1
0
mirror of https://github.com/goreleaser/goreleaser.git synced 2025-01-24 04:16:27 +02:00
goreleaser/internal/pipe/ko/ko_test.go
Carlos Alexandro Becker 3bb9a9a5b3
feat: allow to sign KO manifests (#4038)
add ko-generated manifests to the artifact list, this way they can be
signed later.

closes #4027

---------

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-05-27 00:16:07 -03:00

474 lines
12 KiB
Go

package ko
import (
"fmt"
"strconv"
"strings"
"testing"
"time"
_ "github.com/distribution/distribution/v3/registry/auth/htpasswd"
_ "github.com/distribution/distribution/v3/registry/storage/driver/inmemory"
"github.com/google/go-containerregistry/pkg/name"
"github.com/google/go-containerregistry/pkg/v1/remote"
"github.com/goreleaser/goreleaser/internal/artifact"
"github.com/goreleaser/goreleaser/internal/testctx"
"github.com/goreleaser/goreleaser/internal/testlib"
"github.com/goreleaser/goreleaser/pkg/config"
"github.com/goreleaser/goreleaser/pkg/context"
"github.com/stretchr/testify/require"
)
const (
registryPort = "5052"
registry = "localhost:5052/"
)
func TestDefault(t *testing.T) {
ctx := testctx.NewWithCfg(config.Project{
Env: []string{
"KO_DOCKER_REPO=" + registry,
"COSIGN_REPOSITORY=" + registry,
"LDFLAGS=foobar",
"FLAGS=barfoo",
"LE_ENV=test",
},
ProjectName: "test",
Builds: []config.Build{
{
ID: "test",
Dir: ".",
BuildDetails: config.BuildDetails{
Ldflags: []string{"{{.Env.LDFLAGS}}"},
Flags: []string{"{{.Env.FLAGS}}"},
Env: []string{"SOME_ENV={{.Env.LE_ENV}}"},
},
},
},
Kos: []config.Ko{
{},
},
})
require.NoError(t, Pipe{}.Default(ctx))
require.Equal(t, config.Ko{
ID: "test",
Build: "test",
BaseImage: chainguardStatic,
Repository: registry,
Platforms: []string{"linux/amd64"},
SBOM: "spdx",
Tags: []string{"latest"},
WorkingDir: ".",
Ldflags: []string{"{{.Env.LDFLAGS}}"},
Flags: []string{"{{.Env.FLAGS}}"},
Env: []string{"SOME_ENV={{.Env.LE_ENV}}"},
}, ctx.Config.Kos[0])
}
func TestDefaultNoImage(t *testing.T) {
ctx := testctx.NewWithCfg(config.Project{
ProjectName: "test",
Builds: []config.Build{
{
ID: "test",
},
},
Kos: []config.Ko{
{},
},
})
require.ErrorIs(t, Pipe{}.Default(ctx), errNoRepository)
}
func TestDescription(t *testing.T) {
require.NotEmpty(t, Pipe{}.String())
}
func TestSkip(t *testing.T) {
t.Run("skip ko set", func(t *testing.T) {
ctx := testctx.NewWithCfg(config.Project{
Kos: []config.Ko{{}},
})
ctx.SkipKo = true
require.True(t, Pipe{}.Skip(ctx))
})
t.Run("skip no kos", func(t *testing.T) {
ctx := testctx.New()
require.True(t, Pipe{}.Skip(ctx))
})
t.Run("dont skip", func(t *testing.T) {
ctx := testctx.NewWithCfg(config.Project{
Kos: []config.Ko{{}},
})
require.False(t, Pipe{}.Skip(ctx))
})
}
func TestPublishPipeNoMatchingBuild(t *testing.T) {
ctx := testctx.NewWithCfg(config.Project{
Builds: []config.Build{
{
ID: "doesnt matter",
},
},
Kos: []config.Ko{
{
ID: "default",
Build: "wont match nothing",
},
},
})
require.EqualError(t, Pipe{}.Default(ctx), `no builds with id "wont match nothing"`)
}
func TestPublishPipeSuccess(t *testing.T) {
testlib.StartRegistry(t, "ko_registry", registryPort)
table := []struct {
Name string
SBOM string
BaseImage string
Labels map[string]string
ExpectedLabels map[string]string
Platforms []string
Tags []string
CreationTime string
KoDataCreationTime string
}{
{
// Must be first as others add an SBOM for the same image
Name: "sbom-none",
SBOM: "none",
},
{
Name: "sbom-spdx",
SBOM: "spdx",
},
{
Name: "sbom-cyclonedx",
SBOM: "cyclonedx",
},
{
Name: "sbom-go.version-m",
SBOM: "go.version-m",
},
{
Name: "base-image-is-not-index",
BaseImage: "alpine:latest@sha256:c0d488a800e4127c334ad20d61d7bc21b4097540327217dfab52262adc02380c",
},
{
Name: "multiple-platforms",
Platforms: []string{"linux/amd64", "linux/arm64"},
},
{
Name: "labels",
Labels: map[string]string{"foo": "bar", "project": "{{.ProjectName}}"},
ExpectedLabels: map[string]string{"foo": "bar", "project": "test"},
},
{
Name: "creation-time",
CreationTime: "1672531200",
},
{
Name: "kodata-creation-time",
KoDataCreationTime: "1672531200",
},
{
Name: "tag-templates",
Tags: []string{
"{{if not .Prerelease }}{{.Version}}{{ end }}",
" ", // empty
},
},
{
Name: "tag-template-eval-empty",
Tags: []string{
"{{.Version}}",
"{{if .Prerelease }}latest{{ end }}",
},
},
}
repository := fmt.Sprintf("%sgoreleasertest/testapp", registry)
for _, table := range table {
table := table
t.Run(table.Name, func(t *testing.T) {
if len(table.Tags) == 0 {
table.Tags = []string{table.Name}
}
ctx := testctx.NewWithCfg(config.Project{
ProjectName: "test",
Builds: []config.Build{
{
ID: "foo",
BuildDetails: config.BuildDetails{
Ldflags: []string{"-s", "-w"},
Flags: []string{"-tags", "netgo"},
Env: []string{"GOCACHE=" + t.TempDir()},
},
},
},
Kos: []config.Ko{
{
ID: "default",
Build: "foo",
WorkingDir: "./testdata/app/",
BaseImage: table.BaseImage,
Repository: repository,
Labels: table.Labels,
Platforms: table.Platforms,
Tags: table.Tags,
CreationTime: table.CreationTime,
KoDataCreationTime: table.KoDataCreationTime,
SBOM: table.SBOM,
Bare: true,
},
},
}, testctx.WithVersion("1.2.0"))
require.NoError(t, Pipe{}.Default(ctx))
require.NoError(t, Pipe{}.Publish(ctx))
manifests := ctx.Artifacts.Filter(artifact.ByType(artifact.DockerManifest)).List()
require.Len(t, manifests, 1)
require.NotEmpty(t, manifests[0].Name)
require.Equal(t, manifests[0].Name, manifests[0].Path)
require.NotEmpty(t, manifests[0].Extra[artifact.ExtraDigest])
require.Equal(t, "default", manifests[0].Extra[artifact.ExtraID])
tags, err := applyTemplate(ctx, table.Tags)
require.NoError(t, err)
tags = removeEmpty(tags)
require.Len(t, tags, 1)
ref, err := name.ParseReference(
fmt.Sprintf("%s:latest", repository),
name.Insecure,
)
require.NoError(t, err)
_, err = remote.Index(ref)
require.Error(t, err) // latest should not exist
ref, err = name.ParseReference(
fmt.Sprintf("%s:%s", repository, tags[0]),
name.Insecure,
)
require.NoError(t, err)
index, err := remote.Index(ref)
if len(table.Platforms) > 1 {
require.NoError(t, err)
imf, err := index.IndexManifest()
require.NoError(t, err)
platforms := make([]string, 0, len(imf.Manifests))
for _, mf := range imf.Manifests {
platforms = append(platforms, mf.Platform.String())
}
require.ElementsMatch(t, table.Platforms, platforms)
} else {
require.Error(t, err)
}
image, err := remote.Image(ref)
require.NoError(t, err)
digest, err := image.Digest()
require.NoError(t, err)
sbomRef, err := name.ParseReference(
fmt.Sprintf(
"%s:%s.sbom",
repository,
strings.Replace(digest.String(), ":", "-", 1),
),
name.Insecure,
)
require.NoError(t, err)
sbom, err := remote.Image(sbomRef)
if table.SBOM == "none" {
require.Error(t, err)
} else {
require.NoError(t, err)
layers, err := sbom.Layers()
require.NoError(t, err)
require.NotEmpty(t, layers)
mediaType, err := layers[0].MediaType()
require.NoError(t, err)
switch table.SBOM {
case "spdx", "":
require.Equal(t, "text/spdx+json", string(mediaType))
case "cyclonedx":
require.Equal(t, "application/vnd.cyclonedx+json", string(mediaType))
case "go.version-m":
require.Equal(t, "application/vnd.go.version-m", string(mediaType))
default:
require.Fail(t, "unknown SBOM type", table.SBOM)
}
}
configFile, err := image.ConfigFile()
require.NoError(t, err)
require.GreaterOrEqual(t, len(configFile.History), 3)
require.Equal(t, table.ExpectedLabels, configFile.Config.Labels)
var creationTime time.Time
if table.CreationTime != "" {
ct, err := strconv.ParseInt(table.CreationTime, 10, 64)
require.NoError(t, err)
creationTime = time.Unix(ct, 0).UTC()
require.Equal(t, creationTime, configFile.Created.Time.UTC())
}
require.Equal(t, creationTime, configFile.History[len(configFile.History)-1].Created.Time.UTC())
var koDataCreationTime time.Time
if table.KoDataCreationTime != "" {
kdct, err := strconv.ParseInt(table.KoDataCreationTime, 10, 64)
require.NoError(t, err)
koDataCreationTime = time.Unix(kdct, 0).UTC()
}
require.Equal(t, koDataCreationTime, configFile.History[len(configFile.History)-2].Created.Time.UTC())
})
}
}
func TestPublishPipeError(t *testing.T) {
makeCtx := func() *context.Context {
return testctx.NewWithCfg(config.Project{
Builds: []config.Build{
{
ID: "foo",
Main: "./...",
},
},
Kos: []config.Ko{
{
ID: "default",
Build: "foo",
WorkingDir: "./testdata/app/",
Repository: "fakerepo:8080/",
Tags: []string{"latest", "{{.Tag}}"},
},
},
}, testctx.WithCurrentTag("v1.0.0"))
}
t.Run("invalid base image", func(t *testing.T) {
ctx := makeCtx()
ctx.Config.Kos[0].BaseImage = "not a valid image hopefully"
require.NoError(t, Pipe{}.Default(ctx))
require.EqualError(t, Pipe{}.Publish(ctx), `build: could not parse reference: not a valid image hopefully`)
})
t.Run("invalid label tmpl", func(t *testing.T) {
ctx := makeCtx()
ctx.Config.Kos[0].Labels = map[string]string{"nope": "{{.Nope}}"}
require.NoError(t, Pipe{}.Default(ctx))
testlib.RequireTemplateError(t, Pipe{}.Publish(ctx))
})
t.Run("invalid sbom", func(t *testing.T) {
ctx := makeCtx()
ctx.Config.Kos[0].SBOM = "nope"
require.NoError(t, Pipe{}.Default(ctx))
require.EqualError(t, Pipe{}.Publish(ctx), `makeBuilder: unknown sbom type: "nope"`)
})
t.Run("invalid build", func(t *testing.T) {
ctx := makeCtx()
ctx.Config.Kos[0].WorkingDir = t.TempDir()
require.NoError(t, Pipe{}.Default(ctx))
require.EqualError(t, Pipe{}.Publish(ctx), `build: exit status 1`)
})
t.Run("invalid tags tmpl", func(t *testing.T) {
ctx := makeCtx()
ctx.Config.Kos[0].Tags = []string{"{{.Nope}}"}
require.NoError(t, Pipe{}.Default(ctx))
testlib.RequireTemplateError(t, Pipe{}.Publish(ctx))
})
t.Run("invalid creation time", func(t *testing.T) {
ctx := makeCtx()
ctx.Config.Kos[0].CreationTime = "nope"
require.NoError(t, Pipe{}.Default(ctx))
err := Pipe{}.Publish(ctx)
require.Error(t, err)
require.Contains(t, err.Error(), `strconv.ParseInt: parsing "nope": invalid syntax`)
})
t.Run("invalid creation time tmpl", func(t *testing.T) {
ctx := makeCtx()
ctx.Config.Kos[0].CreationTime = "{{.Nope}}"
require.NoError(t, Pipe{}.Default(ctx))
testlib.RequireTemplateError(t, Pipe{}.Publish(ctx))
})
t.Run("invalid kodata creation time", func(t *testing.T) {
ctx := makeCtx()
ctx.Config.Kos[0].KoDataCreationTime = "nope"
require.NoError(t, Pipe{}.Default(ctx))
err := Pipe{}.Publish(ctx)
require.Error(t, err)
require.Contains(t, err.Error(), `strconv.ParseInt: parsing "nope": invalid syntax`)
})
t.Run("invalid kodata creation time tmpl", func(t *testing.T) {
ctx := makeCtx()
ctx.Config.Kos[0].KoDataCreationTime = "{{.Nope}}"
require.NoError(t, Pipe{}.Default(ctx))
testlib.RequireTemplateError(t, Pipe{}.Publish(ctx))
})
t.Run("invalid env tmpl", func(t *testing.T) {
ctx := makeCtx()
ctx.Config.Builds[0].Env = []string{"{{.Nope}}"}
require.NoError(t, Pipe{}.Default(ctx))
testlib.RequireTemplateError(t, Pipe{}.Publish(ctx))
})
t.Run("invalid ldflags tmpl", func(t *testing.T) {
ctx := makeCtx()
ctx.Config.Builds[0].Ldflags = []string{"{{.Nope}}"}
require.NoError(t, Pipe{}.Default(ctx))
testlib.RequireTemplateError(t, Pipe{}.Publish(ctx))
})
t.Run("invalid flags tmpl", func(t *testing.T) {
ctx := makeCtx()
ctx.Config.Builds[0].Flags = []string{"{{.Nope}}"}
require.NoError(t, Pipe{}.Default(ctx))
testlib.RequireTemplateError(t, Pipe{}.Publish(ctx))
})
t.Run("publish fail", func(t *testing.T) {
ctx := makeCtx()
require.NoError(t, Pipe{}.Default(ctx))
err := Pipe{}.Publish(ctx)
require.Error(t, err)
require.Contains(t, err.Error(), `publish: writing sbom: Get "https://fakerepo:8080/v2/": dial tcp:`)
})
}
func TestApplyTemplate(t *testing.T) {
t.Run("success", func(t *testing.T) {
foo, err := applyTemplate(testctx.NewWithCfg(config.Project{
Env: []string{"FOO=bar"},
}), []string{"{{ .Env.FOO }}"})
require.NoError(t, err)
require.Equal(t, []string{"bar"}, foo)
})
t.Run("error", func(t *testing.T) {
_, err := applyTemplate(testctx.New(), []string{"{{ .Nope}}"})
require.Error(t, err)
})
}