e2e: don't mix e2e and regular utilities (#2672)

E2E utilities should be only defined in test files and
should not be mixed with the common function in pkg/util.
Go modules/vendoring makes no filtering based on build tags
and so all the dependencies needed for E2E become dependencies
to any package that internally imports pkg/util.

Signed-off-by: Tonis Tiigi <[email protected]>

Author: tonistiigi

cmd/rekor-cli/get_e2e_test.go

@@ -20,16 +20,16 @@ package main
 import (
 	"testing"
 
-	"github.com/sigstore/rekor/pkg/util"
+	e2eutil "github.com/sigstore/rekor/pkg/util/e2eutil"
 )
 
 func TestGetNonExistentIndex(t *testing.T) {
 	// this index is extremely likely to not exist
-	out := util.RunCliErr(t, "get", "--log-index", "100000000")
-	util.OutputContains(t, out, "404")
+	out := e2eutil.RunCliErr(t, "get", "--log-index", "100000000")
+	e2eutil.OutputContains(t, out, "404")
 }
 func TestGetNonExistentUUID(t *testing.T) {
 	// this uuid is extremely likely to not exist
-	out := util.RunCliErr(t, "get", "--uuid", "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff")
-	util.OutputContains(t, out, "404")
+	out := e2eutil.RunCliErr(t, "get", "--uuid", "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff")
+	e2eutil.OutputContains(t, out, "404")
 }

cmd/rekor-cli/loginfo_e2e_test.go

@@ -21,7 +21,7 @@ import (
 	"sync"
 	"testing"
 
-	"github.com/sigstore/rekor/pkg/util"
+	e2eutil "github.com/sigstore/rekor/pkg/util/e2eutil"
 )
 
 var (
@@ -30,9 +30,9 @@ var (
 
 func TestLogInfo(t *testing.T) {
 	once.Do(func() {
-		util.SetupTestData(t)
+		e2eutil.SetupTestData(t)
 	})
 	// TODO: figure out some way to check the length, add something, and make sure the length increments!
-	out := util.RunCli(t, "loginfo")
-	util.OutputContains(t, out, "Verification Successful!")
+	out := e2eutil.RunCli(t, "loginfo")
+	e2eutil.OutputContains(t, out, "Verification Successful!")
 }

cmd/rekor-cli/logproof_e2e_test.go

@@ -20,11 +20,11 @@ package main
 import (
 	"testing"
 
-	"github.com/sigstore/rekor/pkg/util"
+	e2eutil "github.com/sigstore/rekor/pkg/util/e2eutil"
 )
 
 // TestLogProofLastSizeBiggerThanCurrentLog tests that asking for a consistency proof for a size greater than the current log
 func TestLogProofLastSizeBiggerThanCurrentLog(t *testing.T) {
-	out := util.RunCliErr(t, "logproof", "--last-size", "14212414124124124")
-	util.OutputContains(t, out, "400")
+	out := e2eutil.RunCliErr(t, "logproof", "--last-size", "14212414124124124")
+	e2eutil.OutputContains(t, out, "400")
 }

cmd/rekor-cli/verify_e2e_test.go

@@ -20,11 +20,11 @@ package main
 import (
 	"testing"
 
-	"github.com/sigstore/rekor/pkg/util"
+	e2eutil "github.com/sigstore/rekor/pkg/util/e2eutil"
 )
 
 func TestVerifyNonExistentIndex(t *testing.T) {
 	// this index is extremely likely to not exist
-	out := util.RunCliErr(t, "verify", "--log-index", "100000000")
-	util.OutputContains(t, out, "entry in log cannot be located")
+	out := e2eutil.RunCliErr(t, "verify", "--log-index", "100000000")
+	e2eutil.OutputContains(t, out, "entry in log cannot be located")
 }

cmd/rekor-server/e2e_test.go

@@ -38,34 +38,33 @@ import (
 	"testing"
 
 	"github.com/sigstore/rekor/pkg/sharding"
-
-	"github.com/sigstore/rekor/pkg/util"
+	e2eutil "github.com/sigstore/rekor/pkg/util/e2eutil"
 )
 
 func TestDuplicates(t *testing.T) {
 	artifactPath := filepath.Join(t.TempDir(), "artifact")
 	sigPath := filepath.Join(t.TempDir(), "signature.asc")
 
-	util.CreatedPGPSignedArtifact(t, artifactPath, sigPath)
+	e2eutil.CreatedPGPSignedArtifact(t, artifactPath, sigPath)
 
 	// Write the public key to a file
 	pubPath := filepath.Join(t.TempDir(), "pubKey.asc")
-	if err := ioutil.WriteFile(pubPath, []byte(util.PubKey), 0644); err != nil {
+	if err := ioutil.WriteFile(pubPath, []byte(e2eutil.PubKey), 0644); err != nil {
 		t.Fatal(err)
 	}
 
 	// Now upload to rekor!
-	out := util.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath, "--public-key", pubPath)
-	util.OutputContains(t, out, "Created entry at")
+	out := e2eutil.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath, "--public-key", pubPath)
+	e2eutil.OutputContains(t, out, "Created entry at")
 
 	// Now upload the same one again, we should get a dupe entry.
-	out = util.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath, "--public-key", pubPath)
-	util.OutputContains(t, out, "Entry already exists")
+	out = e2eutil.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath, "--public-key", pubPath)
+	e2eutil.OutputContains(t, out, "Entry already exists")
 
 	// Now do a new one, we should get a new entry
-	util.CreatedPGPSignedArtifact(t, artifactPath, sigPath)
-	out = util.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath, "--public-key", pubPath)
-	util.OutputContains(t, out, "Created entry at")
+	e2eutil.CreatedPGPSignedArtifact(t, artifactPath, sigPath)
+	out = e2eutil.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath, "--public-key", pubPath)
+	e2eutil.OutputContains(t, out, "Created entry at")
 }
 
 // Smoke test to ensure we're publishing and recording metrics when an API is
@@ -143,7 +142,7 @@ func TestEnvVariableValidation(t *testing.T) {
 	os.Setenv("REKOR_FORMAT", "bogus")
 	defer os.Unsetenv("REKOR_FORMAT")
 
-	util.RunCliErr(t, "loginfo")
+	e2eutil.RunCliErr(t, "loginfo")
 }
 func TestGetCLI(t *testing.T) {
 	// Create something and add it to the log
@@ -153,31 +152,31 @@ func TestGetCLI(t *testing.T) {
 		os.Remove(artifactPath)
 		os.Remove(sigPath)
 	})
-	util.CreatedPGPSignedArtifact(t, artifactPath, sigPath)
+	e2eutil.CreatedPGPSignedArtifact(t, artifactPath, sigPath)
 
 	// Write the public key to a file
 	pubPath := filepath.Join(t.TempDir(), "pubKey.asc")
-	if err := ioutil.WriteFile(pubPath, []byte(util.PubKey), 0644); err != nil {
+	if err := ioutil.WriteFile(pubPath, []byte(e2eutil.PubKey), 0644); err != nil {
 		t.Error(err)
 	}
 	t.Cleanup(func() {
 		os.Remove(pubPath)
 	})
-	out := util.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath, "--public-key", pubPath)
-	util.OutputContains(t, out, "Created entry at")
+	out := e2eutil.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath, "--public-key", pubPath)
+	e2eutil.OutputContains(t, out, "Created entry at")
 
-	uuid, err := sharding.GetUUIDFromIDString(util.GetUUIDFromUploadOutput(t, out))
+	uuid, err := sharding.GetUUIDFromIDString(e2eutil.GetUUIDFromUploadOutput(t, out))
 	if err != nil {
 		t.Error(err)
 	}
 
 	// since we at least have 1 valid entry, check the log at index 0
-	util.RunCli(t, "get", "--log-index", "0")
+	e2eutil.RunCli(t, "get", "--log-index", "0")
 
-	out = util.RunCli(t, "get", "--format=json", "--uuid", uuid)
+	out = e2eutil.RunCli(t, "get", "--format=json", "--uuid", uuid)
 
 	// The output here should be in JSON with this structure:
-	g := util.GetOut{}
+	g := e2eutil.GetOut{}
 	if err := json.Unmarshal([]byte(out), &g); err != nil {
 		t.Error(err)
 	}
@@ -186,35 +185,35 @@ func TestGetCLI(t *testing.T) {
 		t.Errorf("Expected IntegratedTime to be set. Got %s", out)
 	}
 	// Get it with the logindex as well
-	util.RunCli(t, "get", "--format=json", "--log-index", strconv.Itoa(g.LogIndex))
+	e2eutil.RunCli(t, "get", "--format=json", "--log-index", strconv.Itoa(g.LogIndex))
 
 	// check index via the file and public key to ensure that the index has updated correctly
-	out = util.RunCli(t, "search", "--artifact", artifactPath)
-	util.OutputContains(t, out, uuid)
+	out = e2eutil.RunCli(t, "search", "--artifact", artifactPath)
+	e2eutil.OutputContains(t, out, uuid)
 
-	out = util.RunCli(t, "search", "--public-key", pubPath)
-	util.OutputContains(t, out, uuid)
+	out = e2eutil.RunCli(t, "search", "--public-key", pubPath)
+	e2eutil.OutputContains(t, out, uuid)
 
 	artifactBytes, err := ioutil.ReadFile(artifactPath)
 	if err != nil {
 		t.Error(err)
 	}
 	sha := sha256.Sum256(artifactBytes)
 
-	out = util.RunCli(t, "search", "--sha", fmt.Sprintf("sha256:%s", hex.EncodeToString(sha[:])))
-	util.OutputContains(t, out, uuid)
+	out = e2eutil.RunCli(t, "search", "--sha", fmt.Sprintf("sha256:%s", hex.EncodeToString(sha[:])))
+	e2eutil.OutputContains(t, out, uuid)
 
 	// Exercise GET with the new EntryID (TreeID + UUID)
 	tid := getTreeID(t)
 	entryID, err := sharding.CreateEntryIDFromParts(fmt.Sprintf("%x", tid), uuid)
 	if err != nil {
 		t.Error(err)
 	}
-	out = util.RunCli(t, "get", "--format=json", "--uuid", entryID.ReturnEntryIDString())
+	out = e2eutil.RunCli(t, "get", "--format=json", "--uuid", entryID.ReturnEntryIDString())
 }
 func getTreeID(t *testing.T) int64 {
 	t.Helper()
-	out := util.RunCli(t, "loginfo")
+	out := e2eutil.RunCli(t, "loginfo")
 	tidStr := strings.TrimSpace(strings.Split(out, "TreeID: ")[1])
 	tid, err := strconv.ParseInt(tidStr, 10, 64)
 	if err != nil {
@@ -224,11 +223,11 @@ func getTreeID(t *testing.T) int64 {
 	return tid
 }
 func TestSearchNoEntriesRC1(t *testing.T) {
-	util.RunCliErr(t, "search", "--email", "[email protected]")
+	e2eutil.RunCliErr(t, "search", "--email", "[email protected]")
 }
 func TestHostnameInSTH(t *testing.T) {
 	// get ID of container
-	c := exec.Command("docker","ps","-q","-f","name=rekor-server")
+	c := exec.Command("docker", "ps", "-q", "-f", "name=rekor-server")
 	b, err := c.CombinedOutput()
 	if err != nil {
 		t.Fatal(err)
@@ -261,19 +260,19 @@ func rekorServer() string {
 func TestSearchSHA512(t *testing.T) {
 	sha512 := "c7694a1112ea1404a3c5852bdda04c2cc224b3567ef6ceb8204dbf2b382daacfc6837ee2ed9d5b82c90b880a3c7289778dbd5a8c2c08193459bcf7bd44581ed0"
 	var out string
-	out = util.RunCli(t, "upload", "--type", "intoto:0.0.2",
+	out = e2eutil.RunCli(t, "upload", "--type", "intoto:0.0.2",
 		"--artifact", "tests/envelope.sha512",
 		"--pki-format", "x509",
 		"--public-key", "tests/test_sha512.pub")
-	util.OutputContains(t, out, "Created entry at")
-	uuid := util.GetUUIDFromTimestampOutput(t, out)
-	out = util.RunCli(t, "search", "--sha", fmt.Sprintf("sha512:%s", sha512))
-	util.OutputContains(t, out, uuid)
+	e2eutil.OutputContains(t, out, "Created entry at")
+	uuid := e2eutil.GetUUIDFromTimestampOutput(t, out)
+	out = e2eutil.RunCli(t, "search", "--sha", fmt.Sprintf("sha512:%s", sha512))
+	e2eutil.OutputContains(t, out, uuid)
 }
 func TestVerifyNonExistentUUID(t *testing.T) {
 	// this uuid is extremely likely to not exist
-	out := util.RunCliErr(t, "verify", "--uuid", "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff")
-	util.OutputContains(t, out, "entry in log cannot be located")
+	out := e2eutil.RunCliErr(t, "verify", "--uuid", "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff")
+	e2eutil.OutputContains(t, out, "entry in log cannot be located")
 
 	// Check response code
 	tid := getTreeID(t)

pkg/pki/minisign/minisign_e2e_test.go

@@ -23,7 +23,7 @@ import (
 	"strings"
 	"testing"
 
-	"github.com/sigstore/rekor/pkg/util"
+	e2eutil "github.com/sigstore/rekor/pkg/util/e2eutil"
 )
 
 func TestMinisign(t *testing.T) {
@@ -32,40 +32,40 @@ func TestMinisign(t *testing.T) {
 	pubPath := filepath.Join(t.TempDir(), "minisign.pub")
 
 	// Set an empty password, we have to hit enter twice to confirm
-	util.Run(t, "\n\n", "minisign", "-G", "-s", keyPath, "-p", pubPath)
+	e2eutil.Run(t, "\n\n", "minisign", "-G", "-s", keyPath, "-p", pubPath)
 
 	// Create a random artifact and sign it.
 	artifactPath := filepath.Join(t.TempDir(), "artifact")
 	sigPath := filepath.Join(t.TempDir(), "signature.asc")
-	util.CreateArtifact(t, artifactPath)
+	e2eutil.CreateArtifact(t, artifactPath)
 
 	// Send in one empty password over stdin
-	out := util.Run(t, "\n", "minisign", "-S", "-s", keyPath, "-m", artifactPath, "-x", sigPath)
+	out := e2eutil.Run(t, "\n", "minisign", "-S", "-s", keyPath, "-m", artifactPath, "-x", sigPath)
 	t.Log(out)
 
 	// Now upload to the log!
-	out = util.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath,
+	out = e2eutil.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath,
 		"--public-key", pubPath, "--pki-format", "minisign")
-	util.OutputContains(t, out, "Created entry at")
+	e2eutil.OutputContains(t, out, "Created entry at")
 
-	uuidA := util.GetUUIDFromUploadOutput(t, out)
+	uuidA := e2eutil.GetUUIDFromUploadOutput(t, out)
 
-	out = util.RunCli(t, "verify", "--artifact", artifactPath, "--signature", sigPath,
+	out = e2eutil.RunCli(t, "verify", "--artifact", artifactPath, "--signature", sigPath,
 		"--public-key", pubPath, "--pki-format", "minisign")
-	util.OutputContains(t, out, "Inclusion Proof")
+	e2eutil.OutputContains(t, out, "Inclusion Proof")
 
-	out = util.RunCli(t, "search", "--public-key", pubPath, "--pki-format", "minisign")
-	util.OutputContains(t, out, uuidA)
+	out = e2eutil.RunCli(t, "search", "--public-key", pubPath, "--pki-format", "minisign")
+	e2eutil.OutputContains(t, out, uuidA)
 
 	// crease a second artifact and sign it
 	artifactPath_B := filepath.Join(t.TempDir(), "artifact2")
-	util.CreateArtifact(t, artifactPath_B)
-	out = util.Run(t, "\n", "minisign", "-S", "-s", keyPath, "-m", artifactPath_B, "-x", sigPath)
+	e2eutil.CreateArtifact(t, artifactPath_B)
+	out = e2eutil.Run(t, "\n", "minisign", "-S", "-s", keyPath, "-m", artifactPath_B, "-x", sigPath)
 	// Now upload to the log!
-	out = util.RunCli(t, "upload", "--artifact", artifactPath_B, "--signature", sigPath,
+	out = e2eutil.RunCli(t, "upload", "--artifact", artifactPath_B, "--signature", sigPath,
 		"--public-key", pubPath, "--pki-format", "minisign")
-	util.OutputContains(t, out, "Created entry at")
-	uuidB := util.GetUUIDFromUploadOutput(t, out)
+	e2eutil.OutputContains(t, out, "Created entry at")
+	uuidB := e2eutil.GetUUIDFromUploadOutput(t, out)
 
 	tests := []struct {
 		name               string
@@ -105,7 +105,7 @@ func TestMinisign(t *testing.T) {
 	}
 	for _, test := range tests {
 		t.Run(test.name, func(t *testing.T) {
-			out = util.RunCli(t, "search", "--public-key", pubPath, "--pki-format", "minisign",
+			out = e2eutil.RunCli(t, "search", "--public-key", pubPath, "--pki-format", "minisign",
 				"--operator", test.operator, "--artifact", test.artifact)
 
 			expected := map[string]int{uuidA: test.expectedUuidACount, uuidB: test.expectedUuidBCount}

pkg/pki/ssh/e2e_test.go

@@ -18,11 +18,12 @@
 package ssh
 
 import (
-	"github.com/sigstore/rekor/pkg/util"
 	"io/ioutil"
 	"path/filepath"
 	"strings"
 	"testing"
+
+	e2eutil "github.com/sigstore/rekor/pkg/util/e2eutil"
 )
 
 func TestSSH(t *testing.T) {
@@ -41,24 +42,24 @@ func TestSSH(t *testing.T) {
 	// Create a random artifact and sign it.
 	artifactPath := filepath.Join(td, "artifact")
 	sigPath := filepath.Join(td, "signature.sig")
-	artifact := util.CreateArtifact(t, artifactPath)
+	artifact := e2eutil.CreateArtifact(t, artifactPath)
 
 	sig := SSHSign(t, strings.NewReader(artifact))
 	if err := ioutil.WriteFile(sigPath, []byte(sig), 0600); err != nil {
 		t.Fatal(err)
 	}
 
 	// Now upload to the log!
-	out := util.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath,
+	out := e2eutil.RunCli(t, "upload", "--artifact", artifactPath, "--signature", sigPath,
 		"--public-key", pubPath, "--pki-format", "ssh")
-	util.OutputContains(t, out, "Created entry at")
+	e2eutil.OutputContains(t, out, "Created entry at")
 
-	uuid := util.GetUUIDFromUploadOutput(t, out)
+	uuid := e2eutil.GetUUIDFromUploadOutput(t, out)
 
-	out = util.RunCli(t, "verify", "--artifact", artifactPath, "--signature", sigPath,
+	out = e2eutil.RunCli(t, "verify", "--artifact", artifactPath, "--signature", sigPath,
 		"--public-key", pubPath, "--pki-format", "ssh")
-	util.OutputContains(t, out, "Inclusion Proof")
+	e2eutil.OutputContains(t, out, "Inclusion Proof")
 
-	out = util.RunCli(t, "search", "--public-key", pubPath, "--pki-format", "ssh")
-	util.OutputContains(t, out, uuid)
+	out = e2eutil.RunCli(t, "search", "--public-key", pubPath, "--pki-format", "ssh")
+	e2eutil.OutputContains(t, out, uuid)
 }