def test_trust_gpg_email_id(self):
args = self.Args()
testobj = Trust(policy_filename=os.path.join(FIXTURE_DIR, "show_policy.json"))
testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
actual = testobj.get_gpg_id(args.pubkeys)
self.assertEqual("*****@*****.**", actual)
def test_trust_gpg_email_id(self):
args = self.Args()
testobj = Trust(
policy_filename=os.path.join(FIXTURE_DIR, "show_policy.json"))
testobj.atomic_config = util.get_atomic_config(
atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
actual = testobj.get_gpg_id(args.pubkeys)
self.assertEqual("*****@*****.**", actual)
def test_add_repo_sigstore(self):
testobj = Trust(policy_filename=TEST_POLICY)
testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.modify_registry_config("docker.io/repo", "docker", "https://sigstore.acme.com/sigs")
with open(os.path.join(FIXTURE_DIR, "configs/docker.io-repo.yaml"), "r") as f:
conf_expected = yaml.load(f)
with open(os.path.join(FIXTURE_DIR, "etc/containers/registries.d/docker.io-repo.yaml"), "r") as f:
conf_modified = yaml.load(f)
self.assertEqual(conf_expected, conf_modified)
def test_trust_show(self):
args = self.Args()
testobj = Trust(policy_filename=os.path.join(FIXTURE_DIR, "show_policy.json"))
testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
with self.captured_output() as (out, _):
testobj.show()
with open(os.path.join(FIXTURE_DIR, "show_policy.output"), "r") as f:
expected = f.read()
actual = out.getvalue()
self.assertEqual(expected, actual)
def test_add_trust_keys(self):
args = self.Args()
args.sigstore = None
testobj = Trust(policy_filename = TEST_POLICY)
testobj.atomic_config = util.get_atomic_config(atomic_config = os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
testobj.add()
with open(testobj.policy_filename, 'r') as f:
d = json.load(f)
self.assertEqual(d["transports"]["atomic"]["docker.io"][0]["keyPath"],
os.path.join(FIXTURE_DIR, "key1.pub"))
def test_trust_show(self):
args = self.Args()
testobj = Trust(
policy_filename=os.path.join(FIXTURE_DIR, "show_policy.json"))
testobj.atomic_config = util.get_atomic_config(
atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
with self.captured_output() as (out, _):
testobj.show()
with open(os.path.join(FIXTURE_DIR, "show_policy.output"), 'r') as f:
expected = f.read()
actual = out.getvalue()
self.assertEqual(expected, actual)
def test_add_trust_keys(self):
args = self.Args()
args.sigstore = None
testobj = Trust(policy_filename=TEST_POLICY)
testobj.atomic_config = util.get_atomic_config(
atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
testobj.add()
with open(testobj.policy_filename, 'r') as f:
d = json.load(f)
self.assertEqual(
d["transports"]["atomic"]["docker.io"][0]["keyPath"],
os.path.join(FIXTURE_DIR, "key1.pub"))
def test_delete_trust(self):
args = self.Args()
args.pubkeys = []
args.sigstoretype = "web"
args.registry = "registry.example.com/foo"
args.pubkeys = None
testobj = Trust(policy_filename=TEST_POLICY)
testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
testobj.delete()
with open(testobj.policy_filename, "r") as f:
d = json.load(f)
self.assertNotIn(args.registry, d["transports"]["docker"])
def test_add_reject_type(self):
args = self.Args()
args.trust_type = "reject"
args.sigstoretype = "web"
args.pubkeys = []
args.registry = "registry.example.com/foo"
testobj = Trust(policy_filename=TEST_POLICY)
testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
testobj.add()
with open(testobj.policy_filename, "r") as f:
d = json.load(f)
self.assertEqual(d["transports"]["docker"][args.registry][0]["type"], args.trust_type)
def test_delete_trust(self):
args = self.Args()
args.pubkeys = []
args.sigstoretype = "web"
args.registry = "registry.example.com/foo"
args.pubkeys = None
testobj = Trust(policy_filename=TEST_POLICY)
testobj.atomic_config = util.get_atomic_config(
atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
testobj.delete()
with open(testobj.policy_filename, 'r') as f:
d = json.load(f)
self.assertNotIn(args.registry, d["transports"]["docker"])
def test_update_registry_sigstore(self):
testobj = Trust(policy_filename=TEST_POLICY)
testobj.atomic_config = util.get_atomic_config(
atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.modify_registry_config("docker.io", "docker",
"https://sigstore.example.com/update")
with open(os.path.join(FIXTURE_DIR, "configs/docker.io.updated.yaml"),
'r') as f:
conf_expected = yaml.load(f)
with open(
os.path.join(FIXTURE_DIR,
"etc/containers/registries.d/docker.io.yaml"),
'r') as f:
conf_modified = yaml.load(f)
self.assertEqual(conf_expected, conf_modified)
def test_add_reject_type(self):
args = self.Args()
args.trust_type = "reject"
args.sigstoretype = "web"
args.pubkeys = []
args.registry = "registry.example.com/foo"
testobj = Trust(policy_filename=TEST_POLICY)
testobj.atomic_config = util.get_atomic_config(
atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
testobj.add()
with open(testobj.policy_filename, 'r') as f:
d = json.load(f)
self.assertEqual(
d["transports"]["docker"][args.registry][0]["type"],
args.trust_type)
