github.com/itscaro/cli@v0.0.0-20190705081621-c9db0fe93829/cli/command/trust/signer_remove_test.go

github.com/itscaro/cli@v0.0.0-20190705081621-c9db0fe93829/cli/command/trust/signer_remove_test.go (about)

     1  package trust
     2  
     3  import (
     4  	"io/ioutil"
     5  	"testing"
     6  
     7  	"github.com/docker/cli/internal/test"
     8  	notaryfake "github.com/docker/cli/internal/test/notary"
     9  	"github.com/theupdateframework/notary/client"
    10  	"github.com/theupdateframework/notary/tuf/data"
    11  	"gotest.tools/assert"
    12  	is "gotest.tools/assert/cmp"
    13  )
    14  
    15  func TestTrustSignerRemoveErrors(t *testing.T) {
    16  	testCases := []struct {
    17  		name          string
    18  		args          []string
    19  		expectedError string
    20  	}{
    21  		{
    22  			name:          "not-enough-args-0",
    23  			expectedError: "requires at least 2 arguments",
    24  		},
    25  		{
    26  			name:          "not-enough-args-1",
    27  			args:          []string{"user"},
    28  			expectedError: "requires at least 2 arguments",
    29  		},
    30  	}
    31  	for _, tc := range testCases {
    32  		cmd := newSignerRemoveCommand(
    33  			test.NewFakeCli(&fakeClient{}))
    34  		cmd.SetArgs(tc.args)
    35  		cmd.SetOutput(ioutil.Discard)
    36  		assert.ErrorContains(t, cmd.Execute(), tc.expectedError)
    37  	}
    38  	testCasesWithOutput := []struct {
    39  		name          string
    40  		args          []string
    41  		expectedError string
    42  	}{
    43  		{
    44  			name:          "not-an-image",
    45  			args:          []string{"user", "notanimage"},
    46  			expectedError: "error retrieving signers for notanimage",
    47  		},
    48  		{
    49  			name:          "sha-reference",
    50  			args:          []string{"user", "870d292919d01a0af7e7f056271dc78792c05f55f49b9b9012b6d89725bd9abd"},
    51  			expectedError: "invalid repository name",
    52  		},
    53  		{
    54  			name:          "invalid-img-reference",
    55  			args:          []string{"user", "ALPINE"},
    56  			expectedError: "invalid reference format",
    57  		},
    58  	}
    59  	for _, tc := range testCasesWithOutput {
    60  		cli := test.NewFakeCli(&fakeClient{})
    61  		cli.SetNotaryClient(notaryfake.GetOfflineNotaryRepository)
    62  		cmd := newSignerRemoveCommand(cli)
    63  		cmd.SetArgs(tc.args)
    64  		cmd.SetOutput(ioutil.Discard)
    65  		cmd.Execute()
    66  		assert.Check(t, is.Contains(cli.ErrBuffer().String(), tc.expectedError))
    67  	}
    68  
    69  }
    70  
    71  func TestRemoveSingleSigner(t *testing.T) {
    72  	cli := test.NewFakeCli(&fakeClient{})
    73  	cli.SetNotaryClient(notaryfake.GetLoadedNotaryRepository)
    74  	removed, err := removeSingleSigner(cli, "signed-repo", "test", true)
    75  	assert.Error(t, err, "No signer test for repository signed-repo")
    76  	assert.Equal(t, removed, false, "No signer should be removed")
    77  
    78  	removed, err = removeSingleSigner(cli, "signed-repo", "releases", true)
    79  	assert.Error(t, err, "releases is a reserved keyword and cannot be removed")
    80  	assert.Equal(t, removed, false, "No signer should be removed")
    81  }
    82  
    83  func TestRemoveMultipleSigners(t *testing.T) {
    84  	cli := test.NewFakeCli(&fakeClient{})
    85  	cli.SetNotaryClient(notaryfake.GetLoadedNotaryRepository)
    86  	err := removeSigner(cli, signerRemoveOptions{signer: "test", repos: []string{"signed-repo", "signed-repo"}, forceYes: true})
    87  	assert.Error(t, err, "Error removing signer from: signed-repo, signed-repo")
    88  	assert.Check(t, is.Contains(cli.ErrBuffer().String(),
    89  		"No signer test for repository signed-repo"))
    90  	assert.Check(t, is.Contains(cli.OutBuffer().String(), "Removing signer \"test\" from signed-repo...\n"))
    91  }
    92  func TestRemoveLastSignerWarning(t *testing.T) {
    93  	cli := test.NewFakeCli(&fakeClient{})
    94  	cli.SetNotaryClient(notaryfake.GetLoadedNotaryRepository)
    95  
    96  	err := removeSigner(cli, signerRemoveOptions{signer: "alice", repos: []string{"signed-repo"}, forceYes: false})
    97  	assert.NilError(t, err)
    98  	assert.Check(t, is.Contains(cli.OutBuffer().String(),
    99  		"The signer \"alice\" signed the last released version of signed-repo. "+
   100  			"Removing this signer will make signed-repo unpullable. "+
   101  			"Are you sure you want to continue? [y/N]"))
   102  }
   103  
   104  func TestIsLastSignerForReleases(t *testing.T) {
   105  	role := data.Role{}
   106  	releaserole := client.RoleWithSignatures{}
   107  	releaserole.Name = releasesRoleTUFName
   108  	releaserole.Threshold = 1
   109  	allrole := []client.RoleWithSignatures{releaserole}
   110  	lastsigner, _ := isLastSignerForReleases(role, allrole)
   111  	assert.Check(t, is.Equal(false, lastsigner))
   112  
   113  	role.KeyIDs = []string{"deadbeef"}
   114  	sig := data.Signature{}
   115  	sig.KeyID = "deadbeef"
   116  	releaserole.Signatures = []data.Signature{sig}
   117  	releaserole.Threshold = 1
   118  	allrole = []client.RoleWithSignatures{releaserole}
   119  	lastsigner, _ = isLastSignerForReleases(role, allrole)
   120  	assert.Check(t, is.Equal(true, lastsigner))
   121  
   122  	sig.KeyID = "8badf00d"
   123  	releaserole.Signatures = []data.Signature{sig}
   124  	releaserole.Threshold = 1
   125  	allrole = []client.RoleWithSignatures{releaserole}
   126  	lastsigner, _ = isLastSignerForReleases(role, allrole)
   127  	assert.Check(t, is.Equal(false, lastsigner))
   128  }