MCPcopy
hub / github.com/helm/helm / TestVerifyPluginBadSignature

Function TestVerifyPluginBadSignature

internal/plugin/verify_test.go:124–181  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

122}
123
124func TestVerifyPluginBadSignature(t *testing.T) {
125 tempDir := t.TempDir()
126
127 // Create a plugin tarball
128 pluginDir := filepath.Join(tempDir, "bad-plugin")
129 if err := os.MkdirAll(pluginDir, 0755); err != nil {
130 t.Fatal(err)
131 }
132
133 if err := os.WriteFile(filepath.Join(pluginDir, "plugin.yaml"), []byte(testPluginYAML), 0644); err != nil {
134 t.Fatal(err)
135 }
136
137 tarballPath := filepath.Join(tempDir, "bad-plugin.tar.gz")
138 tarFile, err := os.Create(tarballPath)
139 if err != nil {
140 t.Fatal(err)
141 }
142
143 if err := CreatePluginTarball(pluginDir, "test-plugin", tarFile); err != nil {
144 tarFile.Close()
145 t.Fatal(err)
146 }
147 tarFile.Close()
148
149 // Create a bad signature (just some text)
150 badSig := `-----BEGIN PGP SIGNED MESSAGE-----
151Hash: SHA512
152
153This is not a real signature
154-----BEGIN PGP SIGNATURE-----
155
156InvalidSignatureData
157
158-----END PGP SIGNATURE-----`
159
160 provFile := tarballPath + ".prov"
161 if err := os.WriteFile(provFile, []byte(badSig), 0644); err != nil {
162 t.Fatal(err)
163 }
164
165 // Read the files
166 archiveData, err := os.ReadFile(tarballPath)
167 if err != nil {
168 t.Fatal(err)
169 }
170
171 provData, err := os.ReadFile(provFile)
172 if err != nil {
173 t.Fatal(err)
174 }
175
176 // Try to verify - should fail
177 _, err = VerifyPlugin(archiveData, provData, filepath.Base(tarballPath), testPubFile)
178 if err == nil {
179 t.Error("Expected verification to fail with bad signature")
180 }
181}

Callers

nothing calls this directly

Calls 7

CreatePluginTarballFunction · 0.85
VerifyPluginFunction · 0.85
FatalMethod · 0.80
CloseMethod · 0.80
CreateMethod · 0.65
WriteFileMethod · 0.45
ErrorMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…