Adds additional tests to ensure that keys aren't unnecessarily created on error,
and that only the required keys to sign are used.
Signed-off-by: Ying Li <ying.li@docker.com>
If configured to have the server manage the snapshot key, the snapshot
key is not generated and there will be no snapshot metadata.
Signed-off-by: Ying Li <ying.li@docker.com>
Also, eliminate the timestamp JSON constant and just generate a new
one for the tests.
The client test now also uses KeyFileStore and certs.Manager to
verify the keys and certs on disk, rather than directly manipulating
the files themselves. This way, if the exact implementation of
KeyFileStore or certs.Manager changes, this test won't fail so long
as KeyFileStore and certs.Manager are self-consistent.
Signed-off-by: Ying Li <ying.li@docker.com>
Move common code out into helper functions, and split up the bigger tests
into tests that specifically test adding targets, getting changelists,
publishing, and listing, as opposed to having two giant tests instead.
Also depend more on existing functions in the code (such as
NotaryRepository.GetChangelists and the server ServerMux), rather than
reimplementing them in the tests.
Signed-off-by: Ying Li <ying.li@docker.com>
Signed-off-by: David Lawrence <david.lawrence@docker.com>
Signed-off-by: Ying Li <ying.li@docker.com> (github: endophage)
over the root keys directory from non-root keys directory from keystoremanager
to keystore, since we're eliminating keystoremanager.
Maintain the two separate directories, though, because one can't tell whether
there is an old-style separate-directories structure, or if someone has a GUN
that starts with tuf_keys.
Signed-off-by: Ying Li <ying.li@docker.com>
Ying Li
David Lawrence
David Lawrence
Diogo Monica
Nathan McCauley