config: sign Azure versions on upload & verify on fetch (#1836)

* add SignContent() + integrate into configAPI * use static client for upload versions tool; fix staticupload calleeReference bug * use version to get proper cosign pub key. * mock fetcher in CLI tests * only provide config.New constructor with fetcher Co-authored-by: Otto Bittner <cobittner@posteo.net> Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2025-05-02 14:26:23 -04:00 · 2023-06-01 13:55:46 +02:00 · 2023-06-01 13:55:46 +02:00 · b51cc52945
commit b51cc52945
parent e0285c122e
55 changed files with 752 additions and 308 deletions
--- a/cli/internal/cmd/init_test.go
+++ b/cli/internal/cmd/init_test.go
@ -175,7 +175,7 @@ func TestInitialize(t *testing.T) {
 			defer cancel()
 			cmd.SetContext(ctx)
 			i := &initCmd{log: logger.NewTest(t), spinner: &nopSpinner{}}
-			err := i.initialize(cmd, newDialer, fileHandler, &stubLicenseClient{})
+			err := i.initialize(cmd, newDialer, fileHandler, &stubLicenseClient{}, fakeConfigFetcher{})

 			if tc.wantErr {
 				assert.Error(err)
@ -519,7 +519,7 @@ func TestAttestation(t *testing.T) {
 	cmd.SetContext(ctx)

 	i := &initCmd{log: logger.NewTest(t), spinner: &nopSpinner{}}
-	err := i.initialize(cmd, newDialer, fileHandler, &stubLicenseClient{})
+	err := i.initialize(cmd, newDialer, fileHandler, &stubLicenseClient{}, fakeConfigFetcher{})
 	assert.Error(err)
 	// make sure the error is actually a TLS handshake error
 	assert.Contains(err.Error(), "transport: authentication handshake failed")