(t *testing.T)
| 22 | ) |
| 23 | |
| 24 | func TestVerifyIntegration(t *testing.T) { |
| 25 | logger := io.NewTestHandler() |
| 26 | |
| 27 | sigstoreConfig := verification.SigstoreConfig{ |
| 28 | ExternalHttpClient: http.DefaultClient, |
| 29 | Logger: logger, |
| 30 | TUFMetadataDir: o.Some(t.TempDir()), |
| 31 | } |
| 32 | |
| 33 | ios, _, _, _ := iostreams.Test() |
| 34 | hc, err := factory.HttpClientFunc( |
| 35 | func() (gh.Config, error) { return config.NewBlankConfig(), nil }, |
| 36 | ios, |
| 37 | "test", |
| 38 | "", |
| 39 | &telemetry.NoOpService{}, |
| 40 | )() |
| 41 | require.NoError(t, err) |
| 42 | |
| 43 | host, _ := auth.DefaultHost() |
| 44 | |
| 45 | sigstoreVerifier, err := verification.NewLiveSigstoreVerifier(sigstoreConfig) |
| 46 | require.NoError(t, err) |
| 47 | publicGoodOpts := Options{ |
| 48 | APIClient: api.NewLiveClient(hc, http.DefaultClient, host, logger), |
| 49 | ArtifactPath: artifactPath, |
| 50 | BundlePath: bundlePath, |
| 51 | DigestAlgorithm: "sha512", |
| 52 | Logger: logger, |
| 53 | OCIClient: oci.NewLiveClient(), |
| 54 | OIDCIssuer: verification.GitHubOIDCIssuer, |
| 55 | Owner: "sigstore", |
| 56 | PredicateType: verification.SLSAPredicateV1, |
| 57 | SANRegex: "^https://github.com/sigstore/", |
| 58 | SigstoreVerifier: sigstoreVerifier, |
| 59 | } |
| 60 | |
| 61 | t.Run("with valid owner", func(t *testing.T) { |
| 62 | err := runVerify(&publicGoodOpts) |
| 63 | require.NoError(t, err) |
| 64 | }) |
| 65 | |
| 66 | t.Run("with valid repo", func(t *testing.T) { |
| 67 | opts := publicGoodOpts |
| 68 | opts.Repo = "sigstore/sigstore-js" |
| 69 | |
| 70 | err := runVerify(&opts) |
| 71 | require.NoError(t, err) |
| 72 | }) |
| 73 | |
| 74 | t.Run("with valid owner and invalid repo", func(t *testing.T) { |
| 75 | opts := publicGoodOpts |
| 76 | opts.Repo = "sigstore/fakerepo" |
| 77 | |
| 78 | err := runVerify(&opts) |
| 79 | require.Error(t, err) |
| 80 | require.ErrorContains(t, err, "expected SourceRepositoryURI to be https://github.com/sigstore/fakerepo, got https://github.com/sigstore/sigstore-js") |
| 81 | }) |
nothing calls this directly
no test coverage detected