Skip to content

Commit

Permalink
Set go to min 1.21 and update dependencies (#3327)
Browse files Browse the repository at this point in the history
* set min go1.21

Signed-off-by: cpanato <[email protected]>

* update dependecies

Signed-off-by: cpanato <[email protected]>

* fix test TestImportPrivateKey

Signed-off-by: cpanato <[email protected]>

* fix lints and bump golangci-lint to 1.55.x

Signed-off-by: cpanato <[email protected]>

* update e2e test

Signed-off-by: cpanato <[email protected]>

---------

Signed-off-by: cpanato <[email protected]>
Signed-off-by: Bob Callaway <[email protected]>
Co-authored-by: Bob Callaway <[email protected]>
  • Loading branch information
cpanato and bobcallaway authored Oct 29, 2023
1 parent 9400476 commit 173f547
Show file tree
Hide file tree
Showing 9 changed files with 328 additions and 412 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ jobs:
- name: setup kind cluster
run: |
# Used to test: cosign generate-key-pair k8s://...
go install sigs.k8s.io/kind@v0.17.0
go install sigs.k8s.io/kind@v0.20.0
kind create cluster
- name: Run end-to-end tests
Expand Down Expand Up @@ -178,5 +178,5 @@ jobs:
uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0
with:
# Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version.
version: v1.54
version: v1.55
args: --timeout=5m
144 changes: 73 additions & 71 deletions go.mod

Large diffs are not rendered by default.

543 changes: 224 additions & 319 deletions go.sum

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion internal/pkg/cosign/tsa/mock/mock_tsa_client.go
Original file line number Diff line number Diff line change
Expand Up @@ -117,5 +117,5 @@ func (c *TSAClient) GetTimestampResponse(tsq []byte) ([]byte, error) {
tsStruct.Time = c.Time
}

return tsStruct.CreateResponse(c.CertChain[0], c.Signer)
return tsStruct.CreateResponseWithOpts(c.CertChain[0], c.Signer, crypto.SHA256)
}
4 changes: 2 additions & 2 deletions pkg/cosign/keys_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -376,12 +376,12 @@ func TestImportPrivateKey(t *testing.T) {
{
fileName: "invalidrsasmallkey.key",
pemData: invalidrsasmallkey,
expected: errors.New("error validating rsa key: key too small: 1024"),
expected: errors.New("error validating rsa key: key size not supported: 1024"),
},
{
fileName: "invalidrsalargekey.key",
pemData: invalidrsalargekey,
expected: errors.New("error validating rsa key: key too large: 5120 > 4096"),
expected: errors.New("error validating rsa key: key size not supported: 5120"),
},
// EC tests
{
Expand Down
5 changes: 2 additions & 3 deletions pkg/cosign/kubernetes/secret.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,10 @@ import (
"os"
"strings"

"k8s.io/utils/pointer"

v1 "k8s.io/api/core/v1"
k8serrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/utils/ptr"

"github.com/sigstore/cosign/v2/pkg/cosign"
)
Expand Down Expand Up @@ -120,7 +119,7 @@ func secret(keys *cosign.KeysBytes, namespace, name string, data map[string][]by
return &v1.Secret{
ObjectMeta: obj,
Data: data,
Immutable: pointer.Bool(true),
Immutable: ptr.To[bool](true),
}
}

Expand Down
5 changes: 2 additions & 3 deletions pkg/cosign/kubernetes/secret_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,9 @@ import (
"reflect"
"testing"

"k8s.io/utils/pointer"

v1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/utils/ptr"

"github.com/sigstore/cosign/v2/pkg/cosign"
)
Expand All @@ -43,7 +42,7 @@ func TestSecret(t *testing.T) {
"cosign.pub": []byte("public"),
"cosign.password": nil,
},
Immutable: pointer.Bool(true),
Immutable: ptr.To[bool](true),
}
actual := secret(keys, namespace, name, nil, true)
if !reflect.DeepEqual(actual, expect) {
Expand Down
18 changes: 12 additions & 6 deletions pkg/oci/mutate/mutate.go
Original file line number Diff line number Diff line change
Expand Up @@ -96,13 +96,16 @@ func (i *indexWrapper) SignedImage(h v1.Hash) (oci.SignedImage, error) {
return si, nil
}
}

if sb, ok := i.ogbase.(oci.SignedImageIndex); ok {
return sb.SignedImage(h)
} else if unsigned, err := i.Image(h); err != nil {
}

unsigned, err := i.Image(h)
if err != nil {
return nil, err
} else {
return signed.Image(unsigned), nil
}
return signed.Image(unsigned), nil
}

// SignedImageIndex implements oci.SignedImageIndex
Expand All @@ -118,13 +121,16 @@ func (i *indexWrapper) SignedImageIndex(h v1.Hash) (oci.SignedImageIndex, error)
return sii, nil
}
}

if sb, ok := i.ogbase.(oci.SignedImageIndex); ok {
return sb.SignedImageIndex(h)
} else if unsigned, err := i.ImageIndex(h); err != nil {
}

unsigned, err := i.ImageIndex(h)
if err != nil {
return nil, err
} else {
return signed.ImageIndex(unsigned), nil
}
return signed.ImageIndex(unsigned), nil
}

// AttachSignatureToEntity attaches the provided signature to the provided entity.
Expand Down
15 changes: 10 additions & 5 deletions test/e2e_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -753,7 +753,8 @@ func TestAttestationReplace(t *testing.T) {
func TestAttestationRFC3161Timestamp(t *testing.T) {
// TSA server needed to create timestamp
viper.Set("timestamp-signer", "memory")
apiServer := server.NewRestAPIServer("localhost", 0, []string{"http"}, 10*time.Second, 10*time.Second)
viper.Set("timestamp-signer-hash", "sha256")
apiServer := server.NewRestAPIServer("localhost", 0, []string{"http"}, false, 10*time.Second, 10*time.Second)
server := httptest.NewServer(apiServer.GetHandler())
t.Cleanup(server.Close)

Expand Down Expand Up @@ -843,7 +844,8 @@ func TestAttachWithRFC3161Timestamp(t *testing.T) {
ctx := context.Background()
// TSA server needed to create timestamp
viper.Set("timestamp-signer", "memory")
apiServer := server.NewRestAPIServer("localhost", 0, []string{"http"}, 10*time.Second, 10*time.Second)
viper.Set("timestamp-signer-hash", "sha256")
apiServer := server.NewRestAPIServer("localhost", 0, []string{"http"}, false, 10*time.Second, 10*time.Second)
server := httptest.NewServer(apiServer.GetHandler())
t.Cleanup(server.Close)

Expand Down Expand Up @@ -1099,7 +1101,8 @@ func TestFulcioBundle(t *testing.T) {
func TestRFC3161Timestamp(t *testing.T) {
// TSA server needed to create timestamp
viper.Set("timestamp-signer", "memory")
apiServer := server.NewRestAPIServer("localhost", 0, []string{"http"}, 10*time.Second, 10*time.Second)
viper.Set("timestamp-signer-hash", "sha256")
apiServer := server.NewRestAPIServer("localhost", 0, []string{"http"}, false, 10*time.Second, 10*time.Second)
server := httptest.NewServer(apiServer.GetHandler())
t.Cleanup(server.Close)

Expand Down Expand Up @@ -1153,7 +1156,8 @@ func TestRFC3161Timestamp(t *testing.T) {
func TestRekorBundleAndRFC3161Timestamp(t *testing.T) {
// TSA server needed to create timestamp
viper.Set("timestamp-signer", "memory")
apiServer := server.NewRestAPIServer("localhost", 0, []string{"http"}, 10*time.Second, 10*time.Second)
viper.Set("timestamp-signer-hash", "sha256")
apiServer := server.NewRestAPIServer("localhost", 0, []string{"http"}, false, 10*time.Second, 10*time.Second)
server := httptest.NewServer(apiServer.GetHandler())
t.Cleanup(server.Close)

Expand Down Expand Up @@ -1460,7 +1464,8 @@ func TestSignBlobBundle(t *testing.T) {
func TestSignBlobRFC3161TimestampBundle(t *testing.T) {
// TSA server needed to create timestamp
viper.Set("timestamp-signer", "memory")
apiServer := server.NewRestAPIServer("localhost", 0, []string{"http"}, 10*time.Second, 10*time.Second)
viper.Set("timestamp-signer-hash", "sha256")
apiServer := server.NewRestAPIServer("localhost", 0, []string{"http"}, false, 10*time.Second, 10*time.Second)
server := httptest.NewServer(apiServer.GetHandler())
t.Cleanup(server.Close)

Expand Down

0 comments on commit 173f547

Please sign in to comment.