest digest, can't add signatures")
330-
}
331-
332-
// TestPutSignaturesWithFormatNonSigstore tests error handling for non-sigstore signatures
333-
func TestPutSignaturesWithFormatNonSigstore(t *testing.T) {
334-
ref, _ := refToTempOCI(t, false)
335-
336-
dest, err := ref.NewImageDestination(context.Background(), nil)
337-
require.NoError(t, err)
338-
defer dest.Close()
339-
340-
// Cast to ociImageDestination to access PutSignaturesWithFormat
341-
ociDest, ok := dest.(*ociImageDestination)
342-
require.True(t, ok)
343-
344-
// Create a non-sigstore signature (simple signing)
345-
simpleSig := signature.SimpleSigningFromBlob([]byte("simple signature data"))
346-
testDigest := digest.FromString("test-manifest")
347-
348-
// Test that PutSignaturesWithFormat fails for non-sigstore signatures
349-
err = ociDest.PutSignaturesWithFormat(context.Background(), []signature.Signature{simpleSig}, &testDigest)
350-
require.Error(t, err)
351-
require.Contains(t, err.Error(), "oci: layout only supports sigstore signatures")
352377
}

0 commit comments

Comments
 (0)