Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: add the --key flag to the init cmd #2259

Merged
merged 7 commits into from
Jan 31, 2024
Merged
Show file tree
Hide file tree
Changes from 6 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -171,7 +171,7 @@ test-e2e: test-e2e-without-cluster test-e2e-with-cluster ## Run all of the core
.PHONY: test-e2e-with-cluster
test-e2e-with-cluster: build-examples ## Run all of the core Zarf CLI E2E tests that DO require a cluster (builds any deps that aren't present)
@test -s ./build/zarf-init-$(ARCH)-$(CLI_VERSION).tar.zst || $(MAKE) init-package
cd src/test/e2e && go test ./main_test.go ./[2-9]*.go -failfast -v -timeout 35m
cd src/test/e2e && go test ./main_test.go ./35*.go -failfast -v -timeout 35m
Racer159 marked this conversation as resolved.
Show resolved Hide resolved

.PHONY: test-e2e-without-cluster
test-e2e-without-cluster: build-examples ## Run all of the core Zarf CLI E2E tests that DO NOT require a cluster (builds any deps that aren't present)
Expand Down
1 change: 1 addition & 0 deletions docs/2-the-zarf-cli/100-cli-commands/zarf_init.md
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ $ zarf init --artifact-push-password={PASSWORD} --artifact-push-username={USERNA
--git-push-username string Username to access to the git server Zarf is configured to use. User must be able to create repositories via 'git push' (default "zarf-git-user")
--git-url string External git server url to use for this Zarf cluster
-h, --help help for init
-k, --key string Path to public key file for validating signed packages
--nodeport int Nodeport to access a registry internal to the k8s cluster. Between [30000-32767]
--registry-pull-password string Password for the pull-only user to access the registry
--registry-pull-username string Username for pull-only access to the registry
Expand Down
2 changes: 2 additions & 0 deletions src/cmd/initialize.go
Original file line number Diff line number Diff line change
Expand Up @@ -220,5 +220,7 @@ func init() {

dgershman marked this conversation as resolved.
Show resolved Hide resolved
initCmd.Flags().DurationVar(&pkgConfig.DeployOpts.Timeout, "timeout", v.GetDuration(common.VPkgDeployTimeout), lang.CmdPackageDeployFlagTimeout)

initCmd.Flags().StringVarP(&pkgConfig.PkgOpts.PublicKeyPath, "key", "k", v.GetString(common.VPkgPublicKey), lang.CmdPackageFlagFlagPublicKey)

initCmd.Flags().SortFlags = true
}
47 changes: 47 additions & 0 deletions src/test/e2e/35_custom_init_package_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
// SPDX-License-Identifier: Apache-2.0
// SPDX-FileCopyrightText: 2021-Present The Zarf Authors

// Package test provides e2e tests for Zarf.
package test

import (
"fmt"
"path/filepath"
"testing"

"github.com/stretchr/testify/require"
)

func TestCustomInit(t *testing.T) {
t.Log("E2E: Custom Init Package")
e2e.SetupWithCluster(t)
buildPath := filepath.Join("src", "test", "packages", "35-custom-init-package")
pkgName := fmt.Sprintf("zarf-init-%s-%s.tar.zst", e2e.Arch, e2e.GetZarfVersion(t))
privateKeyFlag := "--signing-key=src/test/packages/zarf-test.prv-key"
publicKeyFlag := "--key=src/test/packages/zarf-test.pub"

stdOut, stdErr, err := e2e.Zarf("package", "create", buildPath, privateKeyFlag, "--confirm")
require.NoError(t, err, stdOut, stdErr)
defer e2e.CleanFiles(pkgName)

/* Test operations during package inspect */
// Test that we can inspect the yaml of the package without the private key
stdOut, stdErr, err = e2e.Zarf("package", "inspect", pkgName)
require.NoError(t, err, stdOut, stdErr)

// Test that we don't get an error when we remember to provide the public key
stdOut, stdErr, err = e2e.Zarf("package", "inspect", pkgName, publicKeyFlag)
require.NoError(t, err, stdOut, stdErr)
require.Contains(t, stdErr, "Verified OK")

/* Test operations during package deploy */
// Test that we get an error when trying to deploy a package without providing the public key
stdOut, stdErr, err = e2e.Zarf("init", "--confirm")
require.Error(t, err, stdOut, stdErr)
require.Contains(t, stdErr, "unable to load the package: package is signed but no key was provided - add a key with the --key flag or use the --insecure flag and run the command again")
Racer159 marked this conversation as resolved.
Show resolved Hide resolved

/* Test operations during package deploy */
// Test that we can deploy the package with the public key
stdOut, stdErr, err = e2e.Zarf("init", "--confirm", publicKeyFlag)
require.NoError(t, err, stdOut, stdErr)
}
8 changes: 8 additions & 0 deletions src/test/packages/35-custom-init-package/zarf.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
kind: ZarfInitConfig
metadata:
name: init
description: Used to establish a new Zarf cluster

components:
- name: nothing

Loading