func compareSignatures(t *testing.T, a, b imageapi.ImageSignature) { aName := a.Name a.ObjectMeta = b.ObjectMeta a.Name = aName if !reflect.DeepEqual(a, b) { t.Errorf("created and contained signatures differ: %v", diff.ObjectDiff(a, b)) } }
func autoConvert_v1_ImageSignature_To_api_ImageSignature(in *ImageSignature, out *image_api.ImageSignature, s conversion.Scope) error { out.Type = in.Type if err := conversion.Convert_Slice_byte_To_Slice_byte(&in.Content, &out.Content, s); err != nil { return err } if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions *out = make([]image_api.SignatureCondition, len(*in)) for i := range *in { if err := Convert_v1_SignatureCondition_To_api_SignatureCondition(&(*in)[i], &(*out)[i], s); err != nil { return err } } } else { out.Conditions = nil } out.ImageIdentity = in.ImageIdentity if in.SignedClaims != nil { in, out := &in.SignedClaims, &out.SignedClaims *out = make(map[string]string, len(*in)) for key, val := range *in { (*out)[key] = val } } else { out.SignedClaims = nil } if in.Created != nil { in, out := &in.Created, &out.Created *out = new(unversioned.Time) if err := api.Convert_unversioned_Time_To_unversioned_Time(*in, *out, s); err != nil { return err } } else { out.Created = nil } if in.IssuedBy != nil { in, out := &in.IssuedBy, &out.IssuedBy *out = new(image_api.SignatureIssuer) if err := Convert_v1_SignatureIssuer_To_api_SignatureIssuer(*in, *out, s); err != nil { return err } } else { out.IssuedBy = nil } if in.IssuedTo != nil { in, out := &in.IssuedTo, &out.IssuedTo *out = new(image_api.SignatureSubject) if err := Convert_v1_SignatureSubject_To_api_SignatureSubject(*in, *out, s); err != nil { return err } } else { out.IssuedTo = nil } return nil }
func autoConvert_v1_ImageSignature_To_api_ImageSignature(in *ImageSignature, out *api.ImageSignature, s conversion.Scope) error { if err := api_v1.Convert_v1_ObjectMeta_To_api_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil { return err } out.Type = in.Type out.Content = *(*[]byte)(unsafe.Pointer(&in.Content)) out.Conditions = *(*[]api.SignatureCondition)(unsafe.Pointer(&in.Conditions)) out.ImageIdentity = in.ImageIdentity out.SignedClaims = *(*map[string]string)(unsafe.Pointer(&in.SignedClaims)) out.Created = (*unversioned.Time)(unsafe.Pointer(in.Created)) out.IssuedBy = (*api.SignatureIssuer)(unsafe.Pointer(in.IssuedBy)) out.IssuedTo = (*api.SignatureSubject)(unsafe.Pointer(in.IssuedTo)) return nil }
func fuzzImageSignature(t *testing.T, signature *api.ImageSignature, seed int64) *api.ImageSignature { f := apitesting.FuzzerFor(t, v1.SchemeGroupVersion, rand.NewSource(seed)) f.Funcs( func(j *api.ImageSignature, c fuzz.Continue) { c.FuzzNoCustom(j) j.Annotations = make(map[string]string) j.Labels = make(map[string]string) j.Conditions = []api.SignatureCondition{} j.SignedClaims = make(map[string]string) j.Content = []byte(c.RandString()) for i := 0; i < c.Rand.Intn(3)+2; i++ { j.Labels[c.RandString()] = c.RandString() j.Annotations[c.RandString()] = c.RandString() j.SignedClaims[c.RandString()] = c.RandString() } for i := 0; i < c.Rand.Intn(3)+2; i++ { cond := api.SignatureCondition{} c.Fuzz(&cond) j.Conditions = append(j.Conditions, cond) } }, ) updated := api.ImageSignature{} f.Fuzz(&updated) updated.Namespace = signature.Namespace updated.Name = signature.Name j, err := meta.TypeAccessor(signature) if err != nil { t.Fatalf("Unexpected error %v for %#v", err, signature) } j.SetKind("") j.SetAPIVersion("") return &updated }
func autoConvert_v1_ImageSignature_To_api_ImageSignature(in *ImageSignature, out *api.ImageSignature, s conversion.Scope) error { if err := pkg_api.Convert_unversioned_TypeMeta_To_unversioned_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil { return err } if err := api_v1.Convert_v1_ObjectMeta_To_api_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil { return err } out.Type = in.Type if err := conversion.Convert_Slice_byte_To_Slice_byte(&in.Content, &out.Content, s); err != nil { return err } if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions *out = make([]api.SignatureCondition, len(*in)) for i := range *in { if err := Convert_v1_SignatureCondition_To_api_SignatureCondition(&(*in)[i], &(*out)[i], s); err != nil { return err } } } else { out.Conditions = nil } out.ImageIdentity = in.ImageIdentity out.SignedClaims = in.SignedClaims out.Created = in.Created if in.IssuedBy != nil { in, out := &in.IssuedBy, &out.IssuedBy *out = new(api.SignatureIssuer) if err := Convert_v1_SignatureIssuer_To_api_SignatureIssuer(*in, *out, s); err != nil { return err } } else { out.IssuedBy = nil } if in.IssuedTo != nil { in, out := &in.IssuedTo, &out.IssuedTo *out = new(api.SignatureSubject) if err := Convert_v1_SignatureSubject_To_api_SignatureSubject(*in, *out, s); err != nil { return err } } else { out.IssuedTo = nil } return nil }
func TestImageAddSignature(t *testing.T) { adminClient, userClient, image := testSetupImageSignatureTest(t, testUserName) if len(image.Signatures) != 0 { t.Fatalf("expected empty signatures, not: %s", diff.ObjectDiff(image.Signatures, []imageapi.ImageSignature{})) } // add some dummy signature signature := imageapi.ImageSignature{ Type: "unknown", Content: []byte("binaryblob"), } sigName, err := imageapi.JoinImageSignatureName(image.Name, "signaturename") if err != nil { t.Fatalf("unexpected error: %v", err) } signature.Name = sigName created, err := userClient.ImageSignatures().Create(&signature) if err == nil { t.Fatalf("unexpected success updating image signatures") } if !kerrors.IsForbidden(err) { t.Fatalf("expected forbidden error, not: %v", err) } makeUserAnImageSigner(adminClient, userClient, testUserName) // try to create the signature again created, err = userClient.ImageSignatures().Create(&signature) if err != nil { t.Fatalf("unexpected error: %v", err) } image, err = adminClient.Images().Get(image.Name) if err != nil { t.Fatalf("unexpected error: %v", err) } if len(image.Signatures) != 1 { t.Fatalf("unexpected number of signatures in created image (%d != %d)", len(image.Signatures), 1) } for _, sig := range []*imageapi.ImageSignature{created, &image.Signatures[0]} { if sig.Name != sigName || sig.Type != "unknown" || !bytes.Equal(sig.Content, []byte("binaryblob")) || len(sig.Conditions) != 0 { t.Errorf("unexpected signature received: %#+v", sig) } } compareSignatures(t, image.Signatures[0], *created) // try to create the signature yet again created, err = userClient.ImageSignatures().Create(&signature) if !kerrors.IsAlreadyExists(err) { t.Fatalf("expected already exists error, not: %v", err) } // try to create a signature with different name but the same conent newName, err := imageapi.JoinImageSignatureName(image.Name, "newone") if err != nil { t.Fatalf("unexpected error: %v", err) } signature.Name = newName created, err = userClient.ImageSignatures().Create(&signature) if !kerrors.IsAlreadyExists(err) { t.Fatalf("expected already exists error, not: %v", err) } // try to create a signature with the same name but different content signature.Name = sigName signature.Content = []byte("different") _, err = userClient.ImageSignatures().Create(&signature) if !kerrors.IsAlreadyExists(err) { t.Fatalf("expected already exists error, not: %v", err) } }