fix: Makefile and cosesign1 tests

Remove references of `infra.rego.cose.base64` from Makefile and code. Add `AUTOPARSE_CHAIN` param to makefile, which will parse the pem certs automatically, otherwise test values will be set. Update tests expectations and parameters Signed-off-by: Maksim An <[email protected]>
microsoft · Jul 8, 2024 · 5f5935c · 5f5935c
1 parent 144c5e6
commit 5f5935c
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 12 deletions.
diff --git a/pkg/cosesign1/Makefile b/pkg/cosesign1/Makefile
@@ -26,17 +26,22 @@
 
 # note test-fail is expected to fail
 
+AUTOPARSE_CHAIN:=0
+ISSUER_DID:="TestIssuer"
+FEED:="TestFeed"
+DID_FINGERPRINT:=""
+
 all: chain.pem cose test-fail test-pass
 
 cose: infra.rego.cose
 
 %.pem:
 	 $(MAKE) -f Makefile.certs chain.pem
 
+ifeq "$(AUTOPARSE_CHAIN)" "1"
 ISSUER_DID = $(shell ./sign1util did-x509 -chain chain.pem -policy cn)
 DID_FINGERPRINT = $(shell ./sign1util did-x509 -chain chain.pem -policy cn | cut -d: -f5)
-FEED = acceuroperegistry.azurecr.io/infra
-
+endif
 
 # from these media types have to match containerd. The also need to change and the security policy one ought to be x-ms-ccepolicy-frag
 #     fragment atrifact type = application/x-ms-ccepolicy-frag
@@ -124,4 +129,4 @@ test-fail: did-fail
 
 clean:
 	$(MAKE) -f Makefile.certs $@
-	rm -f infra.rego.base64 infra.rego.cose sign1util
+	rm -f infra.rego.cose sign1util
diff --git a/pkg/cosesign1/cosesign1util_test.go b/pkg/cosesign1/cosesign1util_test.go
@@ -49,13 +49,14 @@ var certChainPEM string
 func TestMain(m *testing.M) {
 	fmt.Println("Generating files...")
 
-	err := exec.Command("make", "chain.pem", "infra.rego.cose").Run()
+	outputBytes, err := exec.Command("make", "chain.pem", "infra.rego.cose", "leaf.private.pem").CombinedOutput()
 	if err != nil {
 		fmt.Fprintf(os.Stderr, "Failed to build the required test files: %s", err)
 		os.Exit(1)
 	}
+	fmt.Println(string(outputBytes))
 
-	fragmentRego = readFileStringOrExit("infra.rego.base64")
+	fragmentRego = readFileStringOrExit("infra.rego")
 	fragmentCose = readFileBytesOrExit("infra.rego.cose")
 	leafPrivatePem = readFileStringOrExit("leaf.private.pem")
 	leafCertPEM = readFileStringOrExit("leaf.cert.pem")
@@ -85,7 +86,7 @@ func Test_UnpackAndValidateCannedFragment(t *testing.T) {
 	unpacked, err := UnpackAndValidateCOSE1CertChain(fragmentCose)
 
 	if err != nil {
-		t.Errorf("UnpackAndValidateCOSE1CertChain failed: %s", err.Error())
+		t.Fatalf("UnpackAndValidateCOSE1CertChain failed: %s", err)
 	}
 
 	iss := unpacked.Issuer
@@ -101,17 +102,17 @@ func Test_UnpackAndValidateCannedFragment(t *testing.T) {
 	if !comparePEMs(pubcert, leafCertPEM) {
 		t.Fatal("pubcert did not match")
 	}
-	if cty != "application/unknown+json" {
-		t.Fatal("cty did not match")
+	if cty != "application/unknown+rego" {
+		t.Fatalf("cty did not match: %s", cty)
 	}
 	if payload != fragmentRego {
 		t.Fatal("payload did not match")
 	}
 	if iss != "TestIssuer" {
-		t.Fatal("iss did not match")
+		t.Fatalf("iss did not match: %s", iss)
 	}
 	if feed != "TestFeed" {
-		t.Fatal("feed did not match")
+		t.Fatalf("feed did not match: %s", feed)
 	}
 }
 
@@ -132,13 +133,13 @@ func Test_UnpackAndValidateCannedFragmentCorrupted(t *testing.T) {
 
 // Use CreateCoseSign1 to make a document that should match the one made by the makefile
 func Test_CreateCoseSign1Fragment(t *testing.T) {
-	var raw, err = CreateCoseSign1([]byte(fragmentRego), "TestIssuer", "TestFeed", "application/unknown+json", []byte(certChainPEM), []byte(leafPrivatePem), "zero", cose.AlgorithmES384)
+	var raw, err = CreateCoseSign1([]byte(fragmentRego), "TestIssuer", "TestFeed", "application/unknown+rego", []byte(certChainPEM), []byte(leafPrivatePem), "zero", cose.AlgorithmES384)
 	if err != nil {
 		t.Fatalf("CreateCoseSign1 failed: %s", err)
 	}
 
 	if len(raw) != len(fragmentCose) {
-		t.Fatal("created fragment length does not match expected")
+		t.Fatalf("created fragment length (%d) does not match expected (%d)", len(raw), len(fragmentCose))
 	}
 
 	for i := range raw {