From 9cbd64c4d0170595a06d0a5bc5ec39f2275bc05a Mon Sep 17 00:00:00 2001 From: Yongxuan Zhang Date: Thu, 8 Jun 2023 19:05:44 +0000 Subject: [PATCH] remove GetUnsignedTask helper function and use var in each file This commit is part of #5820. It removes the GetUnsignedTask helper function and use a var in each test file instead to improve the readability for developers. Signed-off-by: Yongxuan Zhang yongxuanzhang@google.com --- .../taskrun/resources/taskref_test.go | 22 ++++- pkg/trustedresources/verify_test.go | 95 +++++++++++-------- test/trustedresources.go | 20 ---- test/trustedresources_test.go | 23 ++++- 4 files changed, 97 insertions(+), 63 deletions(-) diff --git a/pkg/reconciler/taskrun/resources/taskref_test.go b/pkg/reconciler/taskrun/resources/taskref_test.go index 53fc64ec897..9099e8d2ebe 100644 --- a/pkg/reconciler/taskrun/resources/taskref_test.go +++ b/pkg/reconciler/taskrun/resources/taskref_test.go @@ -83,6 +83,22 @@ var ( }, EntryPoint: "foo/bar", } + unsignedV1beta1Task = &v1beta1.Task{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "tekton.dev/v1beta1", + Kind: "Task"}, + ObjectMeta: metav1.ObjectMeta{ + Name: "test-task", + Namespace: "trusted-resources", + Annotations: map[string]string{"foo": "bar"}, + }, + Spec: v1beta1.TaskSpec{ + Steps: []v1beta1.Step{{ + Image: "ubuntu", + Name: "echo", + }}, + }, + } unsignedV1Task = v1.Task{ TypeMeta: metav1.TypeMeta{ APIVersion: "tekton.dev/v1", @@ -651,7 +667,7 @@ func TestGetTaskFunc_V1beta1Task_VerifyNoError(t *testing.T) { signer, _, k8sclient, vps := test.SetupVerificationPolicies(t) tektonclient := fake.NewSimpleClientset() - unsignedTask := test.GetUnsignedTask("test-task") + unsignedTask := unsignedV1beta1Task unsignedTaskBytes, err := json.Marshal(unsignedTask) unsignedV1Task := &v1.Task{} unsignedTask.ConvertTo(ctx, unsignedV1Task) @@ -785,7 +801,7 @@ func TestGetTaskFunc_V1beta1Task_VerifyError(t *testing.T) { signer, _, k8sclient, vps := test.SetupVerificationPolicies(t) tektonclient := fake.NewSimpleClientset() - unsignedTask := test.GetUnsignedTask("test-task") + unsignedTask := unsignedV1beta1Task unsignedTaskBytes, err := json.Marshal(unsignedTask) if err != nil { t.Fatal("fail to marshal task", err) @@ -1162,7 +1178,7 @@ func TestGetTaskFunc_GetFuncError(t *testing.T) { _, k8sclient, vps := test.SetupMatchAllVerificationPolicies(t, "trusted-resources") tektonclient := fake.NewSimpleClientset() - unsignedTask := test.GetUnsignedTask("test-task") + unsignedTask := unsignedV1beta1Task unsignedTaskBytes, err := json.Marshal(unsignedTask) if err != nil { t.Fatal("fail to marshal task", err) diff --git a/pkg/trustedresources/verify_test.go b/pkg/trustedresources/verify_test.go index 73117838773..94f5275c3dc 100644 --- a/pkg/trustedresources/verify_test.go +++ b/pkg/trustedresources/verify_test.go @@ -46,38 +46,57 @@ const ( namespace = "trusted-resources" ) -var unsignedTask = v1.Task{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "tekton.dev/v1", - Kind: "Task"}, - ObjectMeta: metav1.ObjectMeta{ - Name: "task", - Annotations: map[string]string{"foo": "bar"}, - }, - Spec: v1.TaskSpec{ - Steps: []v1.Step{{ - Image: "ubuntu", - Name: "echo", - }}, - }, -} +var ( + unsignedV1beta1Task = &v1beta1.Task{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "tekton.dev/v1beta1", + Kind: "Task"}, + ObjectMeta: metav1.ObjectMeta{ + Name: "test-task", + Namespace: "trusted-resources", + Annotations: map[string]string{"foo": "bar"}, + }, + Spec: v1beta1.TaskSpec{ + Steps: []v1beta1.Step{{ + Image: "ubuntu", + Name: "echo", + }}, + }, + } -var unsignedPipeline = v1.Pipeline{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "tekton.dev/v1", - Kind: "Pipeline"}, - ObjectMeta: metav1.ObjectMeta{ - Name: "pipeline", - Annotations: map[string]string{"foo": "bar"}, - }, - Spec: v1.PipelineSpec{ - Tasks: []v1.PipelineTask{ - { - Name: "task", + unsignedV1Task = v1.Task{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "tekton.dev/v1", + Kind: "Task"}, + ObjectMeta: metav1.ObjectMeta{ + Name: "task", + Annotations: map[string]string{"foo": "bar"}, + }, + Spec: v1.TaskSpec{ + Steps: []v1.Step{{ + Image: "ubuntu", + Name: "echo", + }}, + }, + } + + unsignedV1Pipeline = v1.Pipeline{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "tekton.dev/v1", + Kind: "Pipeline"}, + ObjectMeta: metav1.ObjectMeta{ + Name: "pipeline", + Annotations: map[string]string{"foo": "bar"}, + }, + Spec: v1.PipelineSpec{ + Tasks: []v1.PipelineTask{ + { + Name: "task", + }, }, }, - }, -} + } +) func TestVerifyInterface_Task_Success(t *testing.T) { sv, _, err := signature.NewDefaultECDSASignerVerifier() @@ -85,7 +104,7 @@ func TestVerifyInterface_Task_Success(t *testing.T) { t.Fatalf("failed to get signerverifier %v", err) } - unsignedTask := test.GetUnsignedTask("test-task") + unsignedTask := unsignedV1beta1Task signedTask, err := test.GetSignedV1beta1Task(unsignedTask, sv, "signed") if err != nil { t.Fatalf("Failed to get signed task %v", err) @@ -113,7 +132,7 @@ func TestVerifyInterface_Task_Error(t *testing.T) { t.Fatalf("failed to get signerverifier %v", err) } - unsignedTask := test.GetUnsignedTask("test-task") + unsignedTask := unsignedV1beta1Task signedTask, err := test.GetSignedV1beta1Task(unsignedTask, sv, "signed") if err != nil { @@ -164,7 +183,7 @@ func TestVerifyInterface_Task_Error(t *testing.T) { func TestVerifyResource_Task_Success(t *testing.T) { signer256, _, k8sclient, vps := test.SetupVerificationPolicies(t) - unsignedTask := test.GetUnsignedTask("test-task") + unsignedTask := unsignedV1beta1Task signedTask, err := test.GetSignedV1beta1Task(unsignedTask, signer256, "signed") if err != nil { t.Fatal("fail to sign task", err) @@ -332,7 +351,7 @@ func TestVerifyResource_Task_Error(t *testing.T) { ctx = test.SetupTrustedResourceConfig(ctx, config.FailNoMatchPolicy) sv, _, k8sclient, vps := test.SetupVerificationPolicies(t) - unsignedTask := test.GetUnsignedTask("test-task") + unsignedTask := unsignedV1beta1Task signedTask, err := test.GetSignedV1beta1Task(unsignedTask, sv, "signed") if err != nil { @@ -542,7 +561,7 @@ func TestVerifyResource_Pipeline_Error(t *testing.T) { func TestVerifyResource_V1Task_Success(t *testing.T) { signer, _, k8sclient, vps := test.SetupVerificationPolicies(t) - signedTask, err := getSignedV1Task(unsignedTask.DeepCopy(), signer, "signed") + signedTask, err := getSignedV1Task(unsignedV1Task.DeepCopy(), signer, "signed") if err != nil { t.Error(err) } @@ -553,7 +572,7 @@ func TestVerifyResource_V1Task_Success(t *testing.T) { } func TestVerifyResource_V1Task_Error(t *testing.T) { signer, _, k8sclient, vps := test.SetupVerificationPolicies(t) - signedTask, err := getSignedV1Task(unsignedTask.DeepCopy(), signer, "signed") + signedTask, err := getSignedV1Task(unsignedV1Task.DeepCopy(), signer, "signed") if err != nil { t.Error(err) } @@ -567,7 +586,7 @@ func TestVerifyResource_V1Task_Error(t *testing.T) { func TestVerifyResource_V1Pipeline_Success(t *testing.T) { signer, _, k8sclient, vps := test.SetupVerificationPolicies(t) - signed, err := getSignedV1Pipeline(unsignedPipeline.DeepCopy(), signer, "signed") + signed, err := getSignedV1Pipeline(unsignedV1Pipeline.DeepCopy(), signer, "signed") if err != nil { t.Error(err) } @@ -579,7 +598,7 @@ func TestVerifyResource_V1Pipeline_Success(t *testing.T) { func TestVerifyResource_V1Pipeline_Error(t *testing.T) { signer, _, k8sclient, vps := test.SetupVerificationPolicies(t) - signed, err := getSignedV1Pipeline(unsignedPipeline.DeepCopy(), signer, "signed") + signed, err := getSignedV1Pipeline(unsignedV1Pipeline.DeepCopy(), signer, "signed") if err != nil { t.Error(err) } @@ -602,7 +621,7 @@ func TestVerifyResource_TypeNotSupported(t *testing.T) { } func TestPrepareObjectMeta(t *testing.T) { - unsigned := test.GetUnsignedTask("test-task").ObjectMeta + unsigned := unsignedV1beta1Task.ObjectMeta signed := unsigned.DeepCopy() sig := "tY805zV53PtwDarK3VD6dQPx5MbIgctNcg/oSle+MG0=" diff --git a/test/trustedresources.go b/test/trustedresources.go index d2d9980a2b9..922dd10d660 100644 --- a/test/trustedresources.go +++ b/test/trustedresources.go @@ -54,26 +54,6 @@ var ( read = readPasswordFn ) -// GetUnsignedTask returns unsigned task with given name -func GetUnsignedTask(name string) *v1beta1.Task { - return &v1beta1.Task{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "tekton.dev/v1beta1", - Kind: "Task"}, - ObjectMeta: metav1.ObjectMeta{ - Name: name, - Namespace: namespace, - Annotations: map[string]string{"foo": "bar"}, - }, - Spec: v1beta1.TaskSpec{ - Steps: []v1beta1.Step{{ - Image: "ubuntu", - Name: "echo", - }}, - }, - } -} - // GetUnsignedPipeline returns unsigned pipeline with given name func GetUnsignedPipeline(name string) *v1beta1.Pipeline { return &v1beta1.Pipeline{ diff --git a/test/trustedresources_test.go b/test/trustedresources_test.go index 0a84da1a25e..d47d8352ceb 100644 --- a/test/trustedresources_test.go +++ b/test/trustedresources_test.go @@ -26,9 +26,28 @@ import ( "github.com/google/go-cmp/cmp" "github.com/sigstore/sigstore/pkg/signature" + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1" "github.com/tektoncd/pipeline/test/diff" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) +var unsignedV1beta1Task = &v1beta1.Task{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "tekton.dev/v1beta1", + Kind: "Task"}, + ObjectMeta: metav1.ObjectMeta{ + Name: "test-task", + Namespace: "trusted-resources", + Annotations: map[string]string{"foo": "bar"}, + }, + Spec: v1beta1.TaskSpec{ + Steps: []v1beta1.Step{{ + Image: "ubuntu", + Name: "echo", + }}, + }, +} + func TestSignInterface(t *testing.T) { sv, _, err := signature.NewDefaultECDSASignerVerifier() if err != nil { @@ -46,7 +65,7 @@ func TestSignInterface(t *testing.T) { }{{ name: "Sign Task", signer: sv, - target: GetUnsignedTask("unsigned"), + target: unsignedV1beta1Task, wantErr: false, }, { name: "Sign String with cosign signer", @@ -61,7 +80,7 @@ func TestSignInterface(t *testing.T) { }, { name: "Empty Signer", signer: nil, - target: GetUnsignedTask("unsigned"), + target: unsignedV1beta1Task, wantErr: true, }, { name: "Sign String with mock signer",