From 7e20d8a0a71ee41fbf82423f34d0b797dadd414b Mon Sep 17 00:00:00 2001 From: Brian DeHamer Date: Mon, 16 Oct 2023 12:43:36 -0700 Subject: [PATCH] update smoketest to use cli (#488) Signed-off-by: Brian DeHamer --- .github/workflows/smoke-test.yml | 9 ++- scripts/mock-tuf-config.json | 6 -- scripts/sigstore-tuf-repo-config.json | 6 -- scripts/tuf-demo-tuf-repo-config.json | 6 -- scripts/tufClientFetchTarget.ts | 106 -------------------------- 5 files changed, 5 insertions(+), 128 deletions(-) delete mode 100644 scripts/mock-tuf-config.json delete mode 100644 scripts/sigstore-tuf-repo-config.json delete mode 100644 scripts/tuf-demo-tuf-repo-config.json delete mode 100644 scripts/tufClientFetchTarget.ts diff --git a/.github/workflows/smoke-test.yml b/.github/workflows/smoke-test.yml index bfc58d7c..60186466 100644 --- a/.github/workflows/smoke-test.yml +++ b/.github/workflows/smoke-test.yml @@ -37,9 +37,10 @@ jobs: run: npm ci - name: Build run: npm run build - - name: Run TUF client with Sigstore TUF repo + - name: Download target from Sigstore TUF repo run: | - npx ts-node ./scripts/tufClientFetchTarget.ts ./scripts/sigstore-tuf-repo-config.json - - name: Run TUF client with TUF Demo repo + npx tuf download-target --metadata-base-url https://sigstore-tuf-root.storage.googleapis.com --unsafe-root-download --target-name trusted_root.json + npx tuf download-target --metadata-base-url https://sigstore-tuf-root.storage.googleapis.com --unsafe-root-download --target-name registry.npmjs.org/keys.json + - name: Download target from TUF Demo repo run: | - npx ts-node ./scripts/tufClientFetchTarget.ts ./scripts/tuf-demo-tuf-repo-config.json + npx tuf download-target --metadata-base-url https://jku.github.io/tuf-demo/metadata --target-base-url https://jku.github.io/tuf-demo/targets --unsafe-root-download --target-name rdimitrov/artifact-example.md diff --git a/scripts/mock-tuf-config.json b/scripts/mock-tuf-config.json deleted file mode 100644 index df032c57..00000000 --- a/scripts/mock-tuf-config.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "targetFiles": "target.txt", - "metadataBaseUrl": "http://localhost:3000/metadata/", - "targetBaseUrl": "http://localhost:3000/targets", - "rootMetadataUrl": "http://localhost:3000/metadata/1.root.json" -} diff --git a/scripts/sigstore-tuf-repo-config.json b/scripts/sigstore-tuf-repo-config.json deleted file mode 100644 index 54bef8f8..00000000 --- a/scripts/sigstore-tuf-repo-config.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "targetFiles": "trusted_root.json,registry.npmjs.org/keys.json", - "metadataBaseUrl": "https://sigstore-tuf-root.storage.googleapis.com", - "targetBaseUrl": "https://sigstore-tuf-root.storage.googleapis.com/targets", - "rootMetadataUrl": "https://sigstore-tuf-root.storage.googleapis.com/1.root.json" -} diff --git a/scripts/tuf-demo-tuf-repo-config.json b/scripts/tuf-demo-tuf-repo-config.json deleted file mode 100644 index 924ae6e1..00000000 --- a/scripts/tuf-demo-tuf-repo-config.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "targetFiles": "file1.txt", - "metadataBaseUrl": "https://jku.github.io/tuf-demo/metadata", - "targetBaseUrl": "https://jku.github.io/tuf-demo/targets", - "rootMetadataUrl": "https://jku.github.io/tuf-demo/metadata/1.root.json" -} \ No newline at end of file diff --git a/scripts/tufClientFetchTarget.ts b/scripts/tufClientFetchTarget.ts deleted file mode 100644 index 934e2172..00000000 --- a/scripts/tufClientFetchTarget.ts +++ /dev/null @@ -1,106 +0,0 @@ -import fs from 'fs'; -import fetch from 'make-fetch-happen'; -import path from 'path'; -import { Updater } from '../packages/client/src'; - -async function initDir( - rootMetadataUrl: string, - metadataDir: string, - targetDir: string -) { - if (!fs.existsSync(metadataDir)) { - fs.mkdirSync(metadataDir); - } - - if (!fs.existsSync(path.join(metadataDir, 'root.json'))) { - // install 1.root.json - const response = await fetch(rootMetadataUrl); - const data = await response.json(); - fs.writeFileSync(path.join(metadataDir, 'root.json'), JSON.stringify(data)); - } - - if (!fs.existsSync(targetDir)) { - fs.mkdirSync(targetDir); - } -} - -async function downloadTarget( - targetFiles: string[], - metadataBaseUrl: string, - targetBaseUrl: string, - metadataDir: string, - targetDir: string -) { - const updater = new Updater({ - metadataBaseUrl, - metadataDir, - targetDir, - targetBaseUrl, - }); - await updater.refresh(); - - for (const targetFile of targetFiles) { - const targetInfo = await updater.getTargetInfo(targetFile); - - if (!targetInfo) { - console.log(`Target ${targetFile} doesn't exist`); - return; - } - const targetPath = await updater.findCachedTarget(targetInfo); - if (targetPath) { - console.log(`Target ${targetFile} is cached at ${targetPath}`); - return; - } - - const downloadedTargetPath = await updater.downloadTarget(targetInfo); - console.log(`Target ${targetFile} downloaded to ${downloadedTargetPath}`); - } -} - -async function removeDirs(metadataDir: string, targetDir: string) { - if (fs.existsSync(metadataDir)) { - fs.rmSync(metadataDir, { recursive: true }); - } - - if (fs.existsSync(targetDir)) { - fs.rmSync(targetDir, { recursive: true }); - } -} - -async function run() { - const configFile = process.argv[2]; - const config = JSON.parse(fs.readFileSync(configFile, 'utf8')); - const rootMetadataUrl = config.rootMetadataUrl; - const metadataBaseUrl = config.metadataBaseUrl; - const targetBaseUrl = config.targetBaseUrl; - const rawTargetFiles = config.targetFiles; - - const metadataDir = './metadata'; - const targetDir = './targets'; - - const targetFiles = rawTargetFiles.split(','); - try { - await initDir(rootMetadataUrl, metadataDir, targetDir); - - await downloadTarget( - targetFiles, - metadataBaseUrl, - targetBaseUrl, - metadataDir, - targetDir - ); - } catch (err) { - throw err; - } finally { - // clean up - await removeDirs(metadataDir, targetDir); - } - process.exit(); -} - -try { - run(); -} catch (err) { - console.log('Error', err); - process.exit(1); -}