diff --git a/go.mod b/go.mod index 0c778fc5c6..d05ebf1bf7 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,6 @@ require ( github.com/docker/docker-credential-helpers v0.8.1 github.com/docker/go-connections v0.5.0 github.com/go-openapi/strfmt v0.23.0 - github.com/go-openapi/swag v0.23.0 github.com/hashicorp/go-retryablehttp v0.7.5 github.com/klauspost/compress v1.17.7 github.com/klauspost/pgzip v1.2.6 @@ -26,7 +25,6 @@ require ( github.com/opencontainers/image-spec v1.1.0 github.com/opencontainers/selinux v1.11.0 github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f - github.com/otiai10/copy v1.14.0 github.com/proglottis/gpgme v0.1.3 github.com/secure-systems-lab/go-securesystemslib v0.8.0 github.com/sigstore/fulcio v1.4.3 @@ -79,6 +77,7 @@ require ( github.com/go-openapi/loads v0.21.2 // indirect github.com/go-openapi/runtime v0.26.0 // indirect github.com/go-openapi/spec v0.20.9 // indirect + github.com/go-openapi/swag v0.23.0 // indirect github.com/go-openapi/validate v0.22.1 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect diff --git a/go.sum b/go.sum index 12b7d5fd94..3fd36bd5c5 100644 --- a/go.sum +++ b/go.sum @@ -316,9 +316,6 @@ github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+ github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f h1:/UDgs8FGMqwnHagNDPGOlts35QkhAZ8by3DR7nMih7M= github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f/go.mod h1:J6OG6YJVEWopen4avK3VNQSnALmmjvniMmni/YFYAwc= -github.com/otiai10/copy v1.14.0 h1:dCI/t1iTdYGtkvCuBG2BgR6KZa83PTclw4U5n2wAllU= -github.com/otiai10/copy v1.14.0/go.mod h1:ECfuL02W+/FkTWZWgQqXPWZgW9oeKCSQ5qVfSc4qc4w= -github.com/otiai10/mint v1.5.1 h1:XaPLeE+9vGbuyEHem1JNk3bYc7KKqyI/na0/mLd/Kks= github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= diff --git a/oci/layout/oci_delete_test.go b/oci/layout/oci_delete_test.go index 7e06456ffd..cf8d878671 100644 --- a/oci/layout/oci_delete_test.go +++ b/oci/layout/oci_delete_test.go @@ -3,6 +3,8 @@ package layout import ( "context" "fmt" + "io" + "io/fs" "os" "path/filepath" "testing" @@ -10,7 +12,6 @@ import ( "github.com/containers/image/v5/types" digest "github.com/opencontainers/go-digest" imgspecv1 "github.com/opencontainers/image-spec/specs-go/v1" - cp "github.com/otiai10/copy" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -275,10 +276,43 @@ func TestReferenceDeleteImage_multipleImages_twoIdenticalReferences(t *testing.T } func loadFixture(t *testing.T, fixtureName string) string { - tmpDir := t.TempDir() - err := cp.Copy(fmt.Sprintf("fixtures/%v/", fixtureName), tmpDir) + destDir := t.TempDir() + srcDir := filepath.Join("fixtures", fixtureName) + err := filepath.WalkDir(srcDir, func(path string, d fs.DirEntry, err error) (retErr error) { + if err != nil { + return err + } + relPath, err := filepath.Rel(srcDir, path) + if err != nil { + return err + } + destPath := filepath.Join(destDir, relPath) + switch d.Type() { + case fs.ModeDir: + return os.MkdirAll(destPath, 0o700) + case 0: // regular file + src, err := os.Open(path) + if err != nil { + return err + } + defer src.Close() + dest, err := os.OpenFile(destPath, os.O_WRONLY|os.O_CREATE|os.O_EXCL, 0o600) + if err != nil { + return err + } + defer func() { + if err := dest.Close(); err != nil && retErr == nil { + retErr = err + } + }() + _, err = io.Copy(dest, src) + return err + default: + return fmt.Errorf("unexpected file type %#v", d.Type()) + } + }) require.NoError(t, err) - return tmpDir + return destDir } func assertBlobExists(t *testing.T, blobsDir string, blobDigest string) { diff --git a/signature/internal/rekor_set_test.go b/signature/internal/rekor_set_test.go index 0040b7b4c2..9aa306caa9 100644 --- a/signature/internal/rekor_set_test.go +++ b/signature/internal/rekor_set_test.go @@ -19,7 +19,6 @@ import ( "time" "github.com/go-openapi/strfmt" - "github.com/go-openapi/swag" "github.com/sigstore/rekor/pkg/generated/models" "github.com/sigstore/sigstore/pkg/cryptoutils" sigstoreSignature "github.com/sigstore/sigstore/pkg/signature" @@ -174,6 +173,11 @@ func TestUntrustedRekorPayloadUnmarshalJSON(t *testing.T) { } } +// stringPtr returns a pointer to the provided string value. +func stringPtr(s string) *string { + return &s +} + func TestVerifyRekorSET(t *testing.T) { cosignRekorKeyPEM, err := os.ReadFile("testdata/rekor.pub") require.NoError(t, err) @@ -250,12 +254,12 @@ func TestVerifyRekorSET(t *testing.T) { cosignSigBytes, err := base64.StdEncoding.DecodeString(string(cosignSigBase64)) require.NoError(t, err) validHashedRekord := models.Hashedrekord{ - APIVersion: swag.String(HashedRekordV001APIVersion), + APIVersion: stringPtr(HashedRekordV001APIVersion), Spec: models.HashedrekordV001Schema{ Data: &models.HashedrekordV001SchemaData{ Hash: &models.HashedrekordV001SchemaDataHash{ - Algorithm: swag.String(models.HashedrekordV001SchemaDataHashAlgorithmSha256), - Value: swag.String(hex.EncodeToString(cosignPayloadSHA256[:])), + Algorithm: stringPtr(models.HashedrekordV001SchemaDataHashAlgorithmSha256), + Value: stringPtr(hex.EncodeToString(cosignPayloadSHA256[:])), }, }, Signature: &models.HashedrekordV001SchemaSignature{ diff --git a/signature/sigstore/rekor/rekor.go b/signature/sigstore/rekor/rekor.go index f8ba6dc3fa..0e778cb93a 100644 --- a/signature/sigstore/rekor/rekor.go +++ b/signature/sigstore/rekor/rekor.go @@ -17,7 +17,6 @@ import ( "github.com/containers/image/v5/signature/internal" signerInternal "github.com/containers/image/v5/signature/sigstore/internal" "github.com/go-openapi/strfmt" - "github.com/go-openapi/swag" rekor "github.com/sigstore/rekor/pkg/client" "github.com/sigstore/rekor/pkg/generated/client" "github.com/sigstore/rekor/pkg/generated/client/entries" @@ -114,17 +113,22 @@ func (u *uploader) uploadEntry(ctx context.Context, proposedEntry models.Propose return resp.GetPayload(), nil } +// stringPtr returns a pointer to the provided string value. +func stringPtr(s string) *string { + return &s +} + // uploadKeyOrCert integrates this code into sigstore/internal.Signer. // Given components of the created signature, it returns a SET that should be added to the signature. func (u *uploader) uploadKeyOrCert(ctx context.Context, keyOrCertBytes []byte, signatureBytes []byte, payloadBytes []byte) ([]byte, error) { payloadHash := sha256.Sum256(payloadBytes) // HashedRecord only accepts SHA-256 proposedEntry := models.Hashedrekord{ - APIVersion: swag.String(internal.HashedRekordV001APIVersion), + APIVersion: stringPtr(internal.HashedRekordV001APIVersion), Spec: models.HashedrekordV001Schema{ Data: &models.HashedrekordV001SchemaData{ Hash: &models.HashedrekordV001SchemaDataHash{ - Algorithm: swag.String(models.HashedrekordV001SchemaDataHashAlgorithmSha256), - Value: swag.String(hex.EncodeToString(payloadHash[:])), + Algorithm: stringPtr(models.HashedrekordV001SchemaDataHashAlgorithmSha256), + Value: stringPtr(hex.EncodeToString(payloadHash[:])), }, }, Signature: &models.HashedrekordV001SchemaSignature{