tektoncd · tekton-robot · Oct 30, 2023 · Jun 8, 2023
diff --git a/pkg/reconciler/taskrun/resources/taskref_test.go b/pkg/reconciler/taskrun/resources/taskref_test.go
@@ -87,6 +87,22 @@ var (
 		},
 		EntryPoint: "foo/bar",
 	}
+	unsignedV1beta1Task = &v1beta1.Task{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "tekton.dev/v1beta1",
+			Kind:       "Task"},
+		ObjectMeta: metav1.ObjectMeta{
+			Name:        "test-task",
+			Namespace:   "trusted-resources",
+			Annotations: map[string]string{"foo": "bar"},
+		},
+		Spec: v1beta1.TaskSpec{
+			Steps: []v1beta1.Step{{
+				Image: "ubuntu",
+				Name:  "echo",
+			}},
+		},
+	}
 	unsignedV1Task = v1.Task{
 		TypeMeta: metav1.TypeMeta{
 			APIVersion: "tekton.dev/v1",
@@ -738,7 +754,7 @@ func TestGetTaskFunc_V1beta1Task_VerifyNoError(t *testing.T) {
 	signer, _, k8sclient, vps := test.SetupVerificationPolicies(t)
 	tektonclient := fake.NewSimpleClientset()
 
-	unsignedTask := test.GetUnsignedTask("test-task")
+	unsignedTask := unsignedV1beta1Task
 	unsignedTaskBytes, err := json.Marshal(unsignedTask)
 	unsignedV1Task := &v1.Task{}
 	unsignedTask.ConvertTo(ctx, unsignedV1Task)
@@ -872,7 +888,7 @@ func TestGetTaskFunc_V1beta1Task_VerifyError(t *testing.T) {
 	signer, _, k8sclient, vps := test.SetupVerificationPolicies(t)
 	tektonclient := fake.NewSimpleClientset()
 
-	unsignedTask := test.GetUnsignedTask("test-task")
+	unsignedTask := unsignedV1beta1Task
 	unsignedTaskBytes, err := json.Marshal(unsignedTask)
 	if err != nil {
 		t.Fatal("fail to marshal task", err)
@@ -1249,7 +1265,7 @@ func TestGetTaskFunc_GetFuncError(t *testing.T) {
 	_, k8sclient, vps := test.SetupMatchAllVerificationPolicies(t, "trusted-resources")
 	tektonclient := fake.NewSimpleClientset()
 
-	unsignedTask := test.GetUnsignedTask("test-task")
+	unsignedTask := unsignedV1beta1Task
 	unsignedTaskBytes, err := json.Marshal(unsignedTask)
 	if err != nil {
 		t.Fatal("fail to marshal task", err)

diff --git a/pkg/trustedresources/verify_test.go b/pkg/trustedresources/verify_test.go
@@ -45,6 +45,22 @@ const (
 )
 
 var (
+	unsignedV1beta1Task = &v1beta1.Task{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "tekton.dev/v1beta1",
+			Kind:       "Task"},
+		ObjectMeta: metav1.ObjectMeta{
+			Name:        "test-task",
+			Namespace:   "trusted-resources",
+			Annotations: map[string]string{"foo": "bar"},
+		},
+		Spec: v1beta1.TaskSpec{
+			Steps: []v1beta1.Step{{
+				Image: "ubuntu",
+				Name:  "echo",
+			}},
+		},
+	}
 	unsignedV1Task = v1.Task{
 		TypeMeta: metav1.TypeMeta{
 			APIVersion: "tekton.dev/v1",
@@ -97,7 +113,7 @@ var (
 
 func TestVerifyResource_Task_Success(t *testing.T) {
 	signer256, _, k8sclient, vps := test.SetupVerificationPolicies(t)
-	unsignedTask := test.GetUnsignedTask("test-task")
+	unsignedTask := unsignedV1beta1Task
 	signedTask, err := test.GetSignedV1beta1Task(unsignedTask, signer256, "signed")
 	if err != nil {
 		t.Fatal("fail to sign task", err)
@@ -265,7 +281,7 @@ func TestVerifyResource_Task_Error(t *testing.T) {
 	ctx = test.SetupTrustedResourceConfig(ctx, config.FailNoMatchPolicy)
 	sv, _, k8sclient, vps := test.SetupVerificationPolicies(t)
 
-	unsignedTask := test.GetUnsignedTask("test-task")
+	unsignedTask := unsignedV1beta1Task
 
 	signedTask, err := test.GetSignedV1beta1Task(unsignedTask, sv, "signed")
 	if err != nil {

diff --git a/test/trustedresources.go b/test/trustedresources.go
@@ -54,26 +54,6 @@ var (
 	read = readPasswordFn
 )
 
-// GetUnsignedTask returns unsigned task with given name
-func GetUnsignedTask(name string) *v1beta1.Task {
-	return &v1beta1.Task{
-		TypeMeta: metav1.TypeMeta{
-			APIVersion: "tekton.dev/v1beta1",
-			Kind:       "Task"},
-		ObjectMeta: metav1.ObjectMeta{
-			Name:        name,
-			Namespace:   namespace,
-			Annotations: map[string]string{"foo": "bar"},
-		},
-		Spec: v1beta1.TaskSpec{
-			Steps: []v1beta1.Step{{
-				Image: "ubuntu",
-				Name:  "echo",
-			}},
-		},
-	}
-}
-
 // SetupTrustedResourceConfig configures the trusted-resources-verification-no-match-policy feature flag with the given mode for testing
 func SetupTrustedResourceConfig(ctx context.Context, verificationNoMatchPolicy string) context.Context {
 	store := config.NewStore(logging.FromContext(ctx).Named("config-store"))

diff --git a/test/trustedresources_test.go b/test/trustedresources_test.go
@@ -26,9 +26,28 @@ import (
 
 	"github.com/google/go-cmp/cmp"
 	"github.com/sigstore/sigstore/pkg/signature"
+	"github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1"
 	"github.com/tektoncd/pipeline/test/diff"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
+var unsignedV1beta1Task = &v1beta1.Task{
+	TypeMeta: metav1.TypeMeta{
+		APIVersion: "tekton.dev/v1beta1",
+		Kind:       "Task"},
+	ObjectMeta: metav1.ObjectMeta{
+		Name:        "test-task",
+		Namespace:   "trusted-resources",
+		Annotations: map[string]string{"foo": "bar"},
+	},
+	Spec: v1beta1.TaskSpec{
+		Steps: []v1beta1.Step{{
+			Image: "ubuntu",
+			Name:  "echo",
+		}},
+	},
+}
+
 func TestSignInterface(t *testing.T) {
 	sv, _, err := signature.NewDefaultECDSASignerVerifier()
 	if err != nil {
@@ -46,7 +65,7 @@ func TestSignInterface(t *testing.T) {
 	}{{
 		name:    "Sign Task",
 		signer:  sv,
-		target:  GetUnsignedTask("unsigned"),
+		target:  unsignedV1beta1Task,
 		wantErr: false,
 	}, {
 		name:    "Sign String with cosign signer",
@@ -61,7 +80,7 @@ func TestSignInterface(t *testing.T) {
 	}, {
 		name:    "Empty Signer",
 		signer:  nil,
-		target:  GetUnsignedTask("unsigned"),
+		target:  unsignedV1beta1Task,
 		wantErr: true,
 	}, {
 		name:     "Sign String with mock signer",