From 6135d887d93804693b24c55308a2b5aee4a3ef24 Mon Sep 17 00:00:00 2001 From: Junjie Gao Date: Thu, 28 Mar 2024 14:33:01 +0800 Subject: [PATCH] test: add e2e Signed-off-by: Junjie Gao --- .../KeyVault/CredentialsTests.cs | 4 +- .../KeyVault/Credentials.cs | 4 +- test/e2e/action.yml | 76 ++++++++++++++++++- 3 files changed, 79 insertions(+), 5 deletions(-) diff --git a/Notation.Plugin.AzureKeyVault.Tests/KeyVault/CredentialsTests.cs b/Notation.Plugin.AzureKeyVault.Tests/KeyVault/CredentialsTests.cs index 8da746e2..47c9b444 100644 --- a/Notation.Plugin.AzureKeyVault.Tests/KeyVault/CredentialsTests.cs +++ b/Notation.Plugin.AzureKeyVault.Tests/KeyVault/CredentialsTests.cs @@ -10,8 +10,8 @@ public class CredentialsTests [Theory] [InlineData("default")] [InlineData("environment")] - [InlineData("workloadidentity")] - [InlineData("managedidentity")] + [InlineData("workloadid")] + [InlineData("managedid")] [InlineData("azurecli")] public void GetCredentials_WithValidCredentialType_ReturnsExpectedCredential(string credentialType) { diff --git a/Notation.Plugin.AzureKeyVault/KeyVault/Credentials.cs b/Notation.Plugin.AzureKeyVault/KeyVault/Credentials.cs index b564aacc..30b535a5 100644 --- a/Notation.Plugin.AzureKeyVault/KeyVault/Credentials.cs +++ b/Notation.Plugin.AzureKeyVault/KeyVault/Credentials.cs @@ -21,11 +21,11 @@ public class Credentials /// /// Workload identity credential name. /// - public const string WorkloadIdentityCredentialName = "workloadidentity"; + public const string WorkloadIdentityCredentialName = "workloadid"; /// /// Managed identity credential name. /// - public const string ManagedIdentityCredentialName = "managedidentity"; + public const string ManagedIdentityCredentialName = "managedid"; /// /// Azure CLI credential name. /// diff --git a/test/e2e/action.yml b/test/e2e/action.yml index 4b2ed23a..479e71a0 100644 --- a/test/e2e/action.yml +++ b/test/e2e/action.yml @@ -181,4 +181,78 @@ runs: run: | echo "both self signed and ca certs plugin config exist should failed, but succeeded." exit 1 - shell: bash \ No newline at end of file + shell: bash + + # credential type test + - name: enviroment credential failed + continue-on-error: true + id: enviroment-credential-failed + uses: notaryproject/notation-action/sign@v1 + with: + plugin_name: azure-kv + plugin_url: ${{ inputs.pluginDownloadURL }} + plugin_checksum: ${{ inputs.pluginChecksum }} + key_id: https://acrci-test-kv.vault.azure.net/keys/self-signed-pkcs12/70747b2064c0488e936eba7a29acc4c6 + target_artifact_reference: localhost:5000/hello-world:v1 + signature_format: cose + plugin_config: | + credential_type=environment + self_signed=true + - name: 'Should Fail: enviroment credential failed' + if: steps.enviroment-credential-failed.outcome != 'failure' + run: | + echo "enviroment credential failed should failed, but succeeded." + exit 1 + shell: bash + - name: workload identity failed + continue-on-error: true + id: workload-identity-failed + uses: notaryproject/notation-action/sign@v1 + with: + plugin_name: azure-kv + plugin_url: ${{ inputs.pluginDownloadURL }} + plugin_checksum: ${{ inputs.pluginChecksum }} + key_id: https://acrci-test-kv.vault.azure.net/keys/self-signed-pkcs12/70747b2064c0488e936eba7a29acc4c6 + target_artifact_reference: localhost:5000/hello-world:v1 + signature_format: cose + plugin_config: | + credential_type=workloadid + self_signed=true + - name: 'Should Fail: workload identity failed' + if: steps.workload-identity-failed.outcome != 'failure' + run: | + echo "workload identity failed should failed, but succeeded." + exit 1 + shell: bash + - name: managed identity failed + continue-on-error: true + id: managed-identity-failed + uses: notaryproject/notation-action/sign@v1 + with: + plugin_name: azure-kv + plugin_url: ${{ inputs.pluginDownloadURL }} + plugin_checksum: ${{ inputs.pluginChecksum }} + key_id: https://acrci-test-kv.vault.azure.net/keys/self-signed-pkcs12/70747b2064c0488e936eba7a29acc4c6 + target_artifact_reference: localhost:5000/hello-world:v1 + signature_format: cose + plugin_config: | + credential_type=managedid + self_signed=true + - name: 'Should Fail: managed identity failed' + if: steps.managed-identity-failed.outcome != 'failure' + run: | + echo "managed identity failed should failed, but succeeded." + exit 1 + shell: bash + - name: azure cli succeeded + uses: notaryproject/notation-action/sign@v1 + with: + plugin_name: azure-kv + plugin_url: ${{ inputs.pluginDownloadURL }} + plugin_checksum: ${{ inputs.pluginChecksum }} + key_id: https://acrci-test-kv.vault.azure.net/keys/self-signed-pkcs12/70747b2064c0488e936eba7a29acc4c6 + target_artifact_reference: localhost:5000/hello-world:v1 + signature_format: cose + plugin_config: | + credential_type=azurecli + self_signed=true \ No newline at end of file