From 689006e4a68cccf5d7abb467bd9dc28583356579 Mon Sep 17 00:00:00 2001 From: Junjie Gao Date: Tue, 9 Apr 2024 15:58:54 +0800 Subject: [PATCH 1/7] fix: improve error message for --signature-format flag Signed-off-by: Junjie Gao --- internal/envelope/envelope.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/envelope/envelope.go b/internal/envelope/envelope.go index 93466bdb2..3c95b7c45 100644 --- a/internal/envelope/envelope.go +++ b/internal/envelope/envelope.go @@ -46,7 +46,7 @@ func GetEnvelopeMediaType(sigFormat string) (string, error) { case COSE: return cose.MediaTypeEnvelope, nil } - return "", fmt.Errorf("signature format %q not supported", sigFormat) + return "", fmt.Errorf("signature format %q not supported\nPlease use the supported signature envelope format \"jws\" or \"cose\"", sigFormat) } // ValidatePayloadContentType validates signature payload's content type. From 8e98706ad2409c9d29c207ffa98915681cad9357 Mon Sep 17 00:00:00 2001 From: Junjie Gao Date: Wed, 10 Apr 2024 14:05:33 +0800 Subject: [PATCH 2/7] fix: update error message Signed-off-by: Junjie Gao --- internal/envelope/envelope.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/envelope/envelope.go b/internal/envelope/envelope.go index 3c95b7c45..4f49ca0f8 100644 --- a/internal/envelope/envelope.go +++ b/internal/envelope/envelope.go @@ -46,7 +46,7 @@ func GetEnvelopeMediaType(sigFormat string) (string, error) { case COSE: return cose.MediaTypeEnvelope, nil } - return "", fmt.Errorf("signature format %q not supported\nPlease use the supported signature envelope format \"jws\" or \"cose\"", sigFormat) + return "", fmt.Errorf("signature format %q not supported\nSupported signature envelope formats are \"jws\" and \"cose\"", sigFormat) } // ValidatePayloadContentType validates signature payload's content type. From 584ea42ee18766681d56b7985e515120be56d075 Mon Sep 17 00:00:00 2001 From: Junjie Gao Date: Wed, 10 Apr 2024 14:33:24 +0800 Subject: [PATCH 3/7] fix: improve test coverage Signed-off-by: Junjie Gao --- internal/envelope/envelope_test.go | 76 ++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) diff --git a/internal/envelope/envelope_test.go b/internal/envelope/envelope_test.go index 850dee624..b3575aab2 100644 --- a/internal/envelope/envelope_test.go +++ b/internal/envelope/envelope_test.go @@ -15,6 +15,8 @@ package envelope import ( "testing" + + "github.com/notaryproject/notation-core-go/signature" ) func TestGetEnvelopeMediaType(t *testing.T) { @@ -59,3 +61,77 @@ func TestGetEnvelopeMediaType(t *testing.T) { }) } } + +func TestValidatePayloadContentType(t *testing.T) { + tests := []struct { + name string + payload *signature.Payload + wantErr bool + }{ + { + name: "valid content type", + payload: &signature.Payload{ + ContentType: MediaTypePayloadV1, + }, + wantErr: false, + }, + { + name: "invalid content type", + payload: &signature.Payload{ + ContentType: "invalid", + }, + wantErr: true, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + err := ValidatePayloadContentType(tt.payload) + if (err != nil) != tt.wantErr { + t.Errorf("ValidatePayloadContentType() error = %v, wantErr %v", err, tt.wantErr) + } + }) + } +} + +func TestDescriptorFromSignaturePayload(t *testing.T) { + validPayload := &signature.Payload{ + ContentType: MediaTypePayloadV1, + Content: []byte(`{"targetArtifact": {"mediaType": "application/vnd.oci.image.manifest.v1+json", "size": 314159, "digest": "sha256:abcd1234", "urls": ["http://example.com"]}}`), + } + invalidPayload := &signature.Payload{ + ContentType: "invalid", + Content: []byte(`invalid`), + } + + tests := []struct { + name string + payload *signature.Payload + wantErr bool + }{ + { + name: "valid payload", + payload: validPayload, + wantErr: false, + }, + { + name: "invalid content type", + payload: invalidPayload, + wantErr: true, + }, + { + name: "nil payload", + payload: nil, + wantErr: true, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + _, err := DescriptorFromSignaturePayload(tt.payload) + if (err != nil) != tt.wantErr { + t.Errorf("DescriptorFromSignaturePayload() error = %v, wantErr %v", err, tt.wantErr) + } + }) + } +} From 4617be1968b1d3a21d202999e605a144065b3474 Mon Sep 17 00:00:00 2001 From: Junjie Gao Date: Wed, 10 Apr 2024 16:59:05 +0800 Subject: [PATCH 4/7] test: improve e2e Signed-off-by: Junjie Gao --- test/e2e/run.sh | 4 ++-- test/e2e/suite/command/cert.go | 42 ++++++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+), 2 deletions(-) create mode 100644 test/e2e/suite/command/cert.go diff --git a/test/e2e/run.sh b/test/e2e/run.sh index 7da050cb4..1d3559788 100755 --- a/test/e2e/run.sh +++ b/test/e2e/run.sh @@ -69,7 +69,7 @@ if [ ! -f "$NOTATION_E2E_OLD_BINARY_PATH" ]; then fi # install dependency -go install -mod=mod github.com/onsi/ginkgo/v2/ginkgo@v2.9.5 +go install -mod=mod github.com/onsi/ginkgo/v2/ginkgo@v2.11.0 # build e2e plugin and tar.gz PLUGIN_NAME=notation-e2e-plugin @@ -111,4 +111,4 @@ export NOTATION_E2E_PLUGIN_TAR_GZ_PATH=$CWD/plugin/bin/$PLUGIN_NAME.tar.gz export NOTATION_E2E_MALICIOUS_PLUGIN_ARCHIVE_PATH=$CWD/testdata/malicious-plugin # run tests -ginkgo -r -p -v \ No newline at end of file +ginkgo -r -p -v diff --git a/test/e2e/suite/command/cert.go b/test/e2e/suite/command/cert.go new file mode 100644 index 000000000..ffa975c26 --- /dev/null +++ b/test/e2e/suite/command/cert.go @@ -0,0 +1,42 @@ +// Copyright The Notary Project Authors. +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package command + +import ( + . "github.com/notaryproject/notation/test/e2e/internal/notation" + "github.com/notaryproject/notation/test/e2e/internal/utils" + + // . "github.com/notaryproject/notation/test/e2e/suite/common" + . "github.com/onsi/ginkgo/v2" +) + +var _ = Describe("notation", func() { + It("show certs", func() { + Host(BaseOptions(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { + notation.Exec("cert", "list"). + MatchKeyWords( + "STORE TYPE STORE NAME CERTIFICATE", + ) + }) + }) + + It("delete all certs", func() { + Host(BaseOptions(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { + notation.Exec("cert", "delete", "--all", "--type", "ca", "--store", "e2e", "-y"). + MatchKeyWords( + "Successfully deleted", + ) + }) + }) +}) From b6828aa38887325e85a2ec53a6bc189b4eeaf458 Mon Sep 17 00:00:00 2001 From: Junjie Gao Date: Wed, 10 Apr 2024 17:11:52 +0800 Subject: [PATCH 5/7] test: improve e2e test Signed-off-by: Junjie Gao --- test/e2e/run.sh | 2 +- test/e2e/suite/command/cert.go | 42 +++++++++++++++++++++++++++++++--- 2 files changed, 40 insertions(+), 4 deletions(-) diff --git a/test/e2e/run.sh b/test/e2e/run.sh index 1d3559788..5dff05449 100755 --- a/test/e2e/run.sh +++ b/test/e2e/run.sh @@ -111,4 +111,4 @@ export NOTATION_E2E_PLUGIN_TAR_GZ_PATH=$CWD/plugin/bin/$PLUGIN_NAME.tar.gz export NOTATION_E2E_MALICIOUS_PLUGIN_ARCHIVE_PATH=$CWD/testdata/malicious-plugin # run tests -ginkgo -r -p -v +ginkgo -r -p -v --focus diff --git a/test/e2e/suite/command/cert.go b/test/e2e/suite/command/cert.go index ffa975c26..57b4f30dc 100644 --- a/test/e2e/suite/command/cert.go +++ b/test/e2e/suite/command/cert.go @@ -21,8 +21,8 @@ import ( . "github.com/onsi/ginkgo/v2" ) -var _ = Describe("notation", func() { - It("show certs", func() { +var _ = Describe("notation cert", func() { + It("show all", func() { Host(BaseOptions(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { notation.Exec("cert", "list"). MatchKeyWords( @@ -31,7 +31,7 @@ var _ = Describe("notation", func() { }) }) - It("delete all certs", func() { + It("delete all", func() { Host(BaseOptions(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { notation.Exec("cert", "delete", "--all", "--type", "ca", "--store", "e2e", "-y"). MatchKeyWords( @@ -39,4 +39,40 @@ var _ = Describe("notation", func() { ) }) }) + + It("delete a specfic cert", func() { + Host(BaseOptions(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { + notation.Exec("cert", "delete", "--type", "ca", "--store", "e2e", "e2e.crt", "-y"). + MatchKeyWords( + "Successfully deleted e2e.crt", + ) + }) + }) + + It("delete a non-exist cert", func() { + Host(BaseOptions(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { + notation.ExpectFailure().Exec("cert", "delete", "--type", "ca", "--store", "e2e", "non-exist.crt", "-y"). + MatchErrKeyWords( + "failed to delete the certificate file", + ) + }) + }) + + It("show e2e cert", func() { + Host(BaseOptions(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { + notation.Exec("cert", "list", "--type", "ca", "--store", "e2e"). + MatchKeyWords( + "e2e.crt", + ) + }) + }) + + It("list", func() { + Host(BaseOptions(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { + notation.Exec("cert", "list"). + MatchKeyWords( + "STORE TYPE STORE NAME CERTIFICATE", + ) + }) + }) }) From ca8ad88801962a0e106b57ae6458d50a87022c48 Mon Sep 17 00:00:00 2001 From: Junjie Gao Date: Wed, 10 Apr 2024 17:15:17 +0800 Subject: [PATCH 6/7] fix: update script Signed-off-by: Junjie Gao --- test/e2e/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/e2e/run.sh b/test/e2e/run.sh index 5dff05449..1d3559788 100755 --- a/test/e2e/run.sh +++ b/test/e2e/run.sh @@ -111,4 +111,4 @@ export NOTATION_E2E_PLUGIN_TAR_GZ_PATH=$CWD/plugin/bin/$PLUGIN_NAME.tar.gz export NOTATION_E2E_MALICIOUS_PLUGIN_ARCHIVE_PATH=$CWD/testdata/malicious-plugin # run tests -ginkgo -r -p -v --focus +ginkgo -r -p -v From 9facfa50584322fb0f945d044ac9e38c7507b105 Mon Sep 17 00:00:00 2001 From: Junjie Gao Date: Thu, 11 Apr 2024 09:46:09 +0800 Subject: [PATCH 7/7] test: improve e2e test Signed-off-by: Junjie Gao --- test/e2e/suite/command/cert.go | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/test/e2e/suite/command/cert.go b/test/e2e/suite/command/cert.go index 57b4f30dc..418a8a6ca 100644 --- a/test/e2e/suite/command/cert.go +++ b/test/e2e/suite/command/cert.go @@ -60,9 +60,9 @@ var _ = Describe("notation cert", func() { It("show e2e cert", func() { Host(BaseOptions(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { - notation.Exec("cert", "list", "--type", "ca", "--store", "e2e"). + notation.Exec("cert", "show", "--type", "ca", "--store", "e2e", "e2e.crt"). MatchKeyWords( - "e2e.crt", + "Issuer: CN=e2e,O=Notary,L=Seattle,ST=WA,C=US", ) }) }) @@ -75,4 +75,34 @@ var _ = Describe("notation cert", func() { ) }) }) + + It("list with type", func() { + Host(BaseOptions(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { + notation.Exec("cert", "list", "--type", "ca"). + MatchKeyWords( + "STORE TYPE STORE NAME CERTIFICATE", + "e2e.crt", + ) + }) + }) + + It("list with store", func() { + Host(BaseOptions(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { + notation.Exec("cert", "list", "--store", "e2e"). + MatchKeyWords( + "STORE TYPE STORE NAME CERTIFICATE", + "e2e.crt", + ) + }) + }) + + It("list with type and store", func() { + Host(BaseOptions(), func(notation *utils.ExecOpts, artifact *Artifact, vhost *utils.VirtualHost) { + notation.Exec("cert", "list", "--type", "ca", "--store", "e2e"). + MatchKeyWords( + "STORE TYPE STORE NAME CERTIFICATE", + "e2e.crt", + ) + }) + }) })