feat: unit tests added

Signed-off-by: SimoneFiorani <[email protected]>
sfiorani · Mar 28, 2024 · f563ae3 · f563ae3
1 parent 3823331
commit f563ae3
Show file tree

Hide file tree

Showing 4 changed files with 55 additions and 3 deletions.
diff --git a/...ntainer.provider/src/main/java/org/eclipse/kura/container/provider/ContainerInstance.java b/...ntainer.provider/src/main/java/org/eclipse/kura/container/provider/ContainerInstance.java
@@ -354,7 +354,7 @@ private void startMicroservice(final ContainerInstanceOptions options) {
 
             final ContainerConfiguration containerConfiguration = options.getEnforcementDigest().isPresent()
                     ? options.getContainerConfiguration()
-                    : options.getContainerConfiguration(signatureExtractedDigest);
+                    : options.getContainerConfigurationBySignature(signatureExtractedDigest);
 
             int retries = 0;
             while ((unlimitedRetries || retries < maxRetries) && !Thread.currentThread().isInterrupted()) {

diff --git a/....provider/src/main/java/org/eclipse/kura/container/provider/ContainerInstanceOptions.java b/....provider/src/main/java/org/eclipse/kura/container/provider/ContainerInstanceOptions.java
@@ -394,7 +394,7 @@ public ContainerConfiguration getContainerConfiguration() {
                 .setRuntime(getRuntime()).setEnforcementDigest(getEnforcementDigest()).build();
     }
 
-    public ContainerConfiguration getContainerConfiguration(String signatureExtractedDigest) {
+    public ContainerConfiguration getContainerConfigurationBySignature(String signatureExtractedDigest) {
 
         Optional<String> finalEnforcementDigest = (!signatureExtractedDigest.equals("?"))
                 ? Optional.of(signatureExtractedDigest)

diff --git a/....test/src/test/java/org/eclipse/kura/container/provider/ContainerInstanceOptionsTest.java b/....test/src/test/java/org/eclipse/kura/container/provider/ContainerInstanceOptionsTest.java
@@ -764,6 +764,17 @@ public void testEnforcementDigest() {
         thenEnforcementDigestIs("sha256:test");
     }
 
+    @Test
+    public void testGetContainerConfigurationBySignature() {
+        givenDefaultProperties();
+        givenConfigurableGenericDockerServiceOptions();
+
+        whenGetContainerConfigurationBySignature("sha256:extractedThroughSignatureVerification");
+
+        thenEnforcementDigestIs("sha256:extractedThroughSignatureVerification");
+
+    }
+
     private void testMemoryOption(String stringValue, Long longValue) {
         givenDefaultProperties();
         givenMemoryProperty(stringValue);
@@ -1024,6 +1035,10 @@ private void whenGetContainerDescriptor() {
         this.containerDescriptor = this.cgdso.getContainerConfiguration();
     }
 
+    private void whenGetContainerConfigurationBySignature(String signatureExtractedDigest) {
+        this.containerDescriptor = this.cgdso.getContainerConfigurationBySignature(signatureExtractedDigest);
+    }
+
     private void thenEnabledStateIs(boolean b) {
         assertEquals(b, this.enabled);
     }

diff --git a/...rovider.test/src/test/java/org/eclipse/kura/container/provider/ContainerInstanceTest.java b/...rovider.test/src/test/java/org/eclipse/kura/container/provider/ContainerInstanceTest.java
@@ -57,6 +57,7 @@ public class ContainerInstanceTest {
     private static final String CONTAINER_VERIFY_TLOG = "container.signature.verify.transparency.log";
     private static final String CONTAINER_REGISTRY_USERNAME = "registry.username";
     private static final String CONTAINER_REGISTRY_PASSWORD = "registry.password";
+    private static final String CONTAINER_ENFORCEMENT_DIGEST = "enforcement.digest";
 
     private static final ValidationResult FAILED_VALIDATION = new ValidationResult();
 
@@ -399,7 +400,8 @@ public void signatureValidationWorksWithThrowingValidationService() throws KuraE
     }
 
     @Test
-    public void signatureValidationWorksWithAuthentication() throws KuraException, InterruptedException {
+    public void signatureValidationWorksWithAuthenticationWhenNoDigestProvided()
+            throws KuraException, InterruptedException {
         givenContainerOrchestratorWithNoRunningContainers();
         givenContainerOrchestratorReturningOnStart("1234");
         givenContainerInstanceWith(this.mockContainerOrchestrationService);
@@ -425,6 +427,34 @@ public void signatureValidationWorksWithAuthentication() throws KuraException, I
                 new PasswordRegistryCredentials(Optional.empty(), "username", new Password("password")));
     }
 
+    @Test
+    public void signatureValidationNotCalledIfDigestProvided() throws KuraException, InterruptedException {
+        givenContainerOrchestratorWithNoRunningContainers();
+        givenContainerOrchestratorReturningOnStart("1234");
+        givenContainerInstanceWith(this.mockContainerOrchestrationService);
+
+        givenContainerSignatureValidationServiceReturningFailureForAuthenticated("nginx", "latest");
+        givenContainerInstanceWith(this.mockContainerSignatureValidationService);
+
+        givenPropertiesWith(CONTAINER_ENABLED, true);
+        givenPropertiesWith(CONTAINER_NAME, "pippo");
+        givenPropertiesWith(CONTAINER_IMAGE, "nginx");
+        givenPropertiesWith(CONTAINER_IMAGE_TAG, "latest");
+        givenPropertiesWith(CONTAINER_TRUST_ANCHOR, "aRealTrustAnchor ;)");
+        givenPropertiesWith(CONTAINER_VERIFY_TLOG, true);
+        givenPropertiesWith(CONTAINER_REGISTRY_USERNAME, "username");
+        givenPropertiesWith(CONTAINER_REGISTRY_PASSWORD, "password");
+        givenPropertiesWith(CONTAINER_ENFORCEMENT_DIGEST, "sha256:test");
+
+        whenActivateInstanceIsCalledWith(this.properties);
+
+        thenNoExceptionOccurred();
+        thenWaitForContainerInstanceToBecome(CONTAINER_STATE_CREATED);
+        thenStartContainerWasCalledWith(this.properties);
+        thenAuthenticatedVerifySignatureWasNeverCalledFor("nginx", "latest", "aRealTrustAnchor ;)", true,
+                new PasswordRegistryCredentials(Optional.empty(), "username", new Password("password")));
+    }
+
     @After
     public void tearDown() {
         this.containerInstance.deactivate();
@@ -609,6 +639,13 @@ private void thenAuthenticatedVerifySignatureWasCalledFor(String imageName, Stri
                 verifyTlog, passwordRegistryCredentials);
     }
 
+    private void thenAuthenticatedVerifySignatureWasNeverCalledFor(String imageName, String imageTag,
+            String trustAnchor, boolean verifyTlog, PasswordRegistryCredentials passwordRegistryCredentials)
+            throws KuraException {
+        verify(this.mockContainerSignatureValidationService, never()).verify(imageName, imageTag, trustAnchor,
+                verifyTlog, passwordRegistryCredentials);
+    }
+
     private void thenNoExceptionOccurred() {
         String errorMessage = "Empty message";
         if (Objects.nonNull(this.occurredException)) {