Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update signy to use latest in-toto-golang, with Radu's changes for Signy replayed #90

Merged
merged 4 commits into from
May 4, 2021
Merged

Update signy to use latest in-toto-golang, with Radu's changes for Signy replayed #90

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
657f662
Updated Signy to use latest fork of Radus version of in-toto-golang t…
seb-bah Apr 27, 2021
248d1a5
Updating version of github-slug-action
seb-bah Apr 27, 2021
346a109
updating in-toto metadata as it expired, so that tests pass
seb-bah Apr 27, 2021
61f83e4
cleaning up tar.gz subfolder after test is run so subsequent tests pass
seb-bah Apr 27, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
uses: actions/checkout@v2

- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@2.0.0
uses: rlespinasse/github-slug-action@3.5.1

- name: Build and push master/tag and latest Docker images
uses: docker/build-push-action@v1.1.0
Expand Down
15 changes: 9 additions & 6 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,20 +56,23 @@ require (
github.com/sirupsen/logrus v1.4.2
github.com/spf13/cobra v0.0.5
github.com/spf13/pflag v1.0.5
github.com/spf13/viper v1.3.2
github.com/stretchr/testify v1.4.0
github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2
github.com/theupdateframework/notary v0.6.1
golang.org/x/crypto v0.0.0-20191029031824-8986dd9e96cf
golang.org/x/net v0.0.0-20191021144547-ec77196f6094
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e
golang.org/x/sys v0.0.0-20191020212454-3e7259c5e7c2
golang.org/x/text v0.3.2
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
golang.org/x/mod v0.4.2 // indirect
golang.org/x/net v0.0.0-20201021035429-f5854403a974
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9
golang.org/x/sys v0.0.0-20210426230700-d19ff857e887
golang.org/x/text v0.3.3
golang.org/x/tools v0.1.0 // indirect
google.golang.org/genproto v0.0.0-20191009194640-548a555dbc03
google.golang.org/grpc v1.24.0
gopkg.in/yaml.v2 v2.2.4
vbom.ml/util v0.0.0-20180919145318-efcd4e0f9787
)

replace github.com/in-toto/in-toto-golang => github.com/radu-matei/in-toto-golang v0.0.0-20190816001733-ced95e46b974
replace github.com/in-toto/in-toto-golang => github.com/radu-matei/in-toto-golang v0.0.0-20210426203218-225046ac7465

replace github.com/docker/docker => github.com/moby/moby v0.7.3-0.20190826074503-38ab9da00309
29 changes: 29 additions & 0 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -326,11 +326,15 @@ github.com/qri-io/jsonschema v0.1.1 h1:t//Doa/gvMqJ0bDhG7PGIKfaWGGxRVaffp+bcvBGG
github.com/qri-io/jsonschema v0.1.1/go.mod h1:QpzJ6gBQ0GYgGmh7mDQ1YsvvhSgE4rYj0k8t5MBOmUY=
github.com/radu-matei/in-toto-golang v0.0.0-20190816001733-ced95e46b974 h1:77L31wv3Wh2RiQ3YefZlHgnKFrB3OEYifoB+5G7tsvA=
github.com/radu-matei/in-toto-golang v0.0.0-20190816001733-ced95e46b974/go.mod h1:Ac+wJau7Hi5rgjeYe15M6QrPw4zUxCgsSK5ssfum8XA=
github.com/radu-matei/in-toto-golang v0.0.0-20210426203218-225046ac7465 h1:H1VL3UIBrXh8fxvzzHwnBRWZdkP+QEUFtpi7m/M7eiU=
github.com/radu-matei/in-toto-golang v0.0.0-20210426203218-225046ac7465/go.mod h1:RbkCCkQni9Z9no5bciAk7HzzJeBq51dw6WlX5sW+LNw=
github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
github.com/shibumi/go-pathspec v1.2.0 h1:KVKEDHYk7bQolRMs7nfzjT3SBOCgcXFJzccnj9bsGbA=
github.com/shibumi/go-pathspec v1.2.0/go.mod h1:bDxCftD0fST3qXIlHoQ/fChsU4mWMVklXp1yPErQaaY=
github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
github.com/sirupsen/logrus v1.3.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
Expand Down Expand Up @@ -372,6 +376,7 @@ github.com/weppos/publicsuffix-go v0.5.0 h1:rutRtjBJViU/YjcI5d80t4JAVvDltS6bciJg
github.com/weppos/publicsuffix-go v0.5.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k=
github.com/xlab/handysort v0.0.0-20150421192137-fb3537ed64a1/go.mod h1:QcJo0QPSfTONNIgpN5RA8prR7fF8nkF6cTWTcNerRO8=
github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/ziutek/mymysql v1.5.4/go.mod h1:LMSpPZ6DbqWFxNCHW77HeMg9I646SAhApZ/wKdgO/C0=
github.com/zmap/rc2 v0.0.0-20131011165748-24b9757f5521/go.mod h1:3YZ9o3WnatTIZhuOtot4IcUfzoKVjUHqu6WALIyI0nE=
github.com/zmap/zcertificate v0.0.0-20180516150559-0e3d58b1bac4/go.mod h1:5iU54tB79AMBcySS0R2XIyZBAVmeHranShAFELYx7is=
Expand All @@ -394,13 +399,19 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
golang.org/x/crypto v0.0.0-20191028145041-f83a4685e152/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20191029031824-8986dd9e96cf h1:fnPsqIDRbCSgumaMCRpoIoF2s4qxv0xSSS0BVZUE/ss=
golang.org/x/crypto v0.0.0-20191029031824-8986dd9e96cf/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
golang.org/x/mod v0.3.0 h1:RM4zey1++hCTbCVQfnWeKs9/IEsaBLA8vTkd0WVtmH4=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
Expand All @@ -418,6 +429,8 @@ golang.org/x/net v0.0.0-20191014212845-da9a3fd4c582 h1:p9xBe/w/OzkeYVKm234g55gMd
golang.org/x/net v0.0.0-20191014212845-da9a3fd4c582/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20191021144547-ec77196f6094 h1:5O4U9trLjNpuhpynaDsqwCk+Tw6seqJz1EbqbnzHrc8=
golang.org/x/net v0.0.0-20191021144547-ec77196f6094/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20201021035429-f5854403a974 h1:IX6qOQeG5uLjB/hjjwjedwfjND0hgjPMMyO1RoIXQNI=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/oauth2 v0.0.0-20180724155351-3d292e4d0cdc/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
Expand All @@ -429,6 +442,8 @@ golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY=
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 h1:SQFwaSi55rU7vdNs9Yr0Z324VNlrF+0wMqRXT4St8ck=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
Expand All @@ -448,11 +463,18 @@ golang.org/x/sys v0.0.0-20190830141801-acfa387b8d69 h1:Wdn4Yb8d5VrsO3jWgaeSZss09
golang.org/x/sys v0.0.0-20190830141801-acfa387b8d69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191020212454-3e7259c5e7c2 h1:nq114VpM8lsSlP+lyUbANecYHYiFcSNFtqcBlxRV+gA=
golang.org/x/sys v0.0.0-20191020212454-3e7259c5e7c2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4 h1:myAQVi0cGEoqQVR5POX+8RR2mrocKqNN1hmeMqhX27k=
golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210426230700-d19ff857e887 h1:dXfMednGJh/SUUFjTLsWJz3P+TQt9qnR11GgeI3vWKs=
golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ=
Expand All @@ -468,8 +490,15 @@ golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3
golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
golang.org/x/tools v0.0.0-20191014205221-18e3458ac98b h1:EsQHTYgcM562dq02r6y2Yt9VpvvLNIyNECx96XQeolA=
golang.org/x/tools v0.0.0-20191014205221-18e3458ac98b/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.1.0 h1:po9/4sTYwZU9lPhi1tOrb4hCv3qrhiQ77LZfGa2OjwY=
golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk=
google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
google.golang.org/api v0.5.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
Expand Down
16 changes: 8 additions & 8 deletions pkg/intoto/os.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,11 +52,11 @@ func verifyOnOS(verificationDir string) error {
return fmt.Errorf("cannot read root layout pubkeys in %v: %v", verificationDir, err)
}
for _, filename := range filenames {
err = rootLayoutPubKey.LoadPublicKey(filename)
err = rootLayoutPubKey.LoadKey(filename, "rsassa-pss-sha256", []string{"sha256", "sha512"})
scottbuckel marked this conversation as resolved.
Show resolved Hide resolved
if err != nil {
return fmt.Errorf("cannot load layout public key %v: %v", filename, err)
}
rootLayoutPubKeys[rootLayoutPubKey.KeyId] = rootLayoutPubKey
rootLayoutPubKeys[rootLayoutPubKey.KeyID] = rootLayoutPubKey
}

var rootLayout in_toto.Metablock
Expand Down Expand Up @@ -95,7 +95,7 @@ func ValidateLayout(layout in_toto.Layout) error {
}

for keyID, key := range layout.Keys {
if key.KeyId != keyID {
if key.KeyID != keyID {
return fmt.Errorf("invalid key found")
}
if err := validateRSAPubKey(key); err != nil {
Expand Down Expand Up @@ -127,11 +127,11 @@ func ValidateLayout(layout in_toto.Layout) error {
func validateRSAPubKey(key in_toto.Key) error {
if key.KeyType != "rsa" {
return fmt.Errorf("invalid KeyType for key '%s': should be 'rsa', got"+
" '%s'", key.KeyId, key.KeyType)
" '%s'", key.KeyID, key.KeyType)
}
if key.Scheme != "rsassa-pss-sha256" {
return fmt.Errorf("invalid scheme for key '%s': should be "+
"'rsassa-pss-sha256', got: '%s'", key.KeyId, key.Scheme)
"'rsassa-pss-sha256', got: '%s'", key.KeyID, key.Scheme)
}
if err := validatePubKey(key); err != nil {
return err
Expand All @@ -141,14 +141,14 @@ func validateRSAPubKey(key in_toto.Key) error {

// validatePubKey is a general function to validate if a key is a valid public key.
func validatePubKey(key in_toto.Key) error {
if err := validateHexString(key.KeyId); err != nil {
if err := validateHexString(key.KeyID); err != nil {
return fmt.Errorf("keyid: %s", err.Error())
}
if key.KeyVal.Private != "" {
return fmt.Errorf("in key '%s': private key found", key.KeyId)
return fmt.Errorf("in key '%s': private key found", key.KeyID)
}
if key.KeyVal.Public == "" {
return fmt.Errorf("in key '%s': public key cannot be empty", key.KeyId)
return fmt.Errorf("in key '%s': public key cannot be empty", key.KeyID)
}
return nil
}
Expand Down
4 changes: 4 additions & 0 deletions pkg/intoto/os_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,10 @@ func TestValidate(t *testing.T) {
assert.NoError(t, err)

err = ValidateLayout(*l)

// the validation step generates a directory
os.RemoveAll(testDir + "/demo-project")

assert.NoError(t, err)
}

Expand Down
29 changes: 29 additions & 0 deletions testdata/intoto/clone.776a00e2.link
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
{
"signatures": [
{
"keyid": "776a00e29f3559e0141b3b096f696abc6cfb0c657ab40f441132b345b08453f5",
"sig": "35dacafb53b740e63a8b86fa355d7e75296374bf30d1e8097efeaca4b7fe26f479a8163ce61380e433bdfffdfe15216bca1167eb136a2f2b6f0efb7b903e450f18fda1f32c452ae453aed2dab8916d406f5e5dfa61c57437e0bfb3a376b88313b19b75c9102325805f0d9c6c887fe564bd253927d435254fc49bb20b14481c543ca5223a347145d76f4a69c271b87c727644ee8c00b4d52a675e699f953c0dea8dcf6298f3dff3713b063f6ba9977a6aba8484a3d9724cb68509c5f6112106c99521db289609c79f44a978f71159dda40a59676b7b5fa15da52b0d34cdd6139a53caff87fb67a49983fe7debc70ba749c852fefc590e599808283e902e0629db902fcc6a114883038476dd6c8a8872950c2e16f6bdf29aea04a23e18b64f171a00c48028909692a9fdd3b2383d19ea818adc14076232cb25f7f8dd967c793a48e61b4d409885c553474763c39032fc77efb74567a7dfbe2e2e4087fae45b2f23e58922174e7f30e1ce11ca437104ab70a8063609c73b0333690aae9887958080"
}
],
"signed": {
"_type": "link",
"byproducts": {
"return-value": 0,
"stderr": "",
"stdout": ""
},
"command": [
"git",
"clone",
"https://github.com/in-toto/demo-project.git"
],
"environment": {},
"materials": {},
"name": "clone",
"products": {
"demo-project/foo.py": {
"sha256": "ebebf8778035e0e842a4f1aeb92a601be8ea8e621195f3b972316c60c9e12235"
}
}
}
}
Binary file added testdata/intoto/demo-project.tar.gz
View file
Open in desktop
Binary file not shown.
Binary file removed testdata/intoto/foo.tar.gz
View file
Open in desktop
Binary file not shown.
20 changes: 11 additions & 9 deletions testdata/intoto/package.2f89b927.link
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,32 +2,34 @@
"signatures": [
{
"keyid": "2f89b9272acfc8f4a0a0f094d789fdb0ba798b0fe41f2f5f417c12f0085ff498",
"sig": "66365d379d66a2e76d39a1f048847826393127572ba43bead96419499b02561a08e1cb06cf91f2addd87c30a01f776a8ccc599574bc9a2bd519558351f56cffa61ac4f994d0d491204ff54707937e15f9abfa97c5bda1ec1ae2a2afea63f808613f4fb343b85a5a455b668b95fa3a11cb9b34219d4d6af2dd4e80a9af01023954a8813b510a6ff6041c3af52056d021fabbc975211b0d8ee7a429a6c22efde583d8ac0719fd657b398a3e02cc711897acbe8cadf32d54f47012aa44621728ede42c3bc95c662f9c1211df4e18da8e0f6b2de358700cea5db1e76fc61ef5a90bcebcc883eed2272e5ca1c8cbb09b868613b839266cd3ae346ce88439bdb5bb4c69dcb7398f4373f2b051adb3d44d11ef1b70c7189aa5c0e6906bf7be1228dc553390024c9c796316067fda7d63cf60bfac86ef2e13bbd8e4c3575683673f7cdf4639c3a5dc225fc0c040dbd9962a6ff51913b240544939ce2d32a5e84792c0acfa94ee07e88e474bf4937558d107c6ecdef5b5b3a7f3a44a657662bbc1046df3a"
"sig": "2427eff02cd5114a513239c4a9d7e0f933e1f8d1e9894ad4b23f189600a095e919edf30af8de4cea0d7ba0aa83711d83bd8002592c012b3105690f75b8edefec10bffcec1cd9624f689cea1f9115073e646193ff72fdb6a39e8d71c2ded6fc5ab7f34ddd6f1eb415dbcb53201d7b3ecb7add18a136badd0a4ba4ffdef2baab8ec75b001afe4630507ce656846d1bc64154ee39303a90a69382249024965e82d62afe240ff8b8d3c1727d46c2843d95cfa458fa9fd9224fbabfcc429482595dd168fd226b4093998aab0e9c20f84f70cc8dc237bf8359c90eb70fdb57a7d1ce6bac182f188eed2502268ee42d3ad0e2649ebe06b3b8e8c53e670916e144c5a197a91c8c4db3a933c4f0c21269442531d582202d8e79ca7b63d69831bad315243e7706b63d20d61046214860ccbc5b9dcc559f1843fd4ee18b14b34cb2a8f85582451a68f668d6df1d802c412ed80ea05ed4a18502d923fdb5fd8d807bb5068038c13a2135caedde4cd8cc94aaca5c7a15108db1e78753f38ff44df0dbfd8d243a"
}
],
"signed": {
"_type": "link",
"byproducts": {
"return-value": 0,
"stderr": "a foo.py\n",
"stderr": "a demo-project\na demo-project/foo.py\n",
"stdout": ""
},
"command": [
"tar",
"zcvf",
"foo.tar.gz",
"foo.py"
"--exclude",
".git",
"-zcvf",
"demo-project.tar.gz",
"demo-project"
],
"environment": {},
"materials": {
"foo.py": {
"sha256": "74dc3727c6e89308b39e4dfedf787e37841198b1fa165a27c013544a60502549"
"demo-project/foo.py": {
"sha256": "84bd0838e658fa7b62229ca3ef6620d15ec71c424cf6940e4980b205634cd845"
}
},
"name": "package",
"products": {
"foo.tar.gz": {
"sha256": "52947cb78b91ad01fe81cd6aef42d1f6817e92b9e6936c1e5aabb7c98514f355"
"demo-project.tar.gz": {
"sha256": "c40efa63bb5ed7535c18ade46fae73826b396b46fe5ff66b48184e162f6458d5"
}
}
}
Expand Down
Loading