Skip to content

Commit

Permalink
added more tests
Browse files Browse the repository at this point in the history
Signed-off-by: Patrick Zheng <[email protected]>
  • Loading branch information
Two-Hearts committed Jun 24, 2024
1 parent b256493 commit d06a838
Showing 1 changed file with 27 additions and 0 deletions.
27 changes: 27 additions & 0 deletions verifier/helpers_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,33 @@ func TestIsCriticalFailure(t *testing.T) {
}
}

func TestLoadX509TSATrustStores(t *testing.T) {
policyDoc := trustpolicy.Document{
Version: "1.0",
TrustPolicies: []trustpolicy.TrustPolicy{
{
Name: "testTSA",
RegistryScopes: []string{"*"},
SignatureVerification: trustpolicy.SignatureVerification{VerificationLevel: "strict"},
TrustStores: []string{"tsa:test-timestamp"},
TrustedIdentities: []string{"*"},
},
},
}
dir.UserConfigDir = "testdata"
x509truststore := truststore.NewX509TrustStore(dir.ConfigFS())
_, err := loadX509TSATrustStores(context.Background(), signature.SigningSchemeX509, &policyDoc.TrustPolicies[0], x509truststore)
if err != nil {
t.Fatalf("TestLoadX509TrustStore should not throw error for a valid trust store. Error: %v", err)
}

_, err = loadX509TSATrustStores(context.Background(), signature.SigningSchemeX509SigningAuthority, &policyDoc.TrustPolicies[0], x509truststore)
expectedErrMsg := "error while loading the TSA trust store, signing scheme must be notary.x509, but got notary.x509.signingAuthority"
if err == nil || err.Error() != expectedErrMsg {
t.Fatalf("expected %s, but got %s", expectedErrMsg, err)
}
}

func getArtifactDigestFromReference(artifactReference string) (string, error) {
invalidUriErr := fmt.Errorf("artifact URI %q could not be parsed, make sure it is the fully qualified OCI artifact URI without the scheme/protocol. e.g domain.com:80/my/repository@sha256:digest", artifactReference)
i := strings.LastIndex(artifactReference, "@")
Expand Down

0 comments on commit d06a838

Please sign in to comment.