image-rs: update cosign signature verification unit test

This commit deletes a duplicated unit case for cosign signature scheme. Also, the original cosign signed test image is based on busybox, thus a successfully pulling for that image (busybox) via nydus-snapshotter would cause another pulling with policy preventing the image successful. This is because of some logic inside nydus-snapshotter. To handle this, we update the signed image to be a different one from busybox. Separately we will fix this on the snapshotter side. Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
Xynnn007 · Aug 9, 2024 · 04be400 · 04be400
1 parent 271e5a3
commit 04be400
Showing 1 changed file with 1 addition and 12 deletions.
diff --git a/image-rs/src/signature/mechanism/cosign/mod.rs b/image-rs/src/signature/mechanism/cosign/mod.rs
@@ -187,7 +187,7 @@ mod tests {
     // All the test images are the same image, but different
     // registry and repository
     const IMAGE_DIGEST: &str =
-        "sha256:7bd0c945d7e4cc2ce5c21d449ba07eb89c8e6c28085edbcf6f5fa4bf90e7eedc";
+        "sha256:10e0ec4c7663b5f9be6efd16d8ceec760efe5377b9a0762ef3f51101ac08b7e8";
 
     #[rstest]
     #[case(
@@ -339,17 +339,6 @@ mod tests {
         true,
         ""
     )]
-    #[case(
-        &format!("\
-        {{\
-            \"type\": \"sigstoreSigned\",\
-            \"keyPath\": \"{}/test_data/signature/cosign/cosign1.pub\"\
-        }}", 
-        std::env::current_dir().expect("get current dir").to_str().expect("get current dir")),
-        "ghcr.io/confidential-containers/test-container-image-rs:cosign-signed",
-        true,
-        ""
-    )]
     #[tokio::test]
     #[serial]
     async fn verify_signature(