diff --git a/cmd/zb/helper.go b/cmd/zb/helper.go index 68a945b93..d091b8248 100644 --- a/cmd/zb/helper.go +++ b/cmd/zb/helper.go @@ -8,6 +8,7 @@ import ( "log" "math/rand" "net/http" + "net/url" "os" "path" "sync" @@ -21,8 +22,6 @@ import ( zerr "zotregistry.io/zot/errors" "zotregistry.io/zot/pkg/common" - testc "zotregistry.io/zot/pkg/test/common" - "zotregistry.io/zot/pkg/test/image-utils" ) func makeHTTPGetRequest(url string, resultPtr interface{}, client *resty.Client) error { @@ -344,7 +343,7 @@ func pushMonolithImage(workdir, url, trepo string, repos []string, config testCo resp.StatusCode(), string(resp.Body())) //nolint: goerr113 } - loc := testc.Location(url, resp) + loc := getLocation(url, resp) var size int @@ -398,8 +397,8 @@ func pushMonolithImage(workdir, url, trepo string, repos []string, config testCo resp.StatusCode(), string(resp.Body())) } - loc = testc.Location(url, resp) - cblob, cdigest := getRandomImageConfig() + loc = getLocation(url, resp) + cblob, cdigest := getImageConfig() resp, err = client.R(). SetContentLength(true). SetHeader("Content-Length", fmt.Sprintf("%d", len(cblob))). @@ -526,7 +525,7 @@ func pushMonolithAndCollect(workdir, url, trepo string, count int, return } - loc := testc.Location(url, resp) + loc := getLocation(url, resp) var size int @@ -594,8 +593,8 @@ func pushMonolithAndCollect(workdir, url, trepo string, count int, return } - loc = testc.Location(url, resp) - cblob, cdigest := getRandomImageConfig() + loc = getLocation(url, resp) + cblob, cdigest := getImageConfig() resp, err = client.R(). SetContentLength(true). SetHeader("Content-Length", fmt.Sprintf("%d", len(cblob))). @@ -730,7 +729,7 @@ func pushChunkAndCollect(workdir, url, trepo string, count int, return } - loc := testc.Location(url, resp) + loc := getLocation(url, resp) var size int @@ -768,7 +767,7 @@ func pushChunkAndCollect(workdir, url, trepo string, count int, return } - loc = testc.Location(url, resp) + loc = getLocation(url, resp) // request specific check statusCode = resp.StatusCode() @@ -822,8 +821,8 @@ func pushChunkAndCollect(workdir, url, trepo string, count int, return } - loc = testc.Location(url, resp) - cblob, cdigest := getRandomImageConfig() + loc = getLocation(url, resp) + cblob, cdigest := getImageConfig() resp, err = client.R(). SetContentLength(true). SetHeader("Content-Type", "application/octet-stream"). @@ -859,7 +858,7 @@ func pushChunkAndCollect(workdir, url, trepo string, count int, return } - loc = testc.Location(url, resp) + loc = getLocation(url, resp) // request specific check statusCode = resp.StatusCode() @@ -1020,9 +1019,21 @@ func loadOrStore(statusRequests *sync.Map, key string, value int) int { //nolint return intValue } -// TO DO: replace with pkg/test/images when available. -func getRandomImageConfig() ([]byte, godigest.Digest) { - config := image.GetDefaultConfig() +func getImageConfig() ([]byte, godigest.Digest) { + createdTime := time.Date(2011, time.Month(1), 1, 1, 1, 1, 0, time.UTC) + + config := ispec.Image{ + Created: &createdTime, + Author: "ZotUser", + Platform: ispec.Platform{ + OS: "linux", + Architecture: "amd64", + }, + RootFS: ispec.RootFS{ + Type: "layers", + DiffIDs: []godigest.Digest{}, + }, + } configBlobContent, err := json.MarshalIndent(&config, "", "\t") if err != nil { @@ -1033,3 +1044,21 @@ func getRandomImageConfig() ([]byte, godigest.Digest) { return configBlobContent, configBlobDigestRaw } + +func getLocation(baseURL string, resp *resty.Response) string { + // For some API responses, the Location header is set and is supposed to + // indicate an opaque value. However, it is not clear if this value is an + // absolute URL (https://server:port/v2/...) or just a path (/v2/...) + // zot implements the latter as per the spec, but some registries appear to + // return the former - this needs to be clarified + loc := resp.Header().Get("Location") + + uloc, err := url.Parse(loc) + if err != nil { + return "" + } + + path := uloc.Path + + return baseURL + path +} diff --git a/pkg/api/authn_test.go b/pkg/api/authn_test.go index 10e92fb6c..b989d7865 100644 --- a/pkg/api/authn_test.go +++ b/pkg/api/authn_test.go @@ -26,7 +26,8 @@ import ( "zotregistry.io/zot/pkg/log" mTypes "zotregistry.io/zot/pkg/meta/types" reqCtx "zotregistry.io/zot/pkg/requestcontext" - "zotregistry.io/zot/pkg/test" + authutils "zotregistry.io/zot/pkg/test/auth" + test "zotregistry.io/zot/pkg/test/common" "zotregistry.io/zot/pkg/test/mocks" ) @@ -81,7 +82,7 @@ func TestAPIKeys(t *testing.T) { htpasswdPath := test.MakeHtpasswdFile() defer os.Remove(htpasswdPath) - mockOIDCServer, err := test.MockOIDCRun() + mockOIDCServer, err := authutils.MockOIDCRun() if err != nil { panic(err) } @@ -834,7 +835,7 @@ func TestAPIKeysOpenDBError(t *testing.T) { htpasswdPath := test.MakeHtpasswdFile() defer os.Remove(htpasswdPath) - mockOIDCServer, err := test.MockOIDCRun() + mockOIDCServer, err := authutils.MockOIDCRun() if err != nil { panic(err) } diff --git a/pkg/api/controller_test.go b/pkg/api/controller_test.go index 8d342327c..41f395dbf 100644 --- a/pkg/api/controller_test.go +++ b/pkg/api/controller_test.go @@ -61,11 +61,14 @@ import ( "zotregistry.io/zot/pkg/storage" storageConstants "zotregistry.io/zot/pkg/storage/constants" "zotregistry.io/zot/pkg/storage/gc" - "zotregistry.io/zot/pkg/test" - testc "zotregistry.io/zot/pkg/test/common" + authutils "zotregistry.io/zot/pkg/test/auth" + test "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/inject" "zotregistry.io/zot/pkg/test/mocks" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" + "zotregistry.io/zot/pkg/test/signature" ) const ( @@ -446,7 +449,7 @@ func TestObjectStorageController(t *testing.T) { "versiontablename": "Version", } - mockOIDCServer, err := test.MockOIDCRun() + mockOIDCServer, err := authutils.MockOIDCRun() if err != nil { panic(err) } @@ -2159,7 +2162,7 @@ func TestLDAPFailures(t *testing.T) { func TestBearerAuth(t *testing.T) { Convey("Make a new controller", t, func() { - authTestServer := test.MakeAuthTestServer(ServerKey, UnauthorizedNamespace) + authTestServer := authutils.MakeAuthTestServer(ServerKey, UnauthorizedNamespace) defer authTestServer.Close() port := test.GetFreePort() @@ -2192,7 +2195,7 @@ func TestBearerAuth(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader := test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader := authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -2200,7 +2203,7 @@ func TestBearerAuth(t *testing.T) { So(err, ShouldBeNil) So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusOK) - var goodToken test.AccessTokenResponse + var goodToken authutils.AccessTokenResponse err = json.Unmarshal(resp.Body(), &goodToken) So(err, ShouldBeNil) @@ -2222,7 +2225,7 @@ func TestBearerAuth(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -2251,7 +2254,7 @@ func TestBearerAuth(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -2280,7 +2283,7 @@ func TestBearerAuth(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -2304,7 +2307,7 @@ func TestBearerAuth(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -2312,7 +2315,7 @@ func TestBearerAuth(t *testing.T) { So(err, ShouldBeNil) So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusOK) - var badToken test.AccessTokenResponse + var badToken authutils.AccessTokenResponse err = json.Unmarshal(resp.Body(), &badToken) So(err, ShouldBeNil) @@ -2348,7 +2351,7 @@ func TestBearerAuthWrongAuthorizer(t *testing.T) { func TestBearerAuthWithAllowReadAccess(t *testing.T) { Convey("Make a new controller", t, func() { - authTestServer := test.MakeAuthTestServer(ServerKey, UnauthorizedNamespace) + authTestServer := authutils.MakeAuthTestServer(ServerKey, UnauthorizedNamespace) defer authTestServer.Close() port := test.GetFreePort() @@ -2389,7 +2392,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader := test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader := authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -2397,7 +2400,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) { So(err, ShouldBeNil) So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusOK) - var goodToken test.AccessTokenResponse + var goodToken authutils.AccessTokenResponse err = json.Unmarshal(resp.Body(), &goodToken) So(err, ShouldBeNil) @@ -2413,7 +2416,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -2442,7 +2445,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -2471,7 +2474,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -2495,7 +2498,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -2503,7 +2506,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) { So(err, ShouldBeNil) So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusOK) - var badToken test.AccessTokenResponse + var badToken authutils.AccessTokenResponse err = json.Unmarshal(resp.Body(), &badToken) So(err, ShouldBeNil) @@ -2520,7 +2523,7 @@ func TestNewRelyingPartyOIDC(t *testing.T) { Convey("Test NewRelyingPartyOIDC", t, func() { conf := config.New() - mockOIDCServer, err := test.MockOIDCRun() + mockOIDCServer, err := authutils.MockOIDCRun() if err != nil { panic(err) } @@ -2631,7 +2634,7 @@ func TestOpenIDMiddleware(t *testing.T) { ldapServer.Start(ldapPort) defer ldapServer.Stop() - mockOIDCServer, err := test.MockOIDCRun() + mockOIDCServer, err := authutils.MockOIDCRun() if err != nil { panic(err) } @@ -2942,7 +2945,7 @@ func TestIsOpenIDEnabled(t *testing.T) { conf := config.New() conf.HTTP.Port = port - mockOIDCServer, err := test.MockOIDCRun() + mockOIDCServer, err := authutils.MockOIDCRun() if err != nil { panic(err) } @@ -3053,7 +3056,7 @@ func TestAuthnSessionErrors(t *testing.T) { ldapServer.Start(ldapPort) defer ldapServer.Stop() - mockOIDCServer, err := test.MockOIDCRun() + mockOIDCServer, err := authutils.MockOIDCRun() if err != nil { panic(err) } @@ -3444,7 +3447,7 @@ func TestAuthnMetaDBErrors(t *testing.T) { htpasswdPath := test.MakeHtpasswdFile() defer os.Remove(htpasswdPath) - mockOIDCServer, err := test.MockOIDCRun() + mockOIDCServer, err := authutils.MockOIDCRun() if err != nil { panic(err) } @@ -3577,7 +3580,7 @@ func TestAuthorization(t *testing.T) { } Convey("with openid", func() { - mockOIDCServer, err := test.MockOIDCRun() + mockOIDCServer, err := authutils.MockOIDCRun() if err != nil { panic(err) } @@ -3607,8 +3610,8 @@ func TestAuthorization(t *testing.T) { ctlr := api.NewController(conf) ctlr.Config.Storage.RootDirectory = t.TempDir() - err = test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", - test.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log)) + err = WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", + ociutils.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log)) So(err, ShouldBeNil) cm := test.NewControllerManager(ctlr) @@ -3643,8 +3646,8 @@ func TestAuthorization(t *testing.T) { ctlr := api.NewController(conf) ctlr.Config.Storage.RootDirectory = t.TempDir() - err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", - test.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log)) + err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", + ociutils.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log)) So(err, ShouldBeNil) cm := test.NewControllerManager(ctlr) @@ -3783,13 +3786,13 @@ func TestAuthorizationWithOnlyAnonymousPolicy(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusCreated) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() resp, err = resty.R().Post(baseURL + "/v2/" + TestRepo + "/blobs/uploads/") So(err, ShouldBeNil) So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc = testc.Location(baseURL, resp) + loc = test.Location(baseURL, resp) // uploading blob should get 201 resp, err = resty.R().SetHeader("Content-Length", fmt.Sprintf("%d", len(cblob))). @@ -3834,7 +3837,7 @@ func TestAuthorizationWithOnlyAnonymousPolicy(t *testing.T) { So(err, ShouldBeNil) So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc = testc.Location(baseURL, resp) + loc = test.Location(baseURL, resp) // uploading blob should get 201 resp, err = resty.R(). SetHeader("Content-Length", fmt.Sprintf("%d", len(updateBlob))). @@ -3920,7 +3923,7 @@ func TestAuthorizationWithOnlyAnonymousPolicy(t *testing.T) { err = os.Mkdir(path.Join(dir, "zot-test"), storageConstants.DefaultDirPerms) So(err, ShouldBeNil) - err = test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "tag", ctlr.StoreController) + err = WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "tag", ctlr.StoreController) So(err, ShouldBeNil) // should not have read rights on zot-test @@ -4198,7 +4201,7 @@ func TestAuthorizationWithMultiplePolicies(t *testing.T) { Convey("with openid", func() { dir := t.TempDir() - mockOIDCServer, err := test.MockOIDCRun() + mockOIDCServer, err := authutils.MockOIDCRun() if err != nil { panic(err) } @@ -4228,8 +4231,8 @@ func TestAuthorizationWithMultiplePolicies(t *testing.T) { ctlr := api.NewController(conf) ctlr.Config.Storage.RootDirectory = dir - err = test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", - test.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log)) + err = WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", + ociutils.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log)) So(err, ShouldBeNil) cm := test.NewControllerManager(ctlr) @@ -4287,8 +4290,8 @@ func TestAuthorizationWithMultiplePolicies(t *testing.T) { ctlr := api.NewController(conf) ctlr.Config.Storage.RootDirectory = dir - err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", - test.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log)) + err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", + ociutils.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log)) So(err, ShouldBeNil) cm := test.NewControllerManager(ctlr) @@ -4450,8 +4453,8 @@ func TestCrossRepoMount(t *testing.T) { ctlr.Config.Storage.Dedupe = false image := CreateDefaultImage() - err := test.WriteImageToFileSystem(image, "zot-cve-test", "test", storage.StoreController{ - DefaultStore: test.GetDefaultImageStore(dir, ctlr.Log), + err := WriteImageToFileSystem(image, "zot-cve-test", "test", storage.StoreController{ + DefaultStore: ociutils.GetDefaultImageStore(dir, ctlr.Log), }) So(err, ShouldBeNil) @@ -4495,7 +4498,7 @@ func TestCrossRepoMount(t *testing.T) { Post(baseURL + "/v2/zot-y-test/blobs/uploads/") So(err, ShouldBeNil) So(postResponse.StatusCode(), ShouldEqual, http.StatusAccepted) - So(testc.Location(baseURL, postResponse), ShouldStartWith, fmt.Sprintf("%s%s/zot-y-test/%s/%s", + So(test.Location(baseURL, postResponse), ShouldStartWith, fmt.Sprintf("%s%s/zot-y-test/%s/%s", baseURL, constants.RoutePrefix, constants.Blobs, constants.Uploads)) // Use correct request @@ -4506,7 +4509,7 @@ func TestCrossRepoMount(t *testing.T) { Post(baseURL + "/v2/zot-c-test/blobs/uploads/") So(err, ShouldBeNil) So(postResponse.StatusCode(), ShouldEqual, http.StatusAccepted) - So(testc.Location(baseURL, postResponse), ShouldStartWith, fmt.Sprintf("%s%s/zot-c-test/%s/%s", + So(test.Location(baseURL, postResponse), ShouldStartWith, fmt.Sprintf("%s%s/zot-c-test/%s/%s", baseURL, constants.RoutePrefix, constants.Blobs, constants.Uploads)) // Send same request again @@ -4579,7 +4582,7 @@ func TestCrossRepoMount(t *testing.T) { Post(baseURL + "/v2/zot-mount-test/blobs/uploads/") So(err, ShouldBeNil) So(postResponse.StatusCode(), ShouldEqual, http.StatusCreated) - So(testc.Location(baseURL, postResponse), ShouldEqual, fmt.Sprintf("%s%s/zot-mount-test/%s/%s:%s", + So(test.Location(baseURL, postResponse), ShouldEqual, fmt.Sprintf("%s%s/zot-mount-test/%s/%s:%s", baseURL, constants.RoutePrefix, constants.Blobs, godigest.SHA256, blob)) // Check os.SameFile here @@ -4604,7 +4607,7 @@ func TestCrossRepoMount(t *testing.T) { Post(baseURL + "/v2/zot-mount1-test/blobs/uploads/") So(err, ShouldBeNil) So(postResponse.StatusCode(), ShouldEqual, http.StatusCreated) - So(testc.Location(baseURL, postResponse), ShouldEqual, fmt.Sprintf("%s%s/zot-mount1-test/%s/%s:%s", + So(test.Location(baseURL, postResponse), ShouldEqual, fmt.Sprintf("%s%s/zot-mount1-test/%s/%s:%s", baseURL, constants.RoutePrefix, constants.Blobs, godigest.SHA256, blob)) linkPath = path.Join(ctlr.Config.Storage.RootDirectory, "zot-mount1-test", "blobs/sha256", dgst.Encoded()) @@ -4662,8 +4665,8 @@ func TestCrossRepoMount(t *testing.T) { image := CreateImageWith().RandomLayers(1, 10).DefaultConfig().Build() - err := test.WriteImageToFileSystem(image, "zot-cve-test", "0.0.1", - test.GetDefaultStoreController(dir, ctlr.Log)) + err := WriteImageToFileSystem(image, "zot-cve-test", "0.0.1", + ociutils.GetDefaultStoreController(dir, ctlr.Log)) So(err, ShouldBeNil) cm := test.NewControllerManager(ctlr) @@ -4805,12 +4808,12 @@ func TestParallelRequests(t *testing.T) { ctlr.Config.Storage.SubPaths = subPaths testImagesDir := t.TempDir() - testImagesController := test.GetDefaultStoreController(testImagesDir, ctlr.Log) + testImagesController := ociutils.GetDefaultStoreController(testImagesDir, ctlr.Log) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testImagesController) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testImagesController) assert.Equal(t, err, nil, "Error should be nil") - err = test.WriteImageToFileSystem(CreateRandomImage(), "zot-cve-test", "0.0.1", testImagesController) + err = WriteImageToFileSystem(CreateRandomImage(), "zot-cve-test", "0.0.1", testImagesController) assert.Equal(t, err, nil, "Error should be nil") cm := test.NewControllerManager(ctlr) @@ -5171,26 +5174,26 @@ func TestImageSignatures(t *testing.T) { tdir := t.TempDir() _ = os.Chdir(tdir) - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(tdir) + signature.LoadNotationPath(tdir) - err = test.GenerateNotationCerts(tdir, "good") + err = signature.GenerateNotationCerts(tdir, "good") So(err, ShouldBeNil) - err = test.GenerateNotationCerts(tdir, "bad") + err = signature.GenerateNotationCerts(tdir, "bad") So(err, ShouldBeNil) image := fmt.Sprintf("localhost:%s/%s:%s", port, repoName, "1.0") - err = test.SignWithNotation("good", image, tdir) + err = signature.SignWithNotation("good", image, tdir) So(err, ShouldBeNil) - err = test.VerifyWithNotation(image, tdir) + err = signature.VerifyWithNotation(image, tdir) So(err, ShouldBeNil) // check list - sigs, err := test.ListNotarySignatures(image, tdir) + sigs, err := signature.ListNotarySignatures(image, tdir) So(len(sigs), ShouldEqual, 1) So(err, ShouldBeNil) @@ -5224,7 +5227,7 @@ func TestImageSignatures(t *testing.T) { So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusInternalServerError) - err = test.VerifyWithNotation(image, tdir) + err = signature.VerifyWithNotation(image, tdir) So(err, ShouldNotBeNil) }) @@ -5246,7 +5249,7 @@ func TestImageSignatures(t *testing.T) { So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusNotFound) - err = test.VerifyWithNotation(image, tdir) + err = signature.VerifyWithNotation(image, tdir) So(err, ShouldNotBeNil) }) }) @@ -5523,7 +5526,7 @@ func TestArtifactReferences(t *testing.T) { digest := godigest.FromBytes(content) So(digest, ShouldNotBeNil) - cfg, layers, manifest, err := test.GetImageComponents(2) //nolint:staticcheck + cfg, layers, manifest, err := deprecated.GetImageComponents(2) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage( @@ -5557,7 +5560,7 @@ func TestArtifactReferences(t *testing.T) { resp, err = resty.R().Post(baseURL + fmt.Sprintf("/v2/%s/blobs/uploads/", repoName)) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) cblob, cdigest := getEmptyImageConfig() resp, err = resty.R(). @@ -5654,7 +5657,7 @@ func TestArtifactReferences(t *testing.T) { resp, err = resty.R().Post(baseURL + fmt.Sprintf("/v2/%s/blobs/uploads/", repoName)) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) cblob = []byte("{}") cdigest = godigest.FromBytes(cblob) So(cdigest, ShouldNotBeNil) @@ -6558,7 +6561,7 @@ func TestStorageCommit(t *testing.T) { Convey("Manifests", func() { _, _ = Print("\nManifests") - cfg, layers, manifest, err := test.GetImageComponents(2) //nolint:staticcheck + cfg, layers, manifest, err := deprecated.GetImageComponents(2) //nolint:staticcheck So(err, ShouldBeNil) content := []byte("this is a blob5") @@ -6613,7 +6616,7 @@ func TestStorageCommit(t *testing.T) { }, baseURL, repoName, "test:1.0.1") So(err, ShouldBeNil) - cfg, layers, manifest, err = test.GetImageComponents(1) //nolint:staticcheck + cfg, layers, manifest, err = deprecated.GetImageComponents(1) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage( @@ -6711,7 +6714,7 @@ func TestManifestImageIndex(t *testing.T) { rthdlr := api.NewRouteHandler(ctlr) - cfg, layers, manifest, err := test.GetImageComponents(2) //nolint:staticcheck + cfg, layers, manifest, err := deprecated.GetImageComponents(2) //nolint:staticcheck So(err, ShouldBeNil) content := []byte("this is a blob1") @@ -7138,7 +7141,7 @@ func TestManifestCollision(t *testing.T) { cm.StartAndWait(port) defer cm.StopServer() - cfg, layers, manifest, err := test.GetImageComponents(2) //nolint:staticcheck + cfg, layers, manifest, err := deprecated.GetImageComponents(2) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage( @@ -7217,7 +7220,7 @@ func TestPullRange(t *testing.T) { resp, err := resty.R().Post(baseURL + "/v2/index/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) So(loc, ShouldNotBeEmpty) // since we are not specifying any prefix i.e provided in config while starting server, @@ -7380,7 +7383,7 @@ func TestInjectInterruptedImageManifest(t *testing.T) { resp, err := resty.R().Post(baseURL + "/v2/repotest/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) So(loc, ShouldNotBeEmpty) // since we are not specifying any prefix i.e provided in config while starting server, @@ -7408,8 +7411,8 @@ func TestInjectInterruptedImageManifest(t *testing.T) { resp, err = resty.R().Post(baseURL + "/v2/repotest/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc = testc.Location(baseURL, resp) - cblob, cdigest := test.GetRandomImageConfig() + loc = test.Location(baseURL, resp) + cblob, cdigest := GetRandomImageConfig() resp, err = resty.R(). SetContentLength(true). @@ -7489,7 +7492,7 @@ func TestInjectTooManyOpenFiles(t *testing.T) { resp, err := resty.R().Post(baseURL + "/v2/repotest/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) So(loc, ShouldNotBeEmpty) // since we are not specifying any prefix i.e provided in config while starting server, @@ -7541,8 +7544,8 @@ func TestInjectTooManyOpenFiles(t *testing.T) { resp, err = resty.R().Post(baseURL + "/v2/repotest/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc = testc.Location(baseURL, resp) - cblob, cdigest := test.GetRandomImageConfig() + loc = test.Location(baseURL, resp) + cblob, cdigest := GetRandomImageConfig() resp, err = resty.R(). SetContentLength(true). @@ -7746,17 +7749,17 @@ func TestGCSignaturesAndUntaggedManifestsWithMetaDB(t *testing.T) { So(err, ShouldBeNil) - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(tdir) + signature.LoadNotationPath(tdir) // generate a keypair - err = test.GenerateNotationCerts(tdir, "good") + err = signature.GenerateNotationCerts(tdir, "good") So(err, ShouldBeNil) // sign the image - err = test.SignWithNotation("good", image, tdir) + err = signature.SignWithNotation("good", image, tdir) So(err, ShouldBeNil) // get cosign signature manifest @@ -7831,7 +7834,7 @@ func TestGCSignaturesAndUntaggedManifestsWithMetaDB(t *testing.T) { Convey("Overwrite original image, signatures should be garbage-collected", func() { // push an image without tag - cfg, layers, manifest, err := test.GetImageComponents(2) //nolint:staticcheck + cfg, layers, manifest, err := deprecated.GetImageComponents(2) //nolint:staticcheck So(err, ShouldBeNil) manifestBuf, err := json.Marshal(manifest) @@ -7858,7 +7861,7 @@ func TestGCSignaturesAndUntaggedManifestsWithMetaDB(t *testing.T) { So(ok, ShouldBeTrue) // overwrite image so that signatures will get invalidated and gc'ed - cfg, layers, manifest, err = test.GetImageComponents(3) //nolint:staticcheck + cfg, layers, manifest, err = deprecated.GetImageComponents(3) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage( @@ -7938,8 +7941,8 @@ func TestGCSignaturesAndUntaggedManifestsWithMetaDB(t *testing.T) { ctlr.Config.Storage.GCDelay = 1 * time.Second ctlr.Config.Storage.UntaggedImageRetentionDelay = 1 * time.Second - err := test.WriteImageToFileSystem(CreateDefaultImage(), repoName, tag, - test.GetDefaultStoreController(dir, ctlr.Log)) + err := WriteImageToFileSystem(CreateDefaultImage(), repoName, tag, + ociutils.GetDefaultStoreController(dir, ctlr.Log)) So(err, ShouldBeNil) cm := test.NewControllerManager(ctlr) @@ -7967,7 +7970,7 @@ func TestGCSignaturesAndUntaggedManifestsWithMetaDB(t *testing.T) { // upload multiple manifests for i := 0; i < 4; i++ { - config, layers, manifest, err := test.GetImageComponents(1000 + i) //nolint:staticcheck + config, layers, manifest, err := deprecated.GetImageComponents(1000 + i) //nolint:staticcheck So(err, ShouldBeNil) manifestContent, err := json.Marshal(manifest) @@ -8044,8 +8047,8 @@ func TestPeriodicGC(t *testing.T) { ctlr.Config.Storage.GCInterval = 1 * time.Hour ctlr.Config.Storage.GCDelay = 1 * time.Second - err = test.WriteImageToFileSystem(CreateDefaultImage(), repoName, "0.0.1", - test.GetDefaultStoreController(dir, ctlr.Log)) + err = WriteImageToFileSystem(CreateDefaultImage(), repoName, "0.0.1", + ociutils.GetDefaultStoreController(dir, ctlr.Log)) So(err, ShouldBeNil) cm := test.NewControllerManager(ctlr) @@ -8123,8 +8126,8 @@ func TestPeriodicGC(t *testing.T) { ctlr.Config.Storage.GCInterval = 1 * time.Hour ctlr.Config.Storage.GCDelay = 1 * time.Second - err = test.WriteImageToFileSystem(CreateDefaultImage(), repoName, "0.0.1", - test.GetDefaultStoreController(dir, ctlr.Log)) + err = WriteImageToFileSystem(CreateDefaultImage(), repoName, "0.0.1", + ociutils.GetDefaultStoreController(dir, ctlr.Log)) So(err, ShouldBeNil) So(os.Chmod(dir, 0o000), ShouldBeNil) @@ -8164,7 +8167,7 @@ func TestSearchRoutes(t *testing.T) { repoName := "testrepo" //nolint:goconst inaccessibleRepo := "inaccessible" - cfg, layers, manifest, err := test.GetImageComponents(10000) //nolint:staticcheck + cfg, layers, manifest, err := deprecated.GetImageComponents(10000) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage( @@ -8177,7 +8180,7 @@ func TestSearchRoutes(t *testing.T) { So(err, ShouldBeNil) // data for the inaccessible repo - cfg, layers, manifest, err = test.GetImageComponents(10000) //nolint:staticcheck + cfg, layers, manifest, err = deprecated.GetImageComponents(10000) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage( @@ -8250,7 +8253,7 @@ func TestSearchRoutes(t *testing.T) { cm.StartAndWait(port) defer cm.StopServer() - cfg, layers, manifest, err := test.GetImageComponents(10000) //nolint:staticcheck + cfg, layers, manifest, err := deprecated.GetImageComponents(10000) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImageWithBasicAuth( @@ -8263,7 +8266,7 @@ func TestSearchRoutes(t *testing.T) { So(err, ShouldBeNil) // data for the inaccessible repo - cfg, layers, manifest, err = test.GetImageComponents(10000) //nolint:staticcheck + cfg, layers, manifest, err = deprecated.GetImageComponents(10000) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImageWithBasicAuth( @@ -9529,14 +9532,14 @@ func RunAuthorizationTests(t *testing.T, client *resty.Client, baseURL string, c So(resp.StatusCode(), ShouldEqual, http.StatusCreated) // create update config and post it. - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() resp, err = client.R(). Post(baseURL + "/v2/zot-test/blobs/uploads/") So(err, ShouldBeNil) So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc = testc.Location(baseURL, resp) + loc = test.Location(baseURL, resp) // uploading blob should get 201 resp, err = client.R(). @@ -9556,7 +9559,7 @@ func RunAuthorizationTests(t *testing.T, client *resty.Client, baseURL string, c So(err, ShouldBeNil) So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc = testc.Location(baseURL, resp) + loc = test.Location(baseURL, resp) // uploading blob should get 201 resp, err = client.R(). diff --git a/pkg/api/routes_test.go b/pkg/api/routes_test.go index d42a51e91..554aff192 100644 --- a/pkg/api/routes_test.go +++ b/pkg/api/routes_test.go @@ -31,7 +31,7 @@ import ( mTypes "zotregistry.io/zot/pkg/meta/types" reqCtx "zotregistry.io/zot/pkg/requestcontext" storageTypes "zotregistry.io/zot/pkg/storage/types" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" "zotregistry.io/zot/pkg/test/mocks" ) diff --git a/pkg/cli/client/cve_cmd_internal_test.go b/pkg/cli/client/cve_cmd_internal_test.go index b00ac1302..554d6ddaa 100644 --- a/pkg/cli/client/cve_cmd_internal_test.go +++ b/pkg/cli/client/cve_cmd_internal_test.go @@ -36,9 +36,11 @@ import ( mTypes "zotregistry.io/zot/pkg/meta/types" "zotregistry.io/zot/pkg/storage" "zotregistry.io/zot/pkg/storage/local" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" ) func TestSearchCVECmd(t *testing.T) { @@ -404,8 +406,8 @@ func TestNegativeServerResponse(t *testing.T) { dir := t.TempDir() - srcStorageCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr) + srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) + err := WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) conf.Storage.RootDirectory = dir @@ -478,10 +480,10 @@ func TestNegativeServerResponse(t *testing.T) { } num := 10 - config, layers, manifest, err := test.GetRandomImageComponents(num) //nolint:staticcheck + config, layers, manifest, err := deprecated.GetRandomImageComponents(num) //nolint:staticcheck So(err, ShouldBeNil) - err = test.WriteImageToFileSystem( + err = WriteImageToFileSystem( Image{ Manifest: manifest, Layers: layers, @@ -618,7 +620,7 @@ func TestServerCVEResponse(t *testing.T) { test.WaitTillServerReady(url) - config, layers, manifest, err := test.GetImageComponents(100) //nolint:staticcheck + config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck if err != nil { panic(err) } @@ -934,9 +936,9 @@ func TestCVESort(t *testing.T) { image1 := CreateRandomImage() - storeController := test.GetDefaultStoreController(rootDir, ctlr.Log) + storeController := ociutils.GetDefaultStoreController(rootDir, ctlr.Log) - err := test.WriteImageToFileSystem(image1, "repo", "tag", storeController) + err := WriteImageToFileSystem(image1, "repo", "tag", storeController) if err != nil { t.FailNow() } diff --git a/pkg/cli/client/elevated_internal_test.go b/pkg/cli/client/elevated_internal_test.go index bbe55fdc7..98e8a0d41 100644 --- a/pkg/cli/client/elevated_internal_test.go +++ b/pkg/cli/client/elevated_internal_test.go @@ -19,7 +19,7 @@ import ( "zotregistry.io/zot/pkg/api" "zotregistry.io/zot/pkg/api/config" "zotregistry.io/zot/pkg/api/constants" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" ) func TestElevatedPrivilegesTLSNewControllerPrivilegedCert(t *testing.T) { diff --git a/pkg/cli/client/gql_queries_internal_test.go b/pkg/cli/client/gql_queries_internal_test.go index d60e08b19..f9937b41e 100644 --- a/pkg/cli/client/gql_queries_internal_test.go +++ b/pkg/cli/client/gql_queries_internal_test.go @@ -12,7 +12,7 @@ import ( "zotregistry.io/zot/pkg/api" "zotregistry.io/zot/pkg/api/config" extconf "zotregistry.io/zot/pkg/extensions/config" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" ) func TestGQLQueries(t *testing.T) { diff --git a/pkg/cli/client/image_cmd_internal_test.go b/pkg/cli/client/image_cmd_internal_test.go index cce35f795..7b4ae4547 100644 --- a/pkg/cli/client/image_cmd_internal_test.go +++ b/pkg/cli/client/image_cmd_internal_test.go @@ -12,6 +12,7 @@ import ( "log" "os" "path" + "path/filepath" "regexp" "strings" "sync" @@ -32,9 +33,12 @@ import ( "zotregistry.io/zot/pkg/common" extconf "zotregistry.io/zot/pkg/extensions/config" zlog "zotregistry.io/zot/pkg/log" - "zotregistry.io/zot/pkg/test" - testc "zotregistry.io/zot/pkg/test/common" + stypes "zotregistry.io/zot/pkg/storage/types" + test "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" + "zotregistry.io/zot/pkg/test/signature" ) func TestSearchImageCmd(t *testing.T) { @@ -331,7 +335,7 @@ func TestSignature(t *testing.T) { err = UploadImage(CreateDefaultImage(), url, repoName, "0.0.1") So(err, ShouldBeNil) - err = test.SignImageUsingNotary("repo7:0.0.1", port) + err = signature.SignImageUsingNotary("repo7:0.0.1", port) So(err, ShouldBeNil) searchConfig := getTestSearchConfig(url, new(searchService)) @@ -1233,8 +1237,8 @@ func TestServerResponseGQLWithoutPermissions(t *testing.T) { dir := t.TempDir() - srcStorageCtlr := test.GetDefaultStoreController(dir, zlog.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr) + srcStorageCtlr := ociutils.GetDefaultStoreController(dir, zlog.NewLogger("debug", "")) + err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) err = os.Chmod(path.Join(dir, "zot-test", "blobs"), 0o000) @@ -1381,14 +1385,14 @@ func TestImagesSortFlag(t *testing.T) { image2 := CreateImageWith().DefaultLayers(). ImageConfig(ispec.Image{Created: DateRef(2020, 1, 1, 1, 1, 1, 0, time.UTC)}).Build() - storeController := test.GetDefaultStoreController(rootDir, ctlr.Log) + storeController := ociutils.GetDefaultStoreController(rootDir, ctlr.Log) - err := test.WriteImageToFileSystem(image1, "a-repo", "tag1", storeController) + err := WriteImageToFileSystem(image1, "a-repo", "tag1", storeController) if err != nil { t.FailNow() } - err = test.WriteImageToFileSystem(image2, "b-repo", "tag2", storeController) + err = WriteImageToFileSystem(image2, "b-repo", "tag2", storeController) if err != nil { t.FailNow() } @@ -1452,7 +1456,7 @@ func TestImagesCommandGQL(t *testing.T) { defer cm.StopServer() Convey("commands with gql", t, func() { - err := test.RemoveLocalStorageContents(ctlr.StoreController.DefaultStore) + err := removeLocalStorageContents(ctlr.StoreController.DefaultStore) So(err, ShouldBeNil) Convey("base and derived command", func() { @@ -1849,7 +1853,7 @@ func TestImageCommandREST(t *testing.T) { defer cm.StopServer() Convey("commands without gql", t, func() { - err := test.RemoveLocalStorageContents(ctlr.StoreController.DefaultStore) + err := removeLocalStorageContents(ctlr.StoreController.DefaultStore) So(err, ShouldBeNil) Convey("base and derived command", func() { @@ -2008,7 +2012,7 @@ func uploadTestMultiarch(baseURL string) { // ------- Upload The multiarch image - multiarch := test.GetMultiarchImageForImages([]Image{image1, image2}) //nolint:staticcheck + multiarch := deprecated.GetMultiarchImageForImages([]Image{image1, image2}) //nolint:staticcheck err := UploadMultiarchImage(multiarch, baseURL, "repo", "multi-arch") So(err, ShouldBeNil) @@ -2017,7 +2021,7 @@ func uploadTestMultiarch(baseURL string) { func uploadManifest(url string) error { // create and upload a blob/layer resp, _ := resty.R().Post(url + "/v2/repo7/blobs/uploads/") - loc := testc.Location(url, resp) + loc := test.Location(url, resp) content := []byte("this is a blob5") digest := godigest.FromBytes(content) @@ -2049,7 +2053,7 @@ func uploadManifest(url string) error { // upload image config blob resp, _ = resty.R().Post(url + "/v2/repo7/blobs/uploads/") - loc = testc.Location(url, resp) + loc = test.Location(url, resp) _, _ = resty.R(). SetContentLength(true). @@ -2155,7 +2159,7 @@ func uploadManifestDerivedBase(url string) error { // upload image config blob resp, _ := resty.R().Post(url + "/v2/repo7/blobs/uploads/") - loc := testc.Location(url, resp) + loc := test.Location(url, resp) _, _ = resty.R(). SetContentLength(true). @@ -2705,3 +2709,20 @@ func getTestSearchConfig(url string, searchService SearchService) searchConfig { resultWriter: nil, } } + +func removeLocalStorageContents(imageStore stypes.ImageStore) error { + repos, err := imageStore.GetRepositories() + if err != nil { + return err + } + + for _, repo := range repos { + // take just the first path + err = os.RemoveAll(filepath.Join(imageStore.RootDir(), filepath.SplitList(repo)[0])) + if err != nil { + return err + } + } + + return nil +} diff --git a/pkg/cli/client/internal_test.go b/pkg/cli/client/internal_test.go index b184de497..04f50ed28 100644 --- a/pkg/cli/client/internal_test.go +++ b/pkg/cli/client/internal_test.go @@ -19,7 +19,7 @@ import ( "zotregistry.io/zot/pkg/api/config" "zotregistry.io/zot/pkg/api/constants" extConf "zotregistry.io/zot/pkg/extensions/config" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" ) const ( @@ -167,7 +167,10 @@ func TestTLSWithoutAuth(t *testing.T) { home := os.Getenv("HOME") destCertsDir := filepath.Join(home, certsDir1) - test.CopyTestFiles(sourceCertsDir, destCertsDir) + + err := test.CopyFiles(sourceCertsDir, destCertsDir) + So(err, ShouldBeNil) + defer os.RemoveAll(destCertsDir) args := []string{"list", "--config", "imagetest"} @@ -176,7 +179,7 @@ func TestTLSWithoutAuth(t *testing.T) { imageCmd.SetOut(imageBuff) imageCmd.SetErr(imageBuff) imageCmd.SetArgs(args) - err := imageCmd.Execute() + err = imageCmd.Execute() So(err, ShouldBeNil) }) }) diff --git a/pkg/cli/client/repo_internal_test.go b/pkg/cli/client/repo_internal_test.go index 4fec85d33..0a067b610 100644 --- a/pkg/cli/client/repo_internal_test.go +++ b/pkg/cli/client/repo_internal_test.go @@ -15,7 +15,7 @@ import ( "zotregistry.io/zot/pkg/api" "zotregistry.io/zot/pkg/api/config" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" . "zotregistry.io/zot/pkg/test/image-utils" ) diff --git a/pkg/cli/client/search_cmd_internal_test.go b/pkg/cli/client/search_cmd_internal_test.go index e267c80a0..c13ddb49e 100644 --- a/pkg/cli/client/search_cmd_internal_test.go +++ b/pkg/cli/client/search_cmd_internal_test.go @@ -18,8 +18,9 @@ import ( "zotregistry.io/zot/pkg/api" "zotregistry.io/zot/pkg/api/config" extconf "zotregistry.io/zot/pkg/extensions/config" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" . "zotregistry.io/zot/pkg/test/image-utils" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" ) const ( @@ -890,14 +891,14 @@ func TestSearchSort(t *testing.T) { ImageConfig(ispec.Image{Created: DateRef(2020, 1, 1, 1, 1, 1, 0, time.UTC)}). Build() - storeController := test.GetDefaultStoreController(rootDir, ctlr.Log) + storeController := ociutils.GetDefaultStoreController(rootDir, ctlr.Log) - err := test.WriteImageToFileSystem(image1, "b-repo", "tag2", storeController) + err := WriteImageToFileSystem(image1, "b-repo", "tag2", storeController) if err != nil { t.FailNow() } - err = test.WriteImageToFileSystem(image2, "a-test-repo", "tag2", storeController) + err = WriteImageToFileSystem(image2, "a-test-repo", "tag2", storeController) if err != nil { t.FailNow() } diff --git a/pkg/cli/client/utils_internal_test.go b/pkg/cli/client/utils_internal_test.go index e23922a98..6b46a0fe6 100644 --- a/pkg/cli/client/utils_internal_test.go +++ b/pkg/cli/client/utils_internal_test.go @@ -5,6 +5,7 @@ package client import ( "context" + "errors" "fmt" "io" "net/http" @@ -16,7 +17,7 @@ import ( ispec "github.com/opencontainers/image-spec/specs-go/v1" . "github.com/smartystreets/goconvey/convey" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" ) func getDefaultSearchConf(baseURL string) searchConfig { @@ -35,10 +36,52 @@ func getDefaultSearchConf(baseURL string) searchConfig { } } +type RouteHandler struct { + Route string + // HandlerFunc is the HTTP handler function that receives a writer for output and an HTTP request as input. + HandlerFunc http.HandlerFunc + // AllowedMethods specifies the HTTP methods allowed for the current route. + AllowedMethods []string +} + +// Routes is a map that associates HTTP paths to their corresponding HTTP handlers. +type HTTPRoutes []RouteHandler + +func StartTestHTTPServer(routes HTTPRoutes, port string) *http.Server { + baseURL := test.GetBaseURL(port) + mux := mux.NewRouter() + + mux.HandleFunc("/test", func(w http.ResponseWriter, r *http.Request) { + _, err := w.Write([]byte("{}")) + if err != nil { + return + } + }).Methods(http.MethodGet) + + for _, routeHandler := range routes { + mux.HandleFunc(routeHandler.Route, routeHandler.HandlerFunc).Methods(routeHandler.AllowedMethods...) + } + + server := &http.Server{ //nolint:gosec + Addr: fmt.Sprintf(":%s", port), + Handler: mux, + } + + go func() { + if err := server.ListenAndServe(); !errors.Is(err, http.ErrServerClosed) { + return + } + }() + + test.WaitTillServerReady(baseURL + "/test") + + return server +} + func TestDoHTTPRequest(t *testing.T) { Convey("doHTTPRequest nil result pointer", t, func() { port := test.GetFreePort() - server := test.StartTestHTTPServer(nil, port) + server := StartTestHTTPServer(nil, port) defer server.Close() url := fmt.Sprintf("http://127.0.0.1:%s/asd", port) @@ -50,7 +93,7 @@ func TestDoHTTPRequest(t *testing.T) { Convey("doHTTPRequest bad return json", t, func() { port := test.GetFreePort() - server := test.StartTestHTTPServer(test.HTTPRoutes{ + server := StartTestHTTPServer(HTTPRoutes{ { Route: "/test", HandlerFunc: func(w http.ResponseWriter, r *http.Request) { @@ -92,7 +135,7 @@ func TestDoHTTPRequest(t *testing.T) { searchConf := getDefaultSearchConf(baseURL) // 404 erorr will appear - server := test.StartTestHTTPServer(test.HTTPRoutes{}, port) + server := StartTestHTTPServer(HTTPRoutes{}, port) defer server.Close() URL := baseURL + "/v2/repo/manifests/tag" @@ -115,7 +158,7 @@ func TestDoHTTPRequest(t *testing.T) { searchConf := getDefaultSearchConf(baseURL) Convey("makeGETRequest manifest error, context is done", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{}, port) + server := StartTestHTTPServer(HTTPRoutes{}, port) defer server.Close() ctx, cancel := context.WithCancel(context.Background()) @@ -129,7 +172,7 @@ func TestDoHTTPRequest(t *testing.T) { }) Convey("makeGETRequest manifest error, context is not done", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{}, port) + server := StartTestHTTPServer(HTTPRoutes{}, port) defer server.Close() _, err := fetchManifestStruct(context.Background(), "repo", "tag", searchConf, @@ -139,7 +182,7 @@ func TestDoHTTPRequest(t *testing.T) { }) Convey("makeGETRequest config error, context is not done", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{ + server := StartTestHTTPServer(HTTPRoutes{ { Route: "/v2/{name}/manifests/{reference}", HandlerFunc: func(w http.ResponseWriter, r *http.Request) { @@ -160,7 +203,7 @@ func TestDoHTTPRequest(t *testing.T) { }) Convey("Platforms on config", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{ + server := StartTestHTTPServer(HTTPRoutes{ { Route: "/v2/{name}/manifests/{reference}", HandlerFunc: func(w http.ResponseWriter, r *http.Request) { @@ -215,7 +258,7 @@ func TestDoHTTPRequest(t *testing.T) { }) Convey("fetchImageIndexStruct no errors", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{ + server := StartTestHTTPServer(HTTPRoutes{ { Route: "/v2/{name}/manifests/{reference}", HandlerFunc: func(writer http.ResponseWriter, req *http.Request) { @@ -284,7 +327,7 @@ func TestDoHTTPRequest(t *testing.T) { }) Convey("fetchImageIndexStruct makeGETRequest errors context done", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{}, port) + server := StartTestHTTPServer(HTTPRoutes{}, port) defer server.Close() ctx, cancel := context.WithCancel(context.Background()) @@ -306,7 +349,7 @@ func TestDoHTTPRequest(t *testing.T) { }) Convey("fetchImageIndexStruct makeGETRequest errors context not done", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{}, port) + server := StartTestHTTPServer(HTTPRoutes{}, port) defer server.Close() URL := baseURL + "/v2/repo/manifests/indexRef" @@ -341,7 +384,7 @@ func TestDoJobErrors(t *testing.T) { reqPool.wtgrp.Add(1) Convey("Do Job makeHEADRequest error context done", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{}, port) + server := StartTestHTTPServer(HTTPRoutes{}, port) defer server.Close() URL := baseURL + "/v2/repo/manifests/manifestRef" @@ -361,7 +404,7 @@ func TestDoJobErrors(t *testing.T) { }) Convey("Do Job makeHEADRequest error context not done", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{}, port) + server := StartTestHTTPServer(HTTPRoutes{}, port) defer server.Close() URL := baseURL + "/v2/repo/manifests/manifestRef" @@ -383,7 +426,7 @@ func TestDoJobErrors(t *testing.T) { }) Convey("Do Job fetchManifestStruct errors context canceled", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{ + server := StartTestHTTPServer(HTTPRoutes{ { Route: "/v2/{name}/manifests/{reference}", HandlerFunc: func(w http.ResponseWriter, r *http.Request) { @@ -416,7 +459,7 @@ func TestDoJobErrors(t *testing.T) { }) Convey("Do Job fetchManifestStruct errors context not canceled", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{ + server := StartTestHTTPServer(HTTPRoutes{ { Route: "/v2/{name}/manifests/{reference}", HandlerFunc: func(w http.ResponseWriter, r *http.Request) { @@ -450,7 +493,7 @@ func TestDoJobErrors(t *testing.T) { }) Convey("Do Job fetchIndexStruct errors context canceled", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{ + server := StartTestHTTPServer(HTTPRoutes{ { Route: "/v2/{name}/manifests/{reference}", HandlerFunc: func(w http.ResponseWriter, r *http.Request) { @@ -483,7 +526,7 @@ func TestDoJobErrors(t *testing.T) { }) Convey("Do Job fetchIndexStruct errors context not canceled", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{ + server := StartTestHTTPServer(HTTPRoutes{ { Route: "/v2/{name}/manifests/{reference}", HandlerFunc: func(w http.ResponseWriter, r *http.Request) { @@ -516,7 +559,7 @@ func TestDoJobErrors(t *testing.T) { So(result.StrValue, ShouldResemble, "") }) Convey("Do Job fetchIndexStruct not supported content type", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{ + server := StartTestHTTPServer(HTTPRoutes{ { Route: "/v2/{name}/manifests/{reference}", HandlerFunc: func(w http.ResponseWriter, r *http.Request) { @@ -546,7 +589,7 @@ func TestDoJobErrors(t *testing.T) { }) Convey("Media type is MediaTypeImageIndex image.string erorrs", func() { - server := test.StartTestHTTPServer(test.HTTPRoutes{ + server := StartTestHTTPServer(HTTPRoutes{ { Route: "/v2/{name}/manifests/{reference}", HandlerFunc: func(w http.ResponseWriter, r *http.Request) { diff --git a/pkg/cli/server/config_reloader_test.go b/pkg/cli/server/config_reloader_test.go index ff3b4fd87..f22781f16 100644 --- a/pkg/cli/server/config_reloader_test.go +++ b/pkg/cli/server/config_reloader_test.go @@ -14,7 +14,7 @@ import ( "golang.org/x/crypto/bcrypt" cli "zotregistry.io/zot/pkg/cli/server" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" ) func TestConfigReloader(t *testing.T) { diff --git a/pkg/cli/server/extensions_test.go b/pkg/cli/server/extensions_test.go index 66a7a0260..bf2c6a61d 100644 --- a/pkg/cli/server/extensions_test.go +++ b/pkg/cli/server/extensions_test.go @@ -15,7 +15,7 @@ import ( "zotregistry.io/zot/pkg/api/config" cli "zotregistry.io/zot/pkg/cli/server" - . "zotregistry.io/zot/pkg/test" + . "zotregistry.io/zot/pkg/test/common" ) const readLogFileTimeout = 5 * time.Second diff --git a/pkg/cli/server/root_test.go b/pkg/cli/server/root_test.go index ed775228b..390e4bfb1 100644 --- a/pkg/cli/server/root_test.go +++ b/pkg/cli/server/root_test.go @@ -14,7 +14,7 @@ import ( "zotregistry.io/zot/pkg/api/config" cli "zotregistry.io/zot/pkg/cli/server" storageConstants "zotregistry.io/zot/pkg/storage/constants" - . "zotregistry.io/zot/pkg/test" + . "zotregistry.io/zot/pkg/test/common" ) func TestServerUsage(t *testing.T) { diff --git a/pkg/cli/server/stress_test.go b/pkg/cli/server/stress_test.go index 27083216f..a12113ca9 100644 --- a/pkg/cli/server/stress_test.go +++ b/pkg/cli/server/stress_test.go @@ -17,7 +17,7 @@ import ( "zotregistry.io/zot/pkg/api" "zotregistry.io/zot/pkg/api/config" cli "zotregistry.io/zot/pkg/cli/server" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" ) const ( diff --git a/pkg/common/http_client_test.go b/pkg/common/http_client_test.go index 4a64cc2db..a5234e0a0 100644 --- a/pkg/common/http_client_test.go +++ b/pkg/common/http_client_test.go @@ -14,7 +14,7 @@ import ( "zotregistry.io/zot/pkg/api/config" "zotregistry.io/zot/pkg/common" "zotregistry.io/zot/pkg/log" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" ) func TestHTTPClient(t *testing.T) { diff --git a/pkg/compliance/v1_0_0/check.go b/pkg/compliance/v1_0_0/check.go index 5aad4e1d4..53aaaea4b 100644 --- a/pkg/compliance/v1_0_0/check.go +++ b/pkg/compliance/v1_0_0/check.go @@ -22,8 +22,8 @@ import ( "zotregistry.io/zot/pkg/api" "zotregistry.io/zot/pkg/api/constants" "zotregistry.io/zot/pkg/compliance" - "zotregistry.io/zot/pkg/test" - testc "zotregistry.io/zot/pkg/test/common" + test "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" "zotregistry.io/zot/pkg/test/image-utils" ) @@ -120,7 +120,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { resp, err := resty.R().Post(baseURL + "/v2/repo2/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) So(loc, ShouldNotBeEmpty) resp, err = resty.R().Get(loc) @@ -156,7 +156,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { SetHeader("Content-Type", "application/octet-stream").SetBody(content).Put(loc) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusCreated) - blobLoc := testc.Location(baseURL, resp) + blobLoc := test.Location(baseURL, resp) So(blobLoc, ShouldNotBeEmpty) So(resp.Header().Get("Content-Length"), ShouldEqual, "0") So(resp.Header().Get(constants.DistContentDigestKey), ShouldNotBeEmpty) @@ -200,7 +200,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { Post(baseURL + "/v2/repo2/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusCreated) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) So(loc, ShouldNotBeEmpty) // blob reference should be accessible resp, err = resty.R().Get(loc) @@ -213,7 +213,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { resp, err := resty.R().Post(baseURL + "/v2/repo10/repo20/repo30/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) So(loc, ShouldNotBeEmpty) resp, err = resty.R().Get(loc) @@ -249,7 +249,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { SetHeader("Content-Type", "application/octet-stream").SetBody(content).Put(loc) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusCreated) - blobLoc := testc.Location(baseURL, resp) + blobLoc := test.Location(baseURL, resp) So(blobLoc, ShouldNotBeEmpty) So(resp.Header().Get("Content-Length"), ShouldEqual, "0") So(resp.Header().Get(constants.DistContentDigestKey), ShouldNotBeEmpty) @@ -268,7 +268,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { resp, err := resty.R().Post(baseURL + "/v2/repo3/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) So(loc, ShouldNotBeEmpty) var buf bytes.Buffer @@ -315,7 +315,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { SetHeader("Content-Type", "application/octet-stream").SetBody(chunk2).Put(loc) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusCreated) - blobLoc := testc.Location(baseURL, resp) + blobLoc := test.Location(baseURL, resp) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusCreated) So(blobLoc, ShouldNotBeEmpty) @@ -336,7 +336,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { resp, err := resty.R().Post(baseURL + "/v2/repo40/repo50/repo60/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) So(loc, ShouldNotBeEmpty) var buf bytes.Buffer @@ -383,7 +383,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { SetHeader("Content-Type", "application/octet-stream").SetBody(chunk2).Put(loc) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusCreated) - blobLoc := testc.Location(baseURL, resp) + blobLoc := test.Location(baseURL, resp) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusCreated) So(blobLoc, ShouldNotBeEmpty) @@ -405,7 +405,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { resp, err := resty.R().Post(baseURL + "/v2/repo4/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) So(loc, ShouldNotBeEmpty) // delete this upload @@ -420,7 +420,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { resp, err := resty.R().Post(baseURL + "/v2/repo5/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) So(loc, ShouldNotBeEmpty) content := []byte("this is a blob4") @@ -431,7 +431,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { SetHeader("Content-Type", "application/octet-stream").SetBody(content).Put(loc) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusCreated) - blobLoc := testc.Location(baseURL, resp) + blobLoc := test.Location(baseURL, resp) So(blobLoc, ShouldNotBeEmpty) So(resp.Header().Get(constants.DistContentDigestKey), ShouldNotBeEmpty) @@ -456,7 +456,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { resp, err := resty.R().Post(baseURL + "/v2/repo7/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) So(loc, ShouldNotBeEmpty) // since we are not specifying any prefix i.e provided in config while starting server, @@ -486,7 +486,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusNotFound) - cfg, layers, manifest, err := test.GetImageComponents(1) //nolint:staticcheck + cfg, layers, manifest, err := deprecated.GetImageComponents(1) //nolint:staticcheck So(err, ShouldBeNil) repoName := "repo7" @@ -594,7 +594,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { _, _ = Print("\nPagination") for index := 0; index <= 4; index++ { - cfg, layers, manifest, err := test.GetImageComponents(1) //nolint:staticcheck + cfg, layers, manifest, err := deprecated.GetImageComponents(1) //nolint:staticcheck So(err, ShouldBeNil) repoName := "page0" @@ -668,7 +668,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { resp, err := resty.R().Post(baseURL + "/v2/firsttest/first/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - firstloc := testc.Location(baseURL, resp) + firstloc := test.Location(baseURL, resp) So(firstloc, ShouldNotBeEmpty) resp, err = resty.R().Get(firstloc) @@ -683,7 +683,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { resp, err = resty.R().Post(baseURL + "/v2/secondtest/second/blobs/uploads/") So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - secondloc := testc.Location(baseURL, resp) + secondloc := test.Location(baseURL, resp) So(secondloc, ShouldNotBeEmpty) resp, err = resty.R().Get(secondloc) @@ -734,7 +734,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) { So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusNotFound) - cfg, layers, manifest, err := test.GetImageComponents(1) //nolint:staticcheck + cfg, layers, manifest, err := deprecated.GetImageComponents(1) //nolint:staticcheck So(err, ShouldBeNil) // subpath firsttest diff --git a/pkg/compliance/v1_0_0/check_test.go b/pkg/compliance/v1_0_0/check_test.go index 38ee70c96..3b104f3a3 100644 --- a/pkg/compliance/v1_0_0/check_test.go +++ b/pkg/compliance/v1_0_0/check_test.go @@ -13,7 +13,7 @@ import ( "zotregistry.io/zot/pkg/api/config" "zotregistry.io/zot/pkg/compliance" "zotregistry.io/zot/pkg/compliance/v1_0_0" - . "zotregistry.io/zot/pkg/test" + . "zotregistry.io/zot/pkg/test/common" ) //nolint:gochecknoglobals diff --git a/pkg/debug/pprof/pprof_test.go b/pkg/debug/pprof/pprof_test.go index e08f343c3..f1ceb6c9a 100644 --- a/pkg/debug/pprof/pprof_test.go +++ b/pkg/debug/pprof/pprof_test.go @@ -15,7 +15,7 @@ import ( "zotregistry.io/zot/pkg/api/config" "zotregistry.io/zot/pkg/api/constants" debugConstants "zotregistry.io/zot/pkg/debug/constants" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" ) func TestProfilingAuthz(t *testing.T) { diff --git a/pkg/exporter/api/controller_test.go b/pkg/exporter/api/controller_test.go index 9c8ad0328..ff624a9ec 100644 --- a/pkg/exporter/api/controller_test.go +++ b/pkg/exporter/api/controller_test.go @@ -25,7 +25,7 @@ import ( zotcfg "zotregistry.io/zot/pkg/api/config" "zotregistry.io/zot/pkg/exporter/api" "zotregistry.io/zot/pkg/extensions/monitoring" - . "zotregistry.io/zot/pkg/test" + . "zotregistry.io/zot/pkg/test/common" ) func getRandomLatencyN(max int64) time.Duration { diff --git a/pkg/extensions/extension_image_trust_disabled_test.go b/pkg/extensions/extension_image_trust_disabled_test.go index e197c9a60..9c9f78699 100644 --- a/pkg/extensions/extension_image_trust_disabled_test.go +++ b/pkg/extensions/extension_image_trust_disabled_test.go @@ -11,7 +11,7 @@ import ( "zotregistry.io/zot/pkg/api" "zotregistry.io/zot/pkg/api/config" extconf "zotregistry.io/zot/pkg/extensions/config" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" ) func TestImageTrustExtension(t *testing.T) { diff --git a/pkg/extensions/extension_image_trust_test.go b/pkg/extensions/extension_image_trust_test.go index 4ba703dfb..4b3ae2bf2 100644 --- a/pkg/extensions/extension_image_trust_test.go +++ b/pkg/extensions/extension_image_trust_test.go @@ -33,8 +33,9 @@ import ( "zotregistry.io/zot/pkg/log" "zotregistry.io/zot/pkg/storage" "zotregistry.io/zot/pkg/storage/local" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" . "zotregistry.io/zot/pkg/test/image-utils" + "zotregistry.io/zot/pkg/test/signature" ) type errReader int @@ -203,7 +204,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ } image := CreateRandomImage() - err = test.WriteImageToFileSystem(image, repo, tag, storeController) + err = WriteImageToFileSystem(image, repo, tag, storeController) So(err, ShouldBeNil) ctlr := api.NewController(conf) @@ -323,7 +324,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ } image := CreateRandomImage() - err = test.WriteImageToFileSystem(image, repo, tag, storeController) + err = WriteImageToFileSystem(image, repo, tag, storeController) So(err, ShouldBeNil) ctlr := api.NewController(conf) @@ -341,13 +342,13 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ rootDir := t.TempDir() - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(rootDir) + signature.LoadNotationPath(rootDir) // generate a keypair - err = test.GenerateNotationCerts(rootDir, certName) + err = signature.GenerateNotationCerts(rootDir, certName) So(err, ShouldBeNil) // upload the certificate @@ -364,7 +365,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ // sign the image imageURL := fmt.Sprintf("localhost:%s/%s", port, fmt.Sprintf("%s:%s", repo, tag)) - err = test.SignWithNotation(certName, imageURL, rootDir) + err = signature.SignWithNotation(certName, imageURL, rootDir) So(err, ShouldBeNil) found, err = test.ReadLogFileAndSearchString(logFile.Name(), "update signatures validity", 10*time.Second) @@ -430,7 +431,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ } image := CreateRandomImage() - err = test.WriteImageToFileSystem(image, repo, tag, storeController) + err = WriteImageToFileSystem(image, repo, tag, storeController) So(err, ShouldBeNil) ctlr := api.NewController(conf) @@ -474,13 +475,13 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ rootDir := t.TempDir() - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(rootDir) + signature.LoadNotationPath(rootDir) // generate a keypair - err = test.GenerateNotationCerts(rootDir, certName) + err = signature.GenerateNotationCerts(rootDir, certName) So(err, ShouldBeNil) // upload the certificate @@ -497,7 +498,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ // sign the image imageURL := fmt.Sprintf("localhost:%s/%s", port, fmt.Sprintf("%s:%s", repo, tag)) - err = test.SignWithNotation(certName, imageURL, rootDir) + err = signature.SignWithNotation(certName, imageURL, rootDir) So(err, ShouldBeNil) found, err = test.ReadLogFileAndSearchString(logFile.Name(), "update signatures validity", 10*time.Second) @@ -592,7 +593,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ } image := CreateRandomImage() - err = test.WriteImageToFileSystem(image, repo, tag, storeController) + err = WriteImageToFileSystem(image, repo, tag, storeController) So(err, ShouldBeNil) ctlr := api.NewController(conf) @@ -854,15 +855,15 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ // Write image image := CreateRandomImage() - err = test.WriteImageToFileSystem(image, repo, tag, storeController) + err = WriteImageToFileSystem(image, repo, tag, storeController) So(err, ShouldBeNil) // Write signature - signature := CreateImageWith().RandomLayers(1, 2).RandomConfig().Build() + sig := CreateImageWith().RandomLayers(1, 2).RandomConfig().Build() So(err, ShouldBeNil) - ref, err := test.GetCosignSignatureTagForManifest(image.Manifest) + ref, err := signature.GetCosignSignatureTagForManifest(image.Manifest) So(err, ShouldBeNil) - err = test.WriteImageToFileSystem(signature, repo, ref, storeController) + err = WriteImageToFileSystem(sig, repo, ref, storeController) So(err, ShouldBeNil) ctlr := api.NewController(conf) @@ -950,13 +951,13 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ rootDir := t.TempDir() - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(rootDir) + signature.LoadNotationPath(rootDir) // generate Notation cert - err := test.GenerateNotationCerts(rootDir, "test") + err := signature.GenerateNotationCerts(rootDir, "test") So(err, ShouldBeNil) certificateContent, err := os.ReadFile(path.Join(rootDir, "notation/localkeys", "test.crt")) diff --git a/pkg/extensions/extension_ui_test.go b/pkg/extensions/extension_ui_test.go index 70a3b433b..cb92b7899 100644 --- a/pkg/extensions/extension_ui_test.go +++ b/pkg/extensions/extension_ui_test.go @@ -16,7 +16,8 @@ import ( "zotregistry.io/zot/pkg/api" "zotregistry.io/zot/pkg/api/config" extconf "zotregistry.io/zot/pkg/extensions/config" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" ) @@ -58,7 +59,7 @@ func TestUIExtension(t *testing.T) { So(found, ShouldBeTrue) So(err, ShouldBeNil) - cfg, layers, manifest, err := test.GetImageComponents(1) //nolint:staticcheck + cfg, layers, manifest, err := deprecated.GetImageComponents(1) //nolint:staticcheck So(err, ShouldBeNil) repoName := "test-repo" diff --git a/pkg/extensions/extension_userprefs_test.go b/pkg/extensions/extension_userprefs_test.go index 0c218f268..fa3afddc2 100644 --- a/pkg/extensions/extension_userprefs_test.go +++ b/pkg/extensions/extension_userprefs_test.go @@ -23,7 +23,7 @@ import ( extconf "zotregistry.io/zot/pkg/extensions/config" "zotregistry.io/zot/pkg/log" mTypes "zotregistry.io/zot/pkg/meta/types" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" "zotregistry.io/zot/pkg/test/mocks" ) diff --git a/pkg/extensions/extensions_test.go b/pkg/extensions/extensions_test.go index 4c136997a..04034b72c 100644 --- a/pkg/extensions/extensions_test.go +++ b/pkg/extensions/extensions_test.go @@ -21,7 +21,8 @@ import ( "zotregistry.io/zot/pkg/extensions" extconf "zotregistry.io/zot/pkg/extensions/config" syncconf "zotregistry.io/zot/pkg/extensions/config/sync" - "zotregistry.io/zot/pkg/test" + authutils "zotregistry.io/zot/pkg/test/auth" + test "zotregistry.io/zot/pkg/test/common" ) const ( @@ -124,7 +125,7 @@ func TestMgmtExtension(t *testing.T) { defaultValue := true - mockOIDCServer, err := test.MockOIDCRun() + mockOIDCServer, err := authutils.MockOIDCRun() if err != nil { panic(err) } @@ -756,7 +757,7 @@ func TestMgmtWithBearer(t *testing.T) { Convey("Make a new controller", t, func() { authorizedNamespace := "allowedrepo" unauthorizedNamespace := "notallowedrepo" - authTestServer := test.MakeAuthTestServer(ServerKey, unauthorizedNamespace) + authTestServer := authutils.MakeAuthTestServer(ServerKey, unauthorizedNamespace) defer authTestServer.Close() port := test.GetFreePort() @@ -798,7 +799,7 @@ func TestMgmtWithBearer(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader := test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader := authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -806,7 +807,7 @@ func TestMgmtWithBearer(t *testing.T) { So(err, ShouldBeNil) So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusOK) - var goodToken test.AccessTokenResponse + var goodToken authutils.AccessTokenResponse err = json.Unmarshal(resp.Body(), &goodToken) So(err, ShouldBeNil) @@ -828,7 +829,7 @@ func TestMgmtWithBearer(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -852,7 +853,7 @@ func TestMgmtWithBearer(t *testing.T) { So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized) - authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) + authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate")) resp, err = resty.R(). SetQueryParam("service", authorizationHeader.Service). SetQueryParam("scope", authorizationHeader.Scope). @@ -860,7 +861,7 @@ func TestMgmtWithBearer(t *testing.T) { So(err, ShouldBeNil) So(resp, ShouldNotBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusOK) - var badToken test.AccessTokenResponse + var badToken authutils.AccessTokenResponse err = json.Unmarshal(resp.Body(), &badToken) So(err, ShouldBeNil) diff --git a/pkg/extensions/get_extensions_disabled_test.go b/pkg/extensions/get_extensions_disabled_test.go index f6f48d2e5..d0984e63d 100644 --- a/pkg/extensions/get_extensions_disabled_test.go +++ b/pkg/extensions/get_extensions_disabled_test.go @@ -15,7 +15,7 @@ import ( "zotregistry.io/zot/pkg/api/config" "zotregistry.io/zot/pkg/api/constants" extconf "zotregistry.io/zot/pkg/extensions/config" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" ) func TestGetExensionsDisabled(t *testing.T) { diff --git a/pkg/extensions/imagetrust/image_trust_disabled_test.go b/pkg/extensions/imagetrust/image_trust_disabled_test.go index f2b632e3f..89560a8ec 100644 --- a/pkg/extensions/imagetrust/image_trust_disabled_test.go +++ b/pkg/extensions/imagetrust/image_trust_disabled_test.go @@ -11,7 +11,7 @@ import ( . "github.com/smartystreets/goconvey/convey" "zotregistry.io/zot/pkg/extensions/imagetrust" - "zotregistry.io/zot/pkg/test" + "zotregistry.io/zot/pkg/test/deprecated" ) func TestImageTrust(t *testing.T) { @@ -28,7 +28,7 @@ func TestImageTrust(t *testing.T) { repo := "repo" - image, err := test.GetRandomImage() //nolint:staticcheck + image, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) manifestContent, err := json.Marshal(image.Manifest) diff --git a/pkg/extensions/imagetrust/image_trust_test.go b/pkg/extensions/imagetrust/image_trust_test.go index 207e54909..27f326e27 100644 --- a/pkg/extensions/imagetrust/image_trust_test.go +++ b/pkg/extensions/imagetrust/image_trust_test.go @@ -37,9 +37,11 @@ import ( zcommon "zotregistry.io/zot/pkg/common" extconf "zotregistry.io/zot/pkg/extensions/config" "zotregistry.io/zot/pkg/extensions/imagetrust" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" + "zotregistry.io/zot/pkg/test/signature" ) var ( @@ -99,13 +101,13 @@ func TestInitCosignAndNotationDirs(t *testing.T) { Convey("UploadCertificate - notationDir is not set", t, func() { rootDir := t.TempDir() - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(rootDir) + signature.LoadNotationPath(rootDir) // generate a keypair - err := test.GenerateNotationCerts(rootDir, "notation-upload-test") + err := signature.GenerateNotationCerts(rootDir, "notation-upload-test") So(err, ShouldBeNil) certificateContent, err := os.ReadFile(path.Join(rootDir, "notation/localkeys", "notation-upload-test.crt")) @@ -154,7 +156,7 @@ func TestVerifySignatures(t *testing.T) { }) Convey("empty manifest digest", t, func() { - image, err := test.GetRandomImage() //nolint:staticcheck + image, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) manifestContent, err := json.Marshal(image.Manifest) @@ -167,7 +169,7 @@ func TestVerifySignatures(t *testing.T) { }) Convey("wrong signature type", t, func() { - image, err := test.GetRandomImage() //nolint:staticcheck + image, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) manifestContent, err := json.Marshal(image.Manifest) @@ -182,9 +184,9 @@ func TestVerifySignatures(t *testing.T) { }) Convey("verify cosign signature", t, func() { - repo := "repo" //nolint:goconst - tag := "test" //nolint:goconst - image, err := test.GetRandomImage() //nolint:staticcheck + repo := "repo" //nolint:goconst + tag := "test" //nolint:goconst + image, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) manifestContent, err := json.Marshal(image.Manifest) @@ -334,9 +336,9 @@ func TestVerifySignatures(t *testing.T) { }) Convey("verify notation signature", t, func() { - repo := "repo" //nolint:goconst - tag := "test" //nolint:goconst - image, err := test.GetRandomImage() //nolint:staticcheck + repo := "repo" //nolint:goconst + tag := "test" //nolint:goconst + image, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) manifestContent, err := json.Marshal(image.Manifest) @@ -437,19 +439,19 @@ func TestVerifySignatures(t *testing.T) { notationDir, err := certStorage.GetNotationDirPath() So(err, ShouldBeNil) - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(notationDir) + signature.LoadNotationPath(notationDir) // generate a keypair - err = test.GenerateNotationCerts(notationDir, "notation-sign-test") + err = signature.GenerateNotationCerts(notationDir, "notation-sign-test") So(err, ShouldBeNil) // sign the image image := fmt.Sprintf("localhost:%s/%s", port, fmt.Sprintf("%s:%s", repo, tag)) - err = test.SignWithNotation("notation-sign-test", image, notationDir) + err = signature.SignWithNotation("notation-sign-test", image, notationDir) So(err, ShouldBeNil) err = test.CopyFiles(path.Join(notationDir, "notation", "truststore"), path.Join(notationDir, "truststore")) @@ -559,13 +561,13 @@ func TestLocalTrustStoreUploadErr(t *testing.T) { Convey("certificate can't be stored", t, func() { rootDir := t.TempDir() - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(rootDir) + signature.LoadNotationPath(rootDir) // generate a keypair - err := test.GenerateNotationCerts(rootDir, "notation-upload-test") + err := signature.GenerateNotationCerts(rootDir, "notation-upload-test") So(err, ShouldBeNil) certificateContent, err := os.ReadFile(path.Join(rootDir, "notation/localkeys", "notation-upload-test.crt")) @@ -1123,13 +1125,13 @@ func RunUploadTests(t *testing.T, imageTrustStore imagetrust.ImageTrustStore) { Convey("upload certificate successfully", func() { certDir := t.TempDir() - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(certDir) + signature.LoadNotationPath(certDir) // generate a keypair - err := test.GenerateNotationCerts(certDir, "notation-upload-test") + err := signature.GenerateNotationCerts(certDir, "notation-upload-test") So(err, ShouldBeNil) certificateContent, err := os.ReadFile(path.Join(certDir, "notation/localkeys", "notation-upload-test.crt")) @@ -1181,7 +1183,7 @@ func RunVerificationTests(t *testing.T, dbDriverParams map[string]interface{}) { tag := "test" //nolint:goconst Convey("verify cosign signature is trusted", func() { - image, err := test.GetRandomImage() //nolint:staticcheck + image, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) manifestContent, err := json.Marshal(image.Manifest) @@ -1265,7 +1267,7 @@ func RunVerificationTests(t *testing.T, dbDriverParams map[string]interface{}) { }) Convey("verify notation signature is trusted", func() { - image, err := test.GetRandomImage() //nolint:staticcheck + image, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) manifestContent, err := json.Marshal(image.Manifest) @@ -1278,10 +1280,10 @@ func RunVerificationTests(t *testing.T, dbDriverParams map[string]interface{}) { notationDir := t.TempDir() - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(notationDir) + signature.LoadNotationPath(notationDir) uuid, err := guuid.NewV4() So(err, ShouldBeNil) @@ -1289,13 +1291,13 @@ func RunVerificationTests(t *testing.T, dbDriverParams map[string]interface{}) { certName := fmt.Sprintf("notation-sign-test-%s", uuid) // generate a keypair - err = test.GenerateNotationCerts(notationDir, certName) + err = signature.GenerateNotationCerts(notationDir, certName) So(err, ShouldBeNil) // sign the image imageURL := fmt.Sprintf("localhost:%s/%s", port, fmt.Sprintf("%s:%s", repo, tag)) - err = test.SignWithNotation(certName, imageURL, notationDir) + err = signature.SignWithNotation(certName, imageURL, notationDir) So(err, ShouldBeNil) indexContent, err := ctlr.StoreController.DefaultStore.GetIndexContent(repo) diff --git a/pkg/extensions/lint/lint_test.go b/pkg/extensions/lint/lint_test.go index b603b33f7..9a784bf57 100644 --- a/pkg/extensions/lint/lint_test.go +++ b/pkg/extensions/lint/lint_test.go @@ -23,9 +23,9 @@ import ( "zotregistry.io/zot/pkg/extensions/monitoring" "zotregistry.io/zot/pkg/log" "zotregistry.io/zot/pkg/storage/local" - "zotregistry.io/zot/pkg/test" - testc "zotregistry.io/zot/pkg/test/common" + test "zotregistry.io/zot/pkg/test/common" . "zotregistry.io/zot/pkg/test/image-utils" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" ) const ( @@ -56,9 +56,9 @@ func TestVerifyMandatoryAnnotations(t *testing.T) { ctlr := api.NewController(conf) dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) ctlr.Config.Storage.RootDirectory = dir @@ -103,9 +103,9 @@ func TestVerifyMandatoryAnnotations(t *testing.T) { ctlr := api.NewController(conf) dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) ctlr.Config.Storage.RootDirectory = dir @@ -151,8 +151,8 @@ func TestVerifyMandatoryAnnotations(t *testing.T) { ctlr := api.NewController(conf) dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) ctlr.Config.Storage.RootDirectory = dir @@ -204,8 +204,8 @@ func TestVerifyMandatoryAnnotations(t *testing.T) { ctlr := api.NewController(conf) dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) ctlr.Config.Storage.RootDirectory = dir @@ -259,7 +259,7 @@ func TestVerifyMandatoryAnnotations(t *testing.T) { resp, err = resty.R(). Post(fmt.Sprintf("%s/v2/zot-test/blobs/uploads/", baseURL)) So(err, ShouldBeNil) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) _, err = resty.R(). SetContentLength(true). @@ -292,8 +292,8 @@ func TestVerifyMandatoryAnnotations(t *testing.T) { ctlr := api.NewController(conf) dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) ctlr.Config.Storage.RootDirectory = dir @@ -346,7 +346,7 @@ func TestVerifyMandatoryAnnotations(t *testing.T) { _, err = resty.R(). Post(fmt.Sprintf("%s/v2/zot-test/blobs/uploads/", baseURL)) So(err, ShouldBeNil) - loc := testc.Location(baseURL, resp) + loc := test.Location(baseURL, resp) _, err = resty.R(). SetContentLength(true). @@ -379,8 +379,8 @@ func TestVerifyMandatoryAnnotations(t *testing.T) { ctlr := api.NewController(conf) dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) ctlr.Config.Storage.RootDirectory = dir @@ -430,8 +430,8 @@ func TestVerifyMandatoryAnnotations(t *testing.T) { ctlr := api.NewController(conf) dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) files, err := os.ReadDir(dir) @@ -485,8 +485,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) var index ispec.Index @@ -517,8 +517,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) var index ispec.Index @@ -549,8 +549,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) var index ispec.Index @@ -612,8 +612,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) var index ispec.Index @@ -674,8 +674,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) var index ispec.Index @@ -738,8 +738,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) var index ispec.Index @@ -811,8 +811,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { dir := t.TempDir() - testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) + testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) + err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr) So(err, ShouldBeNil) var index ispec.Index diff --git a/pkg/extensions/monitoring/monitoring_test.go b/pkg/extensions/monitoring/monitoring_test.go index 0cef5edb8..9b5089f01 100644 --- a/pkg/extensions/monitoring/monitoring_test.go +++ b/pkg/extensions/monitoring/monitoring_test.go @@ -15,8 +15,9 @@ import ( "zotregistry.io/zot/pkg/api/config" extconf "zotregistry.io/zot/pkg/extensions/config" "zotregistry.io/zot/pkg/extensions/monitoring" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" . "zotregistry.io/zot/pkg/test/image-utils" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" ) func TestExtensionMetrics(t *testing.T) { @@ -55,8 +56,8 @@ func TestExtensionMetrics(t *testing.T) { monitoring.IncDownloadCounter(ctlr.Metrics, "alpine") monitoring.IncUploadCounter(ctlr.Metrics, "alpine") - srcStorageCtlr := test.GetDefaultStoreController(rootDir, ctlr.Log) - err := test.WriteImageToFileSystem(CreateDefaultImage(), "alpine", "0.0.1", srcStorageCtlr) + srcStorageCtlr := ociutils.GetDefaultStoreController(rootDir, ctlr.Log) + err := WriteImageToFileSystem(CreateDefaultImage(), "alpine", "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) monitoring.SetStorageUsage(ctlr.Metrics, rootDir, "alpine") diff --git a/pkg/extensions/scrub/scrub_test.go b/pkg/extensions/scrub/scrub_test.go index bd58ef81c..34db265ee 100644 --- a/pkg/extensions/scrub/scrub_test.go +++ b/pkg/extensions/scrub/scrub_test.go @@ -22,8 +22,9 @@ import ( "zotregistry.io/zot/pkg/storage" "zotregistry.io/zot/pkg/storage/cache" "zotregistry.io/zot/pkg/storage/local" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" . "zotregistry.io/zot/pkg/test/image-utils" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" ) const ( @@ -63,8 +64,8 @@ func TestScrubExtension(t *testing.T) { ctlr := api.NewController(conf) - srcStorageCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", "")) - err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), repoName, "0.0.1", srcStorageCtlr) + srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) + err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), repoName, "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) cm := test.NewControllerManager(ctlr) @@ -107,9 +108,9 @@ func TestScrubExtension(t *testing.T) { ctlr := api.NewController(conf) - srcStorageCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", "")) + srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) image := CreateDefaultVulnerableImage() - err = test.WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr) + err = WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) manifestDigest := image.ManifestDescriptor.Digest @@ -159,10 +160,10 @@ func TestScrubExtension(t *testing.T) { ctlr := api.NewController(conf) - srcStorageCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", "")) + srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) image := CreateDefaultVulnerableImage() - err = test.WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr) + err = WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) So(os.Chmod(path.Join(dir, repoName), 0o000), ShouldBeNil) @@ -203,10 +204,10 @@ func TestRunScrubRepo(t *testing.T) { imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) - srcStorageCtlr := test.GetDefaultStoreController(dir, log) + srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log) image := CreateDefaultVulnerableImage() - err = test.WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr) + err = WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) err = scrub.RunScrubRepo(context.Background(), imgStore, repoName, log) @@ -239,10 +240,10 @@ func TestRunScrubRepo(t *testing.T) { imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) - srcStorageCtlr := test.GetDefaultStoreController(dir, log) + srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log) image := CreateDefaultVulnerableImage() - err = test.WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr) + err = WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) manifestDigest := image.ManifestDescriptor.Digest @@ -280,10 +281,10 @@ func TestRunScrubRepo(t *testing.T) { }, log) imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) - srcStorageCtlr := test.GetDefaultStoreController(dir, log) + srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log) image := CreateDefaultVulnerableImage() - err = test.WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr) + err = WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) So(os.Chmod(path.Join(dir, repoName), 0o000), ShouldBeNil) diff --git a/pkg/extensions/search/convert/convert_test.go b/pkg/extensions/search/convert/convert_test.go index 62f7a0d41..cc52fcfcb 100644 --- a/pkg/extensions/search/convert/convert_test.go +++ b/pkg/extensions/search/convert/convert_test.go @@ -20,9 +20,9 @@ import ( "zotregistry.io/zot/pkg/extensions/search/pagination" "zotregistry.io/zot/pkg/log" mTypes "zotregistry.io/zot/pkg/meta/types" - "zotregistry.io/zot/pkg/test" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" ) var ErrTestError = errors.New("TestError") @@ -441,10 +441,10 @@ func TestPaginatedConvert(t *testing.T) { []Image{badOsImage, badArchImage, randomImage2, goodImage}).Build() ) - reposMeta, manifestMetaMap, indexDataMap := test.GetMetadataForRepos( - test.Repo{ + reposMeta, manifestMetaMap, indexDataMap := ociutils.GetMetadataForRepos( + ociutils.Repo{ Name: "repo1-only-images", - Images: []test.RepoImage{ + Images: []ociutils.RepoImage{ {Image: goodImage, Tag: "goodImage"}, {Image: badOsImage, Tag: "badOsImage"}, {Image: badArchImage, Tag: "badArchImage"}, @@ -453,9 +453,9 @@ func TestPaginatedConvert(t *testing.T) { IsBookmarked: true, IsStarred: true, }, - test.Repo{ + ociutils.Repo{ Name: "repo2-only-bad-images", - Images: []test.RepoImage{ + Images: []ociutils.RepoImage{ {Image: randomImage1, Tag: "randomImage1"}, {Image: randomImage2, Tag: "randomImage2"}, {Image: badBothImage, Tag: "badBothImage"}, @@ -463,27 +463,27 @@ func TestPaginatedConvert(t *testing.T) { IsBookmarked: true, IsStarred: true, }, - test.Repo{ + ociutils.Repo{ Name: "repo3-only-multiarch", - MultiArchImages: []test.RepoMultiArchImage{ + MultiArchImages: []ociutils.RepoMultiArchImage{ {MultiarchImage: badMultiArch, Tag: "badMultiArch"}, {MultiarchImage: goodMultiArch, Tag: "goodMultiArch"}, }, IsBookmarked: true, IsStarred: true, }, - test.Repo{ + ociutils.Repo{ Name: "repo4-not-bookmarked-or-starred", - Images: []test.RepoImage{ + Images: []ociutils.RepoImage{ {Image: goodImage, Tag: "goodImage"}, }, - MultiArchImages: []test.RepoMultiArchImage{ + MultiArchImages: []ociutils.RepoMultiArchImage{ {MultiarchImage: goodMultiArch, Tag: "goodMultiArch"}, }, }, - test.Repo{ + ociutils.Repo{ Name: "repo5-signed", - Images: []test.RepoImage{ + Images: []ociutils.RepoImage{ {Image: goodImage, Tag: "goodImage"}, // is fake signed by the image below {Image: CreateFakeTestSignature(goodImage.DescriptorRef())}, }, @@ -746,9 +746,9 @@ func TestIndexAnnotations(t *testing.T) { []Image{imageWithManifestAndConfigAnnotations}, ).Annotations(indexAnnotations).Build() - repoMeta, manifestMetadata, indexData := test.GetMetadataForRepos(test.Repo{ + repoMeta, manifestMetadata, indexData := ociutils.GetMetadataForRepos(ociutils.Repo{ Name: "repo", - MultiArchImages: []test.RepoMultiArchImage{ + MultiArchImages: []ociutils.RepoMultiArchImage{ {MultiarchImage: indexWithAnnotations, Tag: "tag"}, }, }) @@ -771,9 +771,9 @@ func TestIndexAnnotations(t *testing.T) { []Image{imageWithManifestAndConfigAnnotations, CreateRandomImage(), CreateRandomImage()}, ).Build() - repoMeta, manifestMetadata, indexData = test.GetMetadataForRepos(test.Repo{ + repoMeta, manifestMetadata, indexData = ociutils.GetMetadataForRepos(ociutils.Repo{ Name: "repo", - MultiArchImages: []test.RepoMultiArchImage{{MultiarchImage: indexWithManifestAndConfigAnnotations}}, + MultiArchImages: []ociutils.RepoMultiArchImage{{MultiarchImage: indexWithManifestAndConfigAnnotations}}, }) digest = indexWithManifestAndConfigAnnotations.Digest() @@ -792,9 +792,9 @@ func TestIndexAnnotations(t *testing.T) { []Image{imageWithConfigAnnotations, CreateRandomImage(), CreateRandomImage()}, ).Build() - repoMeta, manifestMetadata, indexData = test.GetMetadataForRepos(test.Repo{ + repoMeta, manifestMetadata, indexData = ociutils.GetMetadataForRepos(ociutils.Repo{ Name: "repo", - MultiArchImages: []test.RepoMultiArchImage{{MultiarchImage: indexWithConfigAnnotations, Tag: "tag"}}, + MultiArchImages: []ociutils.RepoMultiArchImage{{MultiarchImage: indexWithConfigAnnotations, Tag: "tag"}}, }) digest = indexWithConfigAnnotations.Digest() @@ -834,9 +834,9 @@ func TestIndexAnnotations(t *testing.T) { }, ).Build() - repoMeta, manifestMetadata, indexData = test.GetMetadataForRepos(test.Repo{ + repoMeta, manifestMetadata, indexData = ociutils.GetMetadataForRepos(ociutils.Repo{ Name: "repo", - MultiArchImages: []test.RepoMultiArchImage{{MultiarchImage: indexWithMixAnnotations, Tag: "tag"}}, + MultiArchImages: []ociutils.RepoMultiArchImage{{MultiarchImage: indexWithMixAnnotations, Tag: "tag"}}, }) digest = indexWithMixAnnotations.Digest() @@ -854,9 +854,9 @@ func TestIndexAnnotations(t *testing.T) { //-------------------------------------------------------- indexWithNoAnnotations := CreateRandomMultiarch() - repoMeta, manifestMetadata, indexData = test.GetMetadataForRepos(test.Repo{ + repoMeta, manifestMetadata, indexData = ociutils.GetMetadataForRepos(ociutils.Repo{ Name: "repo", - MultiArchImages: []test.RepoMultiArchImage{{MultiarchImage: indexWithNoAnnotations, Tag: "tag"}}, + MultiArchImages: []ociutils.RepoMultiArchImage{{MultiarchImage: indexWithNoAnnotations, Tag: "tag"}}, }) digest = indexWithNoAnnotations.Digest() @@ -875,10 +875,10 @@ func TestIndexAnnotations(t *testing.T) { func TestDownloadCount(t *testing.T) { Convey("manifest", t, func() { - repoMeta, manifestMetaMap, indexDataMap := test.GetMetadataForRepos( - test.Repo{ + repoMeta, manifestMetaMap, indexDataMap := ociutils.GetMetadataForRepos( + ociutils.Repo{ Name: "repo", - Images: []test.RepoImage{ + Images: []ociutils.RepoImage{ { Image: CreateRandomImage(), Tag: "10-downloads", @@ -899,10 +899,10 @@ func TestDownloadCount(t *testing.T) { img1, img2, img3 := CreateRandomImage(), CreateRandomImage(), CreateRandomImage() multiArch := CreateMultiarchWith().Images([]Image{img1, img2, img3}).Build() - repoMeta, manifestMetaMap, indexDataMap := test.GetMetadataForRepos( - test.Repo{ + repoMeta, manifestMetaMap, indexDataMap := ociutils.GetMetadataForRepos( + ociutils.Repo{ Name: "repo", - MultiArchImages: []test.RepoMultiArchImage{ + MultiArchImages: []ociutils.RepoMultiArchImage{ { MultiarchImage: multiArch, Tag: "160-multiarch", @@ -931,17 +931,17 @@ func TestDownloadCount(t *testing.T) { multiArch := CreateMultiarchWith().Images([]Image{img1, img2, img3}).Build() - repoMeta, manifestMetaMap, indexDataMap := test.GetMetadataForRepos( - test.Repo{ + repoMeta, manifestMetaMap, indexDataMap := ociutils.GetMetadataForRepos( + ociutils.Repo{ Name: "repo", - Images: []test.RepoImage{ + Images: []ociutils.RepoImage{ { Image: CreateRandomImage(), Tag: "5-downloads", Statistics: mTypes.DescriptorStatistics{DownloadCount: 5}, }, }, - MultiArchImages: []test.RepoMultiArchImage{ + MultiArchImages: []ociutils.RepoMultiArchImage{ { MultiarchImage: multiArch, Tag: "160-multiarch", diff --git a/pkg/extensions/search/cve/cve_test.go b/pkg/extensions/search/cve/cve_test.go index 32b9e2bba..32d905915 100644 --- a/pkg/extensions/search/cve/cve_test.go +++ b/pkg/extensions/search/cve/cve_test.go @@ -38,9 +38,11 @@ import ( mTypes "zotregistry.io/zot/pkg/meta/types" "zotregistry.io/zot/pkg/storage" "zotregistry.io/zot/pkg/storage/local" - . "zotregistry.io/zot/pkg/test" + . "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" ) const ( @@ -88,7 +90,7 @@ func testSetup(t *testing.T) (string, error) { return "", err } - testStorageCtrl := GetDefaultStoreController(dir, log.NewLogger("debug", "")) + testStorageCtrl := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) err = WriteImageToFileSystem(CreateRandomVulnerableImage(), "zot-test", "0.0.1", testStorageCtrl) if err != nil { @@ -1647,28 +1649,29 @@ func TestFixedTagsWithIndex(t *testing.T) { defer cm.StopServer() // push index with 2 manifests: one with vulns and one without vulnManifestCreated := time.Date(2010, 1, 1, 1, 1, 1, 1, time.UTC) - vulnManifest, err := GetVulnImageWithConfig(ispec.Image{ + vulnManifest, err := deprecated.GetVulnImageWithConfig(ispec.Image{ //nolint:staticcheck Created: &vulnManifestCreated, Platform: ispec.Platform{OS: "linux", Architecture: "amd64"}, }) So(err, ShouldBeNil) fixedManifestCreated := time.Date(2010, 1, 1, 1, 1, 1, 1, time.UTC) - fixedManifest, err := GetImageWithConfig(ispec.Image{ + fixedManifest, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck Created: &fixedManifestCreated, Platform: ispec.Platform{OS: "windows", Architecture: "amd64"}, }) So(err, ShouldBeNil) fixedDigest := fixedManifest.Digest() - multiArch := GetMultiarchImageForImages([]Image{fixedManifest, vulnManifest}) + multiArch := deprecated.GetMultiarchImageForImages([]Image{fixedManifest, //nolint:staticcheck + vulnManifest}) err = UploadMultiarchImage(multiArch, baseURL, "repo", "multi-arch-tag") So(err, ShouldBeNil) // oldest vulnerability simpleVulnCreated := time.Date(2005, 1, 1, 1, 1, 1, 1, time.UTC) - simpleVulnImg, err := GetVulnImageWithConfig(ispec.Image{ + simpleVulnImg, err := deprecated.GetVulnImageWithConfig(ispec.Image{ //nolint:staticcheck Created: &simpleVulnCreated, Platform: ispec.Platform{OS: "windows", Architecture: "amd64"}, }) diff --git a/pkg/extensions/search/cve/scan_test.go b/pkg/extensions/search/cve/scan_test.go index ce814a4e7..ccb45dfc8 100644 --- a/pkg/extensions/search/cve/scan_test.go +++ b/pkg/extensions/search/cve/scan_test.go @@ -31,7 +31,7 @@ import ( "zotregistry.io/zot/pkg/scheduler" "zotregistry.io/zot/pkg/storage" "zotregistry.io/zot/pkg/storage/local" - . "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" ) @@ -530,7 +530,7 @@ func TestScanGeneratorWithMockedData(t *testing.T) { //nolint: gocyclo defer cancel() // Make sure the scanner generator has completed despite errors - found, err := ReadLogFileAndSearchString(logPath, + found, err := test.ReadLogFileAndSearchString(logPath, "Scheduled CVE scan: finished for available images", 20*time.Second) So(err, ShouldBeNil) So(found, ShouldBeTrue) @@ -553,19 +553,19 @@ func TestScanGeneratorWithMockedData(t *testing.T) { //nolint: gocyclo } // Make sure the scanner generator is catching the metadb error for repo5:nonexitent-manifest - found, err = ReadLogFileAndSearchString(logPath, + found, err = test.ReadLogFileAndSearchString(logPath, "Scheduled CVE scan: error while obtaining repo metadata", 20*time.Second) So(err, ShouldBeNil) So(found, ShouldBeTrue) // Make sure the scanner generator is catching the scanning error for repo7 - found, err = ReadLogFileAndSearchString(logPath, + found, err = test.ReadLogFileAndSearchString(logPath, "Scheduled CVE scan errored for image", 20*time.Second) So(err, ShouldBeNil) So(found, ShouldBeTrue) // Make sure the scanner generator is triggered at least twice - found, err = ReadLogFileAndCountStringOccurence(logPath, + found, err = test.ReadLogFileAndCountStringOccurence(logPath, "Scheduled CVE scan: finished for available images", 30*time.Second, 2) So(err, ShouldBeNil) So(found, ShouldBeTrue) @@ -627,17 +627,17 @@ func TestScanGeneratorWithRealData(t *testing.T) { defer cancel() // Make sure the scanner generator has completed - found, err := ReadLogFileAndSearchString(logPath, + found, err := test.ReadLogFileAndSearchString(logPath, "Scheduled CVE scan: finished for available images", 120*time.Second) So(err, ShouldBeNil) So(found, ShouldBeTrue) - found, err = ReadLogFileAndSearchString(logPath, + found, err = test.ReadLogFileAndSearchString(logPath, image.ManifestDescriptor.Digest.String(), 120*time.Second) So(err, ShouldBeNil) So(found, ShouldBeTrue) - found, err = ReadLogFileAndSearchString(logPath, + found, err = test.ReadLogFileAndSearchString(logPath, "Scheduled CVE scan completed successfully for image", 120*time.Second) So(err, ShouldBeNil) So(found, ShouldBeTrue) diff --git a/pkg/extensions/search/cve/trivy/scanner_internal_test.go b/pkg/extensions/search/cve/trivy/scanner_internal_test.go index a952029b7..4d81ef977 100644 --- a/pkg/extensions/search/cve/trivy/scanner_internal_test.go +++ b/pkg/extensions/search/cve/trivy/scanner_internal_test.go @@ -27,7 +27,8 @@ import ( "zotregistry.io/zot/pkg/storage/imagestore" "zotregistry.io/zot/pkg/storage/local" storageTypes "zotregistry.io/zot/pkg/storage/types" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" ) @@ -35,7 +36,7 @@ import ( func generateTestImage(storeController storage.StoreController, image string) { repoName, tag := common.GetImageDirAndTag(image) - config, layers, manifest, err := test.GetImageComponents(10) //nolint:staticcheck + config, layers, manifest, err := deprecated.GetImageComponents(10) //nolint:staticcheck So(err, ShouldBeNil) store := storeController.GetImageStore(repoName) @@ -178,10 +179,6 @@ func TestTrivyLibraryErrors(t *testing.T) { // Create temporary directory rootDir := t.TempDir() - storageCtlr := test.GetDefaultStoreController(rootDir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storageCtlr) - So(err, ShouldBeNil) - log := log.NewLogger("debug", "") metrics := monitoring.NewMetricsServer(false, log) @@ -191,6 +188,9 @@ func TestTrivyLibraryErrors(t *testing.T) { storeController := storage.StoreController{} storeController.DefaultStore = store + err := WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storeController) + So(err, ShouldBeNil) + params := boltdb.DBParameters{ RootDir: rootDir, } diff --git a/pkg/extensions/search/cve/trivy/scanner_test.go b/pkg/extensions/search/cve/trivy/scanner_test.go index 627d6a77a..c03b82181 100644 --- a/pkg/extensions/search/cve/trivy/scanner_test.go +++ b/pkg/extensions/search/cve/trivy/scanner_test.go @@ -23,21 +23,21 @@ import ( mTypes "zotregistry.io/zot/pkg/meta/types" "zotregistry.io/zot/pkg/storage" "zotregistry.io/zot/pkg/storage/local" - "zotregistry.io/zot/pkg/test" - testc "zotregistry.io/zot/pkg/test/common" + . "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" ) func TestScanBigTestFile(t *testing.T) { Convey("Scan zot-test", t, func() { - projRootDir, err := testc.GetProjectRootDir() + projRootDir, err := GetProjectRootDir() So(err, ShouldBeNil) testImage := filepath.Join(projRootDir, "test/data/zot-test") tempDir := t.TempDir() - port := test.GetFreePort() + port := GetFreePort() conf := config.New() conf.HTTP.Port = port defaultVal := true @@ -50,10 +50,10 @@ func TestScanBigTestFile(t *testing.T) { ctlr := api.NewController(conf) So(ctlr, ShouldNotBeNil) - err = test.CopyFiles(testImage, filepath.Join(tempDir, "zot-test")) + err = CopyFiles(testImage, filepath.Join(tempDir, "zot-test")) So(err, ShouldBeNil) - cm := test.NewControllerManager(ctlr) + cm := NewControllerManager(ctlr) cm.StartAndWait(port) defer cm.StopServer() // scan @@ -72,8 +72,8 @@ func TestScanningByDigest(t *testing.T) { Convey("Scan the individual manifests inside an index", t, func() { // start server tempDir := t.TempDir() - port := test.GetFreePort() - baseURL := test.GetBaseURL(port) + port := GetFreePort() + baseURL := GetBaseURL(port) conf := config.New() conf.HTTP.Port = port defaultVal := true @@ -86,7 +86,7 @@ func TestScanningByDigest(t *testing.T) { ctlr := api.NewController(conf) So(ctlr, ShouldNotBeNil) - cm := test.NewControllerManager(ctlr) + cm := NewControllerManager(ctlr) cm.StartAndWait(port) defer cm.StopServer() // push index with 2 manifests: one with vulns and one without @@ -94,7 +94,8 @@ func TestScanningByDigest(t *testing.T) { simpleImage := CreateRandomImage() - multiArch := test.GetMultiarchImageForImages([]Image{simpleImage, vulnImage}) //nolint:staticcheck + multiArch := deprecated.GetMultiarchImageForImages([]Image{simpleImage, //nolint:staticcheck + vulnImage}) err := UploadMultiarchImage(multiArch, baseURL, "multi-arch", "multi-arch-tag") So(err, ShouldBeNil) @@ -193,7 +194,7 @@ func TestVulnerableLayer(t *testing.T) { DefaultStore: imageStore, } - err = test.WriteImageToFileSystem(img, "repo", img.DigestStr(), storeController) + err = WriteImageToFileSystem(img, "repo", img.DigestStr(), storeController) So(err, ShouldBeNil) params := boltdb.DBParameters{ diff --git a/pkg/extensions/search/cve/update_test.go b/pkg/extensions/search/cve/update_test.go index bb0502851..e9c0849ea 100644 --- a/pkg/extensions/search/cve/update_test.go +++ b/pkg/extensions/search/cve/update_test.go @@ -19,7 +19,7 @@ import ( mTypes "zotregistry.io/zot/pkg/meta/types" "zotregistry.io/zot/pkg/scheduler" "zotregistry.io/zot/pkg/storage" - . "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" "zotregistry.io/zot/pkg/test/mocks" ) @@ -68,7 +68,7 @@ func TestCVEDBGenerator(t *testing.T) { defer cancel() // Wait for trivy db to download - found, err := ReadLogFileAndCountStringOccurence(logPath, + found, err := test.ReadLogFileAndCountStringOccurence(logPath, "DB update completed, next update scheduled", 140*time.Second, 2) So(err, ShouldBeNil) So(found, ShouldBeTrue) diff --git a/pkg/extensions/search/digest_test.go b/pkg/extensions/search/digest_test.go index ede66ca37..0d286496f 100644 --- a/pkg/extensions/search/digest_test.go +++ b/pkg/extensions/search/digest_test.go @@ -20,7 +20,8 @@ import ( "zotregistry.io/zot/pkg/api/constants" "zotregistry.io/zot/pkg/common" extconf "zotregistry.io/zot/pkg/extensions/config" - . "zotregistry.io/zot/pkg/test" + . "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" ) @@ -74,7 +75,7 @@ func TestDigestSearchHTTP(t *testing.T) { layers1 := [][]byte{ {3, 2, 2}, } - image1, err := GetImageWithComponents( + image1, err := deprecated.GetImageWithComponents( //nolint: staticcheck ispec.Image{ Created: &createdTime1, History: []ispec.History{ @@ -93,7 +94,7 @@ func TestDigestSearchHTTP(t *testing.T) { So(err, ShouldBeNil) createdTime2 := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC) - image2, err := GetImageWithComponents( + image2, err := deprecated.GetImageWithComponents( //nolint: staticcheck ispec.Image{ History: []ispec.History{{Created: &createdTime2}}, Platform: ispec.Platform{ @@ -292,7 +293,7 @@ func TestDigestSearchHTTPSubPaths(t *testing.T) { // shut down server defer ctrlManager.StopServer() - config, layers, manifest, err := GetImageComponents(100) + config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint: staticcheck So(err, ShouldBeNil) err = UploadImage(Image{Manifest: manifest, Config: config, Layers: layers}, baseURL, "a/zot-cve-test", "0.0.1") diff --git a/pkg/extensions/search/search_test.go b/pkg/extensions/search/search_test.go index 642914ba0..1ed410162 100644 --- a/pkg/extensions/search/search_test.go +++ b/pkg/extensions/search/search_test.go @@ -42,10 +42,12 @@ import ( "zotregistry.io/zot/pkg/storage" "zotregistry.io/zot/pkg/storage/local" storageTypes "zotregistry.io/zot/pkg/storage/types" - . "zotregistry.io/zot/pkg/test" + . "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" - ocilayout "zotregistry.io/zot/pkg/test/oci-layout" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" + "zotregistry.io/zot/pkg/test/signature" ) const ( @@ -381,7 +383,7 @@ func TestRepoListWithNewestImage(t *testing.T) { ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() - config, layers, _, err := GetImageComponents(100) + config, layers, _, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) uploadedImage := CreateImageWith().LayerBlobs(layers).ImageConfig(config).Build() @@ -722,7 +724,7 @@ func TestRepoListWithNewestImage(t *testing.T) { So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, 422) - config, layers, manifest, err := GetImageComponents(100) + config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage(Image{Manifest: manifest, Config: config, Layers: layers}, baseURL, "zot-cve-test", "0.0.1") @@ -810,7 +812,7 @@ func TestGetReferrersGQL(t *testing.T) { // ======================= - config, layers, manifest, err := GetImageComponents(1000) + config, layers, manifest, err := deprecated.GetImageComponents(1000) //nolint:staticcheck So(err, ShouldBeNil) repo := "artifact-ref" @@ -943,7 +945,7 @@ func TestGetReferrersGQL(t *testing.T) { // ======================= - multiarch, err := GetRandomMultiarchImage("multiarch") + multiarch, err := deprecated.GetRandomMultiarchImage("multiarch") //nolint:staticcheck So(err, ShouldBeNil) repo := "artifact-ref" @@ -1069,14 +1071,14 @@ func TestGetReferrersGQL(t *testing.T) { // Upload the index referrer - targetImg, err := GetRandomImage() + targetImg, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) targetDigest := targetImg.Digest() err = UploadImage(targetImg, baseURL, "repo", targetDigest.String()) So(err, ShouldBeNil) - indexReferrer, err := GetRandomMultiarchImage("ref") + indexReferrer, err := deprecated.GetRandomMultiarchImage("ref") //nolint:staticcheck So(err, ShouldBeNil) artifactType := "com.artifact.art/type" @@ -1171,7 +1173,7 @@ func TestExpandedRepoInfo(t *testing.T) { // init storage layout with 3 images for i := 1; i <= 3; i++ { - config, layers, manifest, err := GetImageComponents(100) + config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) err = WriteImageToFileSystem( @@ -1270,7 +1272,7 @@ func TestExpandedRepoInfo(t *testing.T) { ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() - config, layers, _, err := GetImageComponents(100) + config, layers, _, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) annotations := make(map[string]string) @@ -1362,7 +1364,7 @@ func TestExpandedRepoInfo(t *testing.T) { } So(found, ShouldEqual, true) - err = SignImageUsingCosign("zot-cve-test:0.0.1", port) + err = signature.SignImageUsingCosign("zot-cve-test:0.0.1", port) So(err, ShouldBeNil) resp, err = resty.R().Get(baseURL + graphqlQueryPrefix + "?query=" + url.QueryEscape(query)) @@ -1434,7 +1436,7 @@ func TestExpandedRepoInfo(t *testing.T) { } So(found, ShouldEqual, true) - err = SignImageUsingCosign("zot-test@"+testManifestDigest.String(), port) + err = signature.SignImageUsingCosign("zot-test@"+testManifestDigest.String(), port) So(err, ShouldBeNil) resp, err = resty.R().Get(baseURL + graphqlQueryPrefix + "/query?query=" + url.QueryEscape(query)) @@ -1474,7 +1476,7 @@ func TestExpandedRepoInfo(t *testing.T) { }) Convey("Test expanded repo info with tagged referrers", t, func() { - const test = "test" + const testTag = "test" rootDir := t.TempDir() port := GetFreePort() baseURL := GetBaseURL(port) @@ -1494,14 +1496,15 @@ func TestExpandedRepoInfo(t *testing.T) { ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() - image, err := GetRandomImage() + image, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) manifestDigest := image.Digest() - err = UploadImage(image, baseURL, "repo", test) + err = UploadImage(image, baseURL, "repo", testTag) So(err, ShouldBeNil) - referrer, err := GetImageWithSubject(manifestDigest, ispec.MediaTypeImageManifest) + referrer, err := deprecated.GetImageWithSubject(manifestDigest, //nolint:staticcheck + ispec.MediaTypeImageManifest) So(err, ShouldBeNil) tag := "test-ref-tag" @@ -1539,7 +1542,7 @@ func TestExpandedRepoInfo(t *testing.T) { for _, imgSum := range repoInfo.ImageSummaries { switch imgSum.Tag { - case test: + case testTag: foundTagTest = true case "test-ref-tag": foundTagRefTag = true @@ -1646,7 +1649,7 @@ func TestExpandedRepoInfo(t *testing.T) { // ------- Create test images - indexSubImage11, err := GetImageWithConfig(ispec.Image{ + indexSubImage11, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck Platform: ispec.Platform{ OS: "os11", Architecture: "arch11", @@ -1654,7 +1657,7 @@ func TestExpandedRepoInfo(t *testing.T) { }) So(err, ShouldBeNil) - indexSubImage12, err := GetImageWithConfig(ispec.Image{ + indexSubImage12, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck Platform: ispec.Platform{ OS: "os12", Architecture: "arch12", @@ -1662,9 +1665,10 @@ func TestExpandedRepoInfo(t *testing.T) { }) So(err, ShouldBeNil) - multiImage1 := GetMultiarchImageForImages([]Image{indexSubImage11, indexSubImage12}) + multiImage1 := deprecated.GetMultiarchImageForImages([]Image{indexSubImage11, //nolint:staticcheck + indexSubImage12}) - indexSubImage21, err := GetImageWithConfig(ispec.Image{ + indexSubImage21, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck Platform: ispec.Platform{ OS: "os21", Architecture: "arch21", @@ -1672,7 +1676,7 @@ func TestExpandedRepoInfo(t *testing.T) { }) So(err, ShouldBeNil) - indexSubImage22, err := GetImageWithConfig(ispec.Image{ + indexSubImage22, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck Platform: ispec.Platform{ OS: "os22", Architecture: "arch22", @@ -1680,7 +1684,7 @@ func TestExpandedRepoInfo(t *testing.T) { }) So(err, ShouldBeNil) - indexSubImage23, err := GetImageWithConfig(ispec.Image{ + indexSubImage23, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck Platform: ispec.Platform{ OS: "os23", Architecture: "arch23", @@ -1688,7 +1692,8 @@ func TestExpandedRepoInfo(t *testing.T) { }) So(err, ShouldBeNil) - multiImage2 := GetMultiarchImageForImages([]Image{indexSubImage21, indexSubImage22, indexSubImage23}) + multiImage2 := deprecated.GetMultiarchImageForImages([]Image{indexSubImage21, //nolint:staticcheck + indexSubImage22, indexSubImage23}) // ------- Write test Images err = WriteMultiArchImageToFileSystem(multiImage1, "repo", "1.0.0", storeController) @@ -2199,7 +2204,7 @@ func TestGetImageManifest(t *testing.T) { storeController := storage.StoreController{ DefaultStore: mockImageStore, } - olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) _, _, err := olu.GetImageManifest("nonexistent-repo", "latest") So(err, ShouldNotBeNil) @@ -2215,7 +2220,7 @@ func TestGetImageManifest(t *testing.T) { storeController := storage.StoreController{ DefaultStore: mockImageStore, } - olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) _, _, err := olu.GetImageManifest("test-repo", "latest") //nolint:goconst So(err, ShouldNotBeNil) @@ -2847,7 +2852,7 @@ func TestGetRepositories(t *testing.T) { DefaultStore: mockImageStore, SubStore: map[string]storageTypes.ImageStore{"test": mockImageStore}, } - olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) repoList, err := olu.GetRepositories() So(repoList, ShouldBeEmpty) @@ -2857,7 +2862,7 @@ func TestGetRepositories(t *testing.T) { DefaultStore: mocks.MockedImageStore{}, SubStore: map[string]storageTypes.ImageStore{"test": mockImageStore}, } - olu = ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu = ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) repoList, err = olu.GetRepositories() So(repoList, ShouldBeEmpty) @@ -2887,7 +2892,7 @@ func TestGlobalSearchImageAuthor(t *testing.T) { defer ctlrManager.StopServer() Convey("Test global search with author in manifest's annotations", t, func() { - cfg, layers, manifest, err := GetImageComponents(10000) + cfg, layers, manifest, err := deprecated.GetImageComponents(10000) //nolint:staticcheck So(err, ShouldBeNil) manifest.Annotations = make(map[string]string) @@ -2951,7 +2956,7 @@ func TestGlobalSearchImageAuthor(t *testing.T) { }) Convey("Test global search with author in manifest's config", t, func() { - cfg, layers, manifest, err := GetImageComponents(10000) + cfg, layers, manifest, err := deprecated.GetImageComponents(10000) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage( @@ -3043,7 +3048,7 @@ func TestGlobalSearch(t *testing.T) { defer ctlrManager.StopServer() // push test images to repo 1 image 1 - _, layers1, manifest1, err := GetImageComponents(100) + _, layers1, manifest1, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) createdTime := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC) @@ -3096,7 +3101,7 @@ func TestGlobalSearch(t *testing.T) { So(err, ShouldBeNil) // push test images to repo 1 image 2 - config2, layers2, manifest2, err := GetImageComponents(200) + config2, layers2, manifest2, err := deprecated.GetImageComponents(200) //nolint:staticcheck So(err, ShouldBeNil) createdTime2 := time.Date(2009, 1, 1, 12, 0, 0, 0, time.UTC) createdTimeL2 = time.Date(2009, 2, 1, 12, 0, 0, 0, time.UTC) @@ -3135,7 +3140,7 @@ func TestGlobalSearch(t *testing.T) { So(err, ShouldBeNil) // push test images to repo 2 image 1 - config3, layers3, manifest3, err := GetImageComponents(300) + config3, layers3, manifest3, err := deprecated.GetImageComponents(300) //nolint:staticcheck So(err, ShouldBeNil) createdTime3 := time.Date(2009, 2, 1, 12, 0, 0, 0, time.UTC) config3.History = append(config3.History, ispec.History{Created: &createdTime3}) @@ -3156,7 +3161,7 @@ func TestGlobalSearch(t *testing.T) { ) So(err, ShouldBeNil) - olu := ocilayout.NewBaseOciLayoutUtils(ctlr.StoreController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(ctlr.StoreController, log.NewLogger("debug", "")) // Initialize the objects containing the expected data repos, err := olu.GetRepositories() @@ -3412,7 +3417,7 @@ func TestGlobalSearch(t *testing.T) { WaitTillServerReady(baseURL) // push test images to repo 1 image 1 - config1, layers1, manifest1, err := GetImageComponents(100) + config1, layers1, manifest1, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) createdTime := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC) config1.History = append(config1.History, ispec.History{Created: &createdTime}) @@ -3434,7 +3439,7 @@ func TestGlobalSearch(t *testing.T) { So(err, ShouldBeNil) // push test images to repo 1 image 2 - config2, layers2, manifest2, err := GetImageComponents(200) + config2, layers2, manifest2, err := deprecated.GetImageComponents(200) //nolint:staticcheck So(err, ShouldBeNil) createdTime2 := time.Date(2009, 1, 1, 12, 0, 0, 0, time.UTC) config2.History = append(config2.History, ispec.History{Created: &createdTime2}) @@ -3456,7 +3461,7 @@ func TestGlobalSearch(t *testing.T) { So(err, ShouldBeNil) // push test images to repo 2 image 1 - config3, layers3, manifest3, err := GetImageComponents(300) + config3, layers3, manifest3, err := deprecated.GetImageComponents(300) //nolint:staticcheck So(err, ShouldBeNil) createdTime3 := time.Date(2009, 2, 1, 12, 0, 0, 0, time.UTC) config3.History = append(config3.History, ispec.History{Created: &createdTime3}) @@ -3477,7 +3482,7 @@ func TestGlobalSearch(t *testing.T) { ) So(err, ShouldBeNil) - olu := ocilayout.NewBaseOciLayoutUtils(ctlr.StoreController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(ctlr.StoreController, log.NewLogger("debug", "")) // Initialize the objects containing the expected data repos, err := olu.GetRepositories() @@ -3679,7 +3684,7 @@ func TestCleaningFilteringParamsGlobalSearch(t *testing.T) { ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() - image, err := GetImageWithConfig(ispec.Image{ + image, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck Platform: ispec.Platform{ OS: "windows", Architecture: "amd64", @@ -3690,7 +3695,7 @@ func TestCleaningFilteringParamsGlobalSearch(t *testing.T) { err = UploadImage(image, baseURL, "repo1", image.DigestStr()) So(err, ShouldBeNil) - image, err = GetImageWithConfig(ispec.Image{ + image, err = deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck Platform: ispec.Platform{ OS: "linux", Architecture: "amd64", @@ -3743,7 +3748,7 @@ func TestGlobalSearchFiltering(t *testing.T) { ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() - config, layers, manifest, err := GetRandomImageComponents(100) + config, layers, manifest, err := deprecated.GetRandomImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage( @@ -3755,7 +3760,7 @@ func TestGlobalSearchFiltering(t *testing.T) { ) So(err, ShouldBeNil) - config, layers, manifest, err = GetRandomImageComponents(100) + config, layers, manifest, err = deprecated.GetRandomImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage( @@ -3767,7 +3772,7 @@ func TestGlobalSearchFiltering(t *testing.T) { ) So(err, ShouldBeNil) - err = SignImageUsingCosign("signed-repo:test", port) + err = signature.SignImageUsingCosign("signed-repo:test", port) So(err, ShouldBeNil) query := `{ @@ -3907,7 +3912,7 @@ func TestImageList(t *testing.T) { ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() - config, layers, manifest, err := GetImageComponents(100) + config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) createdTime := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC) @@ -4059,7 +4064,7 @@ func TestGlobalSearchPagination(t *testing.T) { defer ctlrManager.StopServer() for i := 0; i < 3; i++ { - config, layers, manifest, err := GetImageComponents(10) + config, layers, manifest, err := deprecated.GetImageComponents(10) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage( @@ -4259,7 +4264,7 @@ func TestMetaDBWhenSigningImages(t *testing.T) { // push test images to repo 1 image 1 createdTime := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC) - image1, err := GetImageWithConfig(ispec.Image{ + image1, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck History: []ispec.History{ { Created: &createdTime, @@ -4291,7 +4296,7 @@ func TestMetaDBWhenSigningImages(t *testing.T) { manifestDigest := godigest.FromBytes(manifestBlob) - multiArch, err := GetRandomMultiarchImage("index") + multiArch, err := deprecated.GetRandomMultiarchImage("index") //nolint:staticcheck So(err, ShouldBeNil) err = UploadMultiarchImage(multiArch, baseURL, "repo1", "index") @@ -4331,7 +4336,7 @@ func TestMetaDBWhenSigningImages(t *testing.T) { ` Convey("Sign with cosign", func() { - err = SignImageUsingCosign("repo1:1.0.1", port) + err = signature.SignImageUsingCosign("repo1:1.0.1", port) So(err, ShouldBeNil) resp, err := resty.R().Get(baseURL + graphqlQueryPrefix + "?query=" + url.QueryEscape(queryImage1)) @@ -4411,13 +4416,13 @@ func TestMetaDBWhenSigningImages(t *testing.T) { }, } - err := SignImageUsingCosign("repo1:1.0.1", port) + err := signature.SignImageUsingCosign("repo1:1.0.1", port) So(err, ShouldNotBeNil) }) }) Convey("Sign with notation", func() { - err = SignImageUsingNotary("repo1:1.0.1", port) + err = signature.SignImageUsingNotary("repo1:1.0.1", port) So(err, ShouldBeNil) resp, err := resty.R().Get(baseURL + graphqlQueryPrefix + "?query=" + url.QueryEscape(queryImage1)) @@ -4434,7 +4439,7 @@ func TestMetaDBWhenSigningImages(t *testing.T) { }) Convey("Sign with notation index", func() { - err = SignImageUsingNotary("repo1:index", port) + err = signature.SignImageUsingNotary("repo1:index", port) So(err, ShouldBeNil) resp, err := resty.R().Get(baseURL + graphqlQueryPrefix + "?query=" + url.QueryEscape(queryIndex)) @@ -4451,7 +4456,7 @@ func TestMetaDBWhenSigningImages(t *testing.T) { }) Convey("Sign with cosign index", func() { - err = SignImageUsingCosign("repo1:index", port) + err = signature.SignImageUsingCosign("repo1:index", port) So(err, ShouldBeNil) resp, err := resty.R().Get(baseURL + graphqlQueryPrefix + "?query=" + url.QueryEscape(queryIndex)) @@ -4496,7 +4501,7 @@ func TestMetaDBWhenPushingImages(t *testing.T) { return ErrTestError }, } - config1, layers1, manifest1, err := GetImageComponents(100) + config1, layers1, manifest1, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) configBlob, err := json.Marshal(config1) @@ -4530,7 +4535,7 @@ func TestMetaDBWhenPushingImages(t *testing.T) { }, } - config1, layers1, manifest1, err := GetImageComponents(100) + config1, layers1, manifest1, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) configBlob, err := json.Marshal(config1) @@ -4585,7 +4590,7 @@ func RunMetaDBIndexTests(baseURL, port string) { Convey("Push test index", func() { const repo = "repo" - multiarchImage, err := GetRandomMultiarchImage("tag1") + multiarchImage, err := deprecated.GetRandomMultiarchImage("tag1") //nolint:staticcheck So(err, ShouldBeNil) indexBlob, err := json.Marshal(multiarchImage.Index) @@ -4629,7 +4634,7 @@ func RunMetaDBIndexTests(baseURL, port string) { responseImage := responseImages[0] So(len(responseImage.Manifests), ShouldEqual, 3) - err = SignImageUsingCosign(fmt.Sprintf("repo@%s", indexDigest), port) + err = signature.SignImageUsingCosign(fmt.Sprintf("repo@%s", indexDigest), port) So(err, ShouldBeNil) resp, err = resty.R().Get(baseURL + graphqlQueryPrefix + "?query=" + url.QueryEscape(query)) @@ -4671,7 +4676,7 @@ func RunMetaDBIndexTests(baseURL, port string) { }) Convey("Index base images", func() { // ---------------- BASE IMAGE ------------------- - imageAMD64, err := GetImageWithComponents( + imageAMD64, err := deprecated.GetImageWithComponents( //nolint:staticcheck ispec.Image{ Platform: ispec.Platform{ OS: "linux", @@ -4684,7 +4689,7 @@ func RunMetaDBIndexTests(baseURL, port string) { }) So(err, ShouldBeNil) - imageSomeArch, err := GetImageWithComponents( + imageSomeArch, err := deprecated.GetImageWithComponents( //nolint:staticcheck ispec.Image{ Platform: ispec.Platform{ OS: "linux", @@ -4696,7 +4701,7 @@ func RunMetaDBIndexTests(baseURL, port string) { }) So(err, ShouldBeNil) - multiImage := GetMultiarchImageForImages([]Image{ + multiImage := deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck imageAMD64, imageSomeArch, }) @@ -4705,7 +4710,7 @@ func RunMetaDBIndexTests(baseURL, port string) { // ---------------- BASE IMAGE ------------------- // ---------------- SAME LAYERS ------------------- - image1, err := GetImageWithComponents( + image1, err := deprecated.GetImageWithComponents( //nolint:staticcheck imageSomeArch.Config, [][]byte{ {0, 0, 2}, @@ -4713,20 +4718,20 @@ func RunMetaDBIndexTests(baseURL, port string) { ) So(err, ShouldBeNil) - image2, err := GetImageWithComponents( + image2, err := deprecated.GetImageWithComponents( //nolint:staticcheck imageAMD64.Config, imageAMD64.Layers, ) So(err, ShouldBeNil) - multiImage = GetMultiarchImageForImages([]Image{image1, image2}) + multiImage = deprecated.GetMultiarchImageForImages([]Image{image1, image2}) //nolint:staticcheck err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-same-layers", "index-one-arch-same-layers") So(err, ShouldBeNil) // ---------------- SAME LAYERS ------------------- // ---------------- LESS LAYERS ------------------- - image1, err = GetImageWithComponents( + image1, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageSomeArch.Config, [][]byte{ {3, 2, 2}, @@ -4735,19 +4740,19 @@ func RunMetaDBIndexTests(baseURL, port string) { ) So(err, ShouldBeNil) - image2, err = GetImageWithComponents( + image2, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageAMD64.Config, [][]byte{imageAMD64.Layers[0]}, ) So(err, ShouldBeNil) - multiImage = GetMultiarchImageForImages([]Image{image1, image2}) + multiImage = deprecated.GetMultiarchImageForImages([]Image{image1, image2}) //nolint:staticcheck err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-less-layers", "index-one-arch-less-layers") So(err, ShouldBeNil) // ---------------- LESS LAYERS ------------------- // ---------------- LESS LAYERS FALSE ------------------- - image1, err = GetImageWithComponents( + image1, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageSomeArch.Config, [][]byte{ {3, 2, 2}, @@ -4758,19 +4763,19 @@ func RunMetaDBIndexTests(baseURL, port string) { auxLayer := imageAMD64.Layers[0] auxLayer[0] = 20 - image2, err = GetImageWithComponents( + image2, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageAMD64.Config, [][]byte{auxLayer}, ) So(err, ShouldBeNil) - multiImage = GetMultiarchImageForImages([]Image{image1, image2}) + multiImage = deprecated.GetMultiarchImageForImages([]Image{image1, image2}) //nolint:staticcheck err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-less-layers-false", "index-one-arch-less-layers-false") So(err, ShouldBeNil) // ---------------- LESS LAYERS FALSE ------------------- // ---------------- MORE LAYERS ------------------- - image1, err = GetImageWithComponents( + image1, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageSomeArch.Config, [][]byte{ {0, 0, 2}, @@ -4779,12 +4784,12 @@ func RunMetaDBIndexTests(baseURL, port string) { ) So(err, ShouldBeNil) - image2, err = GetImageWithComponents( + image2, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageAMD64.Config, append(imageAMD64.Layers, []byte{1, 3, 55}), ) So(err, ShouldBeNil) - multiImage = GetMultiarchImageForImages([]Image{image1, image2}) + multiImage = deprecated.GetMultiarchImageForImages([]Image{image1, image2}) //nolint:staticcheck err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-more-layers", "index-one-arch-more-layers") So(err, ShouldBeNil) @@ -4820,7 +4825,7 @@ func RunMetaDBIndexTests(baseURL, port string) { Convey("Index base images for digest", func() { // ---------------- BASE IMAGE ------------------- - imageAMD64, err := GetImageWithComponents( + imageAMD64, err := deprecated.GetImageWithComponents( //nolint:staticcheck ispec.Image{ Platform: ispec.Platform{ OS: "linux", @@ -4835,7 +4840,7 @@ func RunMetaDBIndexTests(baseURL, port string) { baseLinuxAMD64Digest := imageAMD64.Digest() - imageSomeArch, err := GetImageWithComponents( + imageSomeArch, err := deprecated.GetImageWithComponents( //nolint:staticcheck ispec.Image{ Platform: ispec.Platform{ OS: "linux", @@ -4849,12 +4854,13 @@ func RunMetaDBIndexTests(baseURL, port string) { baseLinuxSomeArchDigest := imageSomeArch.Digest() - multiImage := GetMultiarchImageForImages([]Image{imageAMD64, imageSomeArch}) + multiImage := deprecated.GetMultiarchImageForImages([]Image{imageAMD64, //nolint:staticcheck + imageSomeArch}) err = UploadMultiarchImage(multiImage, baseURL, "test-repo", "index") So(err, ShouldBeNil) // ---------------- BASE IMAGE FOR LINUX AMD64 ------------------- - image, err := GetImageWithComponents( + image, err := deprecated.GetImageWithComponents( //nolint:staticcheck imageAMD64.Config, [][]byte{imageAMD64.Layers[0]}, ) @@ -4865,7 +4871,7 @@ func RunMetaDBIndexTests(baseURL, port string) { // ---------------- BASE IMAGE FOR LINUX SOMEARCH ------------------- - image, err = GetImageWithComponents( + image, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageAMD64.Config, [][]byte{imageSomeArch.Layers[0]}, ) @@ -4918,7 +4924,7 @@ func RunMetaDBIndexTests(baseURL, port string) { Convey("Index derived images", func() { // ---------------- BASE IMAGE ------------------- - imageAMD64, err := GetImageWithComponents( + imageAMD64, err := deprecated.GetImageWithComponents( //nolint:staticcheck ispec.Image{ Platform: ispec.Platform{ OS: "linux", @@ -4931,7 +4937,7 @@ func RunMetaDBIndexTests(baseURL, port string) { }) So(err, ShouldBeNil) - imageSomeArch, err := GetImageWithComponents( + imageSomeArch, err := deprecated.GetImageWithComponents( //nolint:staticcheck ispec.Image{ Platform: ispec.Platform{ OS: "linux", @@ -4943,7 +4949,7 @@ func RunMetaDBIndexTests(baseURL, port string) { }) So(err, ShouldBeNil) - multiImage := GetMultiarchImageForImages([]Image{ + multiImage := deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck imageAMD64, imageSomeArch, }) err = UploadMultiarchImage(multiImage, baseURL, "test-repo", "latest") @@ -4951,7 +4957,7 @@ func RunMetaDBIndexTests(baseURL, port string) { // ---------------- BASE IMAGE ------------------- // ---------------- SAME LAYERS ------------------- - image1, err := GetImageWithComponents( + image1, err := deprecated.GetImageWithComponents( //nolint:staticcheck imageSomeArch.Config, [][]byte{ {0, 0, 2}, @@ -4959,13 +4965,13 @@ func RunMetaDBIndexTests(baseURL, port string) { ) So(err, ShouldBeNil) - image2, err := GetImageWithComponents( + image2, err := deprecated.GetImageWithComponents( //nolint:staticcheck imageAMD64.Config, imageAMD64.Layers, ) So(err, ShouldBeNil) - multiImage = GetMultiarchImageForImages([]Image{ + multiImage = deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck image1, image2, }) err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-same-layers", "index-one-arch-same-layers") @@ -4973,7 +4979,7 @@ func RunMetaDBIndexTests(baseURL, port string) { // ---------------- SAME LAYERS ------------------- // ---------------- LESS LAYERS ------------------- - image1, err = GetImageWithComponents( + image1, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageSomeArch.Config, [][]byte{ {3, 2, 2}, @@ -4982,12 +4988,12 @@ func RunMetaDBIndexTests(baseURL, port string) { ) So(err, ShouldBeNil) - image2, err = GetImageWithComponents( + image2, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageAMD64.Config, [][]byte{imageAMD64.Layers[0]}, ) So(err, ShouldBeNil) - multiImage = GetMultiarchImageForImages([]Image{ + multiImage = deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck image1, image2, }) err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-less-layers", "index-one-arch-less-layers") @@ -4995,7 +5001,7 @@ func RunMetaDBIndexTests(baseURL, port string) { // ---------------- LESS LAYERS ------------------- // ---------------- LESS LAYERS FALSE ------------------- - image1, err = GetImageWithComponents( + image1, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageSomeArch.Config, [][]byte{ {3, 2, 2}, @@ -5004,12 +5010,12 @@ func RunMetaDBIndexTests(baseURL, port string) { ) So(err, ShouldBeNil) - image2, err = GetImageWithComponents( + image2, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageAMD64.Config, [][]byte{{99, 100, 102}}, ) So(err, ShouldBeNil) - multiImage = GetMultiarchImageForImages([]Image{ + multiImage = deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck image1, image2, }) err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-less-layers-false", @@ -5018,7 +5024,7 @@ func RunMetaDBIndexTests(baseURL, port string) { // ---------------- LESS LAYERS FALSE ------------------- // ---------------- MORE LAYERS ------------------- - image1, err = GetImageWithComponents( + image1, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageSomeArch.Config, [][]byte{ {0, 0, 2}, @@ -5027,7 +5033,7 @@ func RunMetaDBIndexTests(baseURL, port string) { ) So(err, ShouldBeNil) - image2, err = GetImageWithComponents( + image2, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageAMD64.Config, [][]byte{ imageAMD64.Layers[0], @@ -5037,7 +5043,7 @@ func RunMetaDBIndexTests(baseURL, port string) { ) So(err, ShouldBeNil) - multiImage = GetMultiarchImageForImages([]Image{ + multiImage = deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck image1, image2, }) err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-more-layers", "index-one-arch-more-layers") @@ -5074,7 +5080,7 @@ func RunMetaDBIndexTests(baseURL, port string) { Convey("Index derived images for digest", func() { // ---------------- BASE IMAGE ------------------- - imageAMD64, err := GetImageWithComponents( + imageAMD64, err := deprecated.GetImageWithComponents( //nolint:staticcheck ispec.Image{ Platform: ispec.Platform{ OS: "linux", @@ -5089,7 +5095,7 @@ func RunMetaDBIndexTests(baseURL, port string) { baseLinuxAMD64Digest := imageAMD64.Digest() - imageSomeArch, err := GetImageWithComponents( + imageSomeArch, err := deprecated.GetImageWithComponents( //nolint:staticcheck ispec.Image{ Platform: ispec.Platform{ OS: "linux", @@ -5103,14 +5109,14 @@ func RunMetaDBIndexTests(baseURL, port string) { baseLinuxSomeArchDigest := imageSomeArch.Digest() - multiImage := GetMultiarchImageForImages([]Image{ + multiImage := deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck imageAMD64, imageSomeArch, }) err = UploadMultiarchImage(multiImage, baseURL, "test-repo", "index") So(err, ShouldBeNil) // ---------------- BASE IMAGE FOR LINUX AMD64 ------------------- - image, err := GetImageWithComponents( + image, err := deprecated.GetImageWithComponents( //nolint:staticcheck imageAMD64.Config, [][]byte{ imageAMD64.Layers[0], @@ -5126,7 +5132,7 @@ func RunMetaDBIndexTests(baseURL, port string) { // ---------------- BASE IMAGE FOR LINUX SOMEARCH ------------------- - image, err = GetImageWithComponents( + image, err = deprecated.GetImageWithComponents( //nolint:staticcheck imageAMD64.Config, [][]byte{ imageSomeArch.Layers[0], @@ -5203,7 +5209,7 @@ func TestMetaDBWhenReadingImages(t *testing.T) { ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() - config1, layers1, manifest1, err := GetImageComponents(100) + config1, layers1, manifest1, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage( @@ -5289,7 +5295,7 @@ func TestMetaDBWhenDeletingImages(t *testing.T) { defer ctlrManager.StopServer() // push test images to repo 1 image 1 - image1, err := GetRandomImage() + image1, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage(image1, baseURL, "repo1", "1.0.1") @@ -5297,7 +5303,7 @@ func TestMetaDBWhenDeletingImages(t *testing.T) { // push test images to repo 1 image 2 createdTime2 := time.Date(2009, 1, 1, 12, 0, 0, 0, time.UTC) - image2, err := GetImageWithConfig(ispec.Image{ + image2, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck Created: &createdTime2, History: []ispec.History{ { @@ -5357,7 +5363,7 @@ func TestMetaDBWhenDeletingImages(t *testing.T) { Convey("Delete a cosign signature", func() { repo := "repo1" - err := SignImageUsingCosign("repo1:1.0.1", port) + err := signature.SignImageUsingCosign("repo1:1.0.1", port) So(err, ShouldBeNil) query := ` @@ -5432,7 +5438,7 @@ func TestMetaDBWhenDeletingImages(t *testing.T) { Convey("Delete a notary signature", func() { repo := "repo1" - err := SignImageUsingNotary("repo1:1.0.1", port) + err := signature.SignImageUsingNotary("repo1:1.0.1", port) So(err, ShouldBeNil) query := ` @@ -5526,7 +5532,8 @@ func TestMetaDBWhenDeletingImages(t *testing.T) { Convey("Delete a referrer", func() { referredImageDigest := image1.Digest() - referrerImage, err := GetImageWithSubject(referredImageDigest, ispec.MediaTypeImageManifest) + referrerImage, err := deprecated.GetImageWithSubject(referredImageDigest, //nolint:staticcheck + ispec.MediaTypeImageManifest) So(err, ShouldBeNil) err = UploadImage(referrerImage, baseURL, "repo1", referrerImage.DigestStr()) @@ -5724,7 +5731,7 @@ func TestSearchSize(t *testing.T) { defer ctlrManager.StopServer() repoName := "testrepo" - config, layers, manifest, err := GetImageComponents(10000) + config, layers, manifest, err := deprecated.GetImageComponents(10000) //nolint:staticcheck So(err, ShouldBeNil) configBlob, err := json.Marshal(config) @@ -5986,7 +5993,7 @@ func TestImageSummary(t *testing.T) { createdTime := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC) - image, err := GetImageWithConfig( + image, err := deprecated.GetImageWithConfig( //nolint:staticcheck ispec.Image{ History: []ispec.History{{Created: &createdTime}}, Platform: ispec.Platform{ @@ -6002,7 +6009,7 @@ func TestImageSummary(t *testing.T) { So(err, ShouldBeNil) // ------ Add a referrer - referrerImage, err := GetImageWithConfig(ispec.Image{}) + referrerImage, err := deprecated.GetImageWithConfig(ispec.Image{}) //nolint:staticcheck So(err, ShouldBeNil) referrerImage.Manifest.Subject = &ispec.Descriptor{ @@ -6179,7 +6186,7 @@ func TestImageSummary(t *testing.T) { }` gqlEndpoint := fmt.Sprintf("%s%s?query=", baseURL, graphqlQueryPrefix) - config, layers, manifest, err := GetImageComponents(100) + config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) createdTime := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC) config.History = append(config.History, ispec.History{Created: &createdTime}) @@ -6309,7 +6316,7 @@ func TestImageSummary(t *testing.T) { artType1 := "application/test.signature.v1" artType2 := "application/test.signature.v2" - img1, err := GetRandomImage() + img1, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) img1.Manifest.Config = ispec.DescriptorEmptyJSON img1.Manifest.ArtifactType = artType1 @@ -6318,7 +6325,7 @@ func TestImageSummary(t *testing.T) { err = UploadImage(img1, baseURL, "repo", "art1") So(err, ShouldBeNil) - img2, err := GetRandomImage() + img2, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) img2.Manifest.Config.MediaType = artType2 digest2 := img2.Digest() diff --git a/pkg/extensions/search/userprefs_test.go b/pkg/extensions/search/userprefs_test.go index 06adcb0af..7d0fda85c 100644 --- a/pkg/extensions/search/userprefs_test.go +++ b/pkg/extensions/search/userprefs_test.go @@ -23,7 +23,8 @@ import ( "zotregistry.io/zot/pkg/log" "zotregistry.io/zot/pkg/storage" "zotregistry.io/zot/pkg/storage/local" - . "zotregistry.io/zot/pkg/test" + . "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" ) @@ -97,7 +98,7 @@ func TestUserData(t *testing.T) { ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() - config, layers, manifest, err := GetImageComponents(100) + config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) err = UploadImageWithBasicAuth( @@ -538,7 +539,7 @@ func TestChangingRepoState(t *testing.T) { ctlr := api.NewController(conf) - img, err := GetRandomImage() + img, err := deprecated.GetRandomImage() //nolint:staticcheck if err != nil { t.FailNow() } @@ -672,14 +673,14 @@ func TestGlobalSearchWithUserPrefFiltering(t *testing.T) { // ------ Add simple repo repo := "repo" - img, err := GetRandomImage() + img, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) err = UploadImageWithBasicAuth(img, baseURL, repo, "tag", simpleUser, simpleUserPassword) So(err, ShouldBeNil) // ------ Add repo and star it sRepo := "starred-repo" - img, err = GetRandomImage() + img, err = deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) err = UploadImageWithBasicAuth(img, baseURL, sRepo, "tag", simpleUser, simpleUserPassword) So(err, ShouldBeNil) @@ -690,7 +691,7 @@ func TestGlobalSearchWithUserPrefFiltering(t *testing.T) { // ------ Add repo and bookmark it bRepo := "bookmarked-repo" - img, err = GetRandomImage() + img, err = deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) err = UploadImageWithBasicAuth(img, baseURL, bRepo, "tag", simpleUser, simpleUserPassword) So(err, ShouldBeNil) @@ -701,7 +702,7 @@ func TestGlobalSearchWithUserPrefFiltering(t *testing.T) { // ------ Add repo, star and bookmark it sbRepo := "starred-bookmarked-repo" - img, err = GetRandomImage() + img, err = deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) err = UploadImageWithBasicAuth(img, baseURL, sbRepo, "tag", simpleUser, simpleUserPassword) So(err, ShouldBeNil) @@ -868,7 +869,7 @@ func TestExpandedRepoInfoWithUserPrefs(t *testing.T) { // ------ Add sbrepo and star/bookmark it sbrepo := "sbrepo" - img, err := GetRandomImage() + img, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) err = UploadImageWithBasicAuth(img, baseURL, sbrepo, "tag", simpleUser, simpleUserPassword) So(err, ShouldBeNil) @@ -908,7 +909,7 @@ func TestExpandedRepoInfoWithUserPrefs(t *testing.T) { // ------ Add srepo and star it srepo := "srepo" - img, err = GetRandomImage() + img, err = deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) err = UploadImageWithBasicAuth(img, baseURL, srepo, "tag", simpleUser, simpleUserPassword) So(err, ShouldBeNil) @@ -943,7 +944,7 @@ func TestExpandedRepoInfoWithUserPrefs(t *testing.T) { // ------ Add brepo and bookmark it brepo := "brepo" - img, err = GetRandomImage() + img, err = deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) err = UploadImageWithBasicAuth(img, baseURL, brepo, "tag", simpleUser, simpleUserPassword) So(err, ShouldBeNil) @@ -978,7 +979,7 @@ func TestExpandedRepoInfoWithUserPrefs(t *testing.T) { // ------ Add repo without star/bookmark repo := "repo" - img, err = GetRandomImage() + img, err = deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) err = UploadImageWithBasicAuth(img, baseURL, repo, "tag", simpleUser, simpleUserPassword) So(err, ShouldBeNil) diff --git a/pkg/extensions/sync/sync_disabled_test.go b/pkg/extensions/sync/sync_disabled_test.go index 818e02499..e50dba9e1 100644 --- a/pkg/extensions/sync/sync_disabled_test.go +++ b/pkg/extensions/sync/sync_disabled_test.go @@ -14,7 +14,7 @@ import ( "zotregistry.io/zot/pkg/api/config" extconf "zotregistry.io/zot/pkg/extensions/config" syncconf "zotregistry.io/zot/pkg/extensions/config/sync" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" ) func TestSyncExtension(t *testing.T) { diff --git a/pkg/extensions/sync/sync_internal_test.go b/pkg/extensions/sync/sync_internal_test.go index 161a4798c..9b6c2968a 100644 --- a/pkg/extensions/sync/sync_internal_test.go +++ b/pkg/extensions/sync/sync_internal_test.go @@ -31,10 +31,10 @@ import ( "zotregistry.io/zot/pkg/storage/cache" storageConstants "zotregistry.io/zot/pkg/storage/constants" "zotregistry.io/zot/pkg/storage/local" - "zotregistry.io/zot/pkg/test" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/inject" "zotregistry.io/zot/pkg/test/mocks" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" ) const ( @@ -222,7 +222,7 @@ func TestLocalRegistry(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() buf := bytes.NewBuffer(cblob) buflen := buf.Len() blob, err := imgStore.PutBlobChunkStreamed(repoName, upload, buf) @@ -394,7 +394,7 @@ func TestLocalRegistry(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() buf = bytes.NewBuffer(cblob) buflen = buf.Len() blob, err = imgStore.PutBlobChunkStreamed(repoName, upload, buf) @@ -445,9 +445,9 @@ func TestConvertDockerToOCI(t *testing.T) { Convey("test converting docker to oci functions", t, func() { dir := t.TempDir() - srcStorageCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", "")) + srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr) + err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) imageRef, err := layout.NewReference(path.Join(dir, "zot-test"), "0.0.1") diff --git a/pkg/extensions/sync/sync_test.go b/pkg/extensions/sync/sync_test.go index 58ce23a1d..d3ed4fa57 100644 --- a/pkg/extensions/sync/sync_test.go +++ b/pkg/extensions/sync/sync_test.go @@ -47,10 +47,12 @@ import ( "zotregistry.io/zot/pkg/log" mTypes "zotregistry.io/zot/pkg/meta/types" storageConstants "zotregistry.io/zot/pkg/storage/constants" - "zotregistry.io/zot/pkg/test" - testc "zotregistry.io/zot/pkg/test/common" + test "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" + "zotregistry.io/zot/pkg/test/signature" ) const ( @@ -138,14 +140,14 @@ func makeUpstreamServer( srcConfig.Storage.GC = false srcDir := t.TempDir() - srcStorageCtrl := test.GetDefaultStoreController(srcDir, log.NewLogger("debug", "")) + srcStorageCtrl := ociutils.GetDefaultStoreController(srcDir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtrl) + err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtrl) if err != nil { panic(err) } - err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtrl) + err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtrl) if err != nil { panic(err) } @@ -735,7 +737,7 @@ func TestOnDemand(t *testing.T) { cm.StartAndWait(conf.HTTP.Port) defer cm.StopServer() - imageConfig, layers, manifest, err := test.GetRandomImageComponents(10) //nolint:staticcheck + imageConfig, layers, manifest, err := deprecated.GetRandomImageComponents(10) //nolint:staticcheck So(err, ShouldBeNil) manifestBlob, err := json.Marshal(manifest) @@ -750,7 +752,7 @@ func TestOnDemand(t *testing.T) { So(err, ShouldBeNil) // sign using cosign - err = test.SignImageUsingCosign(fmt.Sprintf("remote-repo@%s", manifestDigest.String()), port) + err = signature.SignImageUsingCosign(fmt.Sprintf("remote-repo@%s", manifestDigest.String()), port) So(err, ShouldBeNil) // add cosign sbom @@ -1089,7 +1091,7 @@ func TestSyncWithNonDistributableBlob(t *testing.T) { dcm := test.NewControllerManager(dctlr) - imageConfig, layers, manifest, err := test.GetRandomImageComponents(10) //nolint:staticcheck + imageConfig, layers, manifest, err := deprecated.GetRandomImageComponents(10) //nolint:staticcheck So(err, ShouldBeNil) nonDistributableLayer := make([]byte, 10) @@ -1278,7 +1280,7 @@ func TestDockerImagesAreSkipped(t *testing.T) { // upload multiple manifests for i := 0; i < 4; i++ { - config, layers, manifest, err := test.GetImageComponents(1000 + i) //nolint:staticcheck + config, layers, manifest, err := deprecated.GetImageComponents(1000 + i) //nolint:staticcheck So(err, ShouldBeNil) manifestContent, err := json.Marshal(manifest) @@ -3113,12 +3115,12 @@ func TestSubPaths(t *testing.T) { srcDir := t.TempDir() subpath := "/subpath" - srcStorageCtlr := test.GetDefaultStoreController(path.Join(srcDir, subpath), log.NewLogger("debug", "")) + srcStorageCtlr := ociutils.GetDefaultStoreController(path.Join(srcDir, subpath), log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr) + err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) - err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr) + err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) srcConfig.Storage.RootDirectory = srcDir @@ -4108,9 +4110,9 @@ func TestSignatures(t *testing.T) { IgnoreTlog: true, } - test.LoadNotationPath(tdir) + signature.LoadNotationPath(tdir) // notation verify signed image - err = test.VerifyWithNotation(image, tdir) + err = signature.VerifyWithNotation(image, tdir) So(err, ShouldBeNil) // cosign verify signed image @@ -4143,9 +4145,9 @@ func TestSignatures(t *testing.T) { // verify sbom signature sbom := fmt.Sprintf("localhost:%s/%s@%s", destPort, repoName, sbomDigest) - test.LoadNotationPath(tdir) + signature.LoadNotationPath(tdir) // notation verify signed sbom - err = test.VerifyWithNotation(sbom, tdir) + err = signature.VerifyWithNotation(sbom, tdir) So(err, ShouldBeNil) vrfy = verify.VerifyCommand{ @@ -4511,16 +4513,16 @@ func TestSyncedSignaturesMetaDB(t *testing.T) { defer scm.StopServer() // Push an image - signedImage, err := test.GetRandomImage() //nolint:staticcheck + signedImage, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) err = UploadImage(signedImage, srcBaseURL, repoName, tag) So(err, ShouldBeNil) - err = test.SignImageUsingNotary(repoName+":"+tag, srcPort) + err = signature.SignImageUsingNotary(repoName+":"+tag, srcPort) So(err, ShouldBeNil) - err = test.SignImageUsingCosign(repoName+":"+tag, srcPort) + err = signature.SignImageUsingCosign(repoName+":"+tag, srcPort) So(err, ShouldBeNil) // Create destination registry @@ -4587,12 +4589,12 @@ func TestOnDemandRetryGoroutine(t *testing.T) { srcDir := t.TempDir() - srcStorageCtlr := test.GetDefaultStoreController(srcDir, log.NewLogger("debug", "")) + srcStorageCtlr := ociutils.GetDefaultStoreController(srcDir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr) + err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) - err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr) + err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) srcConfig.Storage.RootDirectory = srcDir @@ -4800,12 +4802,12 @@ func TestOnDemandMultipleImage(t *testing.T) { srcDir := t.TempDir() - srcStorageCtlr := test.GetDefaultStoreController(srcDir, log.NewLogger("debug", "")) + srcStorageCtlr := ociutils.GetDefaultStoreController(srcDir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr) + err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) - err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr) + err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) srcConfig.Storage.RootDirectory = srcDir @@ -5126,7 +5128,7 @@ func TestSignaturesOnDemand(t *testing.T) { // notation verify the synced image image := fmt.Sprintf("localhost:%s/%s:%s", destPort, repoName, testImageTag) - err = test.VerifyWithNotation(image, tdir) + err = signature.VerifyWithNotation(image, tdir) So(err, ShouldBeNil) // cosign verify the synced image @@ -5363,7 +5365,7 @@ func TestOnlySignaturesOnDemand(t *testing.T) { // sync signature on demand when upstream doesn't have the signature image := fmt.Sprintf("localhost:%s/%s:%s", destPort, repoName, testImageTag) - err = test.VerifyWithNotation(image, tdir) + err = signature.VerifyWithNotation(image, tdir) So(err, ShouldNotBeNil) // cosign verify the synced image @@ -5382,7 +5384,7 @@ func TestOnlySignaturesOnDemand(t *testing.T) { // now it should sync signatures on demand, even if we already have the image image = fmt.Sprintf("localhost:%s/%s:%s", destPort, repoName, testImageTag) - err = test.VerifyWithNotation(image, tdir) + err = signature.VerifyWithNotation(image, tdir) So(err, ShouldBeNil) // cosign verify the synced image @@ -5448,12 +5450,12 @@ func TestSyncOnlyDiff(t *testing.T) { destDir := t.TempDir() // copy images so we have them before syncing, sync should not pull them again - destStorageCtrl := test.GetDefaultStoreController(destDir, log.NewLogger("debug", "")) + destStorageCtrl := ociutils.GetDefaultStoreController(destDir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", destStorageCtrl) + err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", destStorageCtrl) So(err, ShouldBeNil) - err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", destStorageCtrl) + err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", destStorageCtrl) So(err, ShouldBeNil) destConfig.Storage.RootDirectory = destDir @@ -5534,12 +5536,12 @@ func TestSyncWithDiffDigest(t *testing.T) { destDir := t.TempDir() // copy images so we have them before syncing, sync should not pull them again - srcStorageCtlr := test.GetDefaultStoreController(destDir, log.NewLogger("debug", "")) + srcStorageCtlr := ociutils.GetDefaultStoreController(destDir, log.NewLogger("debug", "")) - err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr) + err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) - err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr) + err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr) So(err, ShouldBeNil) destConfig.Storage.RootDirectory = destDir @@ -5735,7 +5737,7 @@ func TestSyncSignaturesDiff(t *testing.T) { // notation verify the image image := fmt.Sprintf("localhost:%s/%s:%s", destPort, repoName, testImageTag) - err = test.VerifyWithNotation(image, tdir) + err = signature.VerifyWithNotation(image, tdir) So(err, ShouldBeNil) // cosign verify the image @@ -5761,7 +5763,7 @@ func TestSyncSignaturesDiff(t *testing.T) { // notation verify the image image = fmt.Sprintf("localhost:%s/%s:%s", destPort, repoName, testImageTag) - err = test.VerifyWithNotation(image, tdir) + err = signature.VerifyWithNotation(image, tdir) So(err, ShouldBeNil) // cosign verify the image @@ -6091,7 +6093,7 @@ func TestSyncWithDestination(t *testing.T) { // notation verify the synced image image := fmt.Sprintf("localhost:%s/%s:%s", destPort, testCase.expected, testImageTag) - err = test.VerifyWithNotation(image, tdir) + err = signature.VerifyWithNotation(image, tdir) So(err, ShouldBeNil) // cosign verify the synced image @@ -6141,7 +6143,7 @@ func TestSyncWithDestination(t *testing.T) { // notation verify the synced image image := fmt.Sprintf("localhost:%s/%s:%s", destPort, testCase.expected, testImageTag) - err = test.VerifyWithNotation(image, tdir) + err = signature.VerifyWithNotation(image, tdir) So(err, ShouldBeNil) // cosign verify the synced image @@ -6202,7 +6204,7 @@ func TestSyncImageIndex(t *testing.T) { // upload multiple manifests for i := 0; i < 4; i++ { - config, layers, manifest, err := test.GetImageComponents(1000 + i) //nolint:staticcheck + config, layers, manifest, err := deprecated.GetImageComponents(1000 + i) //nolint:staticcheck So(err, ShouldBeNil) manifestContent, err := json.Marshal(manifest) @@ -6306,12 +6308,12 @@ func generateKeyPairs(tdir string) { } } - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(tdir) + signature.LoadNotationPath(tdir) - err := test.GenerateNotationCerts(tdir, "good") + err := signature.GenerateNotationCerts(tdir, "good") if err != nil { panic(err) } @@ -6360,20 +6362,20 @@ func signImage(tdir, port, repoName string, digest godigest.Digest) { panic(err) } - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(tdir) + signature.LoadNotationPath(tdir) // sign the image image := fmt.Sprintf("localhost:%s/%s@%s", port, repoName, digest.String()) - err = test.SignWithNotation("good", image, tdir) + err = signature.SignWithNotation("good", image, tdir) if err != nil { panic(err) } - err = test.VerifyWithNotation(image, tdir) + err = signature.VerifyWithNotation(image, tdir) if err != nil { panic(err) } @@ -6386,7 +6388,7 @@ func pushRepo(url, repoName string) godigest.Digest { panic(err) } - loc := testc.Location(url, resp) + loc := test.Location(url, resp) _, err = resty.R().Get(loc) if err != nil { @@ -6413,7 +6415,7 @@ func pushRepo(url, repoName string) godigest.Digest { panic(fmt.Errorf("invalid status code: %d %w", resp.StatusCode(), errBadStatus)) } - loc = testc.Location(url, resp) + loc = test.Location(url, resp) cblob, cdigest := ispec.DescriptorEmptyJSON.Data, ispec.DescriptorEmptyJSON.Digest resp, err = resty.R(). @@ -6442,8 +6444,8 @@ func pushRepo(url, repoName string) godigest.Digest { panic(fmt.Errorf("invalid status code: %d %w", resp.StatusCode(), errBadStatus)) } - loc = testc.Location(url, resp) - cblob, cdigest = test.GetRandomImageConfig() + loc = test.Location(url, resp) + cblob, cdigest = GetRandomImageConfig() resp, err = resty.R(). SetContentLength(true). @@ -6610,7 +6612,7 @@ func pushBlob(url string, repoName string, buf []byte) godigest.Digest { panic(fmt.Errorf("invalid status code: %d %w", resp.StatusCode(), errBadStatus)) } - loc := testc.Location(url, resp) + loc := test.Location(url, resp) digest := godigest.FromBytes(buf) resp, err = resty.R(). diff --git a/pkg/log/log_test.go b/pkg/log/log_test.go index 82e711116..6a9fa0e32 100644 --- a/pkg/log/log_test.go +++ b/pkg/log/log_test.go @@ -24,8 +24,7 @@ import ( "zotregistry.io/zot/pkg/api/config" "zotregistry.io/zot/pkg/api/constants" "zotregistry.io/zot/pkg/log" - . "zotregistry.io/zot/pkg/test" - testc "zotregistry.io/zot/pkg/test/common" + . "zotregistry.io/zot/pkg/test/common" ) const ( @@ -128,7 +127,7 @@ func TestAuditLogMessages(t *testing.T) { resp, err := resty.R().SetBasicAuth(username, passphrase).Post(baseURL + path) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := Location(baseURL, resp) So(loc, ShouldNotBeEmpty) location := resp.Header().Get("Location") So(location, ShouldNotBeEmpty) @@ -164,7 +163,7 @@ func TestAuditLogMessages(t *testing.T) { SetHeader("Content-Type", "application/octet-stream").SetBody(content).Put(loc) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusCreated) - blobLoc := testc.Location(baseURL, resp) + blobLoc := Location(baseURL, resp) So(blobLoc, ShouldNotBeEmpty) So(resp.Header().Get(constants.DistContentDigestKey), ShouldNotBeEmpty) @@ -224,7 +223,7 @@ func TestAuditLogMessages(t *testing.T) { resp, err := resty.R().SetBasicAuth(username, passphrase).Post(baseURL + path) So(err, ShouldBeNil) So(resp.StatusCode(), ShouldEqual, http.StatusAccepted) - loc := testc.Location(baseURL, resp) + loc := Location(baseURL, resp) So(loc, ShouldNotBeEmpty) location := resp.Header().Get("Location") So(location, ShouldNotBeEmpty) diff --git a/pkg/meta/boltdb/boltdb_test.go b/pkg/meta/boltdb/boltdb_test.go index c624d95af..4729e5a89 100644 --- a/pkg/meta/boltdb/boltdb_test.go +++ b/pkg/meta/boltdb/boltdb_test.go @@ -20,7 +20,7 @@ import ( "zotregistry.io/zot/pkg/meta/boltdb" mTypes "zotregistry.io/zot/pkg/meta/types" reqCtx "zotregistry.io/zot/pkg/requestcontext" - "zotregistry.io/zot/pkg/test" + . "zotregistry.io/zot/pkg/test/image-utils" ) type imgTrustStore struct{} @@ -815,7 +815,7 @@ func TestWrapperErrors(t *testing.T) { err := boltdbWrapper.SetRepoReference("repo", "tag1", indexDigest, ispec.MediaTypeImageIndex) //nolint:contextcheck So(err, ShouldBeNil) - indexBlob, err := test.GetIndexBlobWithManifests([]digest.Digest{ + indexBlob, err := GetIndexBlobWithManifests([]digest.Digest{ manifestDigestFromIndex1, manifestDigestFromIndex2, }) So(err, ShouldBeNil) diff --git a/pkg/meta/dynamodb/dynamodb_test.go b/pkg/meta/dynamodb/dynamodb_test.go index 2fc39867f..716dc0394 100644 --- a/pkg/meta/dynamodb/dynamodb_test.go +++ b/pkg/meta/dynamodb/dynamodb_test.go @@ -22,7 +22,7 @@ import ( mdynamodb "zotregistry.io/zot/pkg/meta/dynamodb" mTypes "zotregistry.io/zot/pkg/meta/types" reqCtx "zotregistry.io/zot/pkg/requestcontext" - "zotregistry.io/zot/pkg/test" + . "zotregistry.io/zot/pkg/test/image-utils" ) const badTablename = "bad tablename" @@ -1050,7 +1050,7 @@ func TestWrapperErrors(t *testing.T) { err := dynamoWrapper.SetRepoReference("repo", "tag1", indexDigest, ispec.MediaTypeImageIndex) //nolint:contextcheck So(err, ShouldBeNil) - indexBlob, err := test.GetIndexBlobWithManifests([]digest.Digest{ + indexBlob, err := GetIndexBlobWithManifests([]digest.Digest{ manifestDigestFromIndex1, manifestDigestFromIndex2, }) So(err, ShouldBeNil) diff --git a/pkg/meta/hooks_test.go b/pkg/meta/hooks_test.go index f80a81660..0530f3e49 100644 --- a/pkg/meta/hooks_test.go +++ b/pkg/meta/hooks_test.go @@ -18,7 +18,7 @@ import ( mTypes "zotregistry.io/zot/pkg/meta/types" "zotregistry.io/zot/pkg/storage" "zotregistry.io/zot/pkg/storage/local" - "zotregistry.io/zot/pkg/test" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" ) @@ -42,10 +42,10 @@ func TestOnUpdateManifest(t *testing.T) { metaDB, err := boltdb.New(boltDriver, log) So(err, ShouldBeNil) - config, layers, manifest, err := test.GetRandomImageComponents(100) //nolint:staticcheck + config, layers, manifest, err := deprecated.GetRandomImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) - err = test.WriteImageToFileSystem( + err = WriteImageToFileSystem( Image{ Config: config, Manifest: manifest, Layers: layers, }, "repo", "tag1", storeController) diff --git a/pkg/meta/meta_test.go b/pkg/meta/meta_test.go index ec8800398..8697ff3c8 100644 --- a/pkg/meta/meta_test.go +++ b/pkg/meta/meta_test.go @@ -31,7 +31,10 @@ import ( mdynamodb "zotregistry.io/zot/pkg/meta/dynamodb" mTypes "zotregistry.io/zot/pkg/meta/types" reqCtx "zotregistry.io/zot/pkg/requestcontext" - "zotregistry.io/zot/pkg/test" + test "zotregistry.io/zot/pkg/test/common" + "zotregistry.io/zot/pkg/test/deprecated" + . "zotregistry.io/zot/pkg/test/image-utils" + signature "zotregistry.io/zot/pkg/test/signature" ) const ( @@ -1376,7 +1379,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func ShouldBeZeroValue) }) Convey("trusted signature", func() { - _, _, manifest, _ := test.GetRandomImageComponents(10) //nolint:staticcheck + _, _, manifest, _ := deprecated.GetRandomImageComponents(10) //nolint:staticcheck manifestContent, _ := json.Marshal(manifest) manifestDigest := godigest.FromBytes(manifestContent) repo := "repo" @@ -1405,19 +1408,19 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func keyName := fmt.Sprintf("notation-sign-test-%s", uuid) - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() - test.LoadNotationPath(tdir) + signature.LoadNotationPath(tdir) - err = test.GenerateNotationCerts(tdir, keyName) + err = signature.GenerateNotationCerts(tdir, keyName) So(err, ShouldBeNil) // getSigner var newSigner notation.Signer // ResolveKey - signingKeys, err := test.LoadNotationSigningkeys(tdir) + signingKeys, err := signature.LoadNotationSigningkeys(tdir) So(err, ShouldBeNil) idx := test.Index(signingKeys.Keys, keyName) @@ -1987,7 +1990,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func }) So(err, ShouldBeNil) - indexBlob, err := test.GetIndexBlobWithManifests( + indexBlob, err := GetIndexBlobWithManifests( []godigest.Digest{ manifestDigest1, manifestDigest2, @@ -2119,7 +2122,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func err = metaDB.SetRepoReference(repo1, "2.0.0", indexDigest, ispec.MediaTypeImageIndex) So(err, ShouldBeNil) - indexBlob, err := test.GetIndexBlobWithManifests([]godigest.Digest{ + indexBlob, err := GetIndexBlobWithManifests([]godigest.Digest{ manifestFromIndexDigest1, manifestFromIndexDigest2, }) @@ -2248,7 +2251,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func }) Convey("Test index logic", func() { - multiArch, err := test.GetRandomMultiarchImage("tag1") //nolint:staticcheck + multiArch, err := deprecated.GetRandomMultiarchImage("tag1") //nolint:staticcheck So(err, ShouldBeNil) indexDigest := multiArch.Digest() @@ -2267,7 +2270,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func }) Convey("Test Referrers", func() { - image, err := test.GetRandomImage() //nolint:staticcheck + image, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) referredDigest := image.Digest() @@ -2291,7 +2294,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func // ------- Add Artifact 1 - artifact1, err := test.GetImageWithSubject( //nolint:staticcheck + artifact1, err := deprecated.GetImageWithSubject( //nolint:staticcheck referredDigest, ispec.MediaTypeImageManifest, ) @@ -2307,7 +2310,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func // ------- Add Artifact 2 - artifact2, err := test.GetImageWithSubject( //nolint:staticcheck + artifact2, err := deprecated.GetImageWithSubject( //nolint:staticcheck referredDigest, ispec.MediaTypeImageManifest, ) @@ -2430,7 +2433,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func }) Convey("FilterRepos", func() { - img, err := test.GetRandomImage() //nolint:staticcheck + img, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) imgDigest := img.Digest() @@ -2440,7 +2443,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func err = metaDB.SetManifestData(imgDigest, manifestData) So(err, ShouldBeNil) - multiarch, err := test.GetRandomMultiarchImage("multi") //nolint:staticcheck + multiarch, err := deprecated.GetRandomMultiarchImage("multi") //nolint:staticcheck So(err, ShouldBeNil) multiarchDigest := multiarch.Digest() diff --git a/pkg/meta/parse_test.go b/pkg/meta/parse_test.go index a75976f55..fcccea0bf 100644 --- a/pkg/meta/parse_test.go +++ b/pkg/meta/parse_test.go @@ -24,9 +24,10 @@ import ( "zotregistry.io/zot/pkg/storage" "zotregistry.io/zot/pkg/storage/local" storageTypes "zotregistry.io/zot/pkg/storage/types" - "zotregistry.io/zot/pkg/test" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" + "zotregistry.io/zot/pkg/test/signature" ) const repo = "repo" @@ -309,9 +310,9 @@ func TestParseStorageErrors(t *testing.T) { err = meta.ParseRepo("repo", metaDB, storeController, log) So(err, ShouldNotBeNil) - _, _, cosignManifestContent, _ := test.GetRandomImageComponents(10) //nolint:staticcheck - _, _, signedManifest, _ := test.GetRandomImageComponents(10) //nolint:staticcheck - signatureTag, err := test.GetCosignSignatureTagForManifest(signedManifest) + _, _, cosignManifestContent, _ := deprecated.GetRandomImageComponents(10) //nolint:staticcheck + _, _, signedManifest, _ := deprecated.GetRandomImageComponents(10) //nolint:staticcheck + signatureTag, err := signature.GetCosignSignatureTagForManifest(signedManifest) So(err, ShouldBeNil) cosignManifestContent.Annotations = map[string]string{ispec.AnnotationRefName: signatureTag} @@ -406,12 +407,12 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB) { storeController := storage.StoreController{DefaultStore: imageStore} manifests := []ispec.Manifest{} for i := 0; i < 3; i++ { - config, layers, manifest, err := test.GetRandomImageComponents(100) //nolint:staticcheck + config, layers, manifest, err := deprecated.GetRandomImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) manifests = append(manifests, manifest) - err = test.WriteImageToFileSystem( + err = WriteImageToFileSystem( Image{ Config: config, Layers: layers, @@ -421,7 +422,7 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB) { } // add fake signature for tag1 - signatureTag, err := test.GetCosignSignatureTagForManifest(manifests[1]) + signatureTag, err := signature.GetCosignSignatureTagForManifest(manifests[1]) So(err, ShouldBeNil) manifestBlob, err := json.Marshal(manifests[1]) @@ -429,10 +430,10 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB) { signedManifestDigest := godigest.FromBytes(manifestBlob) - config, layers, manifest, err := test.GetRandomImageComponents(100) //nolint:staticcheck + config, layers, manifest, err := deprecated.GetRandomImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) - err = test.WriteImageToFileSystem( + err = WriteImageToFileSystem( Image{ Config: config, Layers: layers, @@ -491,10 +492,10 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB) { storeController := storage.StoreController{DefaultStore: imageStore} // add an image - config, layers, manifest, err := test.GetRandomImageComponents(100) //nolint:staticcheck + config, layers, manifest, err := deprecated.GetRandomImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) - err = test.WriteImageToFileSystem( + err = WriteImageToFileSystem( Image{ Config: config, Layers: layers, @@ -503,19 +504,19 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB) { So(err, ShouldBeNil) // add mock cosign signature without pushing the signed image - image, err := test.GetRandomImage() //nolint:staticcheck + image, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) - signatureTag, err := test.GetCosignSignatureTagForManifest(image.Manifest) + signatureTag, err := signature.GetCosignSignatureTagForManifest(image.Manifest) So(err, ShouldBeNil) missingImageDigest := image.Digest() // get the body of the signature - config, layers, manifest, err = test.GetRandomImageComponents(100) //nolint:staticcheck + config, layers, manifest, err = deprecated.GetRandomImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) - err = test.WriteImageToFileSystem( + err = WriteImageToFileSystem( Image{ Config: config, Layers: layers, @@ -548,12 +549,12 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB) { storeController := storage.StoreController{DefaultStore: imageStore} // add an image - image, err := test.GetRandomImage() //nolint:staticcheck + image, err := deprecated.GetRandomImage() //nolint:staticcheck So(err, ShouldBeNil) manifestDigest := image.Digest() - err = test.WriteImageToFileSystem(image, repo, "tag", storeController) + err = WriteImageToFileSystem(image, repo, "tag", storeController) So(err, ShouldBeNil) err = metaDB.SetRepoReference(repo, "tag", manifestDigest, ispec.MediaTypeImageManifest) diff --git a/pkg/storage/common/common_test.go b/pkg/storage/common/common_test.go index 794b2448a..9a113fcf2 100644 --- a/pkg/storage/common/common_test.go +++ b/pkg/storage/common/common_test.go @@ -20,7 +20,6 @@ import ( "zotregistry.io/zot/pkg/storage/cache" common "zotregistry.io/zot/pkg/storage/common" "zotregistry.io/zot/pkg/storage/local" - "zotregistry.io/zot/pkg/test" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" ) @@ -46,7 +45,7 @@ func TestValidateManifest(t *testing.T) { So(err, ShouldBeNil) So(blen, ShouldEqual, len(content)) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload("test", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -180,7 +179,7 @@ func TestGetReferrersErrors(t *testing.T) { }) storageCtlr := storage.StoreController{DefaultStore: imgStore} - err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", storageCtlr) + err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", storageCtlr) So(err, ShouldBeNil) digest := godigest.FromBytes([]byte("{}")) diff --git a/pkg/storage/gc/gc_internal_test.go b/pkg/storage/gc/gc_internal_test.go index 4a3206627..9618f3233 100644 --- a/pkg/storage/gc/gc_internal_test.go +++ b/pkg/storage/gc/gc_internal_test.go @@ -24,7 +24,7 @@ import ( common "zotregistry.io/zot/pkg/storage/common" storageConstants "zotregistry.io/zot/pkg/storage/constants" "zotregistry.io/zot/pkg/storage/local" - "zotregistry.io/zot/pkg/test" + . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" ) @@ -96,7 +96,7 @@ func TestGarbageCollectManifestErrors(t *testing.T) { So(err, ShouldBeNil) So(blen, ShouldEqual, len(content)) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload(repoName, bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -198,7 +198,7 @@ func TestGarbageCollectIndexErrors(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() buf := bytes.NewBuffer(cblob) buflen := buf.Len() blob, err := imgStore.PutBlobChunkStreamed(repoName, upload, buf) diff --git a/pkg/storage/local/local_test.go b/pkg/storage/local/local_test.go index 93d7d9a94..571475be3 100644 --- a/pkg/storage/local/local_test.go +++ b/pkg/storage/local/local_test.go @@ -37,9 +37,9 @@ import ( "zotregistry.io/zot/pkg/storage/gc" "zotregistry.io/zot/pkg/storage/local" storageTypes "zotregistry.io/zot/pkg/storage/types" - "zotregistry.io/zot/pkg/test" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" + "zotregistry.io/zot/pkg/test/signature" ) const ( @@ -93,7 +93,7 @@ func TestStorageFSAPIs(t *testing.T) { annotationsMap := make(map[string]string) annotationsMap[ispec.AnnotationRefName] = tag - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload(repoName, bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -210,7 +210,7 @@ func TestGetOrasReferrers(t *testing.T) { imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) Convey("Get referrers", t, func(c C) { - err := test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storage.StoreController{ + err := WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storage.StoreController{ DefaultStore: imgStore, }) So(err, ShouldBeNil) @@ -384,7 +384,7 @@ func FuzzTestPutGetImageManifest(f *testing.F) { }, *log) imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() ldigest, lblob, err := newRandomBlobForFuzz(data) if err != nil { @@ -435,7 +435,7 @@ func FuzzTestPutDeleteImageManifest(f *testing.F) { }, *log) imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() ldigest, lblob, err := newRandomBlobForFuzz(data) if err != nil { @@ -753,7 +753,7 @@ func TestStorageCacheErrors(t *testing.T) { originRepo := "dedupe1" dedupedRepo := "dedupe2" - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() getBlobPath := "" @@ -1068,7 +1068,7 @@ func FuzzGetOrasReferrers(f *testing.F) { imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) storageCtlr := storage.StoreController{DefaultStore: imgStore} - err := test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storageCtlr) + err := WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storageCtlr) if err != nil { t.Error(err) } @@ -1214,7 +1214,7 @@ func TestDedupeLinks(t *testing.T) { err = blobrc.Close() So(err, ShouldBeNil) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload("dedupe1", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -1274,7 +1274,7 @@ func TestDedupeLinks(t *testing.T) { err = blobrc.Close() So(err, ShouldBeNil) - cblob, cdigest = test.GetRandomImageConfig() + cblob, cdigest = GetRandomImageConfig() _, clen, err = imgStore.FullBlobUpload("dedupe2", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -2012,8 +2012,7 @@ func TestGarbageCollectForImageStore(t *testing.T) { }, log) image := CreateDefaultVulnerableImage() - - err := test.WriteImageToFileSystem(image, repoName, "0.0.1", storage.StoreController{ + err := WriteImageToFileSystem(image, repoName, "0.0.1", storage.StoreController{ DefaultStore: imgStore, }) So(err, ShouldBeNil) @@ -2058,8 +2057,7 @@ func TestGarbageCollectForImageStore(t *testing.T) { }, log) image := CreateDefaultVulnerableImage() - - err := test.WriteImageToFileSystem(image, repoName, "0.0.1", storage.StoreController{ + err := WriteImageToFileSystem(image, repoName, "0.0.1", storage.StoreController{ DefaultStore: imgStore, }) So(err, ShouldBeNil) @@ -2102,17 +2100,17 @@ func TestGarbageCollectForImageStore(t *testing.T) { storeController := storage.StoreController{DefaultStore: imgStore} img := CreateRandomImage() - err := test.WriteImageToFileSystem(img, repoName, "tag1", storeController) + err := WriteImageToFileSystem(img, repoName, "tag1", storeController) So(err, ShouldBeNil) // add fake signature for tag1 - cosignTag, err := test.GetCosignSignatureTagForManifest(img.Manifest) + cosignTag, err := signature.GetCosignSignatureTagForManifest(img.Manifest) So(err, ShouldBeNil) cosignSig := CreateRandomImage() So(err, ShouldBeNil) - err = test.WriteImageToFileSystem(cosignSig, repoName, cosignTag, storeController) + err = WriteImageToFileSystem(cosignSig, repoName, cosignTag, storeController) So(err, ShouldBeNil) // add sbom @@ -2126,7 +2124,7 @@ func TestGarbageCollectForImageStore(t *testing.T) { sbomImg := CreateRandomImage() So(err, ShouldBeNil) - err = test.WriteImageToFileSystem(sbomImg, repoName, sbomTag, storeController) + err = WriteImageToFileSystem(sbomImg, repoName, sbomTag, storeController) So(err, ShouldBeNil) // add fake signature for tag1 @@ -2135,7 +2133,7 @@ func TestGarbageCollectForImageStore(t *testing.T) { ArtifactConfig("application/vnd.cncf.notary.signature"). Subject(img.DescriptorRef()).Build() - err = test.WriteImageToFileSystem(notationSig, repoName, "notation", storeController) + err = WriteImageToFileSystem(notationSig, repoName, "notation", storeController) So(err, ShouldBeNil) err = gc.CleanRepo(repoName) @@ -2172,20 +2170,20 @@ func TestGarbageCollectImageUnknownManifest(t *testing.T) { img := CreateRandomImage() - err := test.WriteImageToFileSystem(img, repoName, "v1", storeController) + err := WriteImageToFileSystem(img, repoName, "v1", storeController) So(err, ShouldBeNil) // add image with unsupported media type artifact := CreateRandomImage() - err = test.WriteImageToFileSystem(artifact, repoName, "artifact", storeController) + err = WriteImageToFileSystem(artifact, repoName, "artifact", storeController) So(err, ShouldBeNil) // add referrer with unsupported media type subjectDesc := img.Descriptor() referrer := CreateRandomImageWith().Subject(&subjectDesc).Build() - err = test.WriteImageToFileSystem(referrer, repoName, referrer.Digest().String(), storeController) + err = WriteImageToFileSystem(referrer, repoName, referrer.Digest().String(), storeController) So(err, ShouldBeNil) // modify artifact media type @@ -2374,7 +2372,7 @@ func TestGarbageCollectErrors(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() buf = bytes.NewBuffer(cblob) buflen = buf.Len() blob, err = imgStore.PutBlobChunkStreamed(repoName, upload, buf) @@ -2439,7 +2437,7 @@ func TestGarbageCollectErrors(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() buf = bytes.NewBuffer(cblob) buflen = buf.Len() blob, err = imgStore.PutBlobChunkStreamed(repoName, upload, buf) @@ -2497,7 +2495,7 @@ func TestGarbageCollectErrors(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() buf = bytes.NewBuffer(cblob) buflen = buf.Len() blob, err = imgStore.PutBlobChunkStreamed(repoName, upload, buf) @@ -2855,13 +2853,13 @@ func TestGetNextRepository(t *testing.T) { srcStorageCtlr := storage.StoreController{DefaultStore: imgStore} image := CreateDefaultImage() - err := test.WriteImageToFileSystem(image, firstRepoName, "0.0.1", srcStorageCtlr) + err := WriteImageToFileSystem(image, firstRepoName, "0.0.1", srcStorageCtlr) if err != nil { t.Log(err) t.FailNow() } - err = test.WriteImageToFileSystem(image, secondRepoName, "0.0.1", srcStorageCtlr) + err = WriteImageToFileSystem(image, secondRepoName, "0.0.1", srcStorageCtlr) if err != nil { t.Log(err) t.FailNow() diff --git a/pkg/storage/s3/s3_test.go b/pkg/storage/s3/s3_test.go index 33af4cae3..a84d10391 100644 --- a/pkg/storage/s3/s3_test.go +++ b/pkg/storage/s3/s3_test.go @@ -36,7 +36,8 @@ import ( storageConstants "zotregistry.io/zot/pkg/storage/constants" "zotregistry.io/zot/pkg/storage/s3" storageTypes "zotregistry.io/zot/pkg/storage/types" - "zotregistry.io/zot/pkg/test" + "zotregistry.io/zot/pkg/test/deprecated" + . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/inject" "zotregistry.io/zot/pkg/test/mocks" ) @@ -476,7 +477,7 @@ func TestGetOrasAndOCIReferrers(t *testing.T) { _, imgStore, _ := createObjectsStore(testDir, tdir, true) Convey("Upload test image", t, func(c C) { - cfg, layers, manifest, err := test.GetImageComponents(100) //nolint:staticcheck + cfg, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck So(err, ShouldBeNil) for _, content := range layers { @@ -1288,7 +1289,7 @@ func TestS3Dedupe(t *testing.T) { err = blobReadCloser.Close() So(err, ShouldBeNil) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload("dedupe1", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -1363,7 +1364,7 @@ func TestS3Dedupe(t *testing.T) { err = blobReadCloser.Close() So(err, ShouldBeNil) - cblob, cdigest = test.GetRandomImageConfig() + cblob, cdigest = GetRandomImageConfig() _, clen, err = imgStore.FullBlobUpload("dedupe2", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -1522,7 +1523,7 @@ func TestS3Dedupe(t *testing.T) { So(checkBlobSize3, ShouldBeGreaterThan, 0) So(checkBlobSize3, ShouldEqual, getBlobSize3) - cblob, cdigest = test.GetRandomImageConfig() + cblob, cdigest = GetRandomImageConfig() _, clen, err = imgStore.FullBlobUpload("dedupe3", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -1691,7 +1692,7 @@ func TestS3Dedupe(t *testing.T) { err = blobReadCloser.Close() So(err, ShouldBeNil) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload("dedupe1", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -1758,7 +1759,7 @@ func TestS3Dedupe(t *testing.T) { err = blobReadCloser.Close() So(err, ShouldBeNil) - cblob, cdigest = test.GetRandomImageConfig() + cblob, cdigest = GetRandomImageConfig() _, clen, err = imgStore.FullBlobUpload("dedupe2", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -1959,7 +1960,7 @@ func TestRebuildDedupeIndex(t *testing.T) { So(hasBlob, ShouldEqual, true) So(err, ShouldBeNil) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload("dedupe1", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -2996,7 +2997,7 @@ func TestS3ManifestImageIndex(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() buf = bytes.NewBuffer(cblob) buflen = buf.Len() blob, err = imgStore.PutBlobChunkStreamed("index", upload, buf) @@ -3038,7 +3039,7 @@ func TestS3ManifestImageIndex(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest = test.GetRandomImageConfig() + cblob, cdigest = GetRandomImageConfig() buf = bytes.NewBuffer(cblob) buflen = buf.Len() blob, err = imgStore.PutBlobChunkStreamed("index", upload, buf) @@ -3080,7 +3081,7 @@ func TestS3ManifestImageIndex(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest = test.GetRandomImageConfig() + cblob, cdigest = GetRandomImageConfig() buf = bytes.NewBuffer(cblob) buflen = buf.Len() blob, err = imgStore.PutBlobChunkStreamed("index", upload, buf) @@ -3144,7 +3145,7 @@ func TestS3ManifestImageIndex(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest = test.GetRandomImageConfig() + cblob, cdigest = GetRandomImageConfig() buf = bytes.NewBuffer(cblob) buflen = buf.Len() blob, err = imgStore.PutBlobChunkStreamed("index", upload, buf) @@ -3437,7 +3438,7 @@ func TestS3ManifestImageIndex(t *testing.T) { So(clen, ShouldEqual, buflen) // first config - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() buf = bytes.NewBuffer(cblob) buflen = buf.Len() @@ -3471,7 +3472,7 @@ func TestS3ManifestImageIndex(t *testing.T) { So(err, ShouldBeNil) // second config - cblob, cdigest = test.GetRandomImageConfig() + cblob, cdigest = GetRandomImageConfig() buf = bytes.NewBuffer(cblob) buflen = buf.Len() diff --git a/pkg/storage/scrub_test.go b/pkg/storage/scrub_test.go index 68f1de0a1..eef992ec9 100644 --- a/pkg/storage/scrub_test.go +++ b/pkg/storage/scrub_test.go @@ -26,7 +26,7 @@ import ( "zotregistry.io/zot/pkg/storage/local" "zotregistry.io/zot/pkg/storage/s3" storageTypes "zotregistry.io/zot/pkg/storage/types" - "zotregistry.io/zot/pkg/test" + "zotregistry.io/zot/pkg/test/deprecated" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" ) @@ -91,7 +91,7 @@ func RunCheckAllBlobsIntegrityTests( //nolint: thelper storeCtlr.DefaultStore = imgStore So(storeCtlr.GetImageStore(repoName), ShouldResemble, imgStore) - config, layers, manifest, err := test.GetImageComponents(1000) //nolint:staticcheck + config, layers, manifest, err := deprecated.GetImageComponents(1000) //nolint:staticcheck So(err, ShouldBeNil) layerReader := bytes.NewReader(layers[0]) @@ -306,7 +306,7 @@ func RunCheckAllBlobsIntegrityTests( //nolint: thelper }) Convey("Scrub index", func() { - newConfig, newLayers, newManifest, err := test.GetImageComponents(10) //nolint:staticcheck + newConfig, newLayers, newManifest, err := deprecated.GetImageComponents(10) //nolint:staticcheck So(err, ShouldBeNil) newLayerReader := bytes.NewReader(newLayers[0]) @@ -474,7 +474,7 @@ func RunCheckAllBlobsIntegrityTests( //nolint: thelper manifestDescriptor, ok := common.GetManifestDescByReference(index, manifestDigest.String()) So(ok, ShouldBeTrue) - err = test.WriteImageToFileSystem(CreateDefaultImageWith().Subject(&manifestDescriptor).Build(), + err = WriteImageToFileSystem(CreateDefaultImageWith().Subject(&manifestDescriptor).Build(), repoName, "0.0.1", storeCtlr) So(err, ShouldBeNil) diff --git a/pkg/storage/storage_controller.go b/pkg/storage/storage_controller.go index 0dfdf3d1a..dc4946d20 100644 --- a/pkg/storage/storage_controller.go +++ b/pkg/storage/storage_controller.go @@ -45,3 +45,11 @@ func (sc StoreController) GetImageStore(name string) storageTypes.ImageStore { return sc.DefaultStore } + +func (sc StoreController) GetDefaultImageStore() storageTypes.ImageStore { + return sc.DefaultStore +} + +func (sc StoreController) GetImageSubStores() map[string]storageTypes.ImageStore { + return sc.SubStore +} diff --git a/pkg/storage/storage_test.go b/pkg/storage/storage_test.go index dd82a4846..ce8fef9a6 100644 --- a/pkg/storage/storage_test.go +++ b/pkg/storage/storage_test.go @@ -39,7 +39,7 @@ import ( "zotregistry.io/zot/pkg/storage/local" "zotregistry.io/zot/pkg/storage/s3" storageTypes "zotregistry.io/zot/pkg/storage/types" - "zotregistry.io/zot/pkg/test" + . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" ) @@ -317,7 +317,7 @@ func TestStorageAPIs(t *testing.T) { }) Convey("Good image manifest", func() { - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload("test", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -534,7 +534,7 @@ func TestStorageAPIs(t *testing.T) { }) Convey("Good image manifest", func() { - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload("test", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -631,7 +631,7 @@ func TestStorageAPIs(t *testing.T) { So(err, ShouldBeNil) So(blob, ShouldEqual, buflen) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload("replace", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -683,7 +683,7 @@ func TestStorageAPIs(t *testing.T) { So(err, ShouldBeNil) So(blob, ShouldEqual, buflen) - cblob, cdigest = test.GetRandomImageConfig() + cblob, cdigest = GetRandomImageConfig() _, clen, err = imgStore.FullBlobUpload("replace", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -797,7 +797,7 @@ func TestMandatoryAnnotations(t *testing.T) { _, _, err := imgStore.FullBlobUpload("test", bytes.NewReader(buf.Bytes()), digest) So(err, ShouldBeNil) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload("test", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -918,7 +918,7 @@ func TestDeleteBlobsInUse(t *testing.T) { _, _, err = imgStore.FullBlobUpload("repo", bytes.NewReader(buf.Bytes()), digest) So(err, ShouldBeNil) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload("repo", bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -1037,7 +1037,7 @@ func TestDeleteBlobsInUse(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest = test.GetRandomImageConfig() + cblob, cdigest = GetRandomImageConfig() buf = bytes.NewBuffer(cblob) buflen = buf.Len() blob, err = imgStore.PutBlobChunkStreamed(repoName, upload, buf) @@ -1317,7 +1317,7 @@ func TestGarbageCollectImageManifest(t *testing.T) { annotationsMap := make(map[string]string) annotationsMap[ispec.AnnotationRefName] = tag - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload(repoName, bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -1499,7 +1499,7 @@ func TestGarbageCollectImageManifest(t *testing.T) { annotationsMap := make(map[string]string) annotationsMap[ispec.AnnotationRefName] = tag - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload(repoName, bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -1794,7 +1794,7 @@ func TestGarbageCollectImageManifest(t *testing.T) { annotationsMap := make(map[string]string) annotationsMap[ispec.AnnotationRefName] = tag - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() _, clen, err := imgStore.FullBlobUpload(repo1Name, bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -1857,7 +1857,7 @@ func TestGarbageCollectImageManifest(t *testing.T) { annotationsMap = make(map[string]string) annotationsMap[ispec.AnnotationRefName] = tag - cblob, cdigest = test.GetRandomImageConfig() + cblob, cdigest = GetRandomImageConfig() _, clen, err = imgStore.FullBlobUpload(repo2Name, bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -1913,7 +1913,7 @@ func TestGarbageCollectImageManifest(t *testing.T) { annotationsMap = make(map[string]string) annotationsMap[ispec.AnnotationRefName] = tag - cblob, cdigest = test.GetRandomImageConfig() + cblob, cdigest = GetRandomImageConfig() _, clen, err = imgStore.FullBlobUpload(repo2Name, bytes.NewReader(cblob), cdigest) So(err, ShouldBeNil) So(clen, ShouldEqual, len(cblob)) @@ -2493,7 +2493,7 @@ func TestGarbageCollectChainedImageIndexes(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() buf := bytes.NewBuffer(cblob) buflen := buf.Len() blob, err := imgStore.PutBlobChunkStreamed(repoName, upload, buf) @@ -2575,7 +2575,7 @@ func TestGarbageCollectChainedImageIndexes(t *testing.T) { So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() buf := bytes.NewBuffer(cblob) buflen := buf.Len() blob, err := imgStore.PutBlobChunkStreamed(repoName, upload, buf) @@ -2913,7 +2913,7 @@ func pushRandomImageIndex(imgStore storageTypes.ImageStore, repoName string, So(err, ShouldBeNil) So(upload, ShouldNotBeEmpty) - cblob, cdigest := test.GetRandomImageConfig() + cblob, cdigest := GetRandomImageConfig() buf := bytes.NewBuffer(cblob) buflen := buf.Len() blob, err := imgStore.PutBlobChunkStreamed(repoName, upload, buf) diff --git a/pkg/storage/types/types.go b/pkg/storage/types/types.go index c07367bdc..14e5569a8 100644 --- a/pkg/storage/types/types.go +++ b/pkg/storage/types/types.go @@ -12,6 +12,12 @@ import ( "zotregistry.io/zot/pkg/scheduler" ) +type StoreController interface { + GetImageStore(name string) ImageStore + GetDefaultImageStore() ImageStore + GetImageSubStores() map[string]ImageStore +} + type ImageStore interface { //nolint:interfacebloat DirExists(d string) bool RootDir() string diff --git a/pkg/test/bearer.go b/pkg/test/auth/bearer.go similarity index 99% rename from pkg/test/bearer.go rename to pkg/test/auth/bearer.go index 662e70154..8a3d559bf 100644 --- a/pkg/test/bearer.go +++ b/pkg/test/auth/bearer.go @@ -1,4 +1,4 @@ -package test +package auth import ( "fmt" diff --git a/pkg/test/auth/bearer_test.go b/pkg/test/auth/bearer_test.go new file mode 100644 index 000000000..c250428f9 --- /dev/null +++ b/pkg/test/auth/bearer_test.go @@ -0,0 +1,15 @@ +package auth_test + +import ( + "testing" + + . "github.com/smartystreets/goconvey/convey" + + auth "zotregistry.io/zot/pkg/test/auth" +) + +func TestBearerServer(t *testing.T) { + Convey("test MakeAuthTestServer() no serve key", t, func() { + So(func() { auth.MakeAuthTestServer("", "") }, ShouldPanic) + }) +} diff --git a/pkg/test/auth/oidc.go b/pkg/test/auth/oidc.go new file mode 100644 index 000000000..a3be24f1d --- /dev/null +++ b/pkg/test/auth/oidc.go @@ -0,0 +1,44 @@ +package auth + +import ( + "crypto/rand" + "crypto/rsa" + "net" + "net/http" + "strings" + + "github.com/project-zot/mockoidc" +) + +func MockOIDCRun() (*mockoidc.MockOIDC, error) { + // Create a fresh RSA Private Key for token signing + rsaKey, _ := rsa.GenerateKey(rand.Reader, 2048) //nolint: gomnd + + // Create an unstarted MockOIDC server + mockServer, _ := mockoidc.NewServer(rsaKey) + + // Create the net.Listener, kernel will chose a valid port + listener, _ := net.Listen("tcp", "127.0.0.1:0") + + bearerMiddleware := func(next http.Handler) http.Handler { + return http.HandlerFunc(func(response http.ResponseWriter, req *http.Request) { + // stateVal := req.Form.Get("state") + header := req.Header.Get("Authorization") + parts := strings.SplitN(header, " ", 2) //nolint: gomnd + if header != "" { + if strings.ToLower(parts[0]) == "bearer" { + req.Header.Set("Authorization", strings.Join([]string{"Bearer", parts[1]}, " ")) + } + } + + next.ServeHTTP(response, req) + }) + } + + err := mockServer.AddMiddleware(bearerMiddleware) + if err != nil { + return mockServer, err + } + // tlsConfig can be nil if you want HTTP + return mockServer, mockServer.Start(listener, nil) +} diff --git a/pkg/test/common.go b/pkg/test/common.go deleted file mode 100644 index 97f0309a9..000000000 --- a/pkg/test/common.go +++ /dev/null @@ -1,1534 +0,0 @@ -package test - -import ( - "bytes" - "context" - "crypto/rand" - "crypto/rsa" - "crypto/x509" - "encoding/json" - "encoding/pem" - "errors" - "fmt" - "io" - "io/fs" - "log" - "math" - "math/big" - "net" - "net/http" - "os" - "path" - "path/filepath" - "strings" - "sync" - "time" - - "github.com/notaryproject/notation-core-go/signature/jws" - "github.com/notaryproject/notation-core-go/testhelper" - "github.com/notaryproject/notation-go" - notconfig "github.com/notaryproject/notation-go/config" - "github.com/notaryproject/notation-go/dir" - notreg "github.com/notaryproject/notation-go/registry" - "github.com/notaryproject/notation-go/signer" - "github.com/notaryproject/notation-go/verifier" - godigest "github.com/opencontainers/go-digest" - "github.com/opencontainers/image-spec/specs-go" - ispec "github.com/opencontainers/image-spec/specs-go/v1" - "github.com/phayes/freeport" - "github.com/project-zot/mockoidc" - "github.com/sigstore/cosign/v2/cmd/cosign/cli/generate" - "github.com/sigstore/cosign/v2/cmd/cosign/cli/options" - "github.com/sigstore/cosign/v2/cmd/cosign/cli/sign" - "golang.org/x/crypto/bcrypt" - "gopkg.in/resty.v1" - "oras.land/oras-go/v2/registry" - "oras.land/oras-go/v2/registry/remote" - "oras.land/oras-go/v2/registry/remote/auth" - - "zotregistry.io/zot/pkg/extensions/monitoring" - zLog "zotregistry.io/zot/pkg/log" - "zotregistry.io/zot/pkg/storage" - "zotregistry.io/zot/pkg/storage/local" - stypes "zotregistry.io/zot/pkg/storage/types" - testc "zotregistry.io/zot/pkg/test/common" - "zotregistry.io/zot/pkg/test/image-utils" - "zotregistry.io/zot/pkg/test/inject" - "zotregistry.io/zot/pkg/test/mocks" -) - -const ( - BaseURL = "http://127.0.0.1:%s" - BaseSecureURL = "https://127.0.0.1:%s" - SleepTime = 100 * time.Millisecond -) - -var ( - ErrSignatureVerification = errors.New("signature verification failed") - ErrAlreadyExists = errors.New("already exists") - ErrKeyNotFound = errors.New("key not found") -) - -var NotationPathLock = new(sync.Mutex) //nolint: gochecknoglobals - -func GetFreePort() string { - port, err := freeport.GetFreePort() - if err != nil { - panic(err) - } - - return fmt.Sprint(port) -} - -func GetBaseURL(port string) string { - return fmt.Sprintf(BaseURL, port) -} - -func GetSecureBaseURL(port string) string { - return fmt.Sprintf(BaseSecureURL, port) -} - -func MakeHtpasswdFile() string { - // bcrypt(username="test", passwd="test") - content := "test:$2y$05$hlbSXDp6hzDLu6VwACS39ORvVRpr3OMR4RlJ31jtlaOEGnPjKZI1m\n" - - return MakeHtpasswdFileFromString(content) -} - -func GetCredString(username, password string) string { - hash, err := bcrypt.GenerateFromPassword([]byte(password), 10) - if err != nil { - panic(err) - } - - usernameAndHash := fmt.Sprintf("%s:%s", username, string(hash)) - - return usernameAndHash -} - -func MakeHtpasswdFileFromString(fileContent string) string { - htpasswdFile, err := os.CreateTemp("", "htpasswd-") - if err != nil { - panic(err) - } - - // bcrypt(username="test", passwd="test") - content := []byte(fileContent) - if err := os.WriteFile(htpasswdFile.Name(), content, 0o600); err != nil { //nolint:gomnd - panic(err) - } - - return htpasswdFile.Name() -} - -func CopyFiles(sourceDir, destDir string) error { - sourceMeta, err := os.Stat(sourceDir) - if err != nil { - return fmt.Errorf("CopyFiles os.Stat failed: %w", err) - } - - if err := os.MkdirAll(destDir, sourceMeta.Mode()); err != nil { - return fmt.Errorf("CopyFiles os.MkdirAll failed: %w", err) - } - - files, err := os.ReadDir(sourceDir) - if err != nil { - return fmt.Errorf("CopyFiles os.ReadDir failed: %w", err) - } - - for _, file := range files { - sourceFilePath := path.Join(sourceDir, file.Name()) - destFilePath := path.Join(destDir, file.Name()) - - if file.IsDir() { - if strings.HasPrefix(file.Name(), "_") { - // Some tests create the trivy related folders under test/_trivy - continue - } - - if err = CopyFiles(sourceFilePath, destFilePath); err != nil { - return err - } - } else { - sourceFile, err := os.Open(sourceFilePath) - if err != nil { - return fmt.Errorf("CopyFiles os.Open failed: %w", err) - } - defer sourceFile.Close() - - destFile, err := os.Create(destFilePath) - if err != nil { - return fmt.Errorf("CopyFiles os.Create failed: %w", err) - } - defer destFile.Close() - - if _, err = io.Copy(destFile, sourceFile); err != nil { - return fmt.Errorf("io.Copy failed: %w", err) - } - } - } - - return nil -} - -func CopyTestFiles(sourceDir, destDir string) { - err := CopyFiles(sourceDir, destDir) - if err != nil { - panic(err) - } -} - -func CopyTestKeysAndCerts(destDir string) error { - files := []string{ - "ca.crt", "ca.key", "client.cert", "client.csr", - "client.key", "server.cert", "server.csr", "server.key", - } - - rootPath, err := testc.GetProjectRootDir() - if err != nil { - return err - } - - sourceDir := filepath.Join(rootPath, "test/data") - - sourceMeta, err := os.Stat(sourceDir) - if err != nil { - return fmt.Errorf("CopyFiles os.Stat failed: %w", err) - } - - if err := os.MkdirAll(destDir, sourceMeta.Mode()); err != nil { - return err - } - - for _, file := range files { - err = CopyFile(filepath.Join(sourceDir, file), filepath.Join(destDir, file)) - if err != nil { - return err - } - } - - return nil -} - -type Controller interface { - Init(ctx context.Context) error - Run(ctx context.Context) error - Shutdown() - GetPort() int -} - -type ControllerManager struct { - controller Controller - // used to stop background tasks(goroutines) - cancelRoutinesFunc context.CancelFunc -} - -func (cm *ControllerManager) RunServer(ctx context.Context) { - // Useful to be able to call in the same goroutine for testing purposes - if err := cm.controller.Run(ctx); !errors.Is(err, http.ErrServerClosed) { - panic(err) - } -} - -func (cm *ControllerManager) StartServer() { - ctx, cancel := context.WithCancel(context.Background()) - cm.cancelRoutinesFunc = cancel - - if err := cm.controller.Init(ctx); err != nil { - panic(err) - } - - go func() { - cm.RunServer(ctx) - }() -} - -func (cm *ControllerManager) StopServer() { - // stop background tasks - if cm.cancelRoutinesFunc != nil { - cm.cancelRoutinesFunc() - } - - cm.controller.Shutdown() -} - -func (cm *ControllerManager) WaitServerToBeReady(port string) { - url := GetBaseURL(port) - WaitTillServerReady(url) -} - -func (cm *ControllerManager) StartAndWait(port string) { - cm.StartServer() - - url := GetBaseURL(port) - WaitTillServerReady(url) -} - -func NewControllerManager(controller Controller) ControllerManager { - cm := ControllerManager{ - controller: controller, - } - - return cm -} - -func WriteImageToFileSystem(image image.Image, repoName, ref string, storeController storage.StoreController) error { - store := storeController.GetImageStore(repoName) - - err := store.InitRepo(repoName) - if err != nil { - return err - } - - for _, layerBlob := range image.Layers { - layerReader := bytes.NewReader(layerBlob) - layerDigest := godigest.FromBytes(layerBlob) - - _, _, err = store.FullBlobUpload(repoName, layerReader, layerDigest) - if err != nil { - return err - } - } - - configBlob, err := json.Marshal(image.Config) - if err != nil { - return err - } - - configReader := bytes.NewReader(configBlob) - configDigest := godigest.FromBytes(configBlob) - - _, _, err = store.FullBlobUpload(repoName, configReader, configDigest) - if err != nil { - return err - } - - manifestBlob, err := json.Marshal(image.Manifest) - if err != nil { - return err - } - - _, _, err = store.PutImageManifest(repoName, ref, ispec.MediaTypeImageManifest, manifestBlob) - if err != nil { - return err - } - - return nil -} - -func WriteMultiArchImageToFileSystem(multiarchImage image.MultiarchImage, repoName, ref string, - storeController storage.StoreController, -) error { - store := storeController.GetImageStore(repoName) - - err := store.InitRepo(repoName) - if err != nil { - return err - } - - for _, image := range multiarchImage.Images { - err := WriteImageToFileSystem(image, repoName, image.DigestStr(), storeController) - if err != nil { - return err - } - } - - indexBlob, err := json.Marshal(multiarchImage.Index) - if err != nil { - return err - } - - _, _, err = store.PutImageManifest(repoName, ref, ispec.MediaTypeImageIndex, - indexBlob) - - return err -} - -func WaitTillServerReady(url string) { - for { - _, err := resty.R().Get(url) - if err == nil { - break - } - - time.Sleep(SleepTime) - } -} - -func WaitTillTrivyDBDownloadStarted(rootDir string) { - for { - if _, err := os.Stat(path.Join(rootDir, "_trivy", "db", "trivy.db")); err == nil { - break - } - - time.Sleep(SleepTime) - } -} - -// Adapted from https://gist.github.com/dopey/c69559607800d2f2f90b1b1ed4e550fb -func RandomString(n int) string { - const letters = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-" - - ret := make([]byte, n) - - for count := 0; count < n; count++ { - num, err := rand.Int(rand.Reader, big.NewInt(int64(len(letters)))) - if err != nil { - panic(err) - } - - ret[count] = letters[num.Int64()] - } - - return string(ret) -} - -func GetRandomImageConfig() ([]byte, godigest.Digest) { - const maxLen = 16 - - randomAuthor := RandomString(maxLen) - - config := ispec.Image{ - Platform: ispec.Platform{ - Architecture: "amd64", - OS: "linux", - }, - RootFS: ispec.RootFS{ - Type: "layers", - DiffIDs: []godigest.Digest{}, - }, - Author: randomAuthor, - } - - configBlobContent, err := json.MarshalIndent(&config, "", "\t") - if err != nil { - log.Fatal(err) - } - - configBlobDigestRaw := godigest.FromBytes(configBlobContent) - - return configBlobContent, configBlobDigestRaw -} - -// Deprecated: Should use the new functions starting with "Create". -func GetImageComponents(layerSize int) (ispec.Image, [][]byte, ispec.Manifest, error) { - config := ispec.Image{ - Platform: ispec.Platform{ - Architecture: "amd64", - OS: "linux", - }, - RootFS: ispec.RootFS{ - Type: "layers", - DiffIDs: []godigest.Digest{}, - }, - Author: "ZotUser", - } - - configBlob, err := json.Marshal(config) - if err = inject.Error(err); err != nil { - return ispec.Image{}, [][]byte{}, ispec.Manifest{}, err - } - - configDigest := godigest.FromBytes(configBlob) - - layers := [][]byte{ - make([]byte, layerSize), - } - - schemaVersion := 2 - - manifest := ispec.Manifest{ - MediaType: ispec.MediaTypeImageManifest, - Versioned: specs.Versioned{ - SchemaVersion: schemaVersion, - }, - Config: ispec.Descriptor{ - MediaType: "application/vnd.oci.image.config.v1+json", - Digest: configDigest, - Size: int64(len(configBlob)), - }, - Layers: []ispec.Descriptor{ - { - MediaType: "application/vnd.oci.image.layer.v1.tar", - Digest: godigest.FromBytes(layers[0]), - Size: int64(len(layers[0])), - }, - }, - } - - return config, layers, manifest, nil -} - -// Deprecated: Should use the new functions starting with "Create". -func GetRandomImageComponents(layerSize int) (ispec.Image, [][]byte, ispec.Manifest, error) { - config := ispec.Image{ - Platform: ispec.Platform{ - Architecture: "amd64", - OS: "linux", - }, - RootFS: ispec.RootFS{ - Type: "layers", - DiffIDs: []godigest.Digest{}, - }, - Author: "ZotUser", - } - - configBlob, err := json.Marshal(config) - if err = inject.Error(err); err != nil { - return ispec.Image{}, [][]byte{}, ispec.Manifest{}, err - } - - configDigest := godigest.FromBytes(configBlob) - - layers := [][]byte{ - GetRandomLayer(layerSize), - } - - schemaVersion := 2 - - manifest := ispec.Manifest{ - MediaType: ispec.MediaTypeImageManifest, - Versioned: specs.Versioned{ - SchemaVersion: schemaVersion, - }, - Config: ispec.Descriptor{ - MediaType: "application/vnd.oci.image.config.v1+json", - Digest: configDigest, - Size: int64(len(configBlob)), - }, - Layers: []ispec.Descriptor{ - { - MediaType: "application/vnd.oci.image.layer.v1.tar", - Digest: godigest.FromBytes(layers[0]), - Size: int64(len(layers[0])), - }, - }, - } - - return config, layers, manifest, nil -} - -// Deprecated: Should use the new functions starting with "Create". -func GetVulnImageWithConfig(config ispec.Image) (image.Image, error) { - vulnerableLayer, err := image.GetLayerWithVulnerability() - if err != nil { - return image.Image{}, err - } - - vulnerableConfig := ispec.Image{ - Platform: config.Platform, - Config: config.Config, - RootFS: ispec.RootFS{ - Type: "layers", - DiffIDs: []godigest.Digest{"sha256:f1417ff83b319fbdae6dd9cd6d8c9c88002dcd75ecf6ec201c8c6894681cf2b5"}, - }, - Created: config.Created, - History: config.History, - } - - img, err := GetImageWithComponents( - vulnerableConfig, - [][]byte{ - vulnerableLayer, - }) - if err != nil { - return image.Image{}, err - } - - return img, err -} - -func GetRandomLayer(size int) []byte { - layer := make([]byte, size) - - _, err := rand.Read(layer) - if err != nil { - return layer - } - - return layer -} - -// Deprecated: Should use the new functions starting with "Create". -func GetRandomImage() (image.Image, error) { - const layerSize = 20 - - config, layers, manifest, err := GetRandomImageComponents(layerSize) - if err != nil { - return image.Image{}, err - } - - return image.Image{ - Manifest: manifest, - Layers: layers, - Config: config, - }, nil -} - -// Deprecated: Should use the new functions starting with "Create". -func GetImageComponentsWithConfig(conf ispec.Image) (ispec.Image, [][]byte, ispec.Manifest, error) { - configBlob, err := json.Marshal(conf) - if err = inject.Error(err); err != nil { - return ispec.Image{}, [][]byte{}, ispec.Manifest{}, err - } - - configDigest := godigest.FromBytes(configBlob) - - layerSize := 100 - layer := make([]byte, layerSize) - - _, err = rand.Read(layer) - if err != nil { - return ispec.Image{}, [][]byte{}, ispec.Manifest{}, err - } - - layers := [][]byte{ - layer, - } - - schemaVersion := 2 - - manifest := ispec.Manifest{ - MediaType: ispec.MediaTypeImageManifest, - Versioned: specs.Versioned{ - SchemaVersion: schemaVersion, - }, - Config: ispec.Descriptor{ - MediaType: "application/vnd.oci.image.config.v1+json", - Digest: configDigest, - Size: int64(len(configBlob)), - }, - Layers: []ispec.Descriptor{ - { - MediaType: "application/vnd.oci.image.layer.v1.tar", - Digest: godigest.FromBytes(layers[0]), - Size: int64(len(layers[0])), - }, - }, - } - - return conf, layers, manifest, nil -} - -// Deprecated: Should use the new functions starting with "Create". -func GetImageWithConfig(conf ispec.Image) (image.Image, error) { - config, layers, manifest, err := GetImageComponentsWithConfig(conf) - if err != nil { - return image.Image{}, err - } - - return image.Image{ - Manifest: manifest, - Config: config, - Layers: layers, - }, nil -} - -// Deprecated: Should use the new functions starting with "Create". -func GetImageWithComponents(config ispec.Image, layers [][]byte) (image.Image, error) { - configBlob, err := json.Marshal(config) - if err != nil { - return image.Image{}, err - } - - manifestLayers := make([]ispec.Descriptor, 0, len(layers)) - - for _, layer := range layers { - manifestLayers = append(manifestLayers, ispec.Descriptor{ - MediaType: "application/vnd.oci.image.layer.v1.tar", - Digest: godigest.FromBytes(layer), - Size: int64(len(layer)), - }) - } - - const schemaVersion = 2 - - manifest := ispec.Manifest{ - MediaType: ispec.MediaTypeImageManifest, - Versioned: specs.Versioned{ - SchemaVersion: schemaVersion, - }, - Config: ispec.Descriptor{ - MediaType: "application/vnd.oci.image.config.v1+json", - Digest: godigest.FromBytes(configBlob), - Size: int64(len(configBlob)), - }, - Layers: manifestLayers, - } - - return image.Image{ - Manifest: manifest, - Config: config, - Layers: layers, - }, nil -} - -func GetCosignSignatureTagForManifest(manifest ispec.Manifest) (string, error) { - manifestBlob, err := json.Marshal(manifest) - if err != nil { - return "", err - } - - manifestDigest := godigest.FromBytes(manifestBlob) - - return GetCosignSignatureTagForDigest(manifestDigest), nil -} - -func GetCosignSignatureTagForDigest(manifestDigest godigest.Digest) string { - return manifestDigest.Algorithm().String() + "-" + manifestDigest.Encoded() + ".sig" -} - -// Deprecated: Should use the new functions starting with "Create". -func GetImageWithSubject(subjectDigest godigest.Digest, mediaType string) (image.Image, error) { - num := 100 - - conf, layers, manifest, err := GetRandomImageComponents(num) - if err != nil { - return image.Image{}, err - } - - manifest.Subject = &ispec.Descriptor{ - Digest: subjectDigest, - MediaType: mediaType, - } - - return image.Image{ - Manifest: manifest, - Config: conf, - Layers: layers, - }, nil -} - -func ReadLogFileAndSearchString(logPath string, stringToMatch string, timeout time.Duration) (bool, error) { - ctx, cancelFunc := context.WithTimeout(context.Background(), timeout) - defer cancelFunc() - - for { - select { - case <-ctx.Done(): - return false, nil - default: - content, err := os.ReadFile(logPath) - if err != nil { - return false, err - } - - if strings.Contains(string(content), stringToMatch) { - return true, nil - } - } - } -} - -func ReadLogFileAndCountStringOccurence(logPath string, stringToMatch string, - timeout time.Duration, count int, -) (bool, error) { - ctx, cancelFunc := context.WithTimeout(context.Background(), timeout) - defer cancelFunc() - - for { - select { - case <-ctx.Done(): - return false, nil - default: - content, err := os.ReadFile(logPath) - if err != nil { - return false, err - } - - if strings.Count(string(content), stringToMatch) >= count { - return true, nil - } - } - } -} - -func CopyFile(sourceFilePath, destFilePath string) error { - destFile, err := os.Create(destFilePath) - if err != nil { - return err - } - defer destFile.Close() - - sourceFile, err := os.Open(sourceFilePath) - if err != nil { - return err - } - defer sourceFile.Close() - - if _, err = io.Copy(destFile, sourceFile); err != nil { - return err - } - - return nil -} - -func LoadNotationPath(tdir string) { - dir.UserConfigDir = filepath.Join(tdir, "notation") - - // set user libexec - dir.UserLibexecDir = dir.UserConfigDir -} - -func GenerateNotationCerts(tdir string, certName string) error { - // generate RSA private key - bits := 2048 - - key, err := rsa.GenerateKey(rand.Reader, bits) - if err != nil { - return err - } - - keyBytes, err := x509.MarshalPKCS8PrivateKey(key) - if err != nil { - return err - } - - keyPEM := pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: keyBytes}) - - rsaCertTuple := testhelper.GetRSASelfSignedCertTupleWithPK(key, "cert") - - certBytes := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: rsaCertTuple.Cert.Raw}) - - // write private key - relativeKeyPath, relativeCertPath := dir.LocalKeyPath(certName) - - configFS := dir.ConfigFS() - - keyPath, err := configFS.SysPath(relativeKeyPath) - if err != nil { - return err - } - - certPath, err := configFS.SysPath(relativeCertPath) - if err != nil { - return err - } - - if err := WriteFileWithPermission(keyPath, keyPEM, 0o600, false); err != nil { //nolint:gomnd - return fmt.Errorf("failed to write key file: %w", err) - } - - // write self-signed certificate - if err := WriteFileWithPermission(certPath, certBytes, 0o644, false); err != nil { //nolint:gomnd - return fmt.Errorf("failed to write certificate file: %w", err) - } - - signingKeys, err := notconfig.LoadSigningKeys() - if err != nil { - return err - } - - keySuite := notconfig.KeySuite{ - Name: certName, - X509KeyPair: ¬config.X509KeyPair{ - KeyPath: keyPath, - CertificatePath: certPath, - }, - } - - // addKeyToSigningKeys - if Contains(signingKeys.Keys, keySuite.Name) { - return ErrAlreadyExists - } - - signingKeys.Keys = append(signingKeys.Keys, keySuite) - - // Add to the trust store - trustStorePath := path.Join(tdir, fmt.Sprintf("notation/truststore/x509/ca/%s", certName)) - - if _, err := os.Stat(filepath.Join(trustStorePath, filepath.Base(certPath))); err == nil { - return ErrAlreadyExists - } - - if err := os.MkdirAll(trustStorePath, 0o755); err != nil { //nolint:gomnd - return fmt.Errorf("GenerateNotationCerts os.MkdirAll failed: %w", err) - } - - trustCertPath := path.Join(trustStorePath, fmt.Sprintf("%s%s", certName, dir.LocalCertificateExtension)) - - err = CopyFile(certPath, trustCertPath) - if err != nil { - return err - } - - // Save to the SigningKeys.json - if err := signingKeys.Save(); err != nil { - return err - } - - return nil -} - -func SignWithNotation(keyName string, reference string, tdir string) error { - ctx := context.TODO() - - // getSigner - var newSigner notation.Signer - - mediaType := jws.MediaTypeEnvelope - - // ResolveKey - signingKeys, err := LoadNotationSigningkeys(tdir) - if err != nil { - return err - } - - idx := Index(signingKeys.Keys, keyName) - if idx < 0 { - return ErrKeyNotFound - } - - key := signingKeys.Keys[idx] - - if key.X509KeyPair != nil { - newSigner, err = signer.NewFromFiles(key.X509KeyPair.KeyPath, key.X509KeyPair.CertificatePath) - if err != nil { - return err - } - } - - // prepareSigningContent - // getRepositoryClient - authClient := &auth.Client{ - Credential: func(ctx context.Context, reg string) (auth.Credential, error) { - return auth.EmptyCredential, nil - }, - Cache: auth.NewCache(), - ClientID: "notation", - } - - authClient.SetUserAgent("notation/zot_tests") - - plainHTTP := true - - // Resolve referance - ref, err := registry.ParseReference(reference) - if err != nil { - return err - } - - remoteRepo := &remote.Repository{ - Client: authClient, - Reference: ref, - PlainHTTP: plainHTTP, - } - - repositoryOpts := notreg.RepositoryOptions{} - - sigRepo := notreg.NewRepositoryWithOptions(remoteRepo, repositoryOpts) - - sigOpts := notation.SignOptions{ - SignerSignOptions: notation.SignerSignOptions{ - SignatureMediaType: mediaType, - PluginConfig: map[string]string{}, - }, - ArtifactReference: ref.String(), - } - - _, err = notation.Sign(ctx, newSigner, sigRepo, sigOpts) - if err != nil { - return err - } - - return nil -} - -func VerifyWithNotation(reference string, tdir string) error { - // check if trustpolicy.json exists - trustpolicyPath := path.Join(tdir, "notation/trustpolicy.json") - - if _, err := os.Stat(trustpolicyPath); errors.Is(err, os.ErrNotExist) { - trustPolicy := ` - { - "version": "1.0", - "trustPolicies": [ - { - "name": "good", - "registryScopes": [ "*" ], - "signatureVerification": { - "level" : "audit" - }, - "trustStores": ["ca:good"], - "trustedIdentities": [ - "*" - ] - } - ] - }` - - file, err := os.Create(trustpolicyPath) - if err != nil { - return err - } - - defer file.Close() - - _, err = file.WriteString(trustPolicy) - if err != nil { - return err - } - } - - // start verifying signatures - ctx := context.TODO() - - // getRepositoryClient - authClient := &auth.Client{ - Credential: func(ctx context.Context, reg string) (auth.Credential, error) { - return auth.EmptyCredential, nil - }, - Cache: auth.NewCache(), - ClientID: "notation", - } - - authClient.SetUserAgent("notation/zot_tests") - - plainHTTP := true - - // Resolve referance - ref, err := registry.ParseReference(reference) - if err != nil { - return err - } - - remoteRepo := &remote.Repository{ - Client: authClient, - Reference: ref, - PlainHTTP: plainHTTP, - } - - repositoryOpts := notreg.RepositoryOptions{} - - repo := notreg.NewRepositoryWithOptions(remoteRepo, repositoryOpts) - - manifestDesc, err := repo.Resolve(ctx, ref.Reference) - if err != nil { - return err - } - - if err := ref.ValidateReferenceAsDigest(); err != nil { - ref.Reference = manifestDesc.Digest.String() - } - - // getVerifier - newVerifier, err := verifier.NewFromConfig() - if err != nil { - return err - } - - remoteRepo = &remote.Repository{ - Client: authClient, - Reference: ref, - PlainHTTP: plainHTTP, - } - - repo = notreg.NewRepositoryWithOptions(remoteRepo, repositoryOpts) - - configs := map[string]string{} - - verifyOpts := notation.VerifyOptions{ - ArtifactReference: ref.String(), - PluginConfig: configs, - MaxSignatureAttempts: math.MaxInt64, - } - - _, outcomes, err := notation.Verify(ctx, newVerifier, repo, verifyOpts) - if err != nil || len(outcomes) == 0 { - return ErrSignatureVerification - } - - return nil -} - -func ListNotarySignatures(reference string, tdir string) ([]godigest.Digest, error) { - signatures := []godigest.Digest{} - - ctx := context.TODO() - - // getSignatureRepository - ref, err := registry.ParseReference(reference) - if err != nil { - return signatures, err - } - - plainHTTP := true - - // getRepositoryClient - authClient := &auth.Client{ - Credential: func(ctx context.Context, registry string) (auth.Credential, error) { - return auth.EmptyCredential, nil - }, - Cache: auth.NewCache(), - ClientID: "notation", - } - - authClient.SetUserAgent("notation/zot_tests") - - remoteRepo := &remote.Repository{ - Client: authClient, - Reference: ref, - PlainHTTP: plainHTTP, - } - - sigRepo := notreg.NewRepository(remoteRepo) - - artifactDesc, err := sigRepo.Resolve(ctx, reference) - if err != nil { - return signatures, err - } - - err = sigRepo.ListSignatures(ctx, artifactDesc, func(signatureManifests []ispec.Descriptor) error { - for _, sigManifestDesc := range signatureManifests { - signatures = append(signatures, sigManifestDesc.Digest) - } - - return nil - }) - - return signatures, err -} - -func LoadNotationSigningkeys(tdir string) (*notconfig.SigningKeys, error) { - var err error - - var signingKeysInfo *notconfig.SigningKeys - - filePath := path.Join(tdir, "notation/signingkeys.json") - - file, err := os.Open(filePath) - if err != nil { - if errors.Is(err, fs.ErrNotExist) { - // create file - newSigningKeys := notconfig.NewSigningKeys() - - newFile, err := os.Create(filePath) - if err != nil { - return newSigningKeys, err - } - - defer newFile.Close() - - encoder := json.NewEncoder(newFile) - encoder.SetIndent("", " ") - - err = encoder.Encode(newSigningKeys) - - return newSigningKeys, err - } - - return nil, err - } - - defer file.Close() - - err = json.NewDecoder(file).Decode(&signingKeysInfo) - - return signingKeysInfo, err -} - -func LoadNotationConfig(tdir string) (*notconfig.Config, error) { - var configInfo *notconfig.Config - - filePath := path.Join(tdir, "notation/signingkeys.json") - - file, err := os.Open(filePath) - if err != nil { - return configInfo, err - } - - defer file.Close() - - err = json.NewDecoder(file).Decode(&configInfo) - if err != nil { - return configInfo, err - } - - // set default value - configInfo.SignatureFormat = strings.ToLower(configInfo.SignatureFormat) - if configInfo.SignatureFormat == "" { - configInfo.SignatureFormat = "jws" - } - - return configInfo, nil -} - -func WriteFileWithPermission(path string, data []byte, perm fs.FileMode, overwrite bool) error { - if err := os.MkdirAll(filepath.Dir(path), os.ModePerm); err != nil { - return err - } - flag := os.O_WRONLY | os.O_CREATE - - if overwrite { - flag |= os.O_TRUNC - } else { - flag |= os.O_EXCL - } - - file, err := os.OpenFile(path, flag, perm) - if err != nil { - return err - } - - _, err = file.Write(data) - if err != nil { - file.Close() - - return err - } - - return file.Close() -} - -func IsDigestReference(ref string) bool { - parts := strings.SplitN(ref, "/", 2) //nolint:gomnd - if len(parts) == 1 { - return false - } - - index := strings.Index(parts[1], "@") - - return index != -1 -} - -type isser interface { - Is(string) bool -} - -// Index returns the index of the first occurrence of name in s, -// or -1 if not present. -func Index[E isser](s []E, name string) int { - for i, v := range s { - if v.Is(name) { - return i - } - } - - return -1 -} - -// Contains reports whether name is present in s. -func Contains[E isser](s []E, name string) bool { - return Index(s, name) >= 0 -} - -func SignImageUsingCosign(repoTag, port string) error { - cwd, err := os.Getwd() - if err != nil { - return err - } - - defer func() { _ = os.Chdir(cwd) }() - - tdir, err := os.MkdirTemp("", "cosign") - if err != nil { - return err - } - - defer os.RemoveAll(tdir) - - _ = os.Chdir(tdir) - - // generate a keypair - os.Setenv("COSIGN_PASSWORD", "") - - err = generate.GenerateKeyPairCmd(context.TODO(), "", "cosign", nil) - if err != nil { - return err - } - - imageURL := fmt.Sprintf("localhost:%s/%s", port, repoTag) - - const timeoutPeriod = 5 - - // sign the image - return sign.SignCmd(&options.RootOptions{Verbose: true, Timeout: timeoutPeriod * time.Minute}, - options.KeyOpts{KeyRef: path.Join(tdir, "cosign.key"), PassFunc: generate.GetPass}, - options.SignOptions{ - Registry: options.RegistryOptions{AllowInsecure: true}, - AnnotationOptions: options.AnnotationOptions{Annotations: []string{"tag=1.0"}}, - Upload: true, - }, - []string{imageURL}) -} - -func SignImageUsingNotary(repoTag, port string) error { - cwd, err := os.Getwd() - if err != nil { - return err - } - - defer func() { _ = os.Chdir(cwd) }() - - tdir, err := os.MkdirTemp("", "notation") - if err != nil { - return err - } - - defer os.RemoveAll(tdir) - - _ = os.Chdir(tdir) - - NotationPathLock.Lock() - defer NotationPathLock.Unlock() - - LoadNotationPath(tdir) - - // generate a keypair - err = GenerateNotationCerts(tdir, "notation-sign-test") - if err != nil { - return err - } - - // sign the image - image := fmt.Sprintf("localhost:%s/%s", port, repoTag) - - err = SignWithNotation("notation-sign-test", image, tdir) - - return err -} - -// Deprecated: Should use the new functions starting with "Create". -func GetRandomMultiarchImageComponents() (ispec.Index, []image.Image, error) { - const layerSize = 100 - - randomLayer1 := make([]byte, layerSize) - - _, err := rand.Read(randomLayer1) - if err != nil { - return ispec.Index{}, []image.Image{}, err - } - - image1, err := GetImageWithComponents( - ispec.Image{ - Platform: ispec.Platform{ - OS: "linux", - Architecture: "amd64", - }, - }, - [][]byte{ - randomLayer1, - }) - if err != nil { - return ispec.Index{}, []image.Image{}, err - } - - randomLayer2 := make([]byte, layerSize) - - _, err = rand.Read(randomLayer2) - if err != nil { - return ispec.Index{}, []image.Image{}, err - } - - image2, err := GetImageWithComponents( - ispec.Image{ - Platform: ispec.Platform{ - OS: "linux", - Architecture: "386", - }, - }, - [][]byte{ - randomLayer2, - }) - if err != nil { - return ispec.Index{}, []image.Image{}, err - } - - randomLayer3 := make([]byte, layerSize) - - _, err = rand.Read(randomLayer3) - if err != nil { - return ispec.Index{}, []image.Image{}, err - } - - image3, err := GetImageWithComponents( - ispec.Image{ - Platform: ispec.Platform{ - OS: "windows", - Architecture: "amd64", - }, - }, - [][]byte{ - randomLayer3, - }) - if err != nil { - return ispec.Index{}, []image.Image{}, err - } - - index := ispec.Index{ - MediaType: ispec.MediaTypeImageIndex, - Manifests: []ispec.Descriptor{ - { - MediaType: ispec.MediaTypeImageManifest, - Digest: getManifestDigest(image1.Manifest), - Size: getManifestSize(image1.Manifest), - }, - { - MediaType: ispec.MediaTypeImageManifest, - Digest: getManifestDigest(image2.Manifest), - Size: getManifestSize(image2.Manifest), - }, - { - MediaType: ispec.MediaTypeImageManifest, - Digest: getManifestDigest(image3.Manifest), - Size: getManifestSize(image3.Manifest), - }, - }, - } - - return index, []image.Image{image1, image2, image3}, nil -} - -// Deprecated: Should use the new functions starting with "Create". -func GetRandomMultiarchImage(reference string) (image.MultiarchImage, error) { - index, images, err := GetRandomMultiarchImageComponents() - if err != nil { - return image.MultiarchImage{}, err - } - - index.SchemaVersion = 2 - - return image.MultiarchImage{ - Index: index, Images: images, Reference: reference, - }, err -} - -// Deprecated: Should use the new functions starting with "Create". -func GetMultiarchImageForImages(images []image.Image) image.MultiarchImage { - var index ispec.Index - - for _, image := range images { - index.Manifests = append(index.Manifests, ispec.Descriptor{ - MediaType: ispec.MediaTypeImageManifest, - Digest: getManifestDigest(image.Manifest), - Size: getManifestSize(image.Manifest), - }) - } - - index.SchemaVersion = 2 - - return image.MultiarchImage{Index: index, Images: images} -} - -func getManifestSize(manifest ispec.Manifest) int64 { - manifestBlob, err := json.Marshal(manifest) - if err != nil { - return 0 - } - - return int64(len(manifestBlob)) -} - -func getManifestDigest(manifest ispec.Manifest) godigest.Digest { - manifestBlob, err := json.Marshal(manifest) - if err != nil { - return "" - } - - return godigest.FromBytes(manifestBlob) -} - -func GetIndexBlobWithManifests(manifestDigests []godigest.Digest) ([]byte, error) { - manifests := make([]ispec.Descriptor, 0, len(manifestDigests)) - - for _, manifestDigest := range manifestDigests { - manifests = append(manifests, ispec.Descriptor{ - Digest: manifestDigest, - MediaType: ispec.MediaTypeImageManifest, - }) - } - - indexContent := ispec.Index{ - MediaType: ispec.MediaTypeImageIndex, - Manifests: manifests, - } - - return json.Marshal(indexContent) -} - -func MockOIDCRun() (*mockoidc.MockOIDC, error) { - // Create a fresh RSA Private Key for token signing - rsaKey, _ := rsa.GenerateKey(rand.Reader, 2048) //nolint: gomnd - - // Create an unstarted MockOIDC server - mockServer, _ := mockoidc.NewServer(rsaKey) - - // Create the net.Listener, kernel will chose a valid port - listener, _ := net.Listen("tcp", "127.0.0.1:0") - - bearerMiddleware := func(next http.Handler) http.Handler { - return http.HandlerFunc(func(response http.ResponseWriter, req *http.Request) { - // stateVal := req.Form.Get("state") - header := req.Header.Get("Authorization") - parts := strings.SplitN(header, " ", 2) //nolint: gomnd - if header != "" { - if strings.ToLower(parts[0]) == "bearer" { - req.Header.Set("Authorization", strings.Join([]string{"Bearer", parts[1]}, " ")) - } - } - - next.ServeHTTP(response, req) - }) - } - - err := mockServer.AddMiddleware(bearerMiddleware) - if err != nil { - return mockServer, err - } - // tlsConfig can be nil if you want HTTP - return mockServer, mockServer.Start(listener, nil) -} - -func CustomRedirectPolicy(noOfRedirect int) resty.RedirectPolicy { - return resty.RedirectPolicyFunc(func(req *http.Request, via []*http.Request) error { - if len(via) >= noOfRedirect { - return fmt.Errorf("stopped after %d redirects", noOfRedirect) //nolint: goerr113 - } - - for key, val := range via[len(via)-1].Header { - req.Header[key] = val - } - - respCookies := req.Response.Cookies() - for _, cookie := range respCookies { - req.AddCookie(cookie) - } - - return nil - }) -} - -func GetDefaultImageStore(rootDir string, log zLog.Logger) stypes.ImageStore { - return local.NewImageStore(rootDir, false, false, log, - monitoring.NewMetricsServer(false, log), - mocks.MockedLint{ - LintFn: func(repo string, manifestDigest godigest.Digest, imageStore stypes.ImageStore) (bool, error) { - return true, nil - }, - }, - mocks.CacheMock{}, - ) -} - -func GetDefaultStoreController(rootDir string, log zLog.Logger) storage.StoreController { - return storage.StoreController{ - DefaultStore: GetDefaultImageStore(rootDir, log), - } -} - -func RemoveLocalStorageContents(imageStore stypes.ImageStore) error { - repos, err := imageStore.GetRepositories() - if err != nil { - return err - } - - for _, repo := range repos { - // take just the first path - err = os.RemoveAll(filepath.Join(imageStore.RootDir(), filepath.SplitList(repo)[0])) - if err != nil { - return err - } - } - - return nil -} diff --git a/pkg/test/common/fs.go b/pkg/test/common/fs.go new file mode 100644 index 000000000..7319b1abf --- /dev/null +++ b/pkg/test/common/fs.go @@ -0,0 +1,246 @@ +package common + +import ( + "context" + "errors" + "fmt" + "io" + "io/fs" + "os" + "path" + "path/filepath" + "strings" + "time" + + "golang.org/x/crypto/bcrypt" +) + +var ErrNoGoModFileFound = errors.New("test: no go.mod file found in parent directories") + +func GetProjectRootDir() (string, error) { + workDir, err := os.Getwd() + if err != nil { + return "", err + } + + for { + goModPath := filepath.Join(workDir, "go.mod") + + _, err := os.Stat(goModPath) + if err == nil { + return workDir, nil + } + + if workDir == filepath.Dir(workDir) { + return "", ErrNoGoModFileFound + } + + workDir = filepath.Dir(workDir) + } +} + +func CopyFile(sourceFilePath, destFilePath string) error { + destFile, err := os.Create(destFilePath) + if err != nil { + return err + } + defer destFile.Close() + + sourceFile, err := os.Open(sourceFilePath) + if err != nil { + return err + } + defer sourceFile.Close() + + if _, err = io.Copy(destFile, sourceFile); err != nil { + return err + } + + return nil +} + +func CopyFiles(sourceDir, destDir string) error { + sourceMeta, err := os.Stat(sourceDir) + if err != nil { + return fmt.Errorf("CopyFiles os.Stat failed: %w", err) + } + + if err := os.MkdirAll(destDir, sourceMeta.Mode()); err != nil { + return fmt.Errorf("CopyFiles os.MkdirAll failed: %w", err) + } + + files, err := os.ReadDir(sourceDir) + if err != nil { + return fmt.Errorf("CopyFiles os.ReadDir failed: %w", err) + } + + for _, file := range files { + sourceFilePath := path.Join(sourceDir, file.Name()) + destFilePath := path.Join(destDir, file.Name()) + + if file.IsDir() { + if strings.HasPrefix(file.Name(), "_") { + // Some tests create the trivy related folders under test/_trivy + continue + } + + if err = CopyFiles(sourceFilePath, destFilePath); err != nil { + return err + } + } else { + sourceFile, err := os.Open(sourceFilePath) + if err != nil { + return fmt.Errorf("CopyFiles os.Open failed: %w", err) + } + defer sourceFile.Close() + + destFile, err := os.Create(destFilePath) + if err != nil { + return fmt.Errorf("CopyFiles os.Create failed: %w", err) + } + defer destFile.Close() + + if _, err = io.Copy(destFile, sourceFile); err != nil { + return fmt.Errorf("io.Copy failed: %w", err) + } + } + } + + return nil +} + +func CopyTestKeysAndCerts(destDir string) error { + files := []string{ + "ca.crt", "ca.key", "client.cert", "client.csr", + "client.key", "server.cert", "server.csr", "server.key", + } + + rootPath, err := GetProjectRootDir() + if err != nil { + return err + } + + sourceDir := filepath.Join(rootPath, "test/data") + + sourceMeta, err := os.Stat(sourceDir) + if err != nil { + return fmt.Errorf("CopyFiles os.Stat failed: %w", err) + } + + if err := os.MkdirAll(destDir, sourceMeta.Mode()); err != nil { + return err + } + + for _, file := range files { + err = CopyFile(filepath.Join(sourceDir, file), filepath.Join(destDir, file)) + if err != nil { + return err + } + } + + return nil +} + +func WriteFileWithPermission(path string, data []byte, perm fs.FileMode, overwrite bool) error { + if err := os.MkdirAll(filepath.Dir(path), os.ModePerm); err != nil { + return err + } + flag := os.O_WRONLY | os.O_CREATE + + if overwrite { + flag |= os.O_TRUNC + } else { + flag |= os.O_EXCL + } + + file, err := os.OpenFile(path, flag, perm) + if err != nil { + return err + } + + _, err = file.Write(data) + if err != nil { + file.Close() + + return err + } + + return file.Close() +} + +func ReadLogFileAndSearchString(logPath string, stringToMatch string, timeout time.Duration) (bool, error) { + ctx, cancelFunc := context.WithTimeout(context.Background(), timeout) + defer cancelFunc() + + for { + select { + case <-ctx.Done(): + return false, nil + default: + content, err := os.ReadFile(logPath) + if err != nil { + return false, err + } + + if strings.Contains(string(content), stringToMatch) { + return true, nil + } + } + } +} + +func ReadLogFileAndCountStringOccurence(logPath string, stringToMatch string, + timeout time.Duration, count int, +) (bool, error) { + ctx, cancelFunc := context.WithTimeout(context.Background(), timeout) + defer cancelFunc() + + for { + select { + case <-ctx.Done(): + return false, nil + default: + content, err := os.ReadFile(logPath) + if err != nil { + return false, err + } + + if strings.Count(string(content), stringToMatch) >= count { + return true, nil + } + } + } +} + +func MakeHtpasswdFile() string { + // bcrypt(username="test", passwd="test") + content := "test:$2y$05$hlbSXDp6hzDLu6VwACS39ORvVRpr3OMR4RlJ31jtlaOEGnPjKZI1m\n" + + return MakeHtpasswdFileFromString(content) +} + +func GetCredString(username, password string) string { + hash, err := bcrypt.GenerateFromPassword([]byte(password), 10) + if err != nil { + panic(err) + } + + usernameAndHash := fmt.Sprintf("%s:%s", username, string(hash)) + + return usernameAndHash +} + +func MakeHtpasswdFileFromString(fileContent string) string { + htpasswdFile, err := os.CreateTemp("", "htpasswd-") + if err != nil { + panic(err) + } + + // bcrypt(username="test", passwd="test") + content := []byte(fileContent) + if err := os.WriteFile(htpasswdFile.Name(), content, 0o600); err != nil { //nolint:gomnd + panic(err) + } + + return htpasswdFile.Name() +} diff --git a/pkg/test/common/fs_test.go b/pkg/test/common/fs_test.go new file mode 100644 index 000000000..01a0e4fe0 --- /dev/null +++ b/pkg/test/common/fs_test.go @@ -0,0 +1,219 @@ +package common_test + +import ( + "encoding/json" + "errors" + "os" + "path" + "path/filepath" + "testing" + "time" + + ispec "github.com/opencontainers/image-spec/specs-go/v1" + . "github.com/smartystreets/goconvey/convey" + + tcommon "zotregistry.io/zot/pkg/test/common" +) + +var ErrTestError = errors.New("ErrTestError") + +func TestCopyFiles(t *testing.T) { + Convey("sourceDir does not exist", t, func() { + err := tcommon.CopyFiles("/path/to/some/unexisting/directory", os.TempDir()) + So(err, ShouldNotBeNil) + }) + Convey("destDir is a file", t, func() { + dir := t.TempDir() + + err := tcommon.CopyFiles("../../../test/data", dir) + So(err, ShouldBeNil) + + err = tcommon.CopyFiles(dir, "/etc/passwd") + So(err, ShouldNotBeNil) + }) + Convey("sourceDir does not have read permissions", t, func() { + dir := t.TempDir() + + err := os.Chmod(dir, 0o300) + So(err, ShouldBeNil) + + err = tcommon.CopyFiles(dir, os.TempDir()) + So(err, ShouldNotBeNil) + }) + Convey("sourceDir has a subfolder that does not have read permissions", t, func() { + dir := t.TempDir() + + sdir := "subdir" + err := os.Mkdir(path.Join(dir, sdir), 0o300) + So(err, ShouldBeNil) + + err = tcommon.CopyFiles(dir, os.TempDir()) + So(err, ShouldNotBeNil) + }) + Convey("sourceDir has a file that does not have read permissions", t, func() { + dir := t.TempDir() + + filePath := path.Join(dir, "file.txt") + err := os.WriteFile(filePath, []byte("some dummy file content"), 0o644) //nolint: gosec + if err != nil { + panic(err) + } + + err = os.Chmod(filePath, 0o300) + So(err, ShouldBeNil) + + err = tcommon.CopyFiles(dir, os.TempDir()) + So(err, ShouldNotBeNil) + }) + Convey("sourceDir contains a folder starting with invalid characters", t, func() { + srcDir := t.TempDir() + dstDir := t.TempDir() + + err := os.MkdirAll(path.Join(srcDir, "_trivy", "db"), 0o755) + if err != nil { + panic(err) + } + + err = os.MkdirAll(path.Join(srcDir, "test-index"), 0o755) + if err != nil { + panic(err) + } + + filePathTrivy := path.Join(srcDir, "_trivy", "db", "trivy.db") + err = os.WriteFile(filePathTrivy, []byte("some dummy file content"), 0o644) //nolint: gosec + if err != nil { + panic(err) + } + + var index ispec.Index + content, err := json.Marshal(index) + if err != nil { + panic(err) + } + + err = os.WriteFile(path.Join(srcDir, "test-index", "index.json"), content, 0o644) //nolint: gosec + if err != nil { + panic(err) + } + + err = tcommon.CopyFiles(srcDir, dstDir) + So(err, ShouldBeNil) + + _, err = os.Stat(path.Join(dstDir, "_trivy", "db", "trivy.db")) + So(err, ShouldNotBeNil) + So(os.IsNotExist(err), ShouldBeTrue) + + _, err = os.Stat(path.Join(dstDir, "test-index", "index.json")) + So(err, ShouldBeNil) + }) +} + +func TestCopyFile(t *testing.T) { + Convey("destFilePath does not exist", t, func() { + err := tcommon.CopyFile("/path/to/srcFile", "~/path/to/some/unexisting/destDir/file") + So(err, ShouldNotBeNil) + }) + + Convey("sourceFile does not exist", t, func() { + err := tcommon.CopyFile("/path/to/some/unexisting/file", path.Join(t.TempDir(), "destFile.txt")) + So(err, ShouldNotBeNil) + }) +} + +func TestReadLogFileAndSearchString(t *testing.T) { + logFile, err := os.CreateTemp(t.TempDir(), "zot-log*.txt") + if err != nil { + panic(err) + } + + logPath := logFile.Name() + defer os.Remove(logPath) + + Convey("Invalid path", t, func() { + _, err = tcommon.ReadLogFileAndSearchString("invalidPath", + "DB update completed, next update scheduled", 1*time.Second) + So(err, ShouldNotBeNil) + }) + + Convey("Time too short", t, func() { + ok, err := tcommon.ReadLogFileAndSearchString(logPath, "invalid string", time.Microsecond) + So(err, ShouldBeNil) + So(ok, ShouldBeFalse) + }) +} + +func TestReadLogFileAndCountStringOccurence(t *testing.T) { + logFile, err := os.CreateTemp(t.TempDir(), "zot-log*.txt") + if err != nil { + panic(err) + } + + _, err = logFile.Write([]byte("line1\n line2\n line3 line1 line2\n line1")) + if err != nil { + panic(err) + } + + logPath := logFile.Name() + defer os.Remove(logPath) + + Convey("Invalid path", t, func() { + _, err = tcommon.ReadLogFileAndCountStringOccurence("invalidPath", + "DB update completed, next update scheduled", 1*time.Second, 1) + So(err, ShouldNotBeNil) + }) + + Convey("Time too short", t, func() { + ok, err := tcommon.ReadLogFileAndCountStringOccurence(logPath, "invalid string", time.Microsecond, 1) + So(err, ShouldBeNil) + So(ok, ShouldBeFalse) + }) + + Convey("Count occurrence working", t, func() { + ok, err := tcommon.ReadLogFileAndCountStringOccurence(logPath, "line1", 90*time.Second, 3) + So(err, ShouldBeNil) + So(ok, ShouldBeTrue) + }) +} + +func TestCopyTestKeysAndCerts(t *testing.T) { + Convey("CopyTestKeysAndCerts", t, func() { + // ------- Make test files unreadable ------- + dir := t.TempDir() + file := filepath.Join(dir, "ca.crt") + + _, err := os.Create(file) + So(err, ShouldBeNil) + + err = os.Chmod(file, 0o000) + So(err, ShouldBeNil) + + err = tcommon.CopyTestKeysAndCerts(dir) + So(err, ShouldNotBeNil) + + err = os.Chmod(file, 0o777) + So(err, ShouldBeNil) + + // ------- Copy fails ------- + + err = os.Chmod(dir, 0o000) + So(err, ShouldBeNil) + + err = tcommon.CopyTestKeysAndCerts(file) + So(err, ShouldNotBeNil) + + err = os.Chmod(dir, 0o777) + So(err, ShouldBeNil) + + // ------- Folder creation fails ------- + + file = filepath.Join(dir, "a-file.file") + _, err = os.Create(file) + So(err, ShouldBeNil) + + _, err = os.Stat(file) + So(err, ShouldBeNil) + + err = tcommon.CopyTestKeysAndCerts(file) + So(err, ShouldNotBeNil) + }) +} diff --git a/pkg/test/common/utils.go b/pkg/test/common/utils.go index 863ada5a0..43c6102ae 100644 --- a/pkg/test/common/utils.go +++ b/pkg/test/common/utils.go @@ -1,15 +1,45 @@ package common import ( + "context" "errors" + "fmt" + "net/http" "net/url" "os" - "path/filepath" + "path" + "time" + "github.com/phayes/freeport" "gopkg.in/resty.v1" ) -var ErrNoGoModFileFound = errors.New("test: no go.mod file found in parent directories") +const ( + BaseURL = "http://127.0.0.1:%s" + BaseSecureURL = "https://127.0.0.1:%s" + SleepTime = 100 * time.Millisecond +) + +type isser interface { + Is(string) bool +} + +// Index returns the index of the first occurrence of name in s, +// or -1 if not present. +func Index[E isser](s []E, name string) int { + for i, v := range s { + if v.Is(name) { + return i + } + } + + return -1 +} + +// Contains reports whether name is present in s. +func Contains[E isser](s []E, name string) bool { + return Index(s, name) >= 0 +} func Location(baseURL string, resp *resty.Response) string { // For some API responses, the Location header is set and is supposed to @@ -29,24 +59,121 @@ func Location(baseURL string, resp *resty.Response) string { return baseURL + path } -func GetProjectRootDir() (string, error) { - workDir, err := os.Getwd() - if err != nil { - return "", err +type Controller interface { + Init(ctx context.Context) error + Run(ctx context.Context) error + Shutdown() + GetPort() int +} + +type ControllerManager struct { + controller Controller + // used to stop background tasks(goroutines) + cancelRoutinesFunc context.CancelFunc +} + +func (cm *ControllerManager) RunServer(ctx context.Context) { + // Useful to be able to call in the same goroutine for testing purposes + if err := cm.controller.Run(ctx); !errors.Is(err, http.ErrServerClosed) { + panic(err) } +} - for { - goModPath := filepath.Join(workDir, "go.mod") +func (cm *ControllerManager) StartServer() { + ctx, cancel := context.WithCancel(context.Background()) + cm.cancelRoutinesFunc = cancel + + if err := cm.controller.Init(ctx); err != nil { + panic(err) + } + + go func() { + cm.RunServer(ctx) + }() +} + +func (cm *ControllerManager) StopServer() { + // stop background tasks + if cm.cancelRoutinesFunc != nil { + cm.cancelRoutinesFunc() + } + + cm.controller.Shutdown() +} + +func (cm *ControllerManager) WaitServerToBeReady(port string) { + url := GetBaseURL(port) + WaitTillServerReady(url) +} + +func (cm *ControllerManager) StartAndWait(port string) { + cm.StartServer() - _, err := os.Stat(goModPath) + url := GetBaseURL(port) + WaitTillServerReady(url) +} + +func NewControllerManager(controller Controller) ControllerManager { + cm := ControllerManager{ + controller: controller, + } + + return cm +} + +func WaitTillServerReady(url string) { + for { + _, err := resty.R().Get(url) if err == nil { - return workDir, nil + break } - if workDir == filepath.Dir(workDir) { - return "", ErrNoGoModFileFound + time.Sleep(SleepTime) + } +} + +func WaitTillTrivyDBDownloadStarted(rootDir string) { + for { + if _, err := os.Stat(path.Join(rootDir, "_trivy", "db", "trivy.db")); err == nil { + break } - workDir = filepath.Dir(workDir) + time.Sleep(SleepTime) + } +} + +func GetFreePort() string { + port, err := freeport.GetFreePort() + if err != nil { + panic(err) } + + return fmt.Sprint(port) +} + +func GetBaseURL(port string) string { + return fmt.Sprintf(BaseURL, port) +} + +func GetSecureBaseURL(port string) string { + return fmt.Sprintf(BaseSecureURL, port) +} + +func CustomRedirectPolicy(noOfRedirect int) resty.RedirectPolicy { + return resty.RedirectPolicyFunc(func(req *http.Request, via []*http.Request) error { + if len(via) >= noOfRedirect { + return fmt.Errorf("stopped after %d redirects", noOfRedirect) //nolint: goerr113 + } + + for key, val := range via[len(via)-1].Header { + req.Header[key] = val + } + + respCookies := req.Response.Cookies() + for _, cookie := range respCookies { + req.AddCookie(cookie) + } + + return nil + }) } diff --git a/pkg/test/common/utils_test.go b/pkg/test/common/utils_test.go new file mode 100644 index 000000000..f9e485b85 --- /dev/null +++ b/pkg/test/common/utils_test.go @@ -0,0 +1,63 @@ +package common_test + +import ( + "context" + "os" + "path" + "testing" + "time" + + . "github.com/smartystreets/goconvey/convey" + + "zotregistry.io/zot/pkg/api" + "zotregistry.io/zot/pkg/api/config" + tcommon "zotregistry.io/zot/pkg/test/common" +) + +func TestWaitTillTrivyDBDownloadStarted(t *testing.T) { + Convey("finishes successfully", t, func() { + tempDir := t.TempDir() + go func() { + tcommon.WaitTillTrivyDBDownloadStarted(tempDir) + }() + + time.Sleep(tcommon.SleepTime) + + _, err := os.Create(path.Join(tempDir, "trivy.db")) + So(err, ShouldBeNil) + }) +} + +func TestControllerManager(t *testing.T) { + Convey("Test StartServer Init() panic", t, func() { + port := tcommon.GetFreePort() + + conf := config.New() + conf.HTTP.Port = port + + ctlr := api.NewController(conf) + ctlrManager := tcommon.NewControllerManager(ctlr) + + // No storage configured + So(func() { ctlrManager.StartServer() }, ShouldPanic) + }) + + Convey("Test RunServer panic", t, func() { + tempDir := t.TempDir() + + // Invalid port + conf := config.New() + conf.HTTP.Port = "999999" + conf.Storage.RootDirectory = tempDir + + ctlr := api.NewController(conf) + ctlrManager := tcommon.NewControllerManager(ctlr) + + ctx := context.Background() + + err := ctlr.Init(ctx) + So(err, ShouldBeNil) + + So(func() { ctlrManager.RunServer(ctx) }, ShouldPanic) + }) +} diff --git a/pkg/test/common_test.go b/pkg/test/common_test.go deleted file mode 100644 index 9f827bd73..000000000 --- a/pkg/test/common_test.go +++ /dev/null @@ -1,849 +0,0 @@ -//go:build sync && scrub && metrics && search -// +build sync,scrub,metrics,search - -package test_test - -import ( - "context" - "encoding/json" - "errors" - "fmt" - "io" - "os" - "path" - "path/filepath" - "testing" - "time" - - notconfig "github.com/notaryproject/notation-go/config" - godigest "github.com/opencontainers/go-digest" - ispec "github.com/opencontainers/image-spec/specs-go/v1" - . "github.com/smartystreets/goconvey/convey" - - "zotregistry.io/zot/pkg/api" - "zotregistry.io/zot/pkg/api/config" - "zotregistry.io/zot/pkg/storage" - "zotregistry.io/zot/pkg/test" - . "zotregistry.io/zot/pkg/test/image-utils" - "zotregistry.io/zot/pkg/test/inject" - "zotregistry.io/zot/pkg/test/mocks" -) - -var ErrTestError = errors.New("ErrTestError") - -func TestCopyFiles(t *testing.T) { - Convey("sourceDir does not exist", t, func() { - err := test.CopyFiles("/path/to/some/unexisting/directory", os.TempDir()) - So(err, ShouldNotBeNil) - }) - Convey("destDir is a file", t, func() { - dir := t.TempDir() - - test.CopyTestFiles("../../test/data", dir) - - err := test.CopyFiles(dir, "/etc/passwd") - So(err, ShouldNotBeNil) - }) - Convey("sourceDir does not have read permissions", t, func() { - dir := t.TempDir() - - err := os.Chmod(dir, 0o300) - So(err, ShouldBeNil) - - err = test.CopyFiles(dir, os.TempDir()) - So(err, ShouldNotBeNil) - }) - Convey("sourceDir has a subfolder that does not have read permissions", t, func() { - dir := t.TempDir() - - sdir := "subdir" - err := os.Mkdir(path.Join(dir, sdir), 0o300) - So(err, ShouldBeNil) - - err = test.CopyFiles(dir, os.TempDir()) - So(err, ShouldNotBeNil) - }) - Convey("sourceDir has a file that does not have read permissions", t, func() { - dir := t.TempDir() - - filePath := path.Join(dir, "file.txt") - err := os.WriteFile(filePath, []byte("some dummy file content"), 0o644) //nolint: gosec - if err != nil { - panic(err) - } - - err = os.Chmod(filePath, 0o300) - So(err, ShouldBeNil) - - err = test.CopyFiles(dir, os.TempDir()) - So(err, ShouldNotBeNil) - }) - Convey("sourceDir contains a folder starting with invalid characters", t, func() { - srcDir := t.TempDir() - dstDir := t.TempDir() - - err := os.MkdirAll(path.Join(srcDir, "_trivy", "db"), 0o755) - if err != nil { - panic(err) - } - - err = os.MkdirAll(path.Join(srcDir, "test-index"), 0o755) - if err != nil { - panic(err) - } - - filePathTrivy := path.Join(srcDir, "_trivy", "db", "trivy.db") - err = os.WriteFile(filePathTrivy, []byte("some dummy file content"), 0o644) //nolint: gosec - if err != nil { - panic(err) - } - - var index ispec.Index - content, err := json.Marshal(index) - if err != nil { - panic(err) - } - - err = os.WriteFile(path.Join(srcDir, "test-index", "index.json"), content, 0o644) //nolint: gosec - if err != nil { - panic(err) - } - - err = test.CopyFiles(srcDir, dstDir) - So(err, ShouldBeNil) - - _, err = os.Stat(path.Join(dstDir, "_trivy", "db", "trivy.db")) - So(err, ShouldNotBeNil) - So(os.IsNotExist(err), ShouldBeTrue) - - _, err = os.Stat(path.Join(dstDir, "test-index", "index.json")) - So(err, ShouldBeNil) - }) - Convey("panic when sourceDir does not exist", t, func() { - So(func() { test.CopyTestFiles("/path/to/some/unexisting/directory", os.TempDir()) }, ShouldPanic) - }) -} - -func TestGetImageComponents(t *testing.T) { - Convey("Inject failures for unreachable lines", t, func() { - injected := inject.InjectFailure(0) - if injected { - _, _, _, err := test.GetImageComponents(100) - So(err, ShouldNotBeNil) - } - }) - Convey("finishes successfully", t, func() { - _, _, _, err := test.GetImageComponents(100) - So(err, ShouldBeNil) - }) -} - -func TestGetRandomImageComponents(t *testing.T) { - Convey("Inject failures for unreachable lines", t, func() { - injected := inject.InjectFailure(0) - if injected { - _, _, _, err := test.GetRandomImageComponents(100) - So(err, ShouldNotBeNil) - } - }) -} - -func TestGetImageComponentsWithConfig(t *testing.T) { - Convey("Inject failures for unreachable lines", t, func() { - injected := inject.InjectFailure(0) - if injected { - _, _, _, err := test.GetImageComponentsWithConfig(ispec.Image{}) - So(err, ShouldNotBeNil) - } - }) -} - -func TestWaitTillTrivyDBDownloadStarted(t *testing.T) { - Convey("finishes successfully", t, func() { - tempDir := t.TempDir() - go func() { - test.WaitTillTrivyDBDownloadStarted(tempDir) - }() - - time.Sleep(test.SleepTime) - - _, err := os.Create(path.Join(tempDir, "trivy.db")) - So(err, ShouldBeNil) - }) -} - -func TestControllerManager(t *testing.T) { - Convey("Test StartServer Init() panic", t, func() { - port := test.GetFreePort() - - conf := config.New() - conf.HTTP.Port = port - - ctlr := api.NewController(conf) - ctlrManager := test.NewControllerManager(ctlr) - - // No storage configured - So(func() { ctlrManager.StartServer() }, ShouldPanic) - }) - - Convey("Test RunServer panic", t, func() { - tempDir := t.TempDir() - - // Invalid port - conf := config.New() - conf.HTTP.Port = "999999" - conf.Storage.RootDirectory = tempDir - - ctlr := api.NewController(conf) - ctlrManager := test.NewControllerManager(ctlr) - - ctx := context.Background() - - err := ctlr.Init(ctx) - So(err, ShouldBeNil) - - So(func() { ctlrManager.RunServer(ctx) }, ShouldPanic) - }) -} - -func TestReadLogFileAndSearchString(t *testing.T) { - logFile, err := os.CreateTemp(t.TempDir(), "zot-log*.txt") - if err != nil { - panic(err) - } - - logPath := logFile.Name() - defer os.Remove(logPath) - - Convey("Invalid path", t, func() { - _, err = test.ReadLogFileAndSearchString("invalidPath", "DB update completed, next update scheduled", 1*time.Second) - So(err, ShouldNotBeNil) - }) - - Convey("Time too short", t, func() { - ok, err := test.ReadLogFileAndSearchString(logPath, "invalid string", time.Microsecond) - So(err, ShouldBeNil) - So(ok, ShouldBeFalse) - }) -} - -func TestReadLogFileAndCountStringOccurence(t *testing.T) { - logFile, err := os.CreateTemp(t.TempDir(), "zot-log*.txt") - if err != nil { - panic(err) - } - - _, err = logFile.Write([]byte("line1\n line2\n line3 line1 line2\n line1")) - if err != nil { - panic(err) - } - - logPath := logFile.Name() - defer os.Remove(logPath) - - Convey("Invalid path", t, func() { - _, err = test.ReadLogFileAndCountStringOccurence("invalidPath", - "DB update completed, next update scheduled", 1*time.Second, 1) - So(err, ShouldNotBeNil) - }) - - Convey("Time too short", t, func() { - ok, err := test.ReadLogFileAndCountStringOccurence(logPath, "invalid string", time.Microsecond, 1) - So(err, ShouldBeNil) - So(ok, ShouldBeFalse) - }) - - Convey("Count occurrence working", t, func() { - ok, err := test.ReadLogFileAndCountStringOccurence(logPath, "line1", 90*time.Second, 3) - So(err, ShouldBeNil) - So(ok, ShouldBeTrue) - }) -} - -func TestCopyFile(t *testing.T) { - Convey("destFilePath does not exist", t, func() { - err := test.CopyFile("/path/to/srcFile", "~/path/to/some/unexisting/destDir/file") - So(err, ShouldNotBeNil) - }) - - Convey("sourceFile does not exist", t, func() { - err := test.CopyFile("/path/to/some/unexisting/file", path.Join(t.TempDir(), "destFile.txt")) - So(err, ShouldNotBeNil) - }) -} - -func TestIsDigestReference(t *testing.T) { - Convey("not digest reference", t, func() { - res := test.IsDigestReference("notDigestReference/input") - So(res, ShouldBeFalse) - }) - - Convey("wrong input format", t, func() { - res := test.IsDigestReference("wrongInput") - So(res, ShouldBeFalse) - }) -} - -func TestLoadNotationSigningkeys(t *testing.T) { - Convey("notation directory doesn't exist", t, func() { - _, err := test.LoadNotationSigningkeys(t.TempDir()) - So(err, ShouldNotBeNil) - }) - - Convey("wrong content of signingkeys.json", t, func() { - tempDir := t.TempDir() - dir := path.Join(tempDir, "notation") - err := os.Mkdir(dir, 0o777) - So(err, ShouldBeNil) - - filePath := path.Join(dir, "signingkeys.json") - err = os.WriteFile(filePath, []byte("some dummy file content"), 0o666) //nolint: gosec - So(err, ShouldBeNil) - - _, err = test.LoadNotationSigningkeys(tempDir) - So(err, ShouldNotBeNil) - }) - - Convey("not enough permissions to access signingkeys.json", t, func() { - tempDir := t.TempDir() - dir := path.Join(tempDir, "notation") - err := os.Mkdir(dir, 0o777) - So(err, ShouldBeNil) - - filePath := path.Join(dir, "signingkeys.json") - err = os.WriteFile(filePath, []byte("some dummy file content"), 0o300) //nolint: gosec - So(err, ShouldBeNil) - - _, err = test.LoadNotationSigningkeys(tempDir) - So(err, ShouldNotBeNil) - }) - - Convey("signingkeys.json not exists so it is created successfully", t, func() { - tempDir := t.TempDir() - dir := path.Join(tempDir, "notation") - err := os.Mkdir(dir, 0o777) - So(err, ShouldBeNil) - - _, err = test.LoadNotationSigningkeys(tempDir) - So(err, ShouldBeNil) - }) - - Convey("signingkeys.json not exists - error trying to create it", t, func() { - tempDir := t.TempDir() - dir := path.Join(tempDir, "notation") - // create notation directory without write permissions - err := os.Mkdir(dir, 0o555) - So(err, ShouldBeNil) - - _, err = test.LoadNotationSigningkeys(tempDir) - So(err, ShouldNotBeNil) - }) -} - -func TestLoadNotationConfig(t *testing.T) { - Convey("directory doesn't exist", t, func() { - _, err := test.LoadNotationConfig(t.TempDir()) - So(err, ShouldNotBeNil) - }) - - Convey("wrong content of signingkeys.json", t, func() { - tempDir := t.TempDir() - dir := path.Join(tempDir, "notation") - err := os.Mkdir(dir, 0o777) - So(err, ShouldBeNil) - - filePath := path.Join(dir, "signingkeys.json") - err = os.WriteFile(filePath, []byte("some dummy file content"), 0o666) //nolint: gosec - So(err, ShouldBeNil) - - _, err = test.LoadNotationConfig(tempDir) - So(err, ShouldNotBeNil) - }) - - Convey("check default value of signature format", t, func() { - tempDir := t.TempDir() - dir := path.Join(tempDir, "notation") - err := os.Mkdir(dir, 0o777) - So(err, ShouldBeNil) - - filePath := path.Join(dir, "signingkeys.json") - err = os.WriteFile(filePath, []byte("{\"SignatureFormat\": \"\"}"), 0o666) //nolint: gosec - So(err, ShouldBeNil) - - configInfo, err := test.LoadNotationConfig(tempDir) - So(err, ShouldBeNil) - So(configInfo.SignatureFormat, ShouldEqual, "jws") - }) -} - -func TestSignWithNotation(t *testing.T) { - Convey("notation directory doesn't exist", t, func() { - err := test.SignWithNotation("key", "reference", t.TempDir()) - So(err, ShouldNotBeNil) - }) - - Convey("key not found", t, func() { - tempDir := t.TempDir() - dir := path.Join(tempDir, "notation") - err := os.Mkdir(dir, 0o777) - So(err, ShouldBeNil) - - filePath := path.Join(dir, "signingkeys.json") - err = os.WriteFile(filePath, []byte("{}"), 0o666) //nolint: gosec - So(err, ShouldBeNil) - - err = test.SignWithNotation("key", "reference", tempDir) - So(err, ShouldEqual, test.ErrKeyNotFound) - }) - - Convey("not enough permissions to access notation/localkeys dir", t, func() { - cwd, err := os.Getwd() - So(err, ShouldBeNil) - defer func() { _ = os.Chdir(cwd) }() - tdir := t.TempDir() - _ = os.Chdir(tdir) - - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() - - test.LoadNotationPath(tdir) - - err = test.GenerateNotationCerts(tdir, "key") - So(err, ShouldBeNil) - - err = os.Chmod(path.Join(tdir, "notation", "localkeys"), 0o000) - So(err, ShouldBeNil) - - err = test.SignWithNotation("key", "reference", tdir) - So(err, ShouldNotBeNil) - - err = os.Chmod(path.Join(tdir, "notation", "localkeys"), 0o755) - So(err, ShouldBeNil) - }) - - Convey("error parsing reference", t, func() { - cwd, err := os.Getwd() - So(err, ShouldBeNil) - defer func() { _ = os.Chdir(cwd) }() - tdir := t.TempDir() - _ = os.Chdir(tdir) - - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() - - test.LoadNotationPath(tdir) - - err = test.GenerateNotationCerts(tdir, "key") - So(err, ShouldBeNil) - - err = test.SignWithNotation("key", "invalidReference", tdir) - So(err, ShouldNotBeNil) - }) - - Convey("error signing", t, func() { - cwd, err := os.Getwd() - So(err, ShouldBeNil) - defer func() { _ = os.Chdir(cwd) }() - tdir := t.TempDir() - _ = os.Chdir(tdir) - - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() - - test.LoadNotationPath(tdir) - - err = test.GenerateNotationCerts(tdir, "key") - So(err, ShouldBeNil) - - err = test.SignWithNotation("key", "localhost:8080/invalidreference:1.0", tdir) - So(err, ShouldNotBeNil) - }) -} - -func TestVerifyWithNotation(t *testing.T) { - Convey("notation directory doesn't exist", t, func() { - err := test.VerifyWithNotation("reference", t.TempDir()) - So(err, ShouldNotBeNil) - }) - - Convey("error parsing reference", t, func() { - cwd, err := os.Getwd() - So(err, ShouldBeNil) - defer func() { _ = os.Chdir(cwd) }() - tdir := t.TempDir() - _ = os.Chdir(tdir) - - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() - - test.LoadNotationPath(tdir) - - err = test.GenerateNotationCerts(tdir, "key") - So(err, ShouldBeNil) - - err = test.VerifyWithNotation("invalidReference", tdir) - So(err, ShouldNotBeNil) - }) - - Convey("error trying to get manifest", t, func() { - cwd, err := os.Getwd() - So(err, ShouldBeNil) - defer func() { _ = os.Chdir(cwd) }() - tdir := t.TempDir() - _ = os.Chdir(tdir) - - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() - - test.LoadNotationPath(tdir) - - err = test.GenerateNotationCerts(tdir, "key") - So(err, ShouldBeNil) - - err = test.VerifyWithNotation("localhost:8080/invalidreference:1.0", tdir) - So(err, ShouldNotBeNil) - }) - - Convey("invalid content of trustpolicy.json", t, func() { - // start a new server - port := test.GetFreePort() - baseURL := test.GetBaseURL(port) - dir := t.TempDir() - - conf := config.New() - conf.HTTP.Port = port - conf.Storage.RootDirectory = dir - - ctlr := api.NewController(conf) - cm := test.NewControllerManager(ctlr) - // this blocks - cm.StartAndWait(port) - defer cm.StopServer() - - repoName := "signed-repo" - tag := "1.0" - cfg, layers, manifest, err := test.GetImageComponents(2) - So(err, ShouldBeNil) - - err = UploadImage( - Image{ - Config: cfg, - Layers: layers, - Manifest: manifest, - }, baseURL, repoName, tag) - So(err, ShouldBeNil) - - content, err := json.Marshal(manifest) - So(err, ShouldBeNil) - digest := godigest.FromBytes(content) - So(digest, ShouldNotBeNil) - - tempDir := t.TempDir() - notationDir := path.Join(tempDir, "notation") - err = os.Mkdir(notationDir, 0o777) - So(err, ShouldBeNil) - - filePath := path.Join(notationDir, "trustpolicy.json") - err = os.WriteFile(filePath, []byte("some dummy file content"), 0o666) //nolint: gosec - So(err, ShouldBeNil) - - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() - - test.LoadNotationPath(tempDir) - - err = test.VerifyWithNotation(fmt.Sprintf("localhost:%s/%s:%s", port, repoName, tag), tempDir) - So(err, ShouldNotBeNil) - }) -} - -func TestListNotarySignatures(t *testing.T) { - Convey("error parsing reference", t, func() { - cwd, err := os.Getwd() - So(err, ShouldBeNil) - defer func() { _ = os.Chdir(cwd) }() - tdir := t.TempDir() - _ = os.Chdir(tdir) - - _, err = test.ListNotarySignatures("invalidReference", tdir) - So(err, ShouldNotBeNil) - }) - - Convey("error trying to get manifest", t, func() { - cwd, err := os.Getwd() - So(err, ShouldBeNil) - defer func() { _ = os.Chdir(cwd) }() - tdir := t.TempDir() - _ = os.Chdir(tdir) - - _, err = test.ListNotarySignatures("localhost:8080/invalidreference:1.0", tdir) - So(err, ShouldNotBeNil) - }) -} - -func TestGenerateNotationCerts(t *testing.T) { - Convey("write key file with permission", t, func() { - tempDir := t.TempDir() - - notationDir := path.Join(tempDir, "notation") - err := os.Mkdir(notationDir, 0o777) - So(err, ShouldBeNil) - - filePath := path.Join(notationDir, "localkeys") - err = os.WriteFile(filePath, []byte("{}"), 0o666) //nolint: gosec - So(err, ShouldBeNil) - - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() - - test.LoadNotationPath(tempDir) - - err = test.GenerateNotationCerts(t.TempDir(), "cert") - So(err, ShouldNotBeNil) - }) - - Convey("write cert file with permission", t, func() { - tempDir := t.TempDir() - - notationDir := path.Join(tempDir, "notation", "localkeys") - err := os.MkdirAll(notationDir, 0o777) - So(err, ShouldBeNil) - - filePath := path.Join(notationDir, "cert.crt") - err = os.WriteFile(filePath, []byte("{}"), 0o666) //nolint: gosec - So(err, ShouldBeNil) - - err = os.Chmod(filePath, 0o000) - So(err, ShouldBeNil) - - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() - - test.LoadNotationPath(tempDir) - - err = test.GenerateNotationCerts(t.TempDir(), "cert") - So(err, ShouldNotBeNil) - - err = os.Chmod(filePath, 0o755) - So(err, ShouldBeNil) - }) - - Convey("signingkeys.json file - not enough permission", t, func() { - tempDir := t.TempDir() - - notationDir := path.Join(tempDir, "notation") - err := os.Mkdir(notationDir, 0o777) - So(err, ShouldBeNil) - - filePath := path.Join(notationDir, "signingkeys.json") - _, err = os.Create(filePath) //nolint: gosec - So(err, ShouldBeNil) - err = os.Chmod(filePath, 0o000) - So(err, ShouldBeNil) - - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() - - test.LoadNotationPath(tempDir) - - err = test.GenerateNotationCerts(t.TempDir(), "cert") - So(err, ShouldNotBeNil) - - err = os.Remove(filePath) - So(err, ShouldBeNil) - err = os.RemoveAll(path.Join(notationDir, "localkeys")) - So(err, ShouldBeNil) - signingKeysBuf, err := json.Marshal(notconfig.SigningKeys{}) - So(err, ShouldBeNil) - err = os.WriteFile(filePath, signingKeysBuf, 0o555) //nolint:gosec // test code - So(err, ShouldBeNil) - err = test.GenerateNotationCerts(t.TempDir(), "cert") - So(err, ShouldNotBeNil) - }) - Convey("keysuite already exists in signingkeys.json", t, func() { - tempDir := t.TempDir() - - notationDir := path.Join(tempDir, "notation") - err := os.Mkdir(notationDir, 0o777) - So(err, ShouldBeNil) - - certName := "cert-test" - filePath := path.Join(notationDir, "signingkeys.json") - keyPath := path.Join(notationDir, "localkeys", certName+".key") - certPath := path.Join(notationDir, "localkeys", certName+".crt") - signingKeys := notconfig.SigningKeys{} - keySuite := notconfig.KeySuite{ - Name: certName, - X509KeyPair: ¬config.X509KeyPair{ - KeyPath: keyPath, - CertificatePath: certPath, - }, - } - signingKeys.Keys = []notconfig.KeySuite{keySuite} - signingKeysBuf, err := json.Marshal(signingKeys) - So(err, ShouldBeNil) - err = os.WriteFile(filePath, signingKeysBuf, 0o600) - So(err, ShouldBeNil) - - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() - - test.LoadNotationPath(tempDir) - - err = test.GenerateNotationCerts(t.TempDir(), certName) - So(err, ShouldNotBeNil) - }) - Convey("truststore files", t, func() { - tempDir := t.TempDir() - - notationDir := path.Join(tempDir, "notation") - err := os.Mkdir(notationDir, 0o777) - So(err, ShouldBeNil) - - certName := "cert-test" - trustStorePath := path.Join(notationDir, fmt.Sprintf("truststore/x509/ca/%s", certName)) - err = os.MkdirAll(trustStorePath, 0o755) - So(err, ShouldBeNil) - err = os.Chmod(path.Join(notationDir, "truststore/x509"), 0o000) - So(err, ShouldBeNil) - - test.NotationPathLock.Lock() - defer test.NotationPathLock.Unlock() - - test.LoadNotationPath(tempDir) - - err = test.GenerateNotationCerts(tempDir, certName) - So(err, ShouldNotBeNil) - - err = os.RemoveAll(path.Join(notationDir, "localkeys")) - So(err, ShouldBeNil) - err = os.Chmod(path.Join(notationDir, "truststore/x509"), 0o755) - So(err, ShouldBeNil) - _, err = os.Create(path.Join(trustStorePath, "cert-test.crt")) - So(err, ShouldBeNil) - - err = test.GenerateNotationCerts(tempDir, certName) - So(err, ShouldNotBeNil) - - err = os.RemoveAll(path.Join(notationDir, "localkeys")) - So(err, ShouldBeNil) - err = os.Remove(path.Join(trustStorePath, "cert-test.crt")) - So(err, ShouldBeNil) - err = os.Chmod(path.Join(notationDir, "truststore/x509/ca", certName), 0o555) - So(err, ShouldBeNil) - - err = test.GenerateNotationCerts(tempDir, certName) - So(err, ShouldNotBeNil) - }) -} - -func TestWriteImageToFileSystem(t *testing.T) { - Convey("WriteImageToFileSystem errors", t, func() { - err := test.WriteImageToFileSystem(Image{}, "repo", "dig", storage.StoreController{ - DefaultStore: mocks.MockedImageStore{ - InitRepoFn: func(name string) error { - return ErrTestError - }, - }, - }) - So(err, ShouldNotBeNil) - - err = test.WriteImageToFileSystem( - Image{Layers: [][]byte{[]byte("testLayer")}}, - "repo", - "tag", - storage.StoreController{ - DefaultStore: mocks.MockedImageStore{ - FullBlobUploadFn: func(repo string, body io.Reader, digest godigest.Digest, - ) (string, int64, error) { - return "", 0, ErrTestError - }, - }, - }) - So(err, ShouldNotBeNil) - - count := 0 - err = test.WriteImageToFileSystem( - Image{Layers: [][]byte{[]byte("testLayer")}}, - "repo", - "tag", - storage.StoreController{ - DefaultStore: mocks.MockedImageStore{ - FullBlobUploadFn: func(repo string, body io.Reader, digest godigest.Digest, - ) (string, int64, error) { - if count == 0 { - count++ - - return "", 0, nil - } - - return "", 0, ErrTestError - }, - }, - }) - So(err, ShouldNotBeNil) - - err = test.WriteImageToFileSystem( - Image{Layers: [][]byte{[]byte("testLayer")}}, - "repo", - "tag", - storage.StoreController{ - DefaultStore: mocks.MockedImageStore{ - PutImageManifestFn: func(repo, reference, mediaType string, body []byte, - ) (godigest.Digest, godigest.Digest, error) { - return "", "", ErrTestError - }, - }, - }) - So(err, ShouldNotBeNil) - }) -} - -func TestBearerServer(t *testing.T) { - Convey("test MakeAuthTestServer() no serve key", t, func() { - So(func() { test.MakeAuthTestServer("", "") }, ShouldPanic) - }) -} - -func TestCopyTestKeysAndCerts(t *testing.T) { - Convey("CopyTestKeysAndCerts", t, func() { - // ------- Make test files unreadable ------- - dir := t.TempDir() - file := filepath.Join(dir, "ca.crt") - - _, err := os.Create(file) - So(err, ShouldBeNil) - - err = os.Chmod(file, 0o000) - So(err, ShouldBeNil) - - err = test.CopyTestKeysAndCerts(dir) - So(err, ShouldNotBeNil) - - err = os.Chmod(file, 0o777) - So(err, ShouldBeNil) - - // ------- Copy fails ------- - - err = os.Chmod(dir, 0o000) - So(err, ShouldBeNil) - - err = test.CopyTestKeysAndCerts(file) - So(err, ShouldNotBeNil) - - err = os.Chmod(dir, 0o777) - So(err, ShouldBeNil) - - // ------- Folder creation fails ------- - - file = filepath.Join(dir, "a-file.file") - _, err = os.Create(file) - So(err, ShouldBeNil) - - _, err = os.Stat(file) - So(err, ShouldBeNil) - - err = test.CopyTestKeysAndCerts(file) - So(err, ShouldNotBeNil) - }) -} diff --git a/pkg/test/deprecated/deprecated.go b/pkg/test/deprecated/deprecated.go new file mode 100644 index 000000000..d6bca0873 --- /dev/null +++ b/pkg/test/deprecated/deprecated.go @@ -0,0 +1,427 @@ +package deprecated + +import ( + "crypto/rand" + "encoding/json" + + godigest "github.com/opencontainers/go-digest" + "github.com/opencontainers/image-spec/specs-go" + ispec "github.com/opencontainers/image-spec/specs-go/v1" + + "zotregistry.io/zot/pkg/test/image-utils" + "zotregistry.io/zot/pkg/test/inject" +) + +// Deprecated: Should use the new functions starting with "Create". +func GetImageComponents(layerSize int) (ispec.Image, [][]byte, ispec.Manifest, error) { + config := ispec.Image{ + Platform: ispec.Platform{ + Architecture: "amd64", + OS: "linux", + }, + RootFS: ispec.RootFS{ + Type: "layers", + DiffIDs: []godigest.Digest{}, + }, + Author: "ZotUser", + } + + configBlob, err := json.Marshal(config) + if err = inject.Error(err); err != nil { + return ispec.Image{}, [][]byte{}, ispec.Manifest{}, err + } + + configDigest := godigest.FromBytes(configBlob) + + layers := [][]byte{ + make([]byte, layerSize), + } + + schemaVersion := 2 + + manifest := ispec.Manifest{ + MediaType: ispec.MediaTypeImageManifest, + Versioned: specs.Versioned{ + SchemaVersion: schemaVersion, + }, + Config: ispec.Descriptor{ + MediaType: "application/vnd.oci.image.config.v1+json", + Digest: configDigest, + Size: int64(len(configBlob)), + }, + Layers: []ispec.Descriptor{ + { + MediaType: "application/vnd.oci.image.layer.v1.tar", + Digest: godigest.FromBytes(layers[0]), + Size: int64(len(layers[0])), + }, + }, + } + + return config, layers, manifest, nil +} + +// Deprecated: Should use the new functions starting with "Create". +func GetRandomImageComponents(layerSize int) (ispec.Image, [][]byte, ispec.Manifest, error) { + config := ispec.Image{ + Platform: ispec.Platform{ + Architecture: "amd64", + OS: "linux", + }, + RootFS: ispec.RootFS{ + Type: "layers", + DiffIDs: []godigest.Digest{}, + }, + Author: "ZotUser", + } + + configBlob, err := json.Marshal(config) + if err = inject.Error(err); err != nil { + return ispec.Image{}, [][]byte{}, ispec.Manifest{}, err + } + + configDigest := godigest.FromBytes(configBlob) + + layers := [][]byte{ + GetRandomLayer(layerSize), + } + + schemaVersion := 2 + + manifest := ispec.Manifest{ + MediaType: ispec.MediaTypeImageManifest, + Versioned: specs.Versioned{ + SchemaVersion: schemaVersion, + }, + Config: ispec.Descriptor{ + MediaType: "application/vnd.oci.image.config.v1+json", + Digest: configDigest, + Size: int64(len(configBlob)), + }, + Layers: []ispec.Descriptor{ + { + MediaType: "application/vnd.oci.image.layer.v1.tar", + Digest: godigest.FromBytes(layers[0]), + Size: int64(len(layers[0])), + }, + }, + } + + return config, layers, manifest, nil +} + +func GetRandomLayer(size int) []byte { + layer := make([]byte, size) + + _, err := rand.Read(layer) + if err != nil { + return layer + } + + return layer +} + +// Deprecated: Should use the new functions starting with "Create". +func GetVulnImageWithConfig(config ispec.Image) (image.Image, error) { + vulnerableLayer, err := image.GetLayerWithVulnerability() + if err != nil { + return image.Image{}, err + } + + vulnerableConfig := ispec.Image{ + Platform: config.Platform, + Config: config.Config, + RootFS: ispec.RootFS{ + Type: "layers", + DiffIDs: []godigest.Digest{"sha256:f1417ff83b319fbdae6dd9cd6d8c9c88002dcd75ecf6ec201c8c6894681cf2b5"}, + }, + Created: config.Created, + History: config.History, + } + + img, err := GetImageWithComponents( + vulnerableConfig, + [][]byte{ + vulnerableLayer, + }) + if err != nil { + return image.Image{}, err + } + + return img, err +} + +// Deprecated: Should use the new functions starting with "Create". +func GetRandomImage() (image.Image, error) { + const layerSize = 20 + + config, layers, manifest, err := GetRandomImageComponents(layerSize) + if err != nil { + return image.Image{}, err + } + + return image.Image{ + Manifest: manifest, + Layers: layers, + Config: config, + }, nil +} + +// Deprecated: Should use the new functions starting with "Create". +func GetImageComponentsWithConfig(conf ispec.Image) (ispec.Image, [][]byte, ispec.Manifest, error) { + configBlob, err := json.Marshal(conf) + if err = inject.Error(err); err != nil { + return ispec.Image{}, [][]byte{}, ispec.Manifest{}, err + } + + configDigest := godigest.FromBytes(configBlob) + + layerSize := 100 + layer := make([]byte, layerSize) + + _, err = rand.Read(layer) + if err != nil { + return ispec.Image{}, [][]byte{}, ispec.Manifest{}, err + } + + layers := [][]byte{ + layer, + } + + schemaVersion := 2 + + manifest := ispec.Manifest{ + MediaType: ispec.MediaTypeImageManifest, + Versioned: specs.Versioned{ + SchemaVersion: schemaVersion, + }, + Config: ispec.Descriptor{ + MediaType: "application/vnd.oci.image.config.v1+json", + Digest: configDigest, + Size: int64(len(configBlob)), + }, + Layers: []ispec.Descriptor{ + { + MediaType: "application/vnd.oci.image.layer.v1.tar", + Digest: godigest.FromBytes(layers[0]), + Size: int64(len(layers[0])), + }, + }, + } + + return conf, layers, manifest, nil +} + +// Deprecated: Should use the new functions starting with "Create". +func GetImageWithConfig(conf ispec.Image) (image.Image, error) { + config, layers, manifest, err := GetImageComponentsWithConfig(conf) + if err != nil { + return image.Image{}, err + } + + return image.Image{ + Manifest: manifest, + Config: config, + Layers: layers, + }, nil +} + +// Deprecated: Should use the new functions starting with "Create". +func GetImageWithComponents(config ispec.Image, layers [][]byte) (image.Image, error) { + configBlob, err := json.Marshal(config) + if err != nil { + return image.Image{}, err + } + + manifestLayers := make([]ispec.Descriptor, 0, len(layers)) + + for _, layer := range layers { + manifestLayers = append(manifestLayers, ispec.Descriptor{ + MediaType: "application/vnd.oci.image.layer.v1.tar", + Digest: godigest.FromBytes(layer), + Size: int64(len(layer)), + }) + } + + const schemaVersion = 2 + + manifest := ispec.Manifest{ + MediaType: ispec.MediaTypeImageManifest, + Versioned: specs.Versioned{ + SchemaVersion: schemaVersion, + }, + Config: ispec.Descriptor{ + MediaType: "application/vnd.oci.image.config.v1+json", + Digest: godigest.FromBytes(configBlob), + Size: int64(len(configBlob)), + }, + Layers: manifestLayers, + } + + return image.Image{ + Manifest: manifest, + Config: config, + Layers: layers, + }, nil +} + +// Deprecated: Should use the new functions starting with "Create". +func GetImageWithSubject(subjectDigest godigest.Digest, mediaType string) (image.Image, error) { + num := 100 + + conf, layers, manifest, err := GetRandomImageComponents(num) + if err != nil { + return image.Image{}, err + } + + manifest.Subject = &ispec.Descriptor{ + Digest: subjectDigest, + MediaType: mediaType, + } + + return image.Image{ + Manifest: manifest, + Config: conf, + Layers: layers, + }, nil +} + +// Deprecated: Should use the new functions starting with "Create". +func GetRandomMultiarchImageComponents() (ispec.Index, []image.Image, error) { + const layerSize = 100 + + randomLayer1 := make([]byte, layerSize) + + _, err := rand.Read(randomLayer1) + if err != nil { + return ispec.Index{}, []image.Image{}, err + } + + image1, err := GetImageWithComponents( + ispec.Image{ + Platform: ispec.Platform{ + OS: "linux", + Architecture: "amd64", + }, + }, + [][]byte{ + randomLayer1, + }) + if err != nil { + return ispec.Index{}, []image.Image{}, err + } + + randomLayer2 := make([]byte, layerSize) + + _, err = rand.Read(randomLayer2) + if err != nil { + return ispec.Index{}, []image.Image{}, err + } + + image2, err := GetImageWithComponents( + ispec.Image{ + Platform: ispec.Platform{ + OS: "linux", + Architecture: "386", + }, + }, + [][]byte{ + randomLayer2, + }) + if err != nil { + return ispec.Index{}, []image.Image{}, err + } + + randomLayer3 := make([]byte, layerSize) + + _, err = rand.Read(randomLayer3) + if err != nil { + return ispec.Index{}, []image.Image{}, err + } + + image3, err := GetImageWithComponents( + ispec.Image{ + Platform: ispec.Platform{ + OS: "windows", + Architecture: "amd64", + }, + }, + [][]byte{ + randomLayer3, + }) + if err != nil { + return ispec.Index{}, []image.Image{}, err + } + + index := ispec.Index{ + MediaType: ispec.MediaTypeImageIndex, + Manifests: []ispec.Descriptor{ + { + MediaType: ispec.MediaTypeImageManifest, + Digest: getManifestDigest(image1.Manifest), + Size: getManifestSize(image1.Manifest), + }, + { + MediaType: ispec.MediaTypeImageManifest, + Digest: getManifestDigest(image2.Manifest), + Size: getManifestSize(image2.Manifest), + }, + { + MediaType: ispec.MediaTypeImageManifest, + Digest: getManifestDigest(image3.Manifest), + Size: getManifestSize(image3.Manifest), + }, + }, + } + + return index, []image.Image{image1, image2, image3}, nil +} + +// Deprecated: Should use the new functions starting with "Create". +func GetRandomMultiarchImage(reference string) (image.MultiarchImage, error) { + index, images, err := GetRandomMultiarchImageComponents() + if err != nil { + return image.MultiarchImage{}, err + } + + index.SchemaVersion = 2 + + return image.MultiarchImage{ + Index: index, Images: images, Reference: reference, + }, err +} + +// Deprecated: Should use the new functions starting with "Create". +func GetMultiarchImageForImages(images []image.Image) image.MultiarchImage { + var index ispec.Index + + for _, image := range images { + index.Manifests = append(index.Manifests, ispec.Descriptor{ + MediaType: ispec.MediaTypeImageManifest, + Digest: getManifestDigest(image.Manifest), + Size: getManifestSize(image.Manifest), + }) + } + + index.SchemaVersion = 2 + + return image.MultiarchImage{Index: index, Images: images} +} + +func getManifestSize(manifest ispec.Manifest) int64 { + manifestBlob, err := json.Marshal(manifest) + if err != nil { + return 0 + } + + return int64(len(manifestBlob)) +} + +func getManifestDigest(manifest ispec.Manifest) godigest.Digest { + manifestBlob, err := json.Marshal(manifest) + if err != nil { + return "" + } + + return godigest.FromBytes(manifestBlob) +} diff --git a/pkg/test/deprecated/deprecated_test.go b/pkg/test/deprecated/deprecated_test.go new file mode 100644 index 000000000..05ccfe0e5 --- /dev/null +++ b/pkg/test/deprecated/deprecated_test.go @@ -0,0 +1,45 @@ +package deprecated_test + +import ( + "testing" + + ispec "github.com/opencontainers/image-spec/specs-go/v1" + . "github.com/smartystreets/goconvey/convey" + + "zotregistry.io/zot/pkg/test/deprecated" + "zotregistry.io/zot/pkg/test/inject" +) + +func TestGetImageComponents(t *testing.T) { + Convey("Inject failures for unreachable lines", t, func() { + injected := inject.InjectFailure(0) + if injected { + _, _, _, err := deprecated.GetImageComponents(100) //nolint:staticcheck + So(err, ShouldNotBeNil) + } + }) + Convey("finishes successfully", t, func() { + _, _, _, err := deprecated.GetImageComponents(100) //nolint:staticcheck + So(err, ShouldBeNil) + }) +} + +func TestGetRandomImageComponents(t *testing.T) { + Convey("Inject failures for unreachable lines", t, func() { + injected := inject.InjectFailure(0) + if injected { + _, _, _, err := deprecated.GetRandomImageComponents(100) //nolint:staticcheck + So(err, ShouldNotBeNil) + } + }) +} + +func TestGetImageComponentsWithConfig(t *testing.T) { + Convey("Inject failures for unreachable lines", t, func() { + injected := inject.InjectFailure(0) + if injected { + _, _, _, err := deprecated.GetImageComponentsWithConfig(ispec.Image{}) //nolint:staticcheck + So(err, ShouldNotBeNil) + } + }) +} diff --git a/pkg/test/image-utils/upload.go b/pkg/test/image-utils/upload.go index bd4b88e4f..2f5f58192 100644 --- a/pkg/test/image-utils/upload.go +++ b/pkg/test/image-utils/upload.go @@ -10,7 +10,7 @@ import ( ispec "github.com/opencontainers/image-spec/specs-go/v1" "gopkg.in/resty.v1" - testc "zotregistry.io/zot/pkg/test/common" + tcommon "zotregistry.io/zot/pkg/test/common" "zotregistry.io/zot/pkg/test/inject" ) @@ -81,7 +81,7 @@ func UploadImage(img Image, baseURL, repo, ref string) error { return ErrPostBlob } - loc := testc.Location(baseURL, resp) + loc := tcommon.Location(baseURL, resp) // uploading blob should get 201 resp, err = resty.R(). @@ -181,7 +181,7 @@ func UploadImageWithBasicAuth(img Image, baseURL, repo, ref, user, password stri return ErrPostBlob } - loc := testc.Location(baseURL, resp) + loc := tcommon.Location(baseURL, resp) // uploading blob should get 201 resp, err = resty.R(). diff --git a/pkg/test/image-utils/upload_test.go b/pkg/test/image-utils/upload_test.go index 8b27ba1c9..178e08efa 100644 --- a/pkg/test/image-utils/upload_test.go +++ b/pkg/test/image-utils/upload_test.go @@ -13,15 +13,15 @@ import ( "zotregistry.io/zot/pkg/api" "zotregistry.io/zot/pkg/api/config" - . "zotregistry.io/zot/pkg/test" + tcommon "zotregistry.io/zot/pkg/test/common" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/inject" ) func TestUploadImage(t *testing.T) { Convey("Manifest without schemaVersion should fail validation", t, func() { - port := GetFreePort() - baseURL := GetBaseURL(port) + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) conf := config.New() conf.HTTP.Port = port @@ -29,7 +29,7 @@ func TestUploadImage(t *testing.T) { ctlr := api.NewController(conf) - ctlrManager := NewControllerManager(ctlr) + ctlrManager := tcommon.NewControllerManager(ctlr) ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() @@ -57,8 +57,8 @@ func TestUploadImage(t *testing.T) { }) Convey("Post request results in an error", t, func() { - port := GetFreePort() - baseURL := GetBaseURL(port) + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) conf := config.New() conf.HTTP.Port = port @@ -73,8 +73,8 @@ func TestUploadImage(t *testing.T) { }) Convey("Post request status differs from accepted", t, func() { - port := GetFreePort() - baseURL := GetBaseURL(port) + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) tempDir := t.TempDir() conf := config.New() @@ -88,7 +88,7 @@ func TestUploadImage(t *testing.T) { ctlr := api.NewController(conf) - ctlrManager := NewControllerManager(ctlr) + ctlrManager := tcommon.NewControllerManager(ctlr) ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() @@ -101,8 +101,8 @@ func TestUploadImage(t *testing.T) { }) Convey("Put request results in an error", t, func() { - port := GetFreePort() - baseURL := GetBaseURL(port) + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) conf := config.New() conf.HTTP.Port = port @@ -110,7 +110,7 @@ func TestUploadImage(t *testing.T) { ctlr := api.NewController(conf) - ctlrManager := NewControllerManager(ctlr) + ctlrManager := tcommon.NewControllerManager(ctlr) ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() @@ -124,8 +124,8 @@ func TestUploadImage(t *testing.T) { }) Convey("Image uploaded successfully", t, func() { - port := GetFreePort() - baseURL := GetBaseURL(port) + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) conf := config.New() conf.HTTP.Port = port @@ -133,7 +133,7 @@ func TestUploadImage(t *testing.T) { ctlr := api.NewController(conf) - ctlrManager := NewControllerManager(ctlr) + ctlrManager := tcommon.NewControllerManager(ctlr) ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() @@ -166,13 +166,13 @@ func TestUploadImage(t *testing.T) { Convey("Upload image with authentification", t, func() { tempDir := t.TempDir() conf := config.New() - port := GetFreePort() - baseURL := GetBaseURL(port) + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) user1 := "test" password1 := "test" - testString1 := GetCredString(user1, password1) - htpasswdPath := MakeHtpasswdFileFromString(testString1) + testString1 := tcommon.GetCredString(user1, password1) + htpasswdPath := tcommon.MakeHtpasswdFileFromString(testString1) defer os.Remove(htpasswdPath) conf.HTTP.Auth = &config.AuthConfig{ HTPasswd: config.AuthHTPasswd{ @@ -213,7 +213,7 @@ func TestUploadImage(t *testing.T) { ctlr.Config.Storage.RootDirectory = tempDir - ctlrManager := NewControllerManager(ctlr) + ctlrManager := tcommon.NewControllerManager(ctlr) ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() @@ -236,8 +236,8 @@ func TestUploadImage(t *testing.T) { }) Convey("Blob upload wrong response status code", t, func() { - port := GetFreePort() - baseURL := GetBaseURL(port) + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) tempDir := t.TempDir() conf := config.New() @@ -246,7 +246,7 @@ func TestUploadImage(t *testing.T) { ctlr := api.NewController(conf) - ctlrManager := NewControllerManager(ctlr) + ctlrManager := tcommon.NewControllerManager(ctlr) ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() @@ -289,8 +289,8 @@ func TestUploadImage(t *testing.T) { }) Convey("CreateBlobUpload wrong response status code", t, func() { - port := GetFreePort() - baseURL := GetBaseURL(port) + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) tempDir := t.TempDir() conf := config.New() @@ -299,7 +299,7 @@ func TestUploadImage(t *testing.T) { ctlr := api.NewController(conf) - ctlrManager := NewControllerManager(ctlr) + ctlrManager := tcommon.NewControllerManager(ctlr) ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() @@ -331,8 +331,8 @@ func TestUploadImage(t *testing.T) { func TestInjectUploadImage(t *testing.T) { Convey("Inject failures for unreachable lines", t, func() { - port := GetFreePort() - baseURL := GetBaseURL(port) + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) tempDir := t.TempDir() conf := config.New() @@ -341,7 +341,7 @@ func TestInjectUploadImage(t *testing.T) { ctlr := api.NewController(conf) - ctlrManager := NewControllerManager(ctlr) + ctlrManager := tcommon.NewControllerManager(ctlr) ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() @@ -395,8 +395,8 @@ func TestInjectUploadImage(t *testing.T) { func TestUploadMultiarchImage(t *testing.T) { Convey("make controller", t, func() { - port := GetFreePort() - baseURL := GetBaseURL(port) + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) conf := config.New() conf.HTTP.Port = port @@ -404,7 +404,7 @@ func TestUploadMultiarchImage(t *testing.T) { ctlr := api.NewController(conf) - ctlrManager := NewControllerManager(ctlr) + ctlrManager := tcommon.NewControllerManager(ctlr) ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() @@ -474,8 +474,8 @@ func TestUploadMultiarchImage(t *testing.T) { func TestInjectUploadImageWithBasicAuth(t *testing.T) { Convey("Inject failures for unreachable lines", t, func() { - port := GetFreePort() - baseURL := GetBaseURL(port) + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) tempDir := t.TempDir() conf := config.New() @@ -484,8 +484,8 @@ func TestInjectUploadImageWithBasicAuth(t *testing.T) { user := "user" password := "password" - testString := GetCredString(user, password) - htpasswdPath := MakeHtpasswdFileFromString(testString) + testString := tcommon.GetCredString(user, password) + htpasswdPath := tcommon.MakeHtpasswdFileFromString(testString) defer os.Remove(htpasswdPath) conf.HTTP.Auth = &config.AuthConfig{ HTPasswd: config.AuthHTPasswd{ @@ -495,7 +495,7 @@ func TestInjectUploadImageWithBasicAuth(t *testing.T) { ctlr := api.NewController(conf) - ctlrManager := NewControllerManager(ctlr) + ctlrManager := tcommon.NewControllerManager(ctlr) ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() diff --git a/pkg/test/image-utils/utils.go b/pkg/test/image-utils/utils.go index d7c73c856..0b1289bed 100644 --- a/pkg/test/image-utils/utils.go +++ b/pkg/test/image-utils/utils.go @@ -1,6 +1,10 @@ package image import ( + "crypto/rand" + "encoding/json" + "log" + "math/big" mathRand "math/rand" "os" "path/filepath" @@ -9,7 +13,7 @@ import ( godigest "github.com/opencontainers/go-digest" ispec "github.com/opencontainers/image-spec/specs-go/v1" - testc "zotregistry.io/zot/pkg/test/common" + tcommon "zotregistry.io/zot/pkg/test/common" ) var vulnerableLayer []byte //nolint: gochecknoglobals @@ -26,7 +30,7 @@ func GetLayerWithVulnerability() ([]byte, error) { return vulnerableLayer, nil } - projectRootDir, err := testc.GetProjectRootDir() + projectRootDir, err := tcommon.GetProjectRootDir() if err != nil { return nil, err } @@ -127,3 +131,66 @@ func GetDefaultVulnConfig() ispec.Image { }, } } + +// Adapted from https://gist.github.com/dopey/c69559607800d2f2f90b1b1ed4e550fb +func RandomString(n int) string { + const letters = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-" + + ret := make([]byte, n) + + for count := 0; count < n; count++ { + num, err := rand.Int(rand.Reader, big.NewInt(int64(len(letters)))) + if err != nil { + panic(err) + } + + ret[count] = letters[num.Int64()] + } + + return string(ret) +} + +func GetRandomImageConfig() ([]byte, godigest.Digest) { + const maxLen = 16 + + randomAuthor := RandomString(maxLen) + + config := ispec.Image{ + Platform: ispec.Platform{ + Architecture: "amd64", + OS: "linux", + }, + RootFS: ispec.RootFS{ + Type: "layers", + DiffIDs: []godigest.Digest{}, + }, + Author: randomAuthor, + } + + configBlobContent, err := json.MarshalIndent(&config, "", "\t") + if err != nil { + log.Fatal(err) + } + + configBlobDigestRaw := godigest.FromBytes(configBlobContent) + + return configBlobContent, configBlobDigestRaw +} + +func GetIndexBlobWithManifests(manifestDigests []godigest.Digest) ([]byte, error) { + manifests := make([]ispec.Descriptor, 0, len(manifestDigests)) + + for _, manifestDigest := range manifestDigests { + manifests = append(manifests, ispec.Descriptor{ + Digest: manifestDigest, + MediaType: ispec.MediaTypeImageManifest, + }) + } + + indexContent := ispec.Index{ + MediaType: ispec.MediaTypeImageIndex, + Manifests: manifests, + } + + return json.Marshal(indexContent) +} diff --git a/pkg/test/image-utils/write.go b/pkg/test/image-utils/write.go new file mode 100644 index 000000000..5bb089c63 --- /dev/null +++ b/pkg/test/image-utils/write.go @@ -0,0 +1,83 @@ +package image + +import ( + "bytes" + "encoding/json" + + godigest "github.com/opencontainers/go-digest" + ispec "github.com/opencontainers/image-spec/specs-go/v1" + + stypes "zotregistry.io/zot/pkg/storage/types" +) + +func WriteImageToFileSystem(image Image, repoName, ref string, storeController stypes.StoreController) error { + store := storeController.GetImageStore(repoName) + + err := store.InitRepo(repoName) + if err != nil { + return err + } + + for _, layerBlob := range image.Layers { + layerReader := bytes.NewReader(layerBlob) + layerDigest := godigest.FromBytes(layerBlob) + + _, _, err = store.FullBlobUpload(repoName, layerReader, layerDigest) + if err != nil { + return err + } + } + + configBlob, err := json.Marshal(image.Config) + if err != nil { + return err + } + + configReader := bytes.NewReader(configBlob) + configDigest := godigest.FromBytes(configBlob) + + _, _, err = store.FullBlobUpload(repoName, configReader, configDigest) + if err != nil { + return err + } + + manifestBlob, err := json.Marshal(image.Manifest) + if err != nil { + return err + } + + _, _, err = store.PutImageManifest(repoName, ref, ispec.MediaTypeImageManifest, manifestBlob) + if err != nil { + return err + } + + return nil +} + +func WriteMultiArchImageToFileSystem(multiarchImage MultiarchImage, repoName, ref string, + storeController stypes.StoreController, +) error { + store := storeController.GetImageStore(repoName) + + err := store.InitRepo(repoName) + if err != nil { + return err + } + + for _, image := range multiarchImage.Images { + err := WriteImageToFileSystem(image, repoName, image.DigestStr(), storeController) + if err != nil { + return err + } + } + + indexBlob, err := json.Marshal(multiarchImage.Index) + if err != nil { + return err + } + + _, _, err = store.PutImageManifest(repoName, ref, ispec.MediaTypeImageIndex, + indexBlob) + + return err +} diff --git a/pkg/test/image-utils/write_test.go b/pkg/test/image-utils/write_test.go new file mode 100644 index 000000000..02c8b5b3f --- /dev/null +++ b/pkg/test/image-utils/write_test.go @@ -0,0 +1,78 @@ +package image_test + +import ( + "errors" + "io" + "testing" + + godigest "github.com/opencontainers/go-digest" + . "github.com/smartystreets/goconvey/convey" + + "zotregistry.io/zot/pkg/storage" + . "zotregistry.io/zot/pkg/test/image-utils" + "zotregistry.io/zot/pkg/test/mocks" +) + +var ErrTestError = errors.New("ErrTestError") + +func TestWriteImageToFileSystem(t *testing.T) { + Convey("WriteImageToFileSystem errors", t, func() { + err := WriteImageToFileSystem(Image{}, "repo", "dig", storage.StoreController{ + DefaultStore: mocks.MockedImageStore{ + InitRepoFn: func(name string) error { + return ErrTestError + }, + }, + }) + So(err, ShouldNotBeNil) + + err = WriteImageToFileSystem( + Image{Layers: [][]byte{[]byte("testLayer")}}, + "repo", + "tag", + storage.StoreController{ + DefaultStore: mocks.MockedImageStore{ + FullBlobUploadFn: func(repo string, body io.Reader, digest godigest.Digest, + ) (string, int64, error) { + return "", 0, ErrTestError + }, + }, + }) + So(err, ShouldNotBeNil) + + count := 0 + err = WriteImageToFileSystem( + Image{Layers: [][]byte{[]byte("testLayer")}}, + "repo", + "tag", + storage.StoreController{ + DefaultStore: mocks.MockedImageStore{ + FullBlobUploadFn: func(repo string, body io.Reader, digest godigest.Digest, + ) (string, int64, error) { + if count == 0 { + count++ + + return "", 0, nil + } + + return "", 0, ErrTestError + }, + }, + }) + So(err, ShouldNotBeNil) + + err = WriteImageToFileSystem( + Image{Layers: [][]byte{[]byte("testLayer")}}, + "repo", + "tag", + storage.StoreController{ + DefaultStore: mocks.MockedImageStore{ + PutImageManifestFn: func(repo, reference, mediaType string, body []byte, + ) (godigest.Digest, godigest.Digest, error) { + return "", "", ErrTestError + }, + }, + }) + So(err, ShouldNotBeNil) + }) +} diff --git a/pkg/test/oci-layout/oci_layout.go b/pkg/test/oci-utils/oci_layout.go similarity index 98% rename from pkg/test/oci-layout/oci_layout.go rename to pkg/test/oci-utils/oci_layout.go index dd2dfcbc7..7d3528a5c 100644 --- a/pkg/test/oci-layout/oci_layout.go +++ b/pkg/test/oci-utils/oci_layout.go @@ -1,7 +1,7 @@ //go:build sync && scrub && metrics && search // +build sync,scrub,metrics,search -package ocilayout +package ociutils import ( "encoding/json" @@ -21,7 +21,7 @@ import ( "zotregistry.io/zot/pkg/extensions/search/convert" cvemodel "zotregistry.io/zot/pkg/extensions/search/cve/model" "zotregistry.io/zot/pkg/log" - "zotregistry.io/zot/pkg/storage" + stypes "zotregistry.io/zot/pkg/storage/types" ) type OciUtils interface { //nolint: interfacebloat @@ -44,11 +44,11 @@ type OciUtils interface { //nolint: interfacebloat // OciLayoutInfo ... type BaseOciLayoutUtils struct { Log log.Logger - StoreController storage.StoreController + StoreController stypes.StoreController } // NewBaseOciLayoutUtils initializes a new OciLayoutUtils object. -func NewBaseOciLayoutUtils(storeController storage.StoreController, log log.Logger) *BaseOciLayoutUtils { +func NewBaseOciLayoutUtils(storeController stypes.StoreController, log log.Logger) *BaseOciLayoutUtils { return &BaseOciLayoutUtils{Log: log, StoreController: storeController} } @@ -76,8 +76,8 @@ func (olu BaseOciLayoutUtils) GetImageManifest(repo string, reference string) (i // Provide a list of repositories from all the available image stores. func (olu BaseOciLayoutUtils) GetRepositories() ([]string, error) { - defaultStore := olu.StoreController.DefaultStore - substores := olu.StoreController.SubStore + defaultStore := olu.StoreController.GetDefaultImageStore() + substores := olu.StoreController.GetImageSubStores() repoList, err := defaultStore.GetRepositories() if err != nil { diff --git a/pkg/test/oci-layout/oci_layout_test.go b/pkg/test/oci-utils/oci_layout_test.go similarity index 80% rename from pkg/test/oci-layout/oci_layout_test.go rename to pkg/test/oci-utils/oci_layout_test.go index 200c77eeb..7fcee6fe8 100644 --- a/pkg/test/oci-layout/oci_layout_test.go +++ b/pkg/test/oci-utils/oci_layout_test.go @@ -1,7 +1,7 @@ //go:build sync && scrub && metrics && search // +build sync,scrub,metrics,search -package ocilayout_test +package ociutils_test import ( "encoding/json" @@ -24,10 +24,11 @@ import ( "zotregistry.io/zot/pkg/log" "zotregistry.io/zot/pkg/storage" "zotregistry.io/zot/pkg/storage/local" - . "zotregistry.io/zot/pkg/test" + tcommon "zotregistry.io/zot/pkg/test/common" . "zotregistry.io/zot/pkg/test/image-utils" "zotregistry.io/zot/pkg/test/mocks" - ocilayout "zotregistry.io/zot/pkg/test/oci-layout" + ociutils "zotregistry.io/zot/pkg/test/oci-utils" + signature "zotregistry.io/zot/pkg/test/signature" ) var ErrTestError = fmt.Errorf("testError") @@ -41,7 +42,7 @@ func TestBaseOciLayoutUtils(t *testing.T) { } storeController := storage.StoreController{DefaultStore: mockStoreController} - olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) size := olu.GetImageManifestSize("", "") So(size, ShouldBeZeroValue) @@ -55,7 +56,7 @@ func TestBaseOciLayoutUtils(t *testing.T) { } storeController := storage.StoreController{DefaultStore: mockStoreController} - olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) size := olu.GetImageConfigSize("", "") So(size, ShouldBeZeroValue) @@ -93,7 +94,7 @@ func TestBaseOciLayoutUtils(t *testing.T) { } storeController := storage.StoreController{DefaultStore: mockStoreController} - olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) size := olu.GetImageConfigSize("", "") So(size, ShouldBeZeroValue) @@ -107,7 +108,7 @@ func TestBaseOciLayoutUtils(t *testing.T) { } storeController := storage.StoreController{DefaultStore: mockStoreController} - olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) _, err := olu.GetRepoLastUpdated("") So(err, ShouldNotBeNil) @@ -133,7 +134,7 @@ func TestBaseOciLayoutUtils(t *testing.T) { } storeController := storage.StoreController{DefaultStore: mockStoreController} - olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) _, err = olu.GetImageTagsWithTimestamp("rep") So(err, ShouldNotBeNil) @@ -177,7 +178,7 @@ func TestBaseOciLayoutUtils(t *testing.T) { } storeController := storage.StoreController{DefaultStore: mockStoreController} - olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) _, err = olu.GetImageTagsWithTimestamp("repo") So(err, ShouldNotBeNil) @@ -220,7 +221,7 @@ func TestBaseOciLayoutUtils(t *testing.T) { } storeController := storage.StoreController{DefaultStore: mockStoreController} - olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) _, err = olu.GetExpandedRepoInfo("rep") So(err, ShouldNotBeNil) @@ -233,7 +234,7 @@ func TestBaseOciLayoutUtils(t *testing.T) { } storeController = storage.StoreController{DefaultStore: mockStoreController} - olu = ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu = ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) _, err = olu.GetExpandedRepoInfo("rep") So(err, ShouldNotBeNil) @@ -250,7 +251,7 @@ func TestBaseOciLayoutUtils(t *testing.T) { } storeController = storage.StoreController{DefaultStore: mockStoreController} - olu = ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu = ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) _, err = olu.GetExpandedRepoInfo("rep") So(err, ShouldBeNil) @@ -264,7 +265,7 @@ func TestBaseOciLayoutUtils(t *testing.T) { } storeController := storage.StoreController{DefaultStore: mockStoreController} - olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) _, err := olu.GetImageInfo("", "") So(err, ShouldNotBeNil) @@ -282,7 +283,7 @@ func TestBaseOciLayoutUtils(t *testing.T) { } storeController := storage.StoreController{DefaultStore: mockStoreController} - olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) + olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", "")) check := olu.CheckManifestSignature("rep", godigest.FromString("")) So(check, ShouldBeFalse) @@ -290,8 +291,8 @@ func TestBaseOciLayoutUtils(t *testing.T) { // checkNotarySignature -> true dir := t.TempDir() - port := GetFreePort() - baseURL := GetBaseURL(port) + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) conf := config.New() conf.HTTP.Port = port conf.Storage.RootDirectory = dir @@ -304,31 +305,19 @@ func TestBaseOciLayoutUtils(t *testing.T) { ctlr := api.NewController(conf) - ctlrManager := NewControllerManager(ctlr) + ctlrManager := tcommon.NewControllerManager(ctlr) ctlrManager.StartAndWait(port) defer ctlrManager.StopServer() // push test image to repo - config, layers, manifest, err := GetImageComponents(100) //nolint:staticcheck - So(err, ShouldBeNil) - - layersSize1 := 0 - for _, l := range layers { - layersSize1 += len(l) - } + image := CreateRandomImage() repo := "repo" tag := "1.0.1" - err = UploadImage( - Image{ - Manifest: manifest, - Config: config, - Layers: layers, - }, baseURL, repo, tag, - ) + err := UploadImage(image, baseURL, repo, tag) So(err, ShouldBeNil) - olu = ocilayout.NewBaseOciLayoutUtils(ctlr.StoreController, log.NewLogger("debug", "")) + olu = ociutils.NewBaseOciLayoutUtils(ctlr.StoreController, log.NewLogger("debug", "")) manifestList, err := olu.GetImageManifests(repo) So(err, ShouldBeNil) So(len(manifestList), ShouldEqual, 1) @@ -336,7 +325,7 @@ func TestBaseOciLayoutUtils(t *testing.T) { isSigned := olu.CheckManifestSignature(repo, manifestList[0].Digest) So(isSigned, ShouldBeFalse) - err = SignImageUsingNotary(fmt.Sprintf("%s:%s", repo, tag), port) + err = signature.SignImageUsingNotary(fmt.Sprintf("%s:%s", repo, tag), port) So(err, ShouldBeNil) isSigned = olu.CheckManifestSignature(repo, manifestList[0].Digest) @@ -355,27 +344,15 @@ func TestExtractImageDetails(t *testing.T) { DefaultStore: imageStore, } - num := 10 - config, layers, manifest, err := GetImageComponents(num) //nolint:staticcheck - So(err, ShouldBeNil) - - err = WriteImageToFileSystem( - Image{ - Manifest: manifest, - Layers: layers, - Config: config, - }, "zot-test", "latest", storeController, - ) - So(err, ShouldBeNil) + image := CreateRandomImage() - configBlob, err := json.Marshal(config) + err := WriteImageToFileSystem(image, "zot-test", "latest", storeController) So(err, ShouldBeNil) - configDigest := godigest.FromBytes(configBlob) - olu := ocilayout.NewBaseOciLayoutUtils(storeController, testLogger) + olu := ociutils.NewBaseOciLayoutUtils(storeController, testLogger) resDigest, resManifest, resIspecImage, resErr := olu.ExtractImageDetails("zot-test", "latest", testLogger) - So(string(resDigest), ShouldContainSubstring, "sha256:8492645f16") - So(resManifest.Config.Digest.String(), ShouldContainSubstring, configDigest.Encoded()) + So(string(resDigest), ShouldEqual, image.ManifestDescriptor.Digest.String()) + So(resManifest.Config.Digest.String(), ShouldEqual, image.ConfigDescriptor.Digest.String()) So(resIspecImage.Architecture, ShouldContainSubstring, "amd64") So(resErr, ShouldBeNil) @@ -391,7 +368,7 @@ func TestExtractImageDetails(t *testing.T) { DefaultStore: imageStore, } - olu := ocilayout.NewBaseOciLayoutUtils(storeController, testLogger) + olu := ociutils.NewBaseOciLayoutUtils(storeController, testLogger) resDigest, resManifest, resIspecImage, resErr := olu.ExtractImageDetails("zot-test", "latest", testLogger) So(resErr, ShouldEqual, zerr.ErrRepoNotFound) @@ -411,29 +388,17 @@ func TestExtractImageDetails(t *testing.T) { DefaultStore: imageStore, } - num := 10 - config, layers, manifest, err := GetImageComponents(num) //nolint:staticcheck - So(err, ShouldBeNil) - - err = WriteImageToFileSystem( - Image{ - Manifest: manifest, - Layers: layers, - Config: config, - }, "zot-test", "latest", storeController, - ) - So(err, ShouldBeNil) + image := CreateRandomImage() - configBlob, err := json.Marshal(config) + err := WriteImageToFileSystem(image, "zot-test", "latest", storeController) So(err, ShouldBeNil) - configDigest := godigest.FromBytes(configBlob) - err = os.Remove(path.Join(dir, "zot-test/blobs/sha256", configDigest.Encoded())) + err = os.Remove(path.Join(dir, "zot-test/blobs/sha256", image.ConfigDescriptor.Digest.Encoded())) if err != nil { panic(err) } - olu := ocilayout.NewBaseOciLayoutUtils(storeController, testLogger) + olu := ociutils.NewBaseOciLayoutUtils(storeController, testLogger) resDigest, resManifest, resIspecImage, resErr := olu.ExtractImageDetails("zot-test", "latest", testLogger) So(resErr, ShouldEqual, zerr.ErrBlobNotFound) So(string(resDigest), ShouldEqual, "") @@ -481,7 +446,7 @@ func TestTagsInfo(t *testing.T) { allTags = append(allTags, firstTag, secondTag, thirdTag, fourthTag) - latestTag := ocilayout.GetLatestTag(allTags) + latestTag := ociutils.GetLatestTag(allTags) So(latestTag.Tag, ShouldEqual, "1.0.3") }) } diff --git a/pkg/test/repo.go b/pkg/test/oci-utils/repo.go similarity index 99% rename from pkg/test/repo.go rename to pkg/test/oci-utils/repo.go index b73d77e8b..dc14a3c59 100644 --- a/pkg/test/repo.go +++ b/pkg/test/oci-utils/repo.go @@ -1,4 +1,4 @@ -package test +package ociutils import ( ispec "github.com/opencontainers/image-spec/specs-go/v1" diff --git a/pkg/test/oci-utils/store.go b/pkg/test/oci-utils/store.go new file mode 100644 index 000000000..9a6ed6925 --- /dev/null +++ b/pkg/test/oci-utils/store.go @@ -0,0 +1,30 @@ +package ociutils + +import ( + godigest "github.com/opencontainers/go-digest" + + "zotregistry.io/zot/pkg/extensions/monitoring" + zLog "zotregistry.io/zot/pkg/log" + "zotregistry.io/zot/pkg/storage" + "zotregistry.io/zot/pkg/storage/local" + stypes "zotregistry.io/zot/pkg/storage/types" + "zotregistry.io/zot/pkg/test/mocks" +) + +func GetDefaultImageStore(rootDir string, log zLog.Logger) stypes.ImageStore { + return local.NewImageStore(rootDir, false, false, log, + monitoring.NewMetricsServer(false, log), + mocks.MockedLint{ + LintFn: func(repo string, manifestDigest godigest.Digest, imageStore stypes.ImageStore) (bool, error) { + return true, nil + }, + }, + mocks.CacheMock{}, + ) +} + +func GetDefaultStoreController(rootDir string, log zLog.Logger) stypes.StoreController { + return storage.StoreController{ + DefaultStore: GetDefaultImageStore(rootDir, log), + } +} diff --git a/pkg/test/signature/cosign.go b/pkg/test/signature/cosign.go new file mode 100644 index 000000000..7ef0a8993 --- /dev/null +++ b/pkg/test/signature/cosign.go @@ -0,0 +1,71 @@ +package signature + +import ( + "context" + "encoding/json" + "fmt" + "os" + "path" + "time" + + godigest "github.com/opencontainers/go-digest" + ispec "github.com/opencontainers/image-spec/specs-go/v1" + "github.com/sigstore/cosign/v2/cmd/cosign/cli/generate" + "github.com/sigstore/cosign/v2/cmd/cosign/cli/options" + "github.com/sigstore/cosign/v2/cmd/cosign/cli/sign" +) + +func GetCosignSignatureTagForManifest(manifest ispec.Manifest) (string, error) { + manifestBlob, err := json.Marshal(manifest) + if err != nil { + return "", err + } + + manifestDigest := godigest.FromBytes(manifestBlob) + + return GetCosignSignatureTagForDigest(manifestDigest), nil +} + +func GetCosignSignatureTagForDigest(manifestDigest godigest.Digest) string { + return manifestDigest.Algorithm().String() + "-" + manifestDigest.Encoded() + ".sig" +} + +func SignImageUsingCosign(repoTag, port string) error { + cwd, err := os.Getwd() + if err != nil { + return err + } + + defer func() { _ = os.Chdir(cwd) }() + + tdir, err := os.MkdirTemp("", "cosign") + if err != nil { + return err + } + + defer os.RemoveAll(tdir) + + _ = os.Chdir(tdir) + + // generate a keypair + os.Setenv("COSIGN_PASSWORD", "") + + err = generate.GenerateKeyPairCmd(context.TODO(), "", "cosign", nil) + if err != nil { + return err + } + + imageURL := fmt.Sprintf("localhost:%s/%s", port, repoTag) + + const timeoutPeriod = 5 + + // sign the image + return sign.SignCmd(&options.RootOptions{Verbose: true, Timeout: timeoutPeriod * time.Minute}, + options.KeyOpts{KeyRef: path.Join(tdir, "cosign.key"), PassFunc: generate.GetPass}, + options.SignOptions{ + Registry: options.RegistryOptions{AllowInsecure: true}, + AnnotationOptions: options.AnnotationOptions{Annotations: []string{"tag=1.0"}}, + Upload: true, + }, + []string{imageURL}) +} diff --git a/pkg/test/signature/notation.go b/pkg/test/signature/notation.go new file mode 100644 index 000000000..dcfa899d4 --- /dev/null +++ b/pkg/test/signature/notation.go @@ -0,0 +1,469 @@ +package signature + +import ( + "context" + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "encoding/json" + "encoding/pem" + "errors" + "fmt" + "io/fs" + "math" + "os" + "path" + "path/filepath" + "strings" + "sync" + + "github.com/notaryproject/notation-core-go/signature/jws" + "github.com/notaryproject/notation-core-go/testhelper" + "github.com/notaryproject/notation-go" + notconfig "github.com/notaryproject/notation-go/config" + "github.com/notaryproject/notation-go/dir" + notreg "github.com/notaryproject/notation-go/registry" + "github.com/notaryproject/notation-go/signer" + "github.com/notaryproject/notation-go/verifier" + godigest "github.com/opencontainers/go-digest" + ispec "github.com/opencontainers/image-spec/specs-go/v1" + "oras.land/oras-go/v2/registry" + "oras.land/oras-go/v2/registry/remote" + "oras.land/oras-go/v2/registry/remote/auth" + + tcommon "zotregistry.io/zot/pkg/test/common" +) + +var ( + ErrAlreadyExists = errors.New("already exists") + ErrKeyNotFound = errors.New("key not found") + ErrSignatureVerification = errors.New("signature verification failed") +) + +var NotationPathLock = new(sync.Mutex) //nolint: gochecknoglobals + +func LoadNotationPath(tdir string) { + dir.UserConfigDir = filepath.Join(tdir, "notation") + + // set user libexec + dir.UserLibexecDir = dir.UserConfigDir +} + +func GenerateNotationCerts(tdir string, certName string) error { + // generate RSA private key + bits := 2048 + + key, err := rsa.GenerateKey(rand.Reader, bits) + if err != nil { + return err + } + + keyBytes, err := x509.MarshalPKCS8PrivateKey(key) + if err != nil { + return err + } + + keyPEM := pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: keyBytes}) + + rsaCertTuple := testhelper.GetRSASelfSignedCertTupleWithPK(key, "cert") + + certBytes := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: rsaCertTuple.Cert.Raw}) + + // write private key + relativeKeyPath, relativeCertPath := dir.LocalKeyPath(certName) + + configFS := dir.ConfigFS() + + keyPath, err := configFS.SysPath(relativeKeyPath) + if err != nil { + return err + } + + certPath, err := configFS.SysPath(relativeCertPath) + if err != nil { + return err + } + + if err := tcommon.WriteFileWithPermission(keyPath, keyPEM, 0o600, false); err != nil { //nolint:gomnd + return fmt.Errorf("failed to write key file: %w", err) + } + + // write self-signed certificate + if err := tcommon.WriteFileWithPermission(certPath, certBytes, 0o644, false); err != nil { //nolint:gomnd + return fmt.Errorf("failed to write certificate file: %w", err) + } + + signingKeys, err := notconfig.LoadSigningKeys() + if err != nil { + return err + } + + keySuite := notconfig.KeySuite{ + Name: certName, + X509KeyPair: ¬config.X509KeyPair{ + KeyPath: keyPath, + CertificatePath: certPath, + }, + } + + // addKeyToSigningKeys + if tcommon.Contains(signingKeys.Keys, keySuite.Name) { + return ErrAlreadyExists + } + + signingKeys.Keys = append(signingKeys.Keys, keySuite) + + // Add to the trust store + trustStorePath := path.Join(tdir, fmt.Sprintf("notation/truststore/x509/ca/%s", certName)) + + if _, err := os.Stat(filepath.Join(trustStorePath, filepath.Base(certPath))); err == nil { + return ErrAlreadyExists + } + + if err := os.MkdirAll(trustStorePath, 0o755); err != nil { //nolint:gomnd + return fmt.Errorf("GenerateNotationCerts os.MkdirAll failed: %w", err) + } + + trustCertPath := path.Join(trustStorePath, fmt.Sprintf("%s%s", certName, dir.LocalCertificateExtension)) + + err = tcommon.CopyFile(certPath, trustCertPath) + if err != nil { + return err + } + + // Save to the SigningKeys.json + if err := signingKeys.Save(); err != nil { + return err + } + + return nil +} + +func SignWithNotation(keyName string, reference string, tdir string) error { + ctx := context.TODO() + + // getSigner + var newSigner notation.Signer + + mediaType := jws.MediaTypeEnvelope + + // ResolveKey + signingKeys, err := LoadNotationSigningkeys(tdir) + if err != nil { + return err + } + + idx := tcommon.Index(signingKeys.Keys, keyName) + if idx < 0 { + return ErrKeyNotFound + } + + key := signingKeys.Keys[idx] + + if key.X509KeyPair != nil { + newSigner, err = signer.NewFromFiles(key.X509KeyPair.KeyPath, key.X509KeyPair.CertificatePath) + if err != nil { + return err + } + } + + // prepareSigningContent + // getRepositoryClient + authClient := &auth.Client{ + Credential: func(ctx context.Context, reg string) (auth.Credential, error) { + return auth.EmptyCredential, nil + }, + Cache: auth.NewCache(), + ClientID: "notation", + } + + authClient.SetUserAgent("notation/zot_tests") + + plainHTTP := true + + // Resolve referance + ref, err := registry.ParseReference(reference) + if err != nil { + return err + } + + remoteRepo := &remote.Repository{ + Client: authClient, + Reference: ref, + PlainHTTP: plainHTTP, + } + + repositoryOpts := notreg.RepositoryOptions{} + + sigRepo := notreg.NewRepositoryWithOptions(remoteRepo, repositoryOpts) + + sigOpts := notation.SignOptions{ + SignerSignOptions: notation.SignerSignOptions{ + SignatureMediaType: mediaType, + PluginConfig: map[string]string{}, + }, + ArtifactReference: ref.String(), + } + + _, err = notation.Sign(ctx, newSigner, sigRepo, sigOpts) + if err != nil { + return err + } + + return nil +} + +func VerifyWithNotation(reference string, tdir string) error { + // check if trustpolicy.json exists + trustpolicyPath := path.Join(tdir, "notation/trustpolicy.json") + + if _, err := os.Stat(trustpolicyPath); errors.Is(err, os.ErrNotExist) { + trustPolicy := ` + { + "version": "1.0", + "trustPolicies": [ + { + "name": "good", + "registryScopes": [ "*" ], + "signatureVerification": { + "level" : "audit" + }, + "trustStores": ["ca:good"], + "trustedIdentities": [ + "*" + ] + } + ] + }` + + file, err := os.Create(trustpolicyPath) + if err != nil { + return err + } + + defer file.Close() + + _, err = file.WriteString(trustPolicy) + if err != nil { + return err + } + } + + // start verifying signatures + ctx := context.TODO() + + // getRepositoryClient + authClient := &auth.Client{ + Credential: func(ctx context.Context, reg string) (auth.Credential, error) { + return auth.EmptyCredential, nil + }, + Cache: auth.NewCache(), + ClientID: "notation", + } + + authClient.SetUserAgent("notation/zot_tests") + + plainHTTP := true + + // Resolve referance + ref, err := registry.ParseReference(reference) + if err != nil { + return err + } + + remoteRepo := &remote.Repository{ + Client: authClient, + Reference: ref, + PlainHTTP: plainHTTP, + } + + repositoryOpts := notreg.RepositoryOptions{} + + repo := notreg.NewRepositoryWithOptions(remoteRepo, repositoryOpts) + + manifestDesc, err := repo.Resolve(ctx, ref.Reference) + if err != nil { + return err + } + + if err := ref.ValidateReferenceAsDigest(); err != nil { + ref.Reference = manifestDesc.Digest.String() + } + + // getVerifier + newVerifier, err := verifier.NewFromConfig() + if err != nil { + return err + } + + remoteRepo = &remote.Repository{ + Client: authClient, + Reference: ref, + PlainHTTP: plainHTTP, + } + + repo = notreg.NewRepositoryWithOptions(remoteRepo, repositoryOpts) + + configs := map[string]string{} + + verifyOpts := notation.VerifyOptions{ + ArtifactReference: ref.String(), + PluginConfig: configs, + MaxSignatureAttempts: math.MaxInt64, + } + + _, outcomes, err := notation.Verify(ctx, newVerifier, repo, verifyOpts) + if err != nil || len(outcomes) == 0 { + return ErrSignatureVerification + } + + return nil +} + +func ListNotarySignatures(reference string, tdir string) ([]godigest.Digest, error) { + signatures := []godigest.Digest{} + + ctx := context.TODO() + + // getSignatureRepository + ref, err := registry.ParseReference(reference) + if err != nil { + return signatures, err + } + + plainHTTP := true + + // getRepositoryClient + authClient := &auth.Client{ + Credential: func(ctx context.Context, registry string) (auth.Credential, error) { + return auth.EmptyCredential, nil + }, + Cache: auth.NewCache(), + ClientID: "notation", + } + + authClient.SetUserAgent("notation/zot_tests") + + remoteRepo := &remote.Repository{ + Client: authClient, + Reference: ref, + PlainHTTP: plainHTTP, + } + + sigRepo := notreg.NewRepository(remoteRepo) + + artifactDesc, err := sigRepo.Resolve(ctx, reference) + if err != nil { + return signatures, err + } + + err = sigRepo.ListSignatures(ctx, artifactDesc, func(signatureManifests []ispec.Descriptor) error { + for _, sigManifestDesc := range signatureManifests { + signatures = append(signatures, sigManifestDesc.Digest) + } + + return nil + }) + + return signatures, err +} + +func LoadNotationSigningkeys(tdir string) (*notconfig.SigningKeys, error) { + var err error + + var signingKeysInfo *notconfig.SigningKeys + + filePath := path.Join(tdir, "notation/signingkeys.json") + + file, err := os.Open(filePath) + if err != nil { + if errors.Is(err, fs.ErrNotExist) { + // create file + newSigningKeys := notconfig.NewSigningKeys() + + newFile, err := os.Create(filePath) + if err != nil { + return newSigningKeys, err + } + + defer newFile.Close() + + encoder := json.NewEncoder(newFile) + encoder.SetIndent("", " ") + + err = encoder.Encode(newSigningKeys) + + return newSigningKeys, err + } + + return nil, err + } + + defer file.Close() + + err = json.NewDecoder(file).Decode(&signingKeysInfo) + + return signingKeysInfo, err +} + +func LoadNotationConfig(tdir string) (*notconfig.Config, error) { + var configInfo *notconfig.Config + + filePath := path.Join(tdir, "notation/signingkeys.json") + + file, err := os.Open(filePath) + if err != nil { + return configInfo, err + } + + defer file.Close() + + err = json.NewDecoder(file).Decode(&configInfo) + if err != nil { + return configInfo, err + } + + // set default value + configInfo.SignatureFormat = strings.ToLower(configInfo.SignatureFormat) + if configInfo.SignatureFormat == "" { + configInfo.SignatureFormat = "jws" + } + + return configInfo, nil +} + +func SignImageUsingNotary(repoTag, port string) error { + cwd, err := os.Getwd() + if err != nil { + return err + } + + defer func() { _ = os.Chdir(cwd) }() + + tdir, err := os.MkdirTemp("", "notation") + if err != nil { + return err + } + + defer os.RemoveAll(tdir) + + _ = os.Chdir(tdir) + + NotationPathLock.Lock() + defer NotationPathLock.Unlock() + + LoadNotationPath(tdir) + + // generate a keypair + err = GenerateNotationCerts(tdir, "notation-sign-test") + if err != nil { + return err + } + + // sign the image + image := fmt.Sprintf("localhost:%s/%s", port, repoTag) + + err = SignWithNotation("notation-sign-test", image, tdir) + + return err +} diff --git a/pkg/test/signature/notation_test.go b/pkg/test/signature/notation_test.go new file mode 100644 index 000000000..0a4089c8d --- /dev/null +++ b/pkg/test/signature/notation_test.go @@ -0,0 +1,464 @@ +//go:build sync && scrub && metrics && search +// +build sync,scrub,metrics,search + +package signature_test + +import ( + "encoding/json" + "fmt" + "os" + "path" + "testing" + + notconfig "github.com/notaryproject/notation-go/config" + . "github.com/smartystreets/goconvey/convey" + + "zotregistry.io/zot/pkg/api" + "zotregistry.io/zot/pkg/api/config" + tcommon "zotregistry.io/zot/pkg/test/common" + . "zotregistry.io/zot/pkg/test/image-utils" + signature "zotregistry.io/zot/pkg/test/signature" +) + +func TestLoadNotationSigningkeys(t *testing.T) { + Convey("notation directory doesn't exist", t, func() { + _, err := signature.LoadNotationSigningkeys(t.TempDir()) + So(err, ShouldNotBeNil) + }) + + Convey("wrong content of signingkeys.json", t, func() { + tempDir := t.TempDir() + dir := path.Join(tempDir, "notation") + err := os.Mkdir(dir, 0o777) + So(err, ShouldBeNil) + + filePath := path.Join(dir, "signingkeys.json") + err = os.WriteFile(filePath, []byte("some dummy file content"), 0o666) //nolint: gosec + So(err, ShouldBeNil) + + _, err = signature.LoadNotationSigningkeys(tempDir) + So(err, ShouldNotBeNil) + }) + + Convey("not enough permissions to access signingkeys.json", t, func() { + tempDir := t.TempDir() + dir := path.Join(tempDir, "notation") + err := os.Mkdir(dir, 0o777) + So(err, ShouldBeNil) + + filePath := path.Join(dir, "signingkeys.json") + err = os.WriteFile(filePath, []byte("some dummy file content"), 0o300) //nolint: gosec + So(err, ShouldBeNil) + + _, err = signature.LoadNotationSigningkeys(tempDir) + So(err, ShouldNotBeNil) + }) + + Convey("signingkeys.json not exists so it is created successfully", t, func() { + tempDir := t.TempDir() + dir := path.Join(tempDir, "notation") + err := os.Mkdir(dir, 0o777) + So(err, ShouldBeNil) + + _, err = signature.LoadNotationSigningkeys(tempDir) + So(err, ShouldBeNil) + }) + + Convey("signingkeys.json not exists - error trying to create it", t, func() { + tempDir := t.TempDir() + dir := path.Join(tempDir, "notation") + // create notation directory without write permissions + err := os.Mkdir(dir, 0o555) + So(err, ShouldBeNil) + + _, err = signature.LoadNotationSigningkeys(tempDir) + So(err, ShouldNotBeNil) + }) +} + +func TestLoadNotationConfig(t *testing.T) { + Convey("directory doesn't exist", t, func() { + _, err := signature.LoadNotationConfig(t.TempDir()) + So(err, ShouldNotBeNil) + }) + + Convey("wrong content of signingkeys.json", t, func() { + tempDir := t.TempDir() + dir := path.Join(tempDir, "notation") + err := os.Mkdir(dir, 0o777) + So(err, ShouldBeNil) + + filePath := path.Join(dir, "signingkeys.json") + err = os.WriteFile(filePath, []byte("some dummy file content"), 0o666) //nolint: gosec + So(err, ShouldBeNil) + + _, err = signature.LoadNotationConfig(tempDir) + So(err, ShouldNotBeNil) + }) + + Convey("check default value of signature format", t, func() { + tempDir := t.TempDir() + dir := path.Join(tempDir, "notation") + err := os.Mkdir(dir, 0o777) + So(err, ShouldBeNil) + + filePath := path.Join(dir, "signingkeys.json") + err = os.WriteFile(filePath, []byte("{\"SignatureFormat\": \"\"}"), 0o666) //nolint: gosec + So(err, ShouldBeNil) + + configInfo, err := signature.LoadNotationConfig(tempDir) + So(err, ShouldBeNil) + So(configInfo.SignatureFormat, ShouldEqual, "jws") + }) +} + +func TestSignWithNotation(t *testing.T) { + Convey("notation directory doesn't exist", t, func() { + err := signature.SignWithNotation("key", "reference", t.TempDir()) + So(err, ShouldNotBeNil) + }) + + Convey("key not found", t, func() { + tempDir := t.TempDir() + dir := path.Join(tempDir, "notation") + err := os.Mkdir(dir, 0o777) + So(err, ShouldBeNil) + + filePath := path.Join(dir, "signingkeys.json") + err = os.WriteFile(filePath, []byte("{}"), 0o666) //nolint: gosec + So(err, ShouldBeNil) + + err = signature.SignWithNotation("key", "reference", tempDir) + So(err, ShouldEqual, signature.ErrKeyNotFound) + }) + + Convey("not enough permissions to access notation/localkeys dir", t, func() { + cwd, err := os.Getwd() + So(err, ShouldBeNil) + defer func() { _ = os.Chdir(cwd) }() + tdir := t.TempDir() + _ = os.Chdir(tdir) + + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() + + signature.LoadNotationPath(tdir) + + err = signature.GenerateNotationCerts(tdir, "key") + So(err, ShouldBeNil) + + err = os.Chmod(path.Join(tdir, "notation", "localkeys"), 0o000) + So(err, ShouldBeNil) + + err = signature.SignWithNotation("key", "reference", tdir) + So(err, ShouldNotBeNil) + + err = os.Chmod(path.Join(tdir, "notation", "localkeys"), 0o755) + So(err, ShouldBeNil) + }) + + Convey("error parsing reference", t, func() { + cwd, err := os.Getwd() + So(err, ShouldBeNil) + defer func() { _ = os.Chdir(cwd) }() + tdir := t.TempDir() + _ = os.Chdir(tdir) + + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() + + signature.LoadNotationPath(tdir) + + err = signature.GenerateNotationCerts(tdir, "key") + So(err, ShouldBeNil) + + err = signature.SignWithNotation("key", "invalidReference", tdir) + So(err, ShouldNotBeNil) + }) + + Convey("error signing", t, func() { + cwd, err := os.Getwd() + So(err, ShouldBeNil) + defer func() { _ = os.Chdir(cwd) }() + tdir := t.TempDir() + _ = os.Chdir(tdir) + + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() + + signature.LoadNotationPath(tdir) + + err = signature.GenerateNotationCerts(tdir, "key") + So(err, ShouldBeNil) + + err = signature.SignWithNotation("key", "localhost:8080/invalidreference:1.0", tdir) + So(err, ShouldNotBeNil) + }) +} + +func TestVerifyWithNotation(t *testing.T) { + Convey("notation directory doesn't exist", t, func() { + err := signature.VerifyWithNotation("reference", t.TempDir()) + So(err, ShouldNotBeNil) + }) + + Convey("error parsing reference", t, func() { + cwd, err := os.Getwd() + So(err, ShouldBeNil) + defer func() { _ = os.Chdir(cwd) }() + tdir := t.TempDir() + _ = os.Chdir(tdir) + + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() + + signature.LoadNotationPath(tdir) + + err = signature.GenerateNotationCerts(tdir, "key") + So(err, ShouldBeNil) + + err = signature.VerifyWithNotation("invalidReference", tdir) + So(err, ShouldNotBeNil) + }) + + Convey("error trying to get manifest", t, func() { + cwd, err := os.Getwd() + So(err, ShouldBeNil) + defer func() { _ = os.Chdir(cwd) }() + tdir := t.TempDir() + _ = os.Chdir(tdir) + + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() + + signature.LoadNotationPath(tdir) + + err = signature.GenerateNotationCerts(tdir, "key") + So(err, ShouldBeNil) + + err = signature.VerifyWithNotation("localhost:8080/invalidreference:1.0", tdir) + So(err, ShouldNotBeNil) + }) + + Convey("invalid content of trustpolicy.json", t, func() { + // start a new server + port := tcommon.GetFreePort() + baseURL := tcommon.GetBaseURL(port) + dir := t.TempDir() + + conf := config.New() + conf.HTTP.Port = port + conf.Storage.RootDirectory = dir + + ctlr := api.NewController(conf) + cm := tcommon.NewControllerManager(ctlr) + // this blocks + cm.StartAndWait(port) + defer cm.StopServer() + + repoName := "signed-repo" + tag := "1.0" + + image := CreateRandomImage() + + err := UploadImage(image, baseURL, repoName, tag) + So(err, ShouldBeNil) + + tempDir := t.TempDir() + notationDir := path.Join(tempDir, "notation") + err = os.Mkdir(notationDir, 0o777) + So(err, ShouldBeNil) + + filePath := path.Join(notationDir, "trustpolicy.json") + err = os.WriteFile(filePath, []byte("some dummy file content"), 0o666) //nolint: gosec + So(err, ShouldBeNil) + + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() + + signature.LoadNotationPath(tempDir) + + err = signature.VerifyWithNotation(fmt.Sprintf("localhost:%s/%s:%s", port, repoName, tag), tempDir) + So(err, ShouldNotBeNil) + }) +} + +func TestListNotarySignatures(t *testing.T) { + Convey("error parsing reference", t, func() { + cwd, err := os.Getwd() + So(err, ShouldBeNil) + defer func() { _ = os.Chdir(cwd) }() + tdir := t.TempDir() + _ = os.Chdir(tdir) + + _, err = signature.ListNotarySignatures("invalidReference", tdir) + So(err, ShouldNotBeNil) + }) + + Convey("error trying to get manifest", t, func() { + cwd, err := os.Getwd() + So(err, ShouldBeNil) + defer func() { _ = os.Chdir(cwd) }() + tdir := t.TempDir() + _ = os.Chdir(tdir) + + _, err = signature.ListNotarySignatures("localhost:8080/invalidreference:1.0", tdir) + So(err, ShouldNotBeNil) + }) +} + +func TestGenerateNotationCerts(t *testing.T) { + Convey("write key file with permission", t, func() { + tempDir := t.TempDir() + + notationDir := path.Join(tempDir, "notation") + err := os.Mkdir(notationDir, 0o777) + So(err, ShouldBeNil) + + filePath := path.Join(notationDir, "localkeys") + err = os.WriteFile(filePath, []byte("{}"), 0o666) //nolint: gosec + So(err, ShouldBeNil) + + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() + + signature.LoadNotationPath(tempDir) + + err = signature.GenerateNotationCerts(t.TempDir(), "cert") + So(err, ShouldNotBeNil) + }) + + Convey("write cert file with permission", t, func() { + tempDir := t.TempDir() + + notationDir := path.Join(tempDir, "notation", "localkeys") + err := os.MkdirAll(notationDir, 0o777) + So(err, ShouldBeNil) + + filePath := path.Join(notationDir, "cert.crt") + err = os.WriteFile(filePath, []byte("{}"), 0o666) //nolint: gosec + So(err, ShouldBeNil) + + err = os.Chmod(filePath, 0o000) + So(err, ShouldBeNil) + + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() + + signature.LoadNotationPath(tempDir) + + err = signature.GenerateNotationCerts(t.TempDir(), "cert") + So(err, ShouldNotBeNil) + + err = os.Chmod(filePath, 0o755) + So(err, ShouldBeNil) + }) + + Convey("signingkeys.json file - not enough permission", t, func() { + tempDir := t.TempDir() + + notationDir := path.Join(tempDir, "notation") + err := os.Mkdir(notationDir, 0o777) + So(err, ShouldBeNil) + + filePath := path.Join(notationDir, "signingkeys.json") + _, err = os.Create(filePath) //nolint: gosec + So(err, ShouldBeNil) + err = os.Chmod(filePath, 0o000) + So(err, ShouldBeNil) + + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() + + signature.LoadNotationPath(tempDir) + + err = signature.GenerateNotationCerts(t.TempDir(), "cert") + So(err, ShouldNotBeNil) + + err = os.Remove(filePath) + So(err, ShouldBeNil) + err = os.RemoveAll(path.Join(notationDir, "localkeys")) + So(err, ShouldBeNil) + signingKeysBuf, err := json.Marshal(notconfig.SigningKeys{}) + So(err, ShouldBeNil) + err = os.WriteFile(filePath, signingKeysBuf, 0o555) //nolint:gosec // test code + So(err, ShouldBeNil) + err = signature.GenerateNotationCerts(t.TempDir(), "cert") + So(err, ShouldNotBeNil) + }) + Convey("keysuite already exists in signingkeys.json", t, func() { + tempDir := t.TempDir() + + notationDir := path.Join(tempDir, "notation") + err := os.Mkdir(notationDir, 0o777) + So(err, ShouldBeNil) + + certName := "cert-test" + filePath := path.Join(notationDir, "signingkeys.json") + keyPath := path.Join(notationDir, "localkeys", certName+".key") + certPath := path.Join(notationDir, "localkeys", certName+".crt") + signingKeys := notconfig.SigningKeys{} + keySuite := notconfig.KeySuite{ + Name: certName, + X509KeyPair: ¬config.X509KeyPair{ + KeyPath: keyPath, + CertificatePath: certPath, + }, + } + signingKeys.Keys = []notconfig.KeySuite{keySuite} + signingKeysBuf, err := json.Marshal(signingKeys) + So(err, ShouldBeNil) + err = os.WriteFile(filePath, signingKeysBuf, 0o600) + So(err, ShouldBeNil) + + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() + + signature.LoadNotationPath(tempDir) + + err = signature.GenerateNotationCerts(t.TempDir(), certName) + So(err, ShouldNotBeNil) + }) + Convey("truststore files", t, func() { + tempDir := t.TempDir() + + notationDir := path.Join(tempDir, "notation") + err := os.Mkdir(notationDir, 0o777) + So(err, ShouldBeNil) + + certName := "cert-test" + trustStorePath := path.Join(notationDir, fmt.Sprintf("truststore/x509/ca/%s", certName)) + err = os.MkdirAll(trustStorePath, 0o755) + So(err, ShouldBeNil) + err = os.Chmod(path.Join(notationDir, "truststore/x509"), 0o000) + So(err, ShouldBeNil) + + signature.NotationPathLock.Lock() + defer signature.NotationPathLock.Unlock() + + signature.LoadNotationPath(tempDir) + + err = signature.GenerateNotationCerts(tempDir, certName) + So(err, ShouldNotBeNil) + + err = os.RemoveAll(path.Join(notationDir, "localkeys")) + So(err, ShouldBeNil) + err = os.Chmod(path.Join(notationDir, "truststore/x509"), 0o755) + So(err, ShouldBeNil) + _, err = os.Create(path.Join(trustStorePath, "cert-test.crt")) + So(err, ShouldBeNil) + + err = signature.GenerateNotationCerts(tempDir, certName) + So(err, ShouldNotBeNil) + + err = os.RemoveAll(path.Join(notationDir, "localkeys")) + So(err, ShouldBeNil) + err = os.Remove(path.Join(trustStorePath, "cert-test.crt")) + So(err, ShouldBeNil) + err = os.Chmod(path.Join(notationDir, "truststore/x509/ca", certName), 0o555) + So(err, ShouldBeNil) + + err = signature.GenerateNotationCerts(tempDir, certName) + So(err, ShouldNotBeNil) + }) +} diff --git a/pkg/test/test_http_server.go b/pkg/test/test_http_server.go deleted file mode 100644 index e8f24f9f3..000000000 --- a/pkg/test/test_http_server.go +++ /dev/null @@ -1,51 +0,0 @@ -package test - -import ( - "errors" - "fmt" - "net/http" - - "github.com/gorilla/mux" -) - -type RouteHandler struct { - Route string - // HandlerFunc is the HTTP handler function that receives a writer for output and an HTTP request as input. - HandlerFunc http.HandlerFunc - // AllowedMethods specifies the HTTP methods allowed for the current route. - AllowedMethods []string -} - -// Routes is a map that associates HTTP paths to their corresponding HTTP handlers. -type HTTPRoutes []RouteHandler - -func StartTestHTTPServer(routes HTTPRoutes, port string) *http.Server { - baseURL := GetBaseURL(port) - mux := mux.NewRouter() - - mux.HandleFunc("/test", func(w http.ResponseWriter, r *http.Request) { - _, err := w.Write([]byte("{}")) - if err != nil { - return - } - }).Methods(http.MethodGet) - - for _, routeHandler := range routes { - mux.HandleFunc(routeHandler.Route, routeHandler.HandlerFunc).Methods(routeHandler.AllowedMethods...) - } - - server := &http.Server{ //nolint:gosec - Addr: fmt.Sprintf(":%s", port), - Handler: mux, - } - - go func() { - if err := server.ListenAndServe(); !errors.Is(err, http.ErrServerClosed) { - return - } - }() - - WaitTillServerReady(baseURL + "/test") - - return server -}