Date: Saturday, January 1, 2022 @ 01:59:45 Author: shibumi Revision: 1091391
archrelease: copy trunk to community-x86_64 Added: rekor/repos/community-x86_64/PKGBUILD (from rev 1091390, rekor/trunk/PKGBUILD) rekor/repos/community-x86_64/fix-expired-tuf-root.patch (from rev 1091390, rekor/trunk/fix-expired-tuf-root.patch) Deleted: rekor/repos/community-x86_64/PKGBUILD ----------------------------+ PKGBUILD | 111 ++++++++++++++++++++-------------------- fix-expired-tuf-root.patch | 118 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 173 insertions(+), 56 deletions(-) Deleted: PKGBUILD =================================================================== --- PKGBUILD 2022-01-01 01:59:39 UTC (rev 1091390) +++ PKGBUILD 2022-01-01 01:59:45 UTC (rev 1091391) @@ -1,56 +0,0 @@ -# Maintainer: Santiago Torres-Arias <santi...@archlinux.org> -# Maintainer: Christian Rebischke <chris.rebisc...@archlinux.org> - -pkgname=rekor -pkgver=0.3.0 -pkgrel=2 -pkgdesc="Signature Transparency Log -- Sigstore client and server tools" -arch=('x86_64') -url="https://github.com/sigstore/rekor" -license=('Apache') -makedepends=('go' 'git') -checkdepends=('openssh') -source=("${pkgname}-${pkgver}.tar.gz::https://github.com/sigstore/rekor/archive/v${pkgver}.tar.gz" - # fix for shell completions - https://github.com/sigstore/rekor/pull/417/commits/45e972db2f16873f39d56ce10076c09a01d2f807.patch) -sha256sums=('13a320256b2dffb21dd97c95d7284c71e98d3f4f5a582f9e35cfe40852242ea8' - '06ba3e91f4262fd556c2d722aee15f91b97057878cdf59479a02be54477b2f62') - -prepare() { - cd "${pkgname}-${pkgver}" - patch -Np1 -i ../45e972db2f16873f39d56ce10076c09a01d2f807.patch -} - -build() { - cd "${pkgname}-${pkgver}" - export CGO_CPPFLAGS="${CPPFLAGS}" - export CGO_CFLAGS="${CFLAGS}" - export CGO_CXXFLAGS="${CXXFLAGS}" - export CGO_LDFLAGS="${LDFLAGS}" - export GOFLAGS="-buildmode=pie -ldflags=-linkmode=external -trimpath -mod=readonly -modcacherw" - go build -o cmd/rekor-cli/rekor-cli cmd/rekor-cli/main.go - go build -o cmd/rekor-server/rekor-server cmd/rekor-server/main.go -} - -check() { - cd "${pkgname}-${pkgver}" - go test -v ./... -} - -package() { - cd "${pkgname}-${pkgver}" - install -Dsm755 cmd/rekor-cli/rekor-cli "${pkgdir}/usr/bin/rekor-cli" - install -Dsm755 cmd/rekor-server/rekor-server "${pkgdir}/usr/bin/rekor-server" - - install -d "${pkgdir}/usr/share/bash-completion/completions" \ - "${pkgdir}/usr/share/zsh/site-functions" \ - "${pkgdir}/usr/share/fish/vendor_completions.d" - - "${pkgdir}/usr/bin/rekor-cli" completion bash > "${pkgdir}/usr/share/bash-completion/completions/rekor-cli" - "${pkgdir}/usr/bin/rekor-cli" completion zsh > "${pkgdir}/usr/share/zsh/site-functions/_rekor-cli" - "${pkgdir}/usr/bin/rekor-cli" completion fish > "${pkgdir}/usr/share/fish/vendor_completions.d/rekor-cli.fish" - - "${pkgdir}/usr/bin/rekor-server" completion bash > "${pkgdir}/usr/share/bash-completion/completions/rekor-server" - "${pkgdir}/usr/bin/rekor-server" completion zsh > "${pkgdir}/usr/share/zsh/site-functions/_rekor-server" - "${pkgdir}/usr/bin/rekor-server" completion fish > "${pkgdir}/usr/share/fish/vendor_completions.d/rekor-server.fish" -} Copied: rekor/repos/community-x86_64/PKGBUILD (from rev 1091390, rekor/trunk/PKGBUILD) =================================================================== --- PKGBUILD (rev 0) +++ PKGBUILD 2022-01-01 01:59:45 UTC (rev 1091391) @@ -0,0 +1,55 @@ +# Maintainer: Santiago Torres-Arias <santi...@archlinux.org> +# Maintainer: Christian Rebischke <chris.rebisc...@archlinux.org> + +pkgname=rekor +pkgver=0.4.0 +pkgrel=1 +pkgdesc="Signature Transparency Log -- Sigstore client and server tools" +arch=('x86_64') +url="https://github.com/sigstore/rekor" +license=('Apache') +makedepends=('go' 'git') +checkdepends=('openssh') +source=("${pkgname}-${pkgver}.tar.gz::https://github.com/sigstore/rekor/archive/v${pkgver}.tar.gz" + "fix-expired-tuf-root.patch") +sha256sums=('19c369f88d846098fb3895948af493f73c97f7211fd1714f9f77ab4395beef4d' + '1a39711c28f904409ed7e9027a0e2d7a41e1ddc3395703126df7c17f97f3b162') + +prepare() { + cd "${pkgname}-${pkgver}" + patch -Np1 -i ../fix-expired-tuf-root.patch +} + +build() { + cd "${pkgname}-${pkgver}" + export CGO_CPPFLAGS="${CPPFLAGS}" + export CGO_CFLAGS="${CFLAGS}" + export CGO_CXXFLAGS="${CXXFLAGS}" + export CGO_LDFLAGS="${LDFLAGS}" + export GOFLAGS="-buildmode=pie -ldflags=-linkmode=external -trimpath -mod=readonly -modcacherw" + go build -o cmd/rekor-cli/rekor-cli cmd/rekor-cli/main.go + go build -o cmd/rekor-server/rekor-server cmd/rekor-server/main.go +} + +check() { + cd "${pkgname}-${pkgver}" + go test -v ./... +} + +package() { + cd "${pkgname}-${pkgver}" + install -Dsm755 cmd/rekor-cli/rekor-cli "${pkgdir}/usr/bin/rekor-cli" + install -Dsm755 cmd/rekor-server/rekor-server "${pkgdir}/usr/bin/rekor-server" + + install -d "${pkgdir}/usr/share/bash-completion/completions" \ + "${pkgdir}/usr/share/zsh/site-functions" \ + "${pkgdir}/usr/share/fish/vendor_completions.d" + + "${pkgdir}/usr/bin/rekor-cli" completion bash > "${pkgdir}/usr/share/bash-completion/completions/rekor-cli" + "${pkgdir}/usr/bin/rekor-cli" completion zsh > "${pkgdir}/usr/share/zsh/site-functions/_rekor-cli" + "${pkgdir}/usr/bin/rekor-cli" completion fish > "${pkgdir}/usr/share/fish/vendor_completions.d/rekor-cli.fish" + + "${pkgdir}/usr/bin/rekor-server" completion bash > "${pkgdir}/usr/share/bash-completion/completions/rekor-server" + "${pkgdir}/usr/bin/rekor-server" completion zsh > "${pkgdir}/usr/share/zsh/site-functions/_rekor-server" + "${pkgdir}/usr/bin/rekor-server" completion fish > "${pkgdir}/usr/share/fish/vendor_completions.d/rekor-server.fish" +} Copied: rekor/repos/community-x86_64/fix-expired-tuf-root.patch (from rev 1091390, rekor/trunk/fix-expired-tuf-root.patch) =================================================================== --- fix-expired-tuf-root.patch (rev 0) +++ fix-expired-tuf-root.patch 2022-01-01 01:59:45 UTC (rev 1091391) @@ -0,0 +1,118 @@ +diff --git a/pkg/pki/tuf/tuf_test.go b/pkg/pki/tuf/tuf_test.go +index c244dc1..0668333 100644 +--- a/pkg/pki/tuf/tuf_test.go ++++ b/pkg/pki/tuf/tuf_test.go +@@ -20,8 +20,22 @@ import ( + "io" + "os" + "testing" ++ "time" ++ ++ "github.com/theupdateframework/go-tuf/verify" + ) + ++func patchIsExpired() func() { ++ // Patch out the IsExpired to make the tests stable :) ++ old := verify.IsExpired ++ verify.IsExpired = func(t time.Time) bool { ++ return false ++ } ++ return func() { ++ verify.IsExpired = old ++ } ++} ++ + func TestReadPublicKey(t *testing.T) { + // Tests reading a valid public key (root.json) + type test struct { +@@ -37,6 +51,9 @@ func TestReadPublicKey(t *testing.T) { + {caseDesc: "Valid TUF root.json", inputFile: "testdata/1.root.json", errorFound: false, specVersion: "1.0"}, + } + ++ // Patch out the expired function to make tests stable :) ++ defer patchIsExpired()() ++ + for _, tc := range tests { + file, err := os.Open(tc.inputFile) + if err != nil { +@@ -101,6 +118,9 @@ func TestCanonicalValue(t *testing.T) { + t.Errorf("CanonicalValue did not error out for uninitialized key") + } + ++ // Patch out the expired function to make tests stable :) ++ defer patchIsExpired()() ++ + tests := []test{ + {caseDesc: "root", input: "testdata/1.root.json", output: "testdata/reformat.1.root.json", match: true}, + } +@@ -115,7 +135,7 @@ func TestCanonicalValue(t *testing.T) { + + inputKey, err := NewPublicKey(inputFile) + if err != nil { +- t.Errorf("%v: Error reading input for TestCanonicalValuePublicKey: %v", tc.caseDesc, err) ++ t.Errorf("%v: Error reading input for TestCanonicalValue: %v", tc.caseDesc, err) + } + + cvInput, err := inputKey.CanonicalValue() +@@ -130,7 +150,7 @@ func TestCanonicalValue(t *testing.T) { + + outputKey, err := NewPublicKey(outputFile) + if err != nil { +- t.Errorf("%v: Error reading input for TestCanonicalValuePublicKey: %v", tc.caseDesc, err) ++ t.Errorf("%v: Error reading input for TestCanonicalValue: %v", tc.caseDesc, err) + } + + cvOutput, err := outputKey.CanonicalValue() +@@ -159,6 +179,8 @@ func TestVerifySignature(t *testing.T) { + {caseDesc: "Valid root.json, unsigned root.json", keyFile: "testdata/1.root.json", sigFile: "testdata/unsigned_root.json", verified: false}, + } + ++ defer patchIsExpired()() ++ + for _, tc := range tests { + keyFile, err := os.Open(tc.keyFile) + if err != nil { +diff --git a/pkg/types/tuf/v0.0.1/entry_test.go b/pkg/types/tuf/v0.0.1/entry_test.go +index dd1b899..ffb8843 100644 +--- a/pkg/types/tuf/v0.0.1/entry_test.go ++++ b/pkg/types/tuf/v0.0.1/entry_test.go +@@ -26,6 +26,7 @@ import ( + "net/http/httptest" + "reflect" + "testing" ++ "time" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" +@@ -33,10 +34,22 @@ import ( + "github.com/sigstore/rekor/pkg/generated/models" + "github.com/sigstore/rekor/pkg/types" + "github.com/theupdateframework/go-tuf/data" ++ "github.com/theupdateframework/go-tuf/verify" + + "go.uber.org/goleak" + ) + ++func patchIsExpired() func() { ++ // Patch out the IsExpired to make the tests stable :) ++ old := verify.IsExpired ++ verify.IsExpired = func(t time.Time) bool { ++ return false ++ } ++ return func() { ++ verify.IsExpired = old ++ } ++} ++ + func TestMain(m *testing.M) { + goleak.VerifyTestMain(m) + } +@@ -49,6 +62,8 @@ func TestNewEntryReturnType(t *testing.T) { + } + + func TestCrossFieldValidation(t *testing.T) { ++ defer patchIsExpired()() ++ + type TestCase struct { + caseDesc string + entry V001Entry