mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-04-28 09:52:37 +02:00
Make the upgrade_container_image() callback argument optional
This commit is contained in:
Alexis Métaireau
parent
c9a6689271
commit
18331d1988
3 changed files with 8 additions and 86 deletions
|
|
@ -11,9 +11,7 @@ from .settings import Settings
|
|||
from .util import get_resource_path, get_subprocess_startupinfo
|
||||
|
||||
OLD_CONTAINER_NAME = "dangerzone.rocks/dangerzone"
|
||||
CONTAINER_NAME = (
|
||||
"ghcr.io/almet/dangerzone/dangerzone"
|
||||
) # FIXME: Change this to the correct container name
|
||||
CONTAINER_NAME = "ghcr.io/almet/dangerzone/dangerzone" # FIXME: Change this to the correct container name
|
||||
|
||||
log = logging.getLogger(__name__)
|
||||
|
||||
|
|
@ -230,7 +228,9 @@ def get_image_id_by_digest(digest: str) -> str:
|
|||
return process.stdout.decode().strip().split("\n")[0]
|
||||
|
||||
|
||||
def container_pull(image: str, manifest_digest: str, callback: Callable):
|
||||
def container_pull(
|
||||
image: str, manifest_digest: str, callback: Optional[Callable] = None
|
||||
):
|
||||
"""Pull a container image from a registry."""
|
||||
runtime = Runtime()
|
||||
cmd = [str(runtime.path), "pull", f"{image}@sha256:{manifest_digest}"]
|
||||
|
|
@ -242,8 +242,9 @@ def container_pull(image: str, manifest_digest: str, callback: Callable):
|
|||
bufsize=1,
|
||||
)
|
||||
|
||||
for line in process.stdout: # type: ignore
|
||||
callback(line)
|
||||
if callback:
|
||||
for line in process.stdout: # type: ignore
|
||||
callback(line)
|
||||
|
||||
process.wait()
|
||||
if process.returncode != 0:
|
||||
|
|
|
|||
|
|
@ -486,7 +486,7 @@ def prepare_airgapped_archive(image_name: str, destination: str) -> None:
|
|||
|
||||
|
||||
def upgrade_container_image(
|
||||
image: str, manifest_digest: str, pubkey: str, callback: Callable
|
||||
image: str, manifest_digest: str, pubkey: str, callback: Optional[Callable] = None
|
||||
) -> str:
|
||||
"""Verify and upgrade the image to the latest, if signed."""
|
||||
update_available, remote_digest = registry.is_new_remote_image_available(image)
|
||||
|
|
|
|||
|
|
@ -278,85 +278,6 @@ def test_stores_signatures_updates_last_log_index(valid_signature, mocker, tmp_p
|
|||
return_value=100,
|
||||
)
|
||||
|
||||
# Call store_signatures
|
||||
with pytest.raises(errors.SignatureMismatch):
|
||||
store_signatures(signatures, image_digest, TEST_PUBKEY_PATH)
|
||||
("dangerzone.updater.signatures.get_last_log_index",)
|
||||
# Verify that the signatures file was not created
|
||||
assert not (signatures_path / f"{image_digest}.json").exists()
|
||||
|
||||
# Verify that the log index file was not updated
|
||||
assert not (signatures_path / "last_log_index").exists()
|
||||
|
||||
|
||||
def test_stores_signatures_updates_last_log_index(valid_signature, mocker, tmp_path):
|
||||
"""Test that store_signatures updates the last log index file."""
|
||||
signatures = [valid_signature]
|
||||
# Extract the digest from the signature
|
||||
image_digest = Signature(valid_signature).manifest_digest
|
||||
signatures = [valid_signature, signature_other_digest]
|
||||
breakpoint()
|
||||
valid_signature, signature_other_digest, mocker, tmp_path
|
||||
|
||||
"""Test that store_signatures raises an error when a signature's digest doesn't match."""
|
||||
|
||||
image_digest = "sha256:123456"
|
||||
|
||||
# Mock the signatures path
|
||||
signatures_path = tmp_path / "signatures"
|
||||
signatures_path.mkdir()
|
||||
mocker.patch("dangerzone.updater.signatures.SIGNATURES_PATH", signatures_path)
|
||||
|
||||
# Mock get_log_index_from_signatures
|
||||
mocker.patch(
|
||||
"dangerzone.updater.signatures.get_log_index_from_signatures",
|
||||
return_value=100,
|
||||
)
|
||||
|
||||
# Mock get_last_log_index
|
||||
mocker.patch(
|
||||
"dangerzone.updater.signatures.get_last_log_index",
|
||||
return_value=50,
|
||||
)
|
||||
|
||||
|
||||
def test_stores_signatures_updates_last_log_index():
|
||||
pass
|
||||
|
||||
# Mock the signatures path
|
||||
signatures_path = tmp_path / "signatures"
|
||||
signatures_path.mkdir()
|
||||
mocker.patch("dangerzone.updater.signatures.SIGNATURES_PATH", signatures_path)
|
||||
|
||||
# Mock get_log_index_from_signatures
|
||||
mocker.patch(
|
||||
"dangerzone.updater.signatures.get_log_index_from_signatures",
|
||||
return_value=100,
|
||||
)
|
||||
|
||||
# Mock get_last_log_index
|
||||
mocker.patch(
|
||||
"dangerzone.updater.signatures.get_last_log_index",
|
||||
return_value=50,
|
||||
)
|
||||
|
||||
|
||||
def test_get_file_digest():
|
||||
# Mock the signatures path
|
||||
signatures_path = tmp_path / "signatures"
|
||||
signatures_path.mkdir()
|
||||
mocker.patch("dangerzone.updater.signatures.SIGNATURES_PATH", signatures_path)
|
||||
|
||||
# Create an existing last_log_index file with a lower value
|
||||
with open(signatures_path / "last_log_index", "w") as f:
|
||||
f.write("50")
|
||||
|
||||
# Mock get_log_index_from_signatures to return a higher value
|
||||
mocker.patch(
|
||||
"dangerzone.updater.signatures.get_log_index_from_signatures",
|
||||
return_value=100,
|
||||
)
|
||||
|
||||
# Call store_signatures
|
||||
store_signatures(signatures, image_digest, TEST_PUBKEY_PATH)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue