mirror of https://github.com/docker/docs.git
Use require, not assert, in server/... tests.
Signed-off-by: Ying Li <ying.li@docker.com>
This commit is contained in:
Ying Li
parent
d36e485198
commit
15908298bd
|
|
@ -23,7 +23,7 @@ import (
|
|||
|
||||
"github.com/docker/notary/tuf/testutils"
|
||||
"github.com/docker/notary/utils"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
type handlerState struct {
|
||||
|
|
@ -111,8 +111,8 @@ func TestGetKeyHandlerInvalidConfiguration(t *testing.T) {
|
|||
for errString, states := range invalidStates {
|
||||
for _, s := range states {
|
||||
err := getKeyHandler(getContext(s), httptest.NewRecorder(), req, vars)
|
||||
assert.Error(t, err)
|
||||
assert.Contains(t, err.Error(), errString)
|
||||
require.Error(t, err)
|
||||
require.Contains(t, err.Error(), errString)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -132,14 +132,14 @@ func TestGetKeyHandlerNoRoleOrRepo(t *testing.T) {
|
|||
// not provided
|
||||
delete(vars, key)
|
||||
err := getKeyHandler(getContext(state), httptest.NewRecorder(), req, vars)
|
||||
assert.Error(t, err)
|
||||
assert.Contains(t, err.Error(), "unknown")
|
||||
require.Error(t, err)
|
||||
require.Contains(t, err.Error(), "unknown")
|
||||
|
||||
// empty
|
||||
vars[key] = ""
|
||||
err = getKeyHandler(getContext(state), httptest.NewRecorder(), req, vars)
|
||||
assert.Error(t, err)
|
||||
assert.Contains(t, err.Error(), "unknown")
|
||||
require.Error(t, err)
|
||||
require.Contains(t, err.Error(), "unknown")
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -153,8 +153,8 @@ func TestGetKeyHandlerInvalidRole(t *testing.T) {
|
|||
req := &http.Request{Body: ioutil.NopCloser(bytes.NewBuffer(nil))}
|
||||
|
||||
err := getKeyHandler(getContext(state), httptest.NewRecorder(), req, vars)
|
||||
assert.Error(t, err)
|
||||
assert.Contains(t, err.Error(), "invalid role")
|
||||
require.Error(t, err)
|
||||
require.Contains(t, err.Error(), "invalid role")
|
||||
}
|
||||
|
||||
// Getting the key for a valid role and gun succeeds
|
||||
|
|
@ -167,22 +167,22 @@ func TestGetKeyHandlerCreatesOnce(t *testing.T) {
|
|||
vars := map[string]string{"imageName": "gun", "tufRole": role}
|
||||
recorder := httptest.NewRecorder()
|
||||
err := getKeyHandler(getContext(state), recorder, req, vars)
|
||||
assert.NoError(t, err)
|
||||
assert.True(t, len(recorder.Body.String()) > 0)
|
||||
require.NoError(t, err)
|
||||
require.True(t, len(recorder.Body.String()) > 0)
|
||||
}
|
||||
}
|
||||
|
||||
func TestGetHandlerRoot(t *testing.T) {
|
||||
metaStore := storage.NewMemStorage()
|
||||
repo, _, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
ctx := context.Background()
|
||||
ctx = context.WithValue(ctx, "metaStore", metaStore)
|
||||
|
||||
root, err := repo.SignRoot(data.DefaultExpires("root"))
|
||||
rootJSON, err := json.Marshal(root)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
metaStore.UpdateCurrent("gun", storage.MetaUpdate{Role: "root", Version: 1, Data: rootJSON})
|
||||
|
||||
req := &http.Request{
|
||||
|
|
@ -197,25 +197,25 @@ func TestGetHandlerRoot(t *testing.T) {
|
|||
rw := httptest.NewRecorder()
|
||||
|
||||
err = getHandler(ctx, rw, req, vars)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
func TestGetHandlerTimestamp(t *testing.T) {
|
||||
metaStore := storage.NewMemStorage()
|
||||
repo, crypto, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
ctx := getContext(handlerState{store: metaStore, crypto: crypto})
|
||||
|
||||
sn, err := repo.SignSnapshot(data.DefaultExpires("snapshot"))
|
||||
snJSON, err := json.Marshal(sn)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
metaStore.UpdateCurrent(
|
||||
"gun", storage.MetaUpdate{Role: "snapshot", Version: 1, Data: snJSON})
|
||||
|
||||
ts, err := repo.SignTimestamp(data.DefaultExpires("timestamp"))
|
||||
tsJSON, err := json.Marshal(ts)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
metaStore.UpdateCurrent(
|
||||
"gun", storage.MetaUpdate{Role: "timestamp", Version: 1, Data: tsJSON})
|
||||
|
||||
|
|
@ -231,19 +231,19 @@ func TestGetHandlerTimestamp(t *testing.T) {
|
|||
rw := httptest.NewRecorder()
|
||||
|
||||
err = getHandler(ctx, rw, req, vars)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
func TestGetHandlerSnapshot(t *testing.T) {
|
||||
metaStore := storage.NewMemStorage()
|
||||
repo, crypto, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
ctx := getContext(handlerState{store: metaStore, crypto: crypto})
|
||||
|
||||
sn, err := repo.SignSnapshot(data.DefaultExpires("snapshot"))
|
||||
snJSON, err := json.Marshal(sn)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
metaStore.UpdateCurrent(
|
||||
"gun", storage.MetaUpdate{Role: "snapshot", Version: 1, Data: snJSON})
|
||||
|
||||
|
|
@ -259,7 +259,7 @@ func TestGetHandlerSnapshot(t *testing.T) {
|
|||
rw := httptest.NewRecorder()
|
||||
|
||||
err = getHandler(ctx, rw, req, vars)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
func TestGetHandler404(t *testing.T) {
|
||||
|
|
@ -280,7 +280,7 @@ func TestGetHandler404(t *testing.T) {
|
|||
rw := httptest.NewRecorder()
|
||||
|
||||
err := getHandler(ctx, rw, req, vars)
|
||||
assert.Error(t, err)
|
||||
require.Error(t, err)
|
||||
}
|
||||
|
||||
func TestGetHandlerNilData(t *testing.T) {
|
||||
|
|
@ -302,7 +302,7 @@ func TestGetHandlerNilData(t *testing.T) {
|
|||
rw := httptest.NewRecorder()
|
||||
|
||||
err := getHandler(ctx, rw, req, vars)
|
||||
assert.Error(t, err)
|
||||
require.Error(t, err)
|
||||
}
|
||||
|
||||
func TestGetHandlerNoStorage(t *testing.T) {
|
||||
|
|
@ -313,7 +313,7 @@ func TestGetHandlerNoStorage(t *testing.T) {
|
|||
}
|
||||
|
||||
err := GetHandler(ctx, nil, req)
|
||||
assert.Error(t, err)
|
||||
require.Error(t, err)
|
||||
}
|
||||
|
||||
// a validation failure, such as a snapshots file being missing, will be
|
||||
|
|
@ -325,14 +325,14 @@ func TestAtomicUpdateValidationFailurePropagated(t *testing.T) {
|
|||
vars := map[string]string{"imageName": gun}
|
||||
|
||||
repo, cs, err := testutils.EmptyRepo(gun)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
state := handlerState{store: metaStore, crypto: copyKeys(t, cs, data.CanonicalTimestampRole)}
|
||||
|
||||
r, tg, sn, ts, err := testutils.Sign(repo)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
rs, tgs, _, _, err := testutils.Serialize(r, tg, sn, ts)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
req, err := store.NewMultiPartMetaRequest("", map[string][]byte{
|
||||
data.CanonicalRootRole: rs,
|
||||
|
|
@ -342,13 +342,13 @@ func TestAtomicUpdateValidationFailurePropagated(t *testing.T) {
|
|||
rw := httptest.NewRecorder()
|
||||
|
||||
err = atomicUpdateHandler(getContext(state), rw, req, vars)
|
||||
assert.Error(t, err)
|
||||
require.Error(t, err)
|
||||
errorObj, ok := err.(errcode.Error)
|
||||
assert.True(t, ok, "Expected an errcode.Error, got %v", err)
|
||||
assert.Equal(t, errors.ErrInvalidUpdate, errorObj.Code)
|
||||
require.True(t, ok, "Expected an errcode.Error, got %v", err)
|
||||
require.Equal(t, errors.ErrInvalidUpdate, errorObj.Code)
|
||||
serializable, ok := errorObj.Detail.(*validation.SerializableError)
|
||||
assert.True(t, ok, "Expected a SerializableObject, got %v", errorObj.Detail)
|
||||
assert.IsType(t, validation.ErrBadHierarchy{}, serializable.Error)
|
||||
require.True(t, ok, "Expected a SerializableObject, got %v", errorObj.Detail)
|
||||
require.IsType(t, validation.ErrBadHierarchy{}, serializable.Error)
|
||||
}
|
||||
|
||||
type failStore struct {
|
||||
|
|
@ -367,14 +367,14 @@ func TestAtomicUpdateNonValidationFailureNotPropagated(t *testing.T) {
|
|||
vars := map[string]string{"imageName": gun}
|
||||
|
||||
repo, cs, err := testutils.EmptyRepo(gun)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
state := handlerState{store: &failStore{*metaStore}, crypto: copyKeys(t, cs, data.CanonicalTimestampRole)}
|
||||
|
||||
r, tg, sn, ts, err := testutils.Sign(repo)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
rs, tgs, sns, _, err := testutils.Serialize(r, tg, sn, ts)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
req, err := store.NewMultiPartMetaRequest("", map[string][]byte{
|
||||
data.CanonicalRootRole: rs,
|
||||
|
|
@ -385,11 +385,11 @@ func TestAtomicUpdateNonValidationFailureNotPropagated(t *testing.T) {
|
|||
rw := httptest.NewRecorder()
|
||||
|
||||
err = atomicUpdateHandler(getContext(state), rw, req, vars)
|
||||
assert.Error(t, err)
|
||||
require.Error(t, err)
|
||||
errorObj, ok := err.(errcode.Error)
|
||||
assert.True(t, ok, "Expected an errcode.Error, got %v", err)
|
||||
assert.Equal(t, errors.ErrInvalidUpdate, errorObj.Code)
|
||||
assert.Nil(t, errorObj.Detail)
|
||||
require.True(t, ok, "Expected an errcode.Error, got %v", err)
|
||||
require.Equal(t, errors.ErrInvalidUpdate, errorObj.Code)
|
||||
require.Nil(t, errorObj.Detail)
|
||||
}
|
||||
|
||||
type invalidVersionStore struct {
|
||||
|
|
@ -408,15 +408,15 @@ func TestAtomicUpdateVersionErrorPropagated(t *testing.T) {
|
|||
vars := map[string]string{"imageName": gun}
|
||||
|
||||
repo, cs, err := testutils.EmptyRepo(gun)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
state := handlerState{
|
||||
store: &invalidVersionStore{*metaStore}, crypto: copyKeys(t, cs, data.CanonicalTimestampRole)}
|
||||
|
||||
r, tg, sn, ts, err := testutils.Sign(repo)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
rs, tgs, sns, _, err := testutils.Serialize(r, tg, sn, ts)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
req, err := store.NewMultiPartMetaRequest("", map[string][]byte{
|
||||
data.CanonicalRootRole: rs,
|
||||
|
|
@ -427,9 +427,9 @@ func TestAtomicUpdateVersionErrorPropagated(t *testing.T) {
|
|||
rw := httptest.NewRecorder()
|
||||
|
||||
err = atomicUpdateHandler(getContext(state), rw, req, vars)
|
||||
assert.Error(t, err)
|
||||
require.Error(t, err)
|
||||
errorObj, ok := err.(errcode.Error)
|
||||
assert.True(t, ok, "Expected an errcode.Error, got %v", err)
|
||||
assert.Equal(t, errors.ErrOldVersion, errorObj.Code)
|
||||
assert.Equal(t, storage.ErrOldVersion{}, errorObj.Detail)
|
||||
require.True(t, ok, "Expected an errcode.Error, got %v", err)
|
||||
require.Equal(t, errors.ErrOldVersion, errorObj.Code)
|
||||
require.Equal(t, storage.ErrOldVersion{}, errorObj.Detail)
|
||||
}
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -14,7 +14,7 @@ import (
|
|||
"github.com/docker/notary/tuf/store"
|
||||
"github.com/docker/notary/tuf/testutils"
|
||||
"github.com/docker/notary/tuf/validation"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"golang.org/x/net/context"
|
||||
)
|
||||
|
||||
|
|
@ -37,11 +37,11 @@ func TestValidationErrorFormat(t *testing.T) {
|
|||
)
|
||||
|
||||
repo, _, err := testutils.EmptyRepo("docker.com/notary")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
r, tg, sn, ts, err := testutils.Sign(repo)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
rs, rt, _, _, err := testutils.Serialize(r, tg, sn, ts)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// No snapshot is passed, and the server doesn't have the snapshot key,
|
||||
// so ErrBadHierarchy
|
||||
|
|
@ -49,6 +49,6 @@ func TestValidationErrorFormat(t *testing.T) {
|
|||
data.CanonicalRootRole: rs,
|
||||
data.CanonicalTargetsRole: rt,
|
||||
})
|
||||
assert.Error(t, err)
|
||||
assert.IsType(t, validation.ErrBadHierarchy{}, err)
|
||||
require.Error(t, err)
|
||||
require.IsType(t, validation.ErrBadHierarchy{}, err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ import (
|
|||
"github.com/docker/notary/tuf/signed"
|
||||
"github.com/docker/notary/tuf/testutils"
|
||||
"github.com/docker/notary/utils"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"golang.org/x/net/context"
|
||||
)
|
||||
|
||||
|
|
@ -31,7 +31,7 @@ func TestRunBadAddr(t *testing.T) {
|
|||
Trust: signed.NewEd25519(),
|
||||
},
|
||||
)
|
||||
assert.Error(t, err, "Passed bad addr, Run should have failed")
|
||||
require.Error(t, err, "Passed bad addr, Run should have failed")
|
||||
}
|
||||
|
||||
func TestRunReservedPort(t *testing.T) {
|
||||
|
|
@ -45,9 +45,9 @@ func TestRunReservedPort(t *testing.T) {
|
|||
},
|
||||
)
|
||||
|
||||
assert.Error(t, err)
|
||||
assert.IsType(t, &net.OpError{}, err)
|
||||
assert.True(
|
||||
require.Error(t, err)
|
||||
require.IsType(t, &net.OpError{}, err)
|
||||
require.True(
|
||||
t,
|
||||
strings.Contains(err.Error(), "bind: permission denied"),
|
||||
"Received unexpected err: %s",
|
||||
|
|
@ -62,8 +62,8 @@ func TestMetricsEndpoint(t *testing.T) {
|
|||
defer ts.Close()
|
||||
|
||||
res, err := http.Get(ts.URL + "/metrics")
|
||||
assert.NoError(t, err)
|
||||
assert.Equal(t, http.StatusOK, res.StatusCode)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, http.StatusOK, res.StatusCode)
|
||||
}
|
||||
|
||||
// GetKeys supports only the timestamp and snapshot key endpoints
|
||||
|
|
@ -87,8 +87,8 @@ func TestGetKeysEndpoint(t *testing.T) {
|
|||
for role, expectedStatus := range rolesToStatus {
|
||||
res, err := http.Get(
|
||||
fmt.Sprintf("%s/v2/gun/_trust/tuf/%s.key", ts.URL, role))
|
||||
assert.NoError(t, err)
|
||||
assert.Equal(t, expectedStatus, res.StatusCode)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, expectedStatus, res.StatusCode)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -107,7 +107,7 @@ func TestGetRoleByHash(t *testing.T) {
|
|||
},
|
||||
}
|
||||
j, err := json.Marshal(&ts)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
store.UpdateCurrent("gun", storage.MetaUpdate{
|
||||
Role: data.CanonicalTimestampRole,
|
||||
Version: 1,
|
||||
|
|
@ -127,7 +127,7 @@ func TestGetRoleByHash(t *testing.T) {
|
|||
},
|
||||
}
|
||||
newTS, err := json.Marshal(&ts)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
store.UpdateCurrent("gun", storage.MetaUpdate{
|
||||
Role: data.CanonicalTimestampRole,
|
||||
Version: 1,
|
||||
|
|
@ -150,8 +150,8 @@ func TestGetRoleByHash(t *testing.T) {
|
|||
data.CanonicalTimestampRole,
|
||||
checksum,
|
||||
))
|
||||
assert.NoError(t, err)
|
||||
assert.Equal(t, http.StatusOK, res.StatusCode)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, http.StatusOK, res.StatusCode)
|
||||
// if content is equal, checksums are guaranteed to be equal
|
||||
verifyGetResponse(t, res, j)
|
||||
}
|
||||
|
|
@ -162,7 +162,7 @@ func TestGetRoleByHash(t *testing.T) {
|
|||
func TestGetCurrentRole(t *testing.T) {
|
||||
store := storage.NewMemStorage()
|
||||
metadata, _, err := testutils.NewRepoMetadata("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// need both the snapshot and the timestamp, because when getting the current
|
||||
// timestamp the server checks to see if it's out of date (there's a new snapshot)
|
||||
|
|
@ -193,18 +193,18 @@ func TestGetCurrentRole(t *testing.T) {
|
|||
serv.URL,
|
||||
data.CanonicalTimestampRole,
|
||||
))
|
||||
assert.NoError(t, err)
|
||||
assert.Equal(t, http.StatusOK, res.StatusCode)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, http.StatusOK, res.StatusCode)
|
||||
verifyGetResponse(t, res, metadata[data.CanonicalTimestampRole])
|
||||
}
|
||||
|
||||
// Verifies that the body is as expected and that there are cache control headers
|
||||
func verifyGetResponse(t *testing.T, r *http.Response, expectedBytes []byte) {
|
||||
body, err := ioutil.ReadAll(r.Body)
|
||||
assert.NoError(t, err)
|
||||
assert.True(t, bytes.Equal(expectedBytes, body))
|
||||
require.NoError(t, err)
|
||||
require.True(t, bytes.Equal(expectedBytes, body))
|
||||
|
||||
assert.NotEqual(t, "", r.Header.Get("Cache-Control"))
|
||||
assert.NotEqual(t, "", r.Header.Get("Last-Modified"))
|
||||
assert.Equal(t, "", r.Header.Get("Pragma"))
|
||||
require.NotEqual(t, "", r.Header.Get("Cache-Control"))
|
||||
require.NotEqual(t, "", r.Header.Get("Last-Modified"))
|
||||
require.Equal(t, "", r.Header.Get("Pragma"))
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,13 +5,12 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/docker/go/canonical/json"
|
||||
"github.com/docker/notary/server/storage"
|
||||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/docker/notary/tuf/signed"
|
||||
"github.com/docker/notary/tuf/testutils"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestSnapshotExpired(t *testing.T) {
|
||||
|
|
@ -21,7 +20,7 @@ func TestSnapshotExpired(t *testing.T) {
|
|||
Expires: time.Now().AddDate(-1, 0, 0),
|
||||
},
|
||||
}
|
||||
assert.True(t, snapshotExpired(sn), "Snapshot should have expired")
|
||||
require.True(t, snapshotExpired(sn), "Snapshot should have expired")
|
||||
}
|
||||
|
||||
func TestSnapshotNotExpired(t *testing.T) {
|
||||
|
|
@ -31,46 +30,46 @@ func TestSnapshotNotExpired(t *testing.T) {
|
|||
Expires: time.Now().AddDate(1, 0, 0),
|
||||
},
|
||||
}
|
||||
assert.False(t, snapshotExpired(sn), "Snapshot should NOT have expired")
|
||||
require.False(t, snapshotExpired(sn), "Snapshot should NOT have expired")
|
||||
}
|
||||
|
||||
func TestGetSnapshotKeyCreate(t *testing.T) {
|
||||
store := storage.NewMemStorage()
|
||||
crypto := signed.NewEd25519()
|
||||
k, err := GetOrCreateSnapshotKey("gun", store, crypto, data.ED25519Key)
|
||||
assert.Nil(t, err, "Expected nil error")
|
||||
assert.NotNil(t, k, "Key should not be nil")
|
||||
require.Nil(t, err, "Expected nil error")
|
||||
require.NotNil(t, k, "Key should not be nil")
|
||||
|
||||
k2, err := GetOrCreateSnapshotKey("gun", store, crypto, data.ED25519Key)
|
||||
|
||||
assert.Nil(t, err, "Expected nil error")
|
||||
require.Nil(t, err, "Expected nil error")
|
||||
|
||||
// trying to get the same key again should return the same value
|
||||
assert.Equal(t, k, k2, "Did not receive same key when attempting to recreate.")
|
||||
assert.NotNil(t, k2, "Key should not be nil")
|
||||
require.Equal(t, k, k2, "Did not receive same key when attempting to recreate.")
|
||||
require.NotNil(t, k2, "Key should not be nil")
|
||||
}
|
||||
|
||||
func TestGetSnapshotKeyExisting(t *testing.T) {
|
||||
store := storage.NewMemStorage()
|
||||
crypto := signed.NewEd25519()
|
||||
key, err := crypto.Create(data.CanonicalSnapshotRole, "gun", data.ED25519Key)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
store.SetKey("gun", data.CanonicalSnapshotRole, data.ED25519Key, key.Public())
|
||||
|
||||
k, err := GetOrCreateSnapshotKey("gun", store, crypto, data.ED25519Key)
|
||||
assert.Nil(t, err, "Expected nil error")
|
||||
assert.NotNil(t, k, "Key should not be nil")
|
||||
assert.Equal(t, key, k, "Did not receive same key when attempting to recreate.")
|
||||
assert.NotNil(t, k, "Key should not be nil")
|
||||
require.Nil(t, err, "Expected nil error")
|
||||
require.NotNil(t, k, "Key should not be nil")
|
||||
require.Equal(t, key, k, "Did not receive same key when attempting to recreate.")
|
||||
require.NotNil(t, k, "Key should not be nil")
|
||||
|
||||
k2, err := GetOrCreateSnapshotKey("gun", store, crypto, data.ED25519Key)
|
||||
|
||||
assert.Nil(t, err, "Expected nil error")
|
||||
require.Nil(t, err, "Expected nil error")
|
||||
|
||||
// trying to get the same key again should return the same value
|
||||
assert.Equal(t, k, k2, "Did not receive same key when attempting to recreate.")
|
||||
assert.NotNil(t, k2, "Key should not be nil")
|
||||
require.Equal(t, k, k2, "Did not receive same key when attempting to recreate.")
|
||||
require.NotNil(t, k2, "Key should not be nil")
|
||||
}
|
||||
|
||||
type keyStore struct {
|
||||
|
|
@ -97,57 +96,57 @@ func (ks keyStore) SetKey(gun, role, algorithm string, public []byte) error {
|
|||
func TestGetSnapshotKeyExistsOnSet(t *testing.T) {
|
||||
crypto := signed.NewEd25519()
|
||||
key, err := crypto.Create(data.CanonicalSnapshotRole, "gun", data.ED25519Key)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
store := &keyStore{k: key}
|
||||
|
||||
k, err := GetOrCreateSnapshotKey("gun", store, crypto, data.ED25519Key)
|
||||
assert.Nil(t, err, "Expected nil error")
|
||||
assert.NotNil(t, k, "Key should not be nil")
|
||||
assert.Equal(t, key, k, "Did not receive same key when attempting to recreate.")
|
||||
assert.NotNil(t, k, "Key should not be nil")
|
||||
require.Nil(t, err, "Expected nil error")
|
||||
require.NotNil(t, k, "Key should not be nil")
|
||||
require.Equal(t, key, k, "Did not receive same key when attempting to recreate.")
|
||||
require.NotNil(t, k, "Key should not be nil")
|
||||
|
||||
k2, err := GetOrCreateSnapshotKey("gun", store, crypto, data.ED25519Key)
|
||||
|
||||
assert.Nil(t, err, "Expected nil error")
|
||||
require.Nil(t, err, "Expected nil error")
|
||||
|
||||
// trying to get the same key again should return the same value
|
||||
assert.Equal(t, k, k2, "Did not receive same key when attempting to recreate.")
|
||||
assert.NotNil(t, k2, "Key should not be nil")
|
||||
require.Equal(t, k, k2, "Did not receive same key when attempting to recreate.")
|
||||
require.NotNil(t, k2, "Key should not be nil")
|
||||
}
|
||||
|
||||
// If there is no previous snapshot or the previous snapshot is corrupt, then
|
||||
// even if everything else is in place, getting the snapshot fails
|
||||
func TestGetSnapshotNoPreviousSnapshot(t *testing.T) {
|
||||
repo, crypto, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
rootJSON, err := json.Marshal(repo.Root)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
for _, snapshotJSON := range [][]byte{nil, []byte("invalid JSON")} {
|
||||
store := storage.NewMemStorage()
|
||||
|
||||
// so we know it's not a failure in getting root
|
||||
assert.NoError(t,
|
||||
require.NoError(t,
|
||||
store.UpdateCurrent("gun", storage.MetaUpdate{Role: data.CanonicalRootRole, Version: 0, Data: rootJSON}))
|
||||
|
||||
if snapshotJSON != nil {
|
||||
assert.NoError(t,
|
||||
require.NoError(t,
|
||||
store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalSnapshotRole, Version: 0, Data: snapshotJSON}))
|
||||
}
|
||||
|
||||
// create a key to be used by GetOrCreateSnapshot
|
||||
key, err := crypto.Create(data.CanonicalSnapshotRole, "gun", data.ECDSAKey)
|
||||
assert.NoError(t, err)
|
||||
assert.NoError(t, store.SetKey("gun", data.CanonicalSnapshotRole, key.Algorithm(), key.Public()))
|
||||
require.NoError(t, err)
|
||||
require.NoError(t, store.SetKey("gun", data.CanonicalSnapshotRole, key.Algorithm(), key.Public()))
|
||||
|
||||
_, _, err = GetOrCreateSnapshot("gun", store, crypto)
|
||||
assert.Error(t, err, "GetSnapshot should have failed")
|
||||
require.Error(t, err, "GetSnapshot should have failed")
|
||||
if snapshotJSON == nil {
|
||||
assert.IsType(t, storage.ErrNotFound{}, err)
|
||||
require.IsType(t, storage.ErrNotFound{}, err)
|
||||
} else {
|
||||
assert.IsType(t, &json.SyntaxError{}, err)
|
||||
require.IsType(t, &json.SyntaxError{}, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -157,82 +156,82 @@ func TestGetSnapshotNoPreviousSnapshot(t *testing.T) {
|
|||
func TestGetSnapshotReturnsPreviousSnapshotIfUnexpired(t *testing.T) {
|
||||
store := storage.NewMemStorage()
|
||||
repo, crypto, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
snapshotJSON, err := json.Marshal(repo.Snapshot)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalSnapshotRole, Version: 0, Data: snapshotJSON}))
|
||||
|
||||
// test when db is missing the role data (no root)
|
||||
_, gottenSnapshot, err := GetOrCreateSnapshot("gun", store, crypto)
|
||||
assert.NoError(t, err, "GetSnapshot should not have failed")
|
||||
assert.True(t, bytes.Equal(snapshotJSON, gottenSnapshot))
|
||||
require.NoError(t, err, "GetSnapshot should not have failed")
|
||||
require.True(t, bytes.Equal(snapshotJSON, gottenSnapshot))
|
||||
}
|
||||
|
||||
func TestGetSnapshotOldSnapshotExpired(t *testing.T) {
|
||||
store := storage.NewMemStorage()
|
||||
repo, crypto, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
rootJSON, err := json.Marshal(repo.Root)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// create an expired snapshot
|
||||
_, err = repo.SignSnapshot(time.Now().AddDate(-1, -1, -1))
|
||||
assert.True(t, repo.Snapshot.Signed.Expires.Before(time.Now()))
|
||||
assert.NoError(t, err)
|
||||
require.True(t, repo.Snapshot.Signed.Expires.Before(time.Now()))
|
||||
require.NoError(t, err)
|
||||
snapshotJSON, err := json.Marshal(repo.Snapshot)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// set all the metadata
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalRootRole, Version: 0, Data: rootJSON}))
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalSnapshotRole, Version: 0, Data: snapshotJSON}))
|
||||
|
||||
_, gottenSnapshot, err := GetOrCreateSnapshot("gun", store, crypto)
|
||||
assert.NoError(t, err, "GetSnapshot errored")
|
||||
require.NoError(t, err, "GetSnapshot errored")
|
||||
|
||||
assert.False(t, bytes.Equal(snapshotJSON, gottenSnapshot),
|
||||
require.False(t, bytes.Equal(snapshotJSON, gottenSnapshot),
|
||||
"Snapshot was not regenerated when old one was expired")
|
||||
|
||||
signedMeta := &data.SignedMeta{}
|
||||
assert.NoError(t, json.Unmarshal(gottenSnapshot, signedMeta))
|
||||
require.NoError(t, json.Unmarshal(gottenSnapshot, signedMeta))
|
||||
// the new metadata is not expired
|
||||
assert.True(t, signedMeta.Signed.Expires.After(time.Now()))
|
||||
require.True(t, signedMeta.Signed.Expires.After(time.Now()))
|
||||
}
|
||||
|
||||
// If the root is missing or corrupt, no snapshot can be generated
|
||||
func TestCannotMakeNewSnapshotIfNoRoot(t *testing.T) {
|
||||
repo, crypto, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// create an expired snapshot
|
||||
_, err = repo.SignSnapshot(time.Now().AddDate(-1, -1, -1))
|
||||
assert.True(t, repo.Snapshot.Signed.Expires.Before(time.Now()))
|
||||
assert.NoError(t, err)
|
||||
require.True(t, repo.Snapshot.Signed.Expires.Before(time.Now()))
|
||||
require.NoError(t, err)
|
||||
snapshotJSON, err := json.Marshal(repo.Snapshot)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
for _, rootJSON := range [][]byte{nil, []byte("invalid JSON")} {
|
||||
store := storage.NewMemStorage()
|
||||
|
||||
if rootJSON != nil {
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalRootRole, Version: 0, Data: rootJSON}))
|
||||
}
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalSnapshotRole, Version: 1, Data: snapshotJSON}))
|
||||
|
||||
_, _, err := GetOrCreateSnapshot("gun", store, crypto)
|
||||
assert.Error(t, err, "GetSnapshot errored")
|
||||
require.Error(t, err, "GetSnapshot errored")
|
||||
|
||||
if rootJSON == nil { // missing metadata
|
||||
assert.IsType(t, storage.ErrNotFound{}, err)
|
||||
require.IsType(t, storage.ErrNotFound{}, err)
|
||||
} else {
|
||||
assert.IsType(t, &json.SyntaxError{}, err)
|
||||
require.IsType(t, &json.SyntaxError{}, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -240,26 +239,26 @@ func TestCannotMakeNewSnapshotIfNoRoot(t *testing.T) {
|
|||
func TestCreateSnapshotNoKeyInCrypto(t *testing.T) {
|
||||
store := storage.NewMemStorage()
|
||||
repo, _, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
rootJSON, err := json.Marshal(repo.Root)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// create an expired snapshot
|
||||
_, err = repo.SignSnapshot(time.Now().AddDate(-1, -1, -1))
|
||||
assert.True(t, repo.Snapshot.Signed.Expires.Before(time.Now()))
|
||||
assert.NoError(t, err)
|
||||
require.True(t, repo.Snapshot.Signed.Expires.Before(time.Now()))
|
||||
require.NoError(t, err)
|
||||
snapshotJSON, err := json.Marshal(repo.Snapshot)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// set all the metadata so we know the failure to sign is just because of the key
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalRootRole, Version: 0, Data: rootJSON}))
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalSnapshotRole, Version: 0, Data: snapshotJSON}))
|
||||
|
||||
// pass it a new cryptoservice without the key
|
||||
_, _, err = GetOrCreateSnapshot("gun", store, signed.NewEd25519())
|
||||
assert.Error(t, err)
|
||||
assert.IsType(t, signed.ErrNoKeys{}, err)
|
||||
require.Error(t, err)
|
||||
require.IsType(t, signed.ErrNoKeys{}, err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ import (
|
|||
"testing"
|
||||
|
||||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestUpdateCurrent(t *testing.T) {
|
||||
|
|
@ -14,21 +14,21 @@ func TestUpdateCurrent(t *testing.T) {
|
|||
k := entryKey("gun", "role")
|
||||
gun, ok := s.tufMeta[k]
|
||||
v := gun[0]
|
||||
assert.True(t, ok, "Did not find gun in store")
|
||||
assert.Equal(t, 1, v.version, "Version mismatch. Expected 1, found %d", v.version)
|
||||
assert.Equal(t, []byte("test"), v.data, "Data was incorrect")
|
||||
require.True(t, ok, "Did not find gun in store")
|
||||
require.Equal(t, 1, v.version, "Version mismatch. Expected 1, found %d", v.version)
|
||||
require.Equal(t, []byte("test"), v.data, "Data was incorrect")
|
||||
}
|
||||
|
||||
func TestGetCurrent(t *testing.T) {
|
||||
s := NewMemStorage()
|
||||
|
||||
_, _, err := s.GetCurrent("gun", "role")
|
||||
assert.IsType(t, ErrNotFound{}, err, "Expected error to be ErrNotFound")
|
||||
require.IsType(t, ErrNotFound{}, err, "Expected error to be ErrNotFound")
|
||||
|
||||
s.UpdateCurrent("gun", MetaUpdate{"role", 1, []byte("test")})
|
||||
_, d, err := s.GetCurrent("gun", "role")
|
||||
assert.Nil(t, err, "Expected error to be nil")
|
||||
assert.Equal(t, []byte("test"), d, "Data was incorrect")
|
||||
require.Nil(t, err, "Expected error to be nil")
|
||||
require.Equal(t, []byte("test"), d, "Data was incorrect")
|
||||
}
|
||||
|
||||
func TestDelete(t *testing.T) {
|
||||
|
|
@ -38,7 +38,7 @@ func TestDelete(t *testing.T) {
|
|||
|
||||
k := entryKey("gun", "role")
|
||||
_, ok := s.tufMeta[k]
|
||||
assert.False(t, ok, "Found gun in store, should have been deleted")
|
||||
require.False(t, ok, "Found gun in store, should have been deleted")
|
||||
}
|
||||
|
||||
func TestGetTimestampKey(t *testing.T) {
|
||||
|
|
@ -47,57 +47,57 @@ func TestGetTimestampKey(t *testing.T) {
|
|||
s.SetKey("gun", data.CanonicalTimestampRole, data.RSAKey, []byte("test"))
|
||||
|
||||
c, k, err := s.GetKey("gun", data.CanonicalTimestampRole)
|
||||
assert.Nil(t, err, "Expected error to be nil")
|
||||
assert.Equal(t, data.RSAKey, c, "Expected algorithm rsa, received %s", c)
|
||||
assert.Equal(t, []byte("test"), k, "Key data was wrong")
|
||||
require.Nil(t, err, "Expected error to be nil")
|
||||
require.Equal(t, data.RSAKey, c, "Expected algorithm rsa, received %s", c)
|
||||
require.Equal(t, []byte("test"), k, "Key data was wrong")
|
||||
}
|
||||
|
||||
func TestSetKey(t *testing.T) {
|
||||
s := NewMemStorage()
|
||||
err := s.SetKey("gun", data.CanonicalTimestampRole, data.RSAKey, []byte("test"))
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
k := s.keys["gun"][data.CanonicalTimestampRole]
|
||||
assert.Equal(t, data.RSAKey, k.algorithm, "Expected algorithm to be rsa, received %s", k.algorithm)
|
||||
assert.Equal(t, []byte("test"), k.public, "Public key did not match expected")
|
||||
require.Equal(t, data.RSAKey, k.algorithm, "Expected algorithm to be rsa, received %s", k.algorithm)
|
||||
require.Equal(t, []byte("test"), k.public, "Public key did not match expected")
|
||||
|
||||
}
|
||||
|
||||
func TestSetKeyMultipleRoles(t *testing.T) {
|
||||
s := NewMemStorage()
|
||||
err := s.SetKey("gun", data.CanonicalTimestampRole, data.RSAKey, []byte("test"))
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
err = s.SetKey("gun", data.CanonicalSnapshotRole, data.RSAKey, []byte("test"))
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
k := s.keys["gun"][data.CanonicalTimestampRole]
|
||||
assert.Equal(t, data.RSAKey, k.algorithm, "Expected algorithm to be rsa, received %s", k.algorithm)
|
||||
assert.Equal(t, []byte("test"), k.public, "Public key did not match expected")
|
||||
require.Equal(t, data.RSAKey, k.algorithm, "Expected algorithm to be rsa, received %s", k.algorithm)
|
||||
require.Equal(t, []byte("test"), k.public, "Public key did not match expected")
|
||||
|
||||
k = s.keys["gun"][data.CanonicalSnapshotRole]
|
||||
assert.Equal(t, data.RSAKey, k.algorithm, "Expected algorithm to be rsa, received %s", k.algorithm)
|
||||
assert.Equal(t, []byte("test"), k.public, "Public key did not match expected")
|
||||
require.Equal(t, data.RSAKey, k.algorithm, "Expected algorithm to be rsa, received %s", k.algorithm)
|
||||
require.Equal(t, []byte("test"), k.public, "Public key did not match expected")
|
||||
}
|
||||
|
||||
func TestSetKeySameRoleGun(t *testing.T) {
|
||||
s := NewMemStorage()
|
||||
err := s.SetKey("gun", data.CanonicalTimestampRole, data.RSAKey, []byte("test"))
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// set diff algo and bytes so we can confirm data didn't get replaced
|
||||
err = s.SetKey("gun", data.CanonicalTimestampRole, data.ECDSAKey, []byte("test2"))
|
||||
assert.IsType(t, &ErrKeyExists{}, err, "Expected err to be ErrKeyExists")
|
||||
require.IsType(t, &ErrKeyExists{}, err, "Expected err to be ErrKeyExists")
|
||||
|
||||
k := s.keys["gun"][data.CanonicalTimestampRole]
|
||||
assert.Equal(t, data.RSAKey, k.algorithm, "Expected algorithm to be rsa, received %s", k.algorithm)
|
||||
assert.Equal(t, []byte("test"), k.public, "Public key did not match expected")
|
||||
require.Equal(t, data.RSAKey, k.algorithm, "Expected algorithm to be rsa, received %s", k.algorithm)
|
||||
require.Equal(t, []byte("test"), k.public, "Public key did not match expected")
|
||||
|
||||
}
|
||||
|
||||
func TestGetChecksumNotFound(t *testing.T) {
|
||||
s := NewMemStorage()
|
||||
_, _, err := s.GetChecksum("gun", "root", "12345")
|
||||
assert.Error(t, err)
|
||||
assert.IsType(t, ErrNotFound{}, err)
|
||||
require.Error(t, err)
|
||||
require.IsType(t, ErrNotFound{}, err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ import (
|
|||
"github.com/docker/notary/tuf/data"
|
||||
"github.com/docker/notary/tuf/signed"
|
||||
"github.com/docker/notary/tuf/testutils"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/docker/notary/server/storage"
|
||||
)
|
||||
|
|
@ -21,7 +21,7 @@ func TestTimestampExpired(t *testing.T) {
|
|||
Expires: time.Now().AddDate(-1, 0, 0),
|
||||
},
|
||||
}
|
||||
assert.True(t, timestampExpired(ts), "Timestamp should have expired")
|
||||
require.True(t, timestampExpired(ts), "Timestamp should have expired")
|
||||
}
|
||||
|
||||
func TestTimestampNotExpired(t *testing.T) {
|
||||
|
|
@ -31,62 +31,62 @@ func TestTimestampNotExpired(t *testing.T) {
|
|||
Expires: time.Now().AddDate(1, 0, 0),
|
||||
},
|
||||
}
|
||||
assert.False(t, timestampExpired(ts), "Timestamp should NOT have expired")
|
||||
require.False(t, timestampExpired(ts), "Timestamp should NOT have expired")
|
||||
}
|
||||
|
||||
func TestGetTimestampKey(t *testing.T) {
|
||||
store := storage.NewMemStorage()
|
||||
crypto := signed.NewEd25519()
|
||||
k, err := GetOrCreateTimestampKey("gun", store, crypto, data.ED25519Key)
|
||||
assert.Nil(t, err, "Expected nil error")
|
||||
assert.NotNil(t, k, "Key should not be nil")
|
||||
require.Nil(t, err, "Expected nil error")
|
||||
require.NotNil(t, k, "Key should not be nil")
|
||||
|
||||
k2, err := GetOrCreateTimestampKey("gun", store, crypto, data.ED25519Key)
|
||||
|
||||
assert.Nil(t, err, "Expected nil error")
|
||||
require.Nil(t, err, "Expected nil error")
|
||||
|
||||
// trying to get the same key again should return the same value
|
||||
assert.Equal(t, k, k2, "Did not receive same key when attempting to recreate.")
|
||||
assert.NotNil(t, k2, "Key should not be nil")
|
||||
require.Equal(t, k, k2, "Did not receive same key when attempting to recreate.")
|
||||
require.NotNil(t, k2, "Key should not be nil")
|
||||
}
|
||||
|
||||
// If there is no previous timestamp or the previous timestamp is corrupt, then
|
||||
// even if everything else is in place, getting the timestamp fails
|
||||
func TestGetTimestampNoPreviousTimestamp(t *testing.T) {
|
||||
repo, crypto, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
rootJSON, err := json.Marshal(repo.Root)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
snapJSON, err := json.Marshal(repo.Snapshot)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
for _, timestampJSON := range [][]byte{nil, []byte("invalid JSON")} {
|
||||
store := storage.NewMemStorage()
|
||||
|
||||
// so we know it's not a failure in getting root or snapshot
|
||||
assert.NoError(t,
|
||||
require.NoError(t,
|
||||
store.UpdateCurrent("gun", storage.MetaUpdate{Role: data.CanonicalRootRole, Version: 0, Data: rootJSON}))
|
||||
assert.NoError(t,
|
||||
require.NoError(t,
|
||||
store.UpdateCurrent("gun", storage.MetaUpdate{Role: data.CanonicalSnapshotRole, Version: 0, Data: snapJSON}))
|
||||
|
||||
if timestampJSON != nil {
|
||||
assert.NoError(t,
|
||||
require.NoError(t,
|
||||
store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalTimestampRole, Version: 0, Data: timestampJSON}))
|
||||
}
|
||||
|
||||
// create a key to be used by GetOrCreateTimestamp
|
||||
key, err := crypto.Create(data.CanonicalTimestampRole, "gun", data.ECDSAKey)
|
||||
assert.NoError(t, err)
|
||||
assert.NoError(t, store.SetKey("gun", data.CanonicalTimestampRole, key.Algorithm(), key.Public()))
|
||||
require.NoError(t, err)
|
||||
require.NoError(t, store.SetKey("gun", data.CanonicalTimestampRole, key.Algorithm(), key.Public()))
|
||||
|
||||
_, _, err = GetOrCreateTimestamp("gun", store, crypto)
|
||||
assert.Error(t, err, "GetTimestamp should have failed")
|
||||
require.Error(t, err, "GetTimestamp should have failed")
|
||||
if timestampJSON == nil {
|
||||
assert.IsType(t, storage.ErrNotFound{}, err)
|
||||
require.IsType(t, storage.ErrNotFound{}, err)
|
||||
} else {
|
||||
assert.IsType(t, &json.SyntaxError{}, err)
|
||||
require.IsType(t, &json.SyntaxError{}, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -96,58 +96,58 @@ func TestGetTimestampNoPreviousTimestamp(t *testing.T) {
|
|||
func TestGetTimestampReturnsPreviousTimestampIfUnexpired(t *testing.T) {
|
||||
store := storage.NewMemStorage()
|
||||
repo, crypto, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
snapJSON, err := json.Marshal(repo.Snapshot)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
timestampJSON, err := json.Marshal(repo.Timestamp)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalSnapshotRole, Version: 0, Data: snapJSON}))
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalTimestampRole, Version: 0, Data: timestampJSON}))
|
||||
|
||||
_, gottenTimestamp, err := GetOrCreateTimestamp("gun", store, crypto)
|
||||
assert.NoError(t, err, "GetTimestamp should not have failed")
|
||||
assert.True(t, bytes.Equal(timestampJSON, gottenTimestamp))
|
||||
require.NoError(t, err, "GetTimestamp should not have failed")
|
||||
require.True(t, bytes.Equal(timestampJSON, gottenTimestamp))
|
||||
}
|
||||
|
||||
func TestGetTimestampOldTimestampExpired(t *testing.T) {
|
||||
store := storage.NewMemStorage()
|
||||
repo, crypto, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
rootJSON, err := json.Marshal(repo.Root)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
snapJSON, err := json.Marshal(repo.Snapshot)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// create an expired timestamp
|
||||
_, err = repo.SignTimestamp(time.Now().AddDate(-1, -1, -1))
|
||||
assert.True(t, repo.Timestamp.Signed.Expires.Before(time.Now()))
|
||||
assert.NoError(t, err)
|
||||
require.True(t, repo.Timestamp.Signed.Expires.Before(time.Now()))
|
||||
require.NoError(t, err)
|
||||
timestampJSON, err := json.Marshal(repo.Timestamp)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// set all the metadata
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalRootRole, Version: 0, Data: rootJSON}))
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalSnapshotRole, Version: 0, Data: snapJSON}))
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalTimestampRole, Version: 1, Data: timestampJSON}))
|
||||
|
||||
_, gottenTimestamp, err := GetOrCreateTimestamp("gun", store, crypto)
|
||||
assert.NoError(t, err, "GetTimestamp errored")
|
||||
require.NoError(t, err, "GetTimestamp errored")
|
||||
|
||||
assert.False(t, bytes.Equal(timestampJSON, gottenTimestamp),
|
||||
require.False(t, bytes.Equal(timestampJSON, gottenTimestamp),
|
||||
"Timestamp was not regenerated when old one was expired")
|
||||
|
||||
signedMeta := &data.SignedMeta{}
|
||||
assert.NoError(t, json.Unmarshal(gottenTimestamp, signedMeta))
|
||||
require.NoError(t, json.Unmarshal(gottenTimestamp, signedMeta))
|
||||
// the new metadata is not expired
|
||||
assert.True(t, signedMeta.Signed.Expires.After(time.Now()))
|
||||
require.True(t, signedMeta.Signed.Expires.After(time.Now()))
|
||||
}
|
||||
|
||||
// In practice this might happen if the snapshot is expired, for instance, and
|
||||
|
|
@ -157,51 +157,51 @@ func TestGetTimestampIfNewSnapshot(t *testing.T) {
|
|||
repo, crypto, err := testutils.EmptyRepo("gun")
|
||||
|
||||
rootJSON, err := json.Marshal(repo.Root)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
timestampJSON, err := json.Marshal(repo.Timestamp)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
snapJSON, err := json.Marshal(repo.Snapshot)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// set all the metadata
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalRootRole, Version: 0, Data: rootJSON}))
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalSnapshotRole, Version: 0, Data: snapJSON}))
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalTimestampRole, Version: 0, Data: timestampJSON}))
|
||||
|
||||
c1, ts1, err := GetOrCreateTimestamp("gun", store, crypto)
|
||||
assert.Nil(t, err, "GetTimestamp errored")
|
||||
require.Nil(t, err, "GetTimestamp errored")
|
||||
|
||||
// update the snapshot to a new version
|
||||
repo.Snapshot.Signed.Version++
|
||||
snapJSON, err = json.Marshal(repo.Snapshot)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
store.UpdateCurrent("gun", storage.MetaUpdate{Role: "snapshot", Version: 1, Data: snapJSON})
|
||||
|
||||
c2, ts2, err := GetOrCreateTimestamp("gun", store, crypto)
|
||||
assert.NoError(t, err, "GetTimestamp errored")
|
||||
assert.NotEqual(t, ts1, ts2, "Timestamp was not regenerated when snapshot changed")
|
||||
assert.True(t, c1.Before(*c2), "Timestamp modification time incorrect")
|
||||
require.NoError(t, err, "GetTimestamp errored")
|
||||
require.NotEqual(t, ts1, ts2, "Timestamp was not regenerated when snapshot changed")
|
||||
require.True(t, c1.Before(*c2), "Timestamp modification time incorrect")
|
||||
}
|
||||
|
||||
// If the root or snapshot is missing or corrupt, no timestamp can be generated
|
||||
func TestCannotMakeNewTimestampIfNoRootOrSnapshot(t *testing.T) {
|
||||
repo, crypto, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
rootJSON, err := json.Marshal(repo.Root)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
snapJSON, err := json.Marshal(repo.Snapshot)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// create an expired timestamp
|
||||
_, err = repo.SignTimestamp(time.Now().AddDate(-1, -1, -1))
|
||||
assert.True(t, repo.Timestamp.Signed.Expires.Before(time.Now()))
|
||||
assert.NoError(t, err)
|
||||
require.True(t, repo.Timestamp.Signed.Expires.Before(time.Now()))
|
||||
require.NoError(t, err)
|
||||
timestampJSON, err := json.Marshal(repo.Timestamp)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
invalids := []map[string][]byte{
|
||||
{data.CanonicalRootRole: rootJSON, data.CanonicalSnapshotRole: []byte("invalid JSON")},
|
||||
|
|
@ -213,19 +213,19 @@ func TestCannotMakeNewTimestampIfNoRootOrSnapshot(t *testing.T) {
|
|||
for _, dataToSet := range invalids {
|
||||
store := storage.NewMemStorage()
|
||||
for roleName, jsonBytes := range dataToSet {
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: roleName, Version: 0, Data: jsonBytes}))
|
||||
}
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalTimestampRole, Version: 1, Data: timestampJSON}))
|
||||
|
||||
_, _, err := GetOrCreateTimestamp("gun", store, crypto)
|
||||
assert.Error(t, err, "GetTimestamp errored")
|
||||
require.Error(t, err, "GetTimestamp errored")
|
||||
|
||||
if len(dataToSet) == 1 { // missing metadata
|
||||
assert.IsType(t, storage.ErrNotFound{}, err)
|
||||
require.IsType(t, storage.ErrNotFound{}, err)
|
||||
} else {
|
||||
assert.IsType(t, &json.SyntaxError{}, err)
|
||||
require.IsType(t, &json.SyntaxError{}, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -233,30 +233,30 @@ func TestCannotMakeNewTimestampIfNoRootOrSnapshot(t *testing.T) {
|
|||
func TestCreateTimestampNoKeyInCrypto(t *testing.T) {
|
||||
store := storage.NewMemStorage()
|
||||
repo, _, err := testutils.EmptyRepo("gun")
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
rootJSON, err := json.Marshal(repo.Root)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
snapJSON, err := json.Marshal(repo.Snapshot)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// create an expired timestamp
|
||||
_, err = repo.SignTimestamp(time.Now().AddDate(-1, -1, -1))
|
||||
assert.True(t, repo.Timestamp.Signed.Expires.Before(time.Now()))
|
||||
assert.NoError(t, err)
|
||||
require.True(t, repo.Timestamp.Signed.Expires.Before(time.Now()))
|
||||
require.NoError(t, err)
|
||||
timestampJSON, err := json.Marshal(repo.Timestamp)
|
||||
assert.NoError(t, err)
|
||||
require.NoError(t, err)
|
||||
|
||||
// set all the metadata so we know the failure to sign is just because of the key
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalRootRole, Version: 0, Data: rootJSON}))
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalSnapshotRole, Version: 0, Data: snapJSON}))
|
||||
assert.NoError(t, store.UpdateCurrent("gun",
|
||||
require.NoError(t, store.UpdateCurrent("gun",
|
||||
storage.MetaUpdate{Role: data.CanonicalTimestampRole, Version: 1, Data: timestampJSON}))
|
||||
|
||||
// pass it a new cryptoservice without the key
|
||||
_, _, err = GetOrCreateTimestamp("gun", store, signed.NewEd25519())
|
||||
assert.Error(t, err)
|
||||
assert.IsType(t, signed.ErrNoKeys{}, err)
|
||||
require.Error(t, err)
|
||||
require.IsType(t, signed.ErrNoKeys{}, err)
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue