From 01fe2c06439bab6137bdeb3364f16d652a53e06e Mon Sep 17 00:00:00 2001
From: cpanato <ctadeu@gmail.com>
Date: Tue, 2 Apr 2024 13:48:27 +0200
Subject: [PATCH] fix e2e tests

Signed-off-by: cpanato <ctadeu@gmail.com>
---
 .github/workflows/e2e.yml | 20 ++++++++++----------
 dependencies.yaml         |  8 ++++++--
 sign/sign.go              |  3 +++
 test/e2e/sign_test.go     |  7 ++++++-
 4 files changed, 25 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
index 4888ce7..74ca413 100644
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -6,30 +6,27 @@ on:
       - main
   workflow_dispatch:
 
-
 jobs:
   e2e:
     runs-on: ubuntu-latest
+
     permissions:
       id-token: write
+
     steps:
       - name: Checkout code
         uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+
       - name: Setup golang
         uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
         with:
-          go-version: '1.21'
+          go-version: '1.22'
           check-latest: true
-      - name: Restore cache
-        uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
-        with:
-          path: |
-            ~/go/pkg/mod
-            ~/.cache/go-build
-          key: go-${{ hashFiles('**/go.sum') }}
-          restore-keys: go-
+          cache: true
+
       - name: Run local registry
         run: podman run -d -p 5000:5000 registry:2
+
       - name: Build test image
         uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2.13
         id: test-image
@@ -37,11 +34,14 @@ jobs:
           base-image: scratch
           image: test
           oci: true
+
       - name: Push test image to local registry
+        id: push
         uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2.7.1
         with:
           image: ${{ steps.test-image.outputs.image }}
           registry: localhost:5000
           tls-verify: false
+
       - name: Run e2e tests
         run: go run mage.go E2ETest
diff --git a/dependencies.yaml b/dependencies.yaml
index 5f681d9..107341b 100644
--- a/dependencies.yaml
+++ b/dependencies.yaml
@@ -1,9 +1,13 @@
 ---
 dependencies:
-  - name: go
-    version: 1.21
+  - name: go (GitHub Actions)
+    version: 1.22
     refPaths:
       - path: .github/workflows/e2e.yml
         match: go-version
+
+  - name: go (go.mod)
+    version: 1.21
+    refPaths:
       - path: go.mod
         match: go
diff --git a/sign/sign.go b/sign/sign.go
index 522f246..e912e43 100644
--- a/sign/sign.go
+++ b/sign/sign.go
@@ -187,6 +187,9 @@ func (s *Signer) SignImageWithOptions(options *Options, reference string) (objec
 		return nil, fmt.Errorf("sign reference: %s: %w", reference, err)
 	}
 
+	// remove the reference from the cache in case we called IsImageSigned before signing.
+	s.signedRefs.Delete(reference)
+
 	// After signing, registry consistency may not be there right
 	// away. Retry the image verification if it fails
 	// ref: https://github.com/kubernetes-sigs/promo-tools/issues/536
diff --git a/test/e2e/sign_test.go b/test/e2e/sign_test.go
index 9ee66e6..a92916e 100644
--- a/test/e2e/sign_test.go
+++ b/test/e2e/sign_test.go
@@ -42,7 +42,12 @@ const (
 
 func TestSignImageSuccess(t *testing.T) {
 	// Test the prerequisites
-	signer := sign.New(nil)
+	opts := sign.Default()
+	opts.IgnoreTlog = true
+	opts.CertIdentityRegexp = "https://github.com/kubernetes-sigs/release-sdk/.github/workflows/e2e.yml@.*"
+	opts.CertOidcIssuer = "https://token.actions.githubusercontent.com"
+
+	signer := sign.New(opts)
 	signed, err := signer.IsImageSigned(imageRef)
 	require.Nil(t, err)
 	require.False(t, signed)