Update unit tests for issuer pool

Signed-off-by: Priya Wadhwa <priya@chainguard.dev>
sigstore · Mar 6, 2023 · 0f0c481 · 0f0c481
1 parent a11e8a3
commit 0f0c481
Show file tree

Hide file tree

Showing 9 changed files with 26 additions and 76 deletions.
diff --git a/cmd/app/grpc.go b/cmd/app/grpc.go
@@ -34,6 +34,7 @@ import (
 	gw "github.com/sigstore/fulcio/pkg/generated/protobuf"
 	gw_legacy "github.com/sigstore/fulcio/pkg/generated/protobuf/legacy"
 	"github.com/sigstore/fulcio/pkg/identity"
+	"github.com/sigstore/fulcio/pkg/identity/buildkite"
 	"github.com/sigstore/fulcio/pkg/identity/email"
 	"github.com/sigstore/fulcio/pkg/identity/github"
 	"github.com/sigstore/fulcio/pkg/identity/kubernetes"
@@ -95,48 +96,34 @@ func createGRPCServer(cfg *config.FulcioConfig, ctClient *ctclient.LogClient, ba
 func NewIssuerPool(cfg *config.FulcioConfig) identity.IssuerPool {
 	var ip identity.IssuerPool
 	for _, i := range cfg.OIDCIssuers {
-		ip = append(ip, getIssuer(i))
+		ip = append(ip, getIssuer("", i))
 	}
-	for meta, iss := range cfg.MetaIssuers {
-		re, err := config.MetaRegex(meta)
-		if err != nil {
-			continue // Shouldn't happen, we check parsing the config
-		}
-		if re.MatchString(iss.IssuerURL) {
-			// If it matches, then return a concrete OIDCIssuer
-			// configuration for this issuer URL.
-			oidcIssuer := config.OIDCIssuer{
-				IssuerURL:     iss.IssuerURL,
-				ClientID:      iss.ClientID,
-				Type:          iss.Type,
-				IssuerClaim:   iss.IssuerClaim,
-				SubjectDomain: iss.SubjectDomain,
-			}
-			ip = append(ip, getIssuer(oidcIssuer))
-		} else {
-			fmt.Println("it didn't match")
-			fmt.Println(meta)
-		}
+	for meta, i := range cfg.MetaIssuers {
+		ip = append(ip, getIssuer(meta, i))
 	}
 	return ip
 }
 
-func getIssuer(i config.OIDCIssuer) identity.Issuer {
+func getIssuer(meta string, i config.OIDCIssuer) identity.Issuer {
+	issuerURL := i.IssuerURL
+	if issuerURL == "" {
+		issuerURL = meta
+	}
 	switch i.Type {
 	case config.IssuerTypeEmail:
-		return email.Issuer(i.IssuerURL)
+		return email.Issuer(issuerURL)
 	case config.IssuerTypeGithubWorkflow:
-		return github.Issuer(i.IssuerURL)
+		return github.Issuer(issuerURL)
 	case config.IssuerTypeBuildkiteJob:
-		// TODO: priyawadhwa@
+		return buildkite.Issuer(issuerURL)
 	case config.IssuerTypeKubernetes:
-		return kubernetes.Issuer(i.IssuerURL)
+		return kubernetes.Issuer(issuerURL)
 	case config.IssuerTypeSpiffe:
-		return spiffe.Issuer(i.IssuerURL)
+		return spiffe.Issuer(issuerURL)
 	case config.IssuerTypeURI:
-		return uri.Issuer(i.IssuerURL)
+		return uri.Issuer(issuerURL)
 	case config.IssuerTypeUsername:
-		return username.Issuer(i.IssuerURL)
+		return username.Issuer(issuerURL)
 	}
 	return nil
 }

diff --git a/cmd/app/grpc_test.go b/cmd/app/grpc_test.go
@@ -20,6 +20,7 @@ import (
 	"github.com/google/go-cmp/cmp"
 	"github.com/sigstore/fulcio/pkg/config"
 	"github.com/sigstore/fulcio/pkg/identity"
+	"github.com/sigstore/fulcio/pkg/identity/base"
 	"github.com/sigstore/fulcio/pkg/identity/email"
 	"github.com/sigstore/fulcio/pkg/identity/github"
 	"github.com/sigstore/fulcio/pkg/identity/kubernetes"
@@ -44,7 +45,7 @@ func TestIssuerPool(t *testing.T) {
 	expected := identity.IssuerPool{
 		email.Issuer("https://oauth2.sigstore.dev/auth"),
 	}
-	ignoreOpts := []cmp.Option{email.CmpOptions, spiffe.CmpOptions, github.CmpOptions}
+	ignoreOpts := []cmp.Option{base.CmpOptions}
 	got := NewIssuerPool(cfg)
 	if d := cmp.Diff(expected, got, ignoreOpts...); d != "" {
 		t.Fatal(d)
@@ -119,18 +120,11 @@ func TestGetIssuer(t *testing.T) {
 		},
 	}
 
-	ignoreOpts := []cmp.Option{
-		email.CmpOptions,
-		github.CmpOptions,
-		spiffe.CmpOptions,
-		kubernetes.CmpOptions,
-		uri.CmpOptions,
-		username.CmpOptions,
-	}
+	ignoreOpts := []cmp.Option{base.CmpOptions}
 
 	for _, test := range tests {
 		t.Run(test.description, func(t *testing.T) {
-			got := getIssuer(test.issuer)
+			got := getIssuer("", test.issuer)
 			if d := cmp.Diff(got, test.expected, ignoreOpts...); d != "" {
 				t.Fatal(d)
 			}

diff --git a/pkg/identity/base/issuer.go b/pkg/identity/base/issuer.go
@@ -20,9 +20,15 @@ import (
 	"regexp"
 	"strings"
 
+	"github.com/google/go-cmp/cmp/cmpopts"
 	"github.com/sigstore/fulcio/pkg/identity"
 )
 
+var (
+	// For testing
+	CmpOptions = cmpopts.IgnoreUnexported(baseIssuer{})
+)
+
 type baseIssuer struct {
 	issuerURL string
 }

diff --git a/pkg/identity/email/issuer.go b/pkg/identity/email/issuer.go
@@ -17,16 +17,10 @@ package email
 import (
 	"context"
 
-	"github.com/google/go-cmp/cmp/cmpopts"
 	"github.com/sigstore/fulcio/pkg/identity"
 	"github.com/sigstore/fulcio/pkg/identity/base"
 )
 
-var (
-	// For testing
-	CmpOptions = cmpopts.IgnoreUnexported(emailIssuer{})
-)
-
 type emailIssuer struct {
 	identity.Issuer
 }

diff --git a/pkg/identity/github/issuer.go b/pkg/identity/github/issuer.go
@@ -17,16 +17,10 @@ package github
 import (
 	"context"
 
-	"github.com/google/go-cmp/cmp/cmpopts"
 	"github.com/sigstore/fulcio/pkg/identity"
 	"github.com/sigstore/fulcio/pkg/identity/base"
 )
 
-var (
-	// For testing
-	CmpOptions = cmpopts.IgnoreUnexported(githubIssuer{})
-)
-
 type githubIssuer struct {
 	identity.Issuer
 }

diff --git a/pkg/identity/kubernetes/issuer.go b/pkg/identity/kubernetes/issuer.go
@@ -17,16 +17,10 @@ package kubernetes
 import (
 	"context"
 
-	"github.com/google/go-cmp/cmp/cmpopts"
 	"github.com/sigstore/fulcio/pkg/identity"
 	"github.com/sigstore/fulcio/pkg/identity/base"
 )
 
-var (
-	// For testing
-	CmpOptions = cmpopts.IgnoreUnexported(kubernetesIssuer{})
-)
-
 type kubernetesIssuer struct {
 	identity.Issuer
 }

diff --git a/pkg/identity/spiffe/issuer.go b/pkg/identity/spiffe/issuer.go
@@ -17,16 +17,10 @@ package spiffe
 import (
 	"context"
 
-	"github.com/google/go-cmp/cmp/cmpopts"
 	"github.com/sigstore/fulcio/pkg/identity"
 	"github.com/sigstore/fulcio/pkg/identity/base"
 )
 
-var (
-	// For testing
-	CmpOptions = cmpopts.IgnoreUnexported(spiffeIssuer{})
-)
-
 type spiffeIssuer struct {
 	identity.Issuer
 }

diff --git a/pkg/identity/uri/issuer.go b/pkg/identity/uri/issuer.go
@@ -17,16 +17,10 @@ package uri
 import (
 	"context"
 
-	"github.com/google/go-cmp/cmp/cmpopts"
 	"github.com/sigstore/fulcio/pkg/identity"
 	"github.com/sigstore/fulcio/pkg/identity/base"
 )
 
-var (
-	// For testing
-	CmpOptions = cmpopts.IgnoreUnexported(uriIssuer{})
-)
-
 type uriIssuer struct {
 	identity.Issuer
 }

diff --git a/pkg/identity/username/issuer.go b/pkg/identity/username/issuer.go
@@ -17,17 +17,10 @@ package username
 import (
 	"context"
 
-	"github.com/google/go-cmp/cmp/cmpopts"
 	"github.com/sigstore/fulcio/pkg/identity"
 	"github.com/sigstore/fulcio/pkg/identity/base"
 )
 
-var (
-	// For testing
-	CmpOptions = cmpopts.IgnoreUnexported(usernameIssuer{})
-)
-
-
 type usernameIssuer struct {
 	identity.Issuer
 }