Skip to content

Commit

Permalink
Skip tests that require network access with HERMETIC=true (#587)
Browse files Browse the repository at this point in the history
* Skip tests that require network access with HERMETIC=true

The config tests make outbound network calls since Load() calls
prepare() which fetches the OIDC configs. Tests that call Load() will
now be skipped. Tested with `HERMETIC=true go test ./...` without a
network connection.

I didn't use go:build !hermetic beacuse this causes the build to skip
building the config package entirely.

Signed-off-by: Hayden Blauzvern <[email protected]>

* Switch to tag based

Signed-off-by: Hayden Blauzvern <[email protected]>
  • Loading branch information
haydentherapper authored May 17, 2022
1 parent fdaedd6 commit a1b85d4
Show file tree
Hide file tree
Showing 2 changed files with 92 additions and 70 deletions.
92 changes: 92 additions & 0 deletions pkg/config/config_network_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
// Copyright 2022 The Sigstore Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//

//go:build !hermetic

package config

import (
"context"
"io/ioutil"
"path/filepath"
"testing"

"github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts"
)

func TestLoad(t *testing.T) {
td := t.TempDir()
cfgPath := filepath.Join(td, "config.json")
if err := ioutil.WriteFile(cfgPath, []byte(validCfg), 0644); err != nil {
t.Fatal(err)
}

cfg, _ := Load(cfgPath)
got, ok := cfg.GetIssuer("https://accounts.google.com")
if !ok {
t.Error("expected true, got false")
}
if got.ClientID != "foo" {
t.Errorf("expected foo, got %s", got.ClientID)
}
if got.IssuerURL != "https://accounts.google.com" {
t.Errorf("expected https://accounts.google.com, got %s", got.IssuerURL)
}
if got := len(cfg.OIDCIssuers); got != 1 {
t.Errorf("expected 1 issuer, got %d", got)
}

got, ok = cfg.GetIssuer("https://oidc.eks.fantasy-land.amazonaws.com/id/CLUSTERIDENTIFIER")
if !ok {
t.Error("expected true, got false")
}
if got.ClientID != "bar" {
t.Errorf("expected bar, got %s", got.ClientID)
}
if got.IssuerURL != "https://oidc.eks.fantasy-land.amazonaws.com/id/CLUSTERIDENTIFIER" {
t.Errorf("expected https://oidc.eks.fantasy-land.amazonaws.com/id/CLUSTERIDENTIFIER, got %s", got.IssuerURL)
}

if _, ok := cfg.GetIssuer("not_an_issuer"); ok {
t.Error("no error returned from an unconfigured issuer")
}
}

func TestLoadDefaults(t *testing.T) {
td := t.TempDir()

// Don't put anything here!
cfgPath := filepath.Join(td, "config.json")
cfg, err := Load(cfgPath)
if err != nil {
t.Fatal(err)
}

if diff := cmp.Diff(DefaultConfig, cfg, cmpopts.IgnoreUnexported(FulcioConfig{})); diff != "" {
t.Errorf("DefaultConfig(): -want +got: %s", diff)
}

ctx := context.Background()

if got := FromContext(ctx); nil != got {
t.Errorf("FromContext(): %#v, wanted nil", got)
}

ctx = With(ctx, cfg)
if diff := cmp.Diff(cfg, FromContext(ctx), cmpopts.IgnoreUnexported(FulcioConfig{})); diff != "" {
t.Errorf("FromContext(): -want +got: %s", diff)
}
}
70 changes: 0 additions & 70 deletions pkg/config/config_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,13 +16,7 @@
package config

import (
"context"
"io/ioutil"
"path/filepath"
"testing"

"github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts"
)

var validCfg = `
Expand Down Expand Up @@ -92,67 +86,3 @@ func TestMetaURLs(t *testing.T) {
})
}
}

func TestLoad(t *testing.T) {
td := t.TempDir()
cfgPath := filepath.Join(td, "config.json")
if err := ioutil.WriteFile(cfgPath, []byte(validCfg), 0644); err != nil {
t.Fatal(err)
}

cfg, _ := Load(cfgPath)
got, ok := cfg.GetIssuer("https://accounts.google.com")
if !ok {
t.Error("expected true, got false")
}
if got.ClientID != "foo" {
t.Errorf("expected foo, got %s", got.ClientID)
}
if got.IssuerURL != "https://accounts.google.com" {
t.Errorf("expected https://accounts.google.com, got %s", got.IssuerURL)
}
if got := len(cfg.OIDCIssuers); got != 1 {
t.Errorf("expected 1 issuer, got %d", got)
}

got, ok = cfg.GetIssuer("https://oidc.eks.fantasy-land.amazonaws.com/id/CLUSTERIDENTIFIER")
if !ok {
t.Error("expected true, got false")
}
if got.ClientID != "bar" {
t.Errorf("expected bar, got %s", got.ClientID)
}
if got.IssuerURL != "https://oidc.eks.fantasy-land.amazonaws.com/id/CLUSTERIDENTIFIER" {
t.Errorf("expected https://oidc.eks.fantasy-land.amazonaws.com/id/CLUSTERIDENTIFIER, got %s", got.IssuerURL)
}

if _, ok := cfg.GetIssuer("not_an_issuer"); ok {
t.Error("no error returned from an unconfigured issuer")
}
}

func TestLoadDefaults(t *testing.T) {
td := t.TempDir()

// Don't put anything here!
cfgPath := filepath.Join(td, "config.json")
cfg, err := Load(cfgPath)
if err != nil {
t.Fatal(err)
}

if diff := cmp.Diff(DefaultConfig, cfg, cmpopts.IgnoreUnexported(FulcioConfig{})); diff != "" {
t.Errorf("DefaultConfig(): -want +got: %s", diff)
}

ctx := context.Background()

if got := FromContext(ctx); nil != got {
t.Errorf("FromContext(): %#v, wanted nil", got)
}

ctx = With(ctx, cfg)
if diff := cmp.Diff(cfg, FromContext(ctx), cmpopts.IgnoreUnexported(FulcioConfig{})); diff != "" {
t.Errorf("FromContext(): -want +got: %s", diff)
}
}

0 comments on commit a1b85d4

Please sign in to comment.