Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DNM] Bump golang.org/x/net from 0.6.0 to 0.17.0 #961

Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
4 changes: 2 additions & 2 deletions .github/workflows/kind-e2e.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ name: Chains kind E2E Tests

on:
pull_request:
branches:
branches:
- main
- release-*

Expand Down Expand Up @@ -53,7 +53,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.18.x
go-version: 1.19.x

- uses: imjasonh/[email protected]
with:
Expand Down
130 changes: 41 additions & 89 deletions go.mod

Large diffs are not rendered by default.

452 changes: 88 additions & 364 deletions go.sum

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion test/e2e-tests.sh
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ header "Setting up environment"
# Test against nightly instead of latest.
install_tkn

export RELEASE_YAML="https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.40.0/release.yaml"
export RELEASE_YAML="https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.44.0/release.yaml"
install_pipeline_crd

install_chains
Expand Down
18 changes: 16 additions & 2 deletions test/e2e_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -773,8 +773,12 @@ func TestProvenanceMaterials(t *testing.T) {
}
if test.name == "pipelinerun" {
pr := signedObj.GetObject().(*v1beta1.PipelineRun)
for _, trStatus := range pr.Status.TaskRuns {
for _, step := range trStatus.Status.Steps {
for _, cr := range pr.Status.ChildReferences {
taskRun, err := c.PipelineClient.TektonV1beta1().TaskRuns(ns).Get(ctx, cr.Name, metav1.GetOptions{})
if err != nil {
t.Errorf("Did not expect an error but got %v", err)
}
for _, step := range taskRun.Status.Steps {
want = append(want, provenance.ProvenanceMaterial{
URI: strings.Split(step.ImageID, "@")[0],
Digest: provenance.DigestSet{
Expand All @@ -783,6 +787,16 @@ func TestProvenanceMaterials(t *testing.T) {
})
}
}
} else {
tr := signedObj.GetObject().(*v1beta1.TaskRun)
for _, step := range tr.Status.Steps {
want = append(want, provenance.ProvenanceMaterial{
URI: strings.Split(step.ImageID, "@")[0],
Digest: provenance.DigestSet{
"sha256": strings.Split(step.ImageID, ":")[1],
},
})
}
}
got := predicate.Materials

Expand Down
36 changes: 22 additions & 14 deletions test/examples_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ import (
intoto "github.com/in-toto/in-toto-golang/in_toto"
slsa "github.com/in-toto/in-toto-golang/in_toto/slsa_provenance/v0.2"
"github.com/secure-systems-lab/go-securesystemslib/dsse"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

"github.com/ghodss/yaml"
"github.com/tektoncd/chains/pkg/chains/objects"
Expand All @@ -60,6 +61,7 @@ type TestExample struct {
getExampleObjects func(t *testing.T, ns string) map[string]objects.TektonObject
payloadKey string
signatureKey string
outputLocation string
}

// TestExamples copies the format in the tektoncd/pipelines repo
Expand All @@ -75,6 +77,7 @@ func TestExamples(t *testing.T) {
getExampleObjects: getTaskRunExamples,
payloadKey: "chains.tekton.dev/payload-taskrun-%s",
signatureKey: "chains.tekton.dev/signature-taskrun-%s",
outputLocation: "slsa/v1",
},
{
name: "pipelinerun-examples",
Expand All @@ -85,6 +88,7 @@ func TestExamples(t *testing.T) {
getExampleObjects: getPipelineRunExamples,
payloadKey: "chains.tekton.dev/payload-pipelinerun-%s",
signatureKey: "chains.tekton.dev/signature-pipelinerun-%s",
outputLocation: "slsa/v1",
},
}

Expand Down Expand Up @@ -129,7 +133,7 @@ func runInTotoFormatterTests(ctx context.Context, t *testing.T, ns string, c *cl
if err := json.Unmarshal(payload, &gotProvenance); err != nil {
t.Fatal(err)
}
expected := expectedProvenance(t, path, completed)
expected := expectedProvenance(t, ctx, path, completed, test.outputLocation, ns, c)

opts := []cmp.Option{
// Annotations and labels may contain release specific information. Ignore
Expand Down Expand Up @@ -187,12 +191,12 @@ func (v *verifier) Public() crypto.PublicKey {
return v.pub
}

func expectedProvenance(t *testing.T, example string, obj objects.TektonObject) intoto.ProvenanceStatement {
func expectedProvenance(t *testing.T, ctx context.Context, example string, obj objects.TektonObject, outputLocation string, ns string, c *clients) intoto.ProvenanceStatement {
switch obj.(type) {
case *objects.TaskRunObject:
return expectedTaskRunProvenance(t, example, obj)
return expectedTaskRunProvenance(t, example, obj, outputLocation)
case *objects.PipelineRunObject:
return expectedPipelineRunProvenance(t, example, obj)
return expectedPipelineRunProvenance(t, ctx, example, obj, outputLocation, ns, c)
default:
t.Error("Unexpected type trying to get provenance")
}
Expand All @@ -215,7 +219,7 @@ type Format struct {
URIDigest []URIDigestPair
}

func expectedTaskRunProvenance(t *testing.T, example string, obj objects.TektonObject) intoto.ProvenanceStatement {
func expectedTaskRunProvenance(t *testing.T, example string, obj objects.TektonObject, outputLocation string) intoto.ProvenanceStatement {
tr := obj.GetObject().(*v1beta1.TaskRun)

name := tr.Name
Expand Down Expand Up @@ -249,10 +253,10 @@ func expectedTaskRunProvenance(t *testing.T, example string, obj objects.TektonO
URIDigest: uridigest,
}

return readExpectedAttestation(t, example, f)
return readExpectedAttestation(t, example, f, outputLocation)
}

func expectedPipelineRunProvenance(t *testing.T, example string, obj objects.TektonObject) intoto.ProvenanceStatement {
func expectedPipelineRunProvenance(t *testing.T, ctx context.Context, example string, obj objects.TektonObject, outputLocation string, ns string, c *clients) intoto.ProvenanceStatement {
pr := obj.GetObject().(*v1beta1.PipelineRun)

buildStartTimes := []string{}
Expand All @@ -261,10 +265,14 @@ func expectedPipelineRunProvenance(t *testing.T, example string, obj objects.Tek
uriDigestSet := make(map[string]bool)

// TODO: Load TaskRun data from ChildReferences.
for _, trStatus := range pr.Status.TaskRuns {
buildStartTimes = append(buildStartTimes, trStatus.Status.StartTime.Time.UTC().Format(time.RFC3339))
buildFinishedTimes = append(buildFinishedTimes, trStatus.Status.CompletionTime.Time.UTC().Format(time.RFC3339))
for _, step := range trStatus.Status.Steps {
for _, cr := range pr.Status.ChildReferences {
taskRun, err := c.PipelineClient.TektonV1beta1().TaskRuns(ns).Get(ctx, cr.Name, metav1.GetOptions{})
if err != nil {
t.Errorf("Did not expect an error but got %v", err)
}
buildStartTimes = append(buildStartTimes, taskRun.Status.StartTime.Time.UTC().Format(time.RFC3339))
buildFinishedTimes = append(buildFinishedTimes, taskRun.Status.CompletionTime.Time.UTC().Format(time.RFC3339))
for _, step := range taskRun.Status.Steps {
// append uri and digest that havent already been appended
uri := strings.Split(step.ImageID, "@")[0]
digest := strings.Split(step.ImageID, ":")[1]
Expand All @@ -274,7 +282,7 @@ func expectedPipelineRunProvenance(t *testing.T, example string, obj objects.Tek
uriDigestSet[uriDigest] = true
}
}
for _, sidecar := range trStatus.Status.Sidecars {
for _, sidecar := range taskRun.Status.Sidecars {
// append uri and digest that havent already been appended
uri := strings.Split(sidecar.ImageID, "@")[0]
digest := strings.Split(sidecar.ImageID, ":")[1]
Expand All @@ -294,10 +302,10 @@ func expectedPipelineRunProvenance(t *testing.T, example string, obj objects.Tek
URIDigest: uridigest,
}

return readExpectedAttestation(t, example, f)
return readExpectedAttestation(t, example, f, outputLocation)
}

func readExpectedAttestation(t *testing.T, example string, f Format) intoto.ProvenanceStatement {
func readExpectedAttestation(t *testing.T, example string, f Format, outputLocation string) intoto.ProvenanceStatement {
path := filepath.Join("testdata/intoto", strings.Replace(filepath.Base(example), ".yaml", ".json", 1))
t.Logf("Reading expected provenance from %s", path)

Expand Down
27 changes: 0 additions & 27 deletions vendor/bitbucket.org/creachadair/shell/LICENSE

This file was deleted.

7 changes: 0 additions & 7 deletions vendor/bitbucket.org/creachadair/shell/README.md

This file was deleted.

23 changes: 0 additions & 23 deletions vendor/bitbucket.org/creachadair/shell/bitbucket-pipelines.yml

This file was deleted.

Loading
Loading