Skip to content

Commit 351e13c

Browse files
JeromeJuJeromeJu
committed
Change to not referencing Task Object Interface
This commit changes the Task Object reference logics to get prepared for potential removal and restriction on usage of the v1beta1 Task Interface as it would not be moved forward to v1.
1 parent c752a36 commit 351e13c

File tree

2 files changed

+12
-12
lines changed

2 files changed

+12
-12
lines changed

pkg/trustedresources/verify.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ const (
4141

4242
// VerifyTask verifies the signature and public key against task.
4343
// source is from ConfigSource.URI, which will be used to match policy patterns. k8s is used to fetch secret from cluster
44-
func VerifyTask(ctx context.Context, taskObj v1beta1.TaskObject, k8s kubernetes.Interface, source string, policies []*v1alpha1.VerificationPolicy) error {
44+
func VerifyTask(ctx context.Context, taskObj v1beta1.Task, k8s kubernetes.Interface, source string, policies []*v1alpha1.VerificationPolicy) error {
4545
tm, signature, err := prepareObjectMeta(taskObj.TaskMetadata())
4646
if err != nil {
4747
return err

pkg/trustedresources/verify_test.go

+11-11
Original file line numberDiff line numberDiff line change
@@ -138,7 +138,7 @@ func TestVerifyTask_Configmap_Success(t *testing.T) {
138138
t.Fatal("fail to sign task", err)
139139
}
140140

141-
err = VerifyTask(ctx, signedTask, nil, "", []*v1alpha1.VerificationPolicy{})
141+
err = VerifyTask(ctx, *signedTask, nil, "", []*v1alpha1.VerificationPolicy{})
142142
if err != nil {
143143
t.Errorf("VerifyTask() get err %v", err)
144144
}
@@ -161,7 +161,7 @@ func TestVerifyTask_Configmap_Error(t *testing.T) {
161161

162162
tcs := []struct {
163163
name string
164-
task v1beta1.TaskObject
164+
task *v1beta1.Task
165165
keypath string
166166
expectedError error
167167
}{{
@@ -185,7 +185,7 @@ func TestVerifyTask_Configmap_Error(t *testing.T) {
185185
for _, tc := range tcs {
186186
t.Run(tc.name, func(t *testing.T) {
187187
ctx = test.SetupTrustedResourceKeyConfig(ctx, tc.keypath, config.EnforceResourceVerificationMode)
188-
err := VerifyTask(ctx, tc.task, nil, "", []*v1alpha1.VerificationPolicy{})
188+
err := VerifyTask(ctx, *tc.task, nil, "", []*v1alpha1.VerificationPolicy{})
189189
if !errors.Is(err, tc.expectedError) {
190190
t.Errorf("VerifyTask got: %v, want: %v", err, tc.expectedError)
191191
}
@@ -243,7 +243,7 @@ func TestVerifyTask_VerificationPolicy_Success(t *testing.T) {
243243

244244
tcs := []struct {
245245
name string
246-
task v1beta1.TaskObject
246+
task *v1beta1.Task
247247
source string
248248
signer signature.SignerVerifier
249249
}{{
@@ -262,7 +262,7 @@ func TestVerifyTask_VerificationPolicy_Success(t *testing.T) {
262262

263263
for _, tc := range tcs {
264264
t.Run(tc.name, func(t *testing.T) {
265-
err := VerifyTask(ctx, tc.task, k8sclient, tc.source, vps)
265+
err := VerifyTask(ctx, *tc.task, k8sclient, tc.source, vps)
266266
if err != nil {
267267
t.Fatalf("VerifyTask() get err %v", err)
268268
}
@@ -287,31 +287,31 @@ func TestVerifyTask_VerificationPolicy_Error(t *testing.T) {
287287

288288
tcs := []struct {
289289
name string
290-
task v1beta1.TaskObject
290+
task v1beta1.Task
291291
source string
292292
verificationPolicy []*v1alpha1.VerificationPolicy
293293
expectedError error
294294
}{{
295295
name: "modified Task fails verification",
296-
task: tamperedTask,
296+
task: *tamperedTask,
297297
source: "git+https://github.com/tektoncd/catalog.git",
298298
verificationPolicy: vps,
299299
expectedError: ErrorResourceVerificationFailed,
300300
}, {
301301
name: "task not matching pattern fails verification",
302-
task: signedTask,
302+
task: *signedTask,
303303
source: "wrong source",
304304
verificationPolicy: vps,
305305
expectedError: ErrorNoMatchedPolicies,
306306
}, {
307307
name: "verification fails with empty policy",
308-
task: tamperedTask,
308+
task: *tamperedTask,
309309
source: "git+https://github.com/tektoncd/catalog.git",
310310
verificationPolicy: []*v1alpha1.VerificationPolicy{},
311311
expectedError: ErrorEmptyVerificationConfig,
312312
}, {
313313
name: "Verification fails with regex error",
314-
task: signedTask,
314+
task: *signedTask,
315315
source: "git+https://github.com/tektoncd/catalog.git",
316316
verificationPolicy: []*v1alpha1.VerificationPolicy{
317317
{
@@ -328,7 +328,7 @@ func TestVerifyTask_VerificationPolicy_Error(t *testing.T) {
328328
expectedError: ErrorRegexMatch,
329329
}, {
330330
name: "Verification fails with error from policy",
331-
task: signedTask,
331+
task: *signedTask,
332332
source: "git+https://github.com/tektoncd/catalog.git",
333333
verificationPolicy: []*v1alpha1.VerificationPolicy{
334334
{

0 commit comments

Comments
 (0)