From 4ebd753ca32c4f888f3c6d2055aa98df2f88a6d6 Mon Sep 17 00:00:00 2001 From: Yongxuan Zhang Date: Thu, 8 Jun 2023 19:18:19 +0000 Subject: [PATCH] remove GetUnsignedPipeline helper function and use var in each file This commit is part of #5820. It removes the GetUnsignedPipeline helper function and use a var in each test file instead to improve the readability for developers. No functional change. Signed-off-by: Yongxuan Zhang yongxuanzhang@google.com --- .../pipelinerun/resources/pipelineref_test.go | 23 ++++- pkg/trustedresources/verify_test.go | 90 +++++++++++-------- test/trustedresources.go | 21 ----- 3 files changed, 74 insertions(+), 60 deletions(-) diff --git a/pkg/reconciler/pipelinerun/resources/pipelineref_test.go b/pkg/reconciler/pipelinerun/resources/pipelineref_test.go index 11597f1fc05..6a7f4b13c4d 100644 --- a/pkg/reconciler/pipelinerun/resources/pipelineref_test.go +++ b/pkg/reconciler/pipelinerun/resources/pipelineref_test.go @@ -71,6 +71,23 @@ var ( }, EntryPoint: "foo/bar", } + unsignedV1beta1Pipeline = &v1beta1.Pipeline{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "tekton.dev/v1beta1", + Kind: "Pipeline"}, + ObjectMeta: metav1.ObjectMeta{ + Name: "test-pipeline", + Namespace: "trusted-resources", + Annotations: map[string]string{"foo": "bar"}, + }, + Spec: v1beta1.PipelineSpec{ + Tasks: []v1beta1.PipelineTask{ + { + Name: "task", + }, + }, + }, + } unsignedV1Pipeline = &v1.Pipeline{ TypeMeta: metav1.TypeMeta{ @@ -541,7 +558,7 @@ func TestGetPipelineFunc_V1beta1Pipeline_VerifyNoError(t *testing.T) { signer, _, k8sclient, vps := test.SetupVerificationPolicies(t) tektonclient := fake.NewSimpleClientset() - unsignedPipeline := test.GetUnsignedPipeline("test-pipeline") + unsignedPipeline := unsignedV1beta1Pipeline unsignedV1Pipeline := &v1.Pipeline{} unsignedPipeline.ConvertTo(ctx, unsignedV1Pipeline) unsignedV1Pipeline.APIVersion = "tekton.dev/v1" @@ -744,7 +761,7 @@ func TestGetPipelineFunc_V1beta1Pipeline_VerifyError(t *testing.T) { tektonclient := fake.NewSimpleClientset() signer, _, k8sclient, vps := test.SetupVerificationPolicies(t) - unsignedPipeline := test.GetUnsignedPipeline("test-pipeline") + unsignedPipeline := unsignedV1beta1Pipeline unsignedPipelineBytes, err := json.Marshal(unsignedPipeline) if err != nil { t.Fatal("fail to marshal pipeline", err) @@ -1190,7 +1207,7 @@ func TestGetPipelineFunc_GetFuncError(t *testing.T) { tektonclient := fake.NewSimpleClientset() _, k8sclient, vps := test.SetupMatchAllVerificationPolicies(t, "trusted-resources") - unsignedPipeline := test.GetUnsignedPipeline("test-pipeline") + unsignedPipeline := unsignedV1beta1Pipeline unsignedPipelineBytes, err := json.Marshal(unsignedPipeline) if err != nil { t.Fatal("fail to marshal pipeline", err) diff --git a/pkg/trustedresources/verify_test.go b/pkg/trustedresources/verify_test.go index 40b15bfaafa..b07dbeb1bbd 100644 --- a/pkg/trustedresources/verify_test.go +++ b/pkg/trustedresources/verify_test.go @@ -44,38 +44,56 @@ const ( namespace = "trusted-resources" ) -var unsignedTask = v1.Task{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "tekton.dev/v1", - Kind: "Task"}, - ObjectMeta: metav1.ObjectMeta{ - Name: "task", - Annotations: map[string]string{"foo": "bar"}, - }, - Spec: v1.TaskSpec{ - Steps: []v1.Step{{ - Image: "ubuntu", - Name: "echo", - }}, - }, -} - -var unsignedPipeline = v1.Pipeline{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "tekton.dev/v1", - Kind: "Pipeline"}, - ObjectMeta: metav1.ObjectMeta{ - Name: "pipeline", - Annotations: map[string]string{"foo": "bar"}, - }, - Spec: v1.PipelineSpec{ - Tasks: []v1.PipelineTask{ - { - Name: "task", +var ( + unsignedV1Task = v1.Task{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "tekton.dev/v1", + Kind: "Task"}, + ObjectMeta: metav1.ObjectMeta{ + Name: "task", + Annotations: map[string]string{"foo": "bar"}, + }, + Spec: v1.TaskSpec{ + Steps: []v1.Step{{ + Image: "ubuntu", + Name: "echo", + }}, + }, + } + unsignedV1beta1Pipeline = &v1beta1.Pipeline{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "tekton.dev/v1beta1", + Kind: "Pipeline"}, + ObjectMeta: metav1.ObjectMeta{ + Name: "test-pipeline", + Namespace: "trusted-resources", + Annotations: map[string]string{"foo": "bar"}, + }, + Spec: v1beta1.PipelineSpec{ + Tasks: []v1beta1.PipelineTask{ + { + Name: "task", + }, }, }, - }, -} + } + unsignedV1Pipeline = v1.Pipeline{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "tekton.dev/v1", + Kind: "Pipeline"}, + ObjectMeta: metav1.ObjectMeta{ + Name: "pipeline", + Annotations: map[string]string{"foo": "bar"}, + }, + Spec: v1.PipelineSpec{ + Tasks: []v1.PipelineTask{ + { + Name: "task", + }, + }, + }, + } +) func TestVerifyResource_Task_Success(t *testing.T) { signer256, _, k8sclient, vps := test.SetupVerificationPolicies(t) @@ -344,7 +362,7 @@ func TestVerifyResource_Task_Error(t *testing.T) { func TestVerifyResource_Pipeline_Success(t *testing.T) { sv, _, k8sclient, vps := test.SetupVerificationPolicies(t) - unsignedPipeline := test.GetUnsignedPipeline("test-pipeline") + unsignedPipeline := unsignedV1beta1Pipeline signedPipeline, err := test.GetSignedV1beta1Pipeline(unsignedPipeline, sv, "signed") if err != nil { t.Fatal("fail to sign task", err) @@ -398,7 +416,7 @@ func TestVerifyResource_Pipeline_Error(t *testing.T) { ctx = test.SetupTrustedResourceConfig(ctx, config.FailNoMatchPolicy) sv, _, k8sclient, vps := test.SetupVerificationPolicies(t) - unsignedPipeline := test.GetUnsignedPipeline("test-pipeline") + unsignedPipeline := unsignedV1beta1Pipeline signedPipeline, err := test.GetSignedV1beta1Pipeline(unsignedPipeline, sv, "signed") if err != nil { @@ -457,7 +475,7 @@ func TestVerifyResource_Pipeline_Error(t *testing.T) { func TestVerifyResource_V1Task_Success(t *testing.T) { signer, _, k8sclient, vps := test.SetupVerificationPolicies(t) - signedTask, err := getSignedV1Task(unsignedTask.DeepCopy(), signer, "signed") + signedTask, err := getSignedV1Task(unsignedV1Task.DeepCopy(), signer, "signed") if err != nil { t.Error(err) } @@ -468,7 +486,7 @@ func TestVerifyResource_V1Task_Success(t *testing.T) { } func TestVerifyResource_V1Task_Error(t *testing.T) { signer, _, k8sclient, vps := test.SetupVerificationPolicies(t) - signedTask, err := getSignedV1Task(unsignedTask.DeepCopy(), signer, "signed") + signedTask, err := getSignedV1Task(unsignedV1Task.DeepCopy(), signer, "signed") if err != nil { t.Error(err) } @@ -482,7 +500,7 @@ func TestVerifyResource_V1Task_Error(t *testing.T) { func TestVerifyResource_V1Pipeline_Success(t *testing.T) { signer, _, k8sclient, vps := test.SetupVerificationPolicies(t) - signed, err := getSignedV1Pipeline(unsignedPipeline.DeepCopy(), signer, "signed") + signed, err := getSignedV1Pipeline(unsignedV1Pipeline.DeepCopy(), signer, "signed") if err != nil { t.Error(err) } @@ -494,7 +512,7 @@ func TestVerifyResource_V1Pipeline_Success(t *testing.T) { func TestVerifyResource_V1Pipeline_Error(t *testing.T) { signer, _, k8sclient, vps := test.SetupVerificationPolicies(t) - signed, err := getSignedV1Pipeline(unsignedPipeline.DeepCopy(), signer, "signed") + signed, err := getSignedV1Pipeline(unsignedV1Pipeline.DeepCopy(), signer, "signed") if err != nil { t.Error(err) } diff --git a/test/trustedresources.go b/test/trustedresources.go index d2d9980a2b9..1a9c695cd38 100644 --- a/test/trustedresources.go +++ b/test/trustedresources.go @@ -74,27 +74,6 @@ func GetUnsignedTask(name string) *v1beta1.Task { } } -// GetUnsignedPipeline returns unsigned pipeline with given name -func GetUnsignedPipeline(name string) *v1beta1.Pipeline { - return &v1beta1.Pipeline{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "tekton.dev/v1beta1", - Kind: "Pipeline"}, - ObjectMeta: metav1.ObjectMeta{ - Name: name, - Namespace: namespace, - Annotations: map[string]string{"foo": "bar"}, - }, - Spec: v1beta1.PipelineSpec{ - Tasks: []v1beta1.PipelineTask{ - { - Name: "task", - }, - }, - }, - } -} - // SetupTrustedResourceConfig configures the trusted-resources-verification-no-match-policy feature flag with the given mode for testing func SetupTrustedResourceConfig(ctx context.Context, verificationNoMatchPolicy string) context.Context { store := config.NewStore(logging.FromContext(ctx).Named("config-store"))