diff --git a/dangerzone/container_utils.py b/dangerzone/container_utils.py index 3a0fbbf..f0735d0 100644 --- a/dangerzone/container_utils.py +++ b/dangerzone/container_utils.py @@ -11,9 +11,7 @@ from .settings import Settings from .util import get_resource_path, get_subprocess_startupinfo OLD_CONTAINER_NAME = "dangerzone.rocks/dangerzone" -CONTAINER_NAME = ( - "ghcr.io/almet/dangerzone/dangerzone" -) # FIXME: Change this to the correct container name +CONTAINER_NAME = "ghcr.io/almet/dangerzone/dangerzone" # FIXME: Change this to the correct container name log = logging.getLogger(__name__) @@ -230,7 +228,9 @@ def get_image_id_by_digest(digest: str) -> str: return process.stdout.decode().strip().split("\n")[0] -def container_pull(image: str, manifest_digest: str, callback: Callable): +def container_pull( + image: str, manifest_digest: str, callback: Optional[Callable] = None +): """Pull a container image from a registry.""" runtime = Runtime() cmd = [str(runtime.path), "pull", f"{image}@sha256:{manifest_digest}"] @@ -242,8 +242,9 @@ def container_pull(image: str, manifest_digest: str, callback: Callable): bufsize=1, ) - for line in process.stdout: # type: ignore - callback(line) + if callback: + for line in process.stdout: # type: ignore + callback(line) process.wait() if process.returncode != 0: diff --git a/dangerzone/updater/signatures.py b/dangerzone/updater/signatures.py index b620c1a..5670443 100644 --- a/dangerzone/updater/signatures.py +++ b/dangerzone/updater/signatures.py @@ -486,7 +486,7 @@ def prepare_airgapped_archive(image_name: str, destination: str) -> None: def upgrade_container_image( - image: str, manifest_digest: str, pubkey: str, callback: Callable + image: str, manifest_digest: str, pubkey: str, callback: Optional[Callable] = None ) -> str: """Verify and upgrade the image to the latest, if signed.""" update_available, remote_digest = registry.is_new_remote_image_available(image) diff --git a/tests/test_signatures.py b/tests/test_signatures.py index b744db8..e7ca24a 100644 --- a/tests/test_signatures.py +++ b/tests/test_signatures.py @@ -278,85 +278,6 @@ def test_stores_signatures_updates_last_log_index(valid_signature, mocker, tmp_p return_value=100, ) - # Call store_signatures - with pytest.raises(errors.SignatureMismatch): - store_signatures(signatures, image_digest, TEST_PUBKEY_PATH) - ("dangerzone.updater.signatures.get_last_log_index",) - # Verify that the signatures file was not created - assert not (signatures_path / f"{image_digest}.json").exists() - - # Verify that the log index file was not updated - assert not (signatures_path / "last_log_index").exists() - - -def test_stores_signatures_updates_last_log_index(valid_signature, mocker, tmp_path): - """Test that store_signatures updates the last log index file.""" - signatures = [valid_signature] - # Extract the digest from the signature - image_digest = Signature(valid_signature).manifest_digest - signatures = [valid_signature, signature_other_digest] - breakpoint() - valid_signature, signature_other_digest, mocker, tmp_path - - """Test that store_signatures raises an error when a signature's digest doesn't match.""" - - image_digest = "sha256:123456" - - # Mock the signatures path - signatures_path = tmp_path / "signatures" - signatures_path.mkdir() - mocker.patch("dangerzone.updater.signatures.SIGNATURES_PATH", signatures_path) - - # Mock get_log_index_from_signatures - mocker.patch( - "dangerzone.updater.signatures.get_log_index_from_signatures", - return_value=100, - ) - - # Mock get_last_log_index - mocker.patch( - "dangerzone.updater.signatures.get_last_log_index", - return_value=50, - ) - - -def test_stores_signatures_updates_last_log_index(): - pass - - # Mock the signatures path - signatures_path = tmp_path / "signatures" - signatures_path.mkdir() - mocker.patch("dangerzone.updater.signatures.SIGNATURES_PATH", signatures_path) - - # Mock get_log_index_from_signatures - mocker.patch( - "dangerzone.updater.signatures.get_log_index_from_signatures", - return_value=100, - ) - - # Mock get_last_log_index - mocker.patch( - "dangerzone.updater.signatures.get_last_log_index", - return_value=50, - ) - - -def test_get_file_digest(): - # Mock the signatures path - signatures_path = tmp_path / "signatures" - signatures_path.mkdir() - mocker.patch("dangerzone.updater.signatures.SIGNATURES_PATH", signatures_path) - - # Create an existing last_log_index file with a lower value - with open(signatures_path / "last_log_index", "w") as f: - f.write("50") - - # Mock get_log_index_from_signatures to return a higher value - mocker.patch( - "dangerzone.updater.signatures.get_log_index_from_signatures", - return_value=100, - ) - # Call store_signatures store_signatures(signatures, image_digest, TEST_PUBKEY_PATH)