Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix #373: skip openssh tests if ssh-keygen is not in PATH #378

Merged
merged 1 commit into from
Jul 19, 2021
Merged

Fix #373: skip openssh tests if ssh-keygen is not in PATH #378

merged 1 commit into from
Jul 19, 2021

Conversation

shibumi
Copy link
Contributor

@shibumi shibumi commented Jul 19, 2021
edited
Loading

This PR tries to solve #373 via checking for the ssh-keygen executable in the path.
Note: The skipped tests will only be shown when adding the -v flag to go test.
The PR has been tested on my local system:

without ssh-keygen in the PATH::

❯ go test -v ./...
=== RUN   TestFromOpenSSH
    sign_test.go:144: skip TestFromOpenSSH: missing ssh-keygen in PATH
--- SKIP: TestFromOpenSSH (0.00s)
=== RUN   TestToOpenSSH
    sign_test.go:200: skip TestToOpenSSH: missing ssh-keygen in PATH
--- SKIP: TestToOpenSSH (0.00s)
=== RUN   TestRoundTrip
=== RUN   TestRoundTrip/rsa
=== RUN   TestRoundTrip/ed25519
--- PASS: TestRoundTrip (0.02s)
    --- PASS: TestRoundTrip/rsa (0.01s)
    --- PASS: TestRoundTrip/ed25519 (0.00s)
PASS

with ssh-keygen in the PATH:

❯ go test -v ./...                                    
=== RUN   TestFromOpenSSH
=== RUN   TestFromOpenSSH/rsa
    sign_test.go:159: cmd /usr/bin/ssh-keygen -Y sign -n file -f /tmp/TestFromOpenSSH_rsa719251063/001/id /tmp/TestFromOpenSSH_rsa719251063/001/data: Signing file /tmp/TestFromOpenSSH_rsa719251063/001/data
        Write signature to /tmp/TestFromOpenSSH_rsa719251063/001/data.sig
=== RUN   TestFromOpenSSH/ed25519
    sign_test.go:159: cmd /usr/bin/ssh-keygen -Y sign -n file -f /tmp/TestFromOpenSSH_ed255193943236978/001/id /tmp/TestFromOpenSSH_ed255193943236978/001/data: Signing file /tmp/TestFromOpenSSH_ed255193943236978/001/data
        Write signature to /tmp/TestFromOpenSSH_ed255193943236978/001/data.sig
--- PASS: TestFromOpenSSH (0.02s)
    --- PASS: TestFromOpenSSH/rsa (0.01s)
    --- PASS: TestFromOpenSSH/ed25519 (0.01s)
=== RUN   TestToOpenSSH
=== RUN   TestToOpenSSH/rsa
    sign_test.go:223: cmd /usr/bin/ssh-keygen -Y verify -f /tmp/TestToOpenSSH_rsa2114079591/001/allowed_signer -I test@rekor.dev -n file -s /tmp/TestToOpenSSH_rsa2114079591/001/oursig: Good "file" signature for test@rekor.dev with RSA key SHA256:IkDRT/GXJRFrSruMf8F+ilGMaW+kFf2D4quUApK8p6E
    sign_test.go:227: cmd /usr/bin/ssh-keygen -Y verify -f /tmp/TestToOpenSSH_rsa2114079591/001/allowed_signer -I othertest@rekor.dev -n file -s /tmp/TestToOpenSSH_rsa2114079591/001/oursig: Could not verify signature.
    sign_test.go:232: cmd /usr/bin/ssh-keygen -Y check-novalidate -n file -s /tmp/TestToOpenSSH_rsa2114079591/001/oursig: Signature verification failed: incorrect signature
        Could not verify signature.
=== RUN   TestToOpenSSH/ed25519
    sign_test.go:223: cmd /usr/bin/ssh-keygen -Y verify -f /tmp/TestToOpenSSH_ed25519648723907/001/allowed_signer -I test@rekor.dev -n file -s /tmp/TestToOpenSSH_ed25519648723907/001/oursig: Good "file" signature for test@rekor.dev with ED25519 key SHA256:nTfAQgoE0o29gjmx7bF3pSliPLQ/UVdzeK2QFM4qEw4
    sign_test.go:227: cmd /usr/bin/ssh-keygen -Y verify -f /tmp/TestToOpenSSH_ed25519648723907/001/allowed_signer -I othertest@rekor.dev -n file -s /tmp/TestToOpenSSH_ed25519648723907/001/oursig: Could not verify signature.
    sign_test.go:232: cmd /usr/bin/ssh-keygen -Y check-novalidate -n file -s /tmp/TestToOpenSSH_ed25519648723907/001/oursig: Signature verification failed: incorrect signature
        Could not verify signature.
--- PASS: TestToOpenSSH (0.06s)
    --- PASS: TestToOpenSSH/rsa (0.03s)
    --- PASS: TestToOpenSSH/ed25519 (0.03s)
=== RUN   TestRoundTrip
=== RUN   TestRoundTrip/rsa
=== RUN   TestRoundTrip/ed25519
--- PASS: TestRoundTrip (0.01s)
    --- PASS: TestRoundTrip/rsa (0.00s)
    --- PASS: TestRoundTrip/ed25519 (0.00s)
PASS

@shibumi
skip openssh tests if ssh-keygen is not in PATH
448fd41 
This commit adds a PATH lookup to the openSSH tests.
This prevents failing tests on systems with no ssh-keygen
in PATH.

Signed-off-by: Christian Rebischke <chris@shibumi.dev>
@shibumi shibumi force-pushed the shibumi/check-for-ssh-keygen branch from 078cfd1 to 448fd41 Compare July 19, 2021 00:37
@dlorenc dlorenc merged commit 12077f5 into sigstore:main Jul 19, 2021
@shibumi shibumi deleted the shibumi/check-for-ssh-keygen branch July 19, 2021 01:23
@shibumi shibumi mentioned this pull request Jul 19, 2021
Closed
@cpanato cpanato added this to the 0.3.0 milestone Jul 19, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dlorenc dlorenc dlorenc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.3.0
Development

Successfully merging this pull request may close these issues.
3 participants
@shibumi @dlorenc @cpanato