2020-03-12 02:00:43 +01:00
|
|
|
package providercache
|
|
|
|
|
|
|
|
import (
|
internal: Verify provider signatures on install
Providers installed from the registry are accompanied by a list of
checksums (the "SHA256SUMS" file), which is cryptographically signed to
allow package authentication. The process of verifying this has multiple
steps:
- First we must verify that the SHA256 hash of the package archive
matches the expected hash. This could be done for local installations
too, in the future.
- Next we ensure that the expected hash returned as part of the registry
API response matches an entry in the checksum list.
- Finally we verify the cryptographic signature of the checksum list,
using the public keys provided by the registry.
Each of these steps is implemented as a separate PackageAuthentication
type. The local archive installation mechanism uses only the archive
checksum authenticator, and the HTTP installation uses all three in the
order given.
The package authentication system now also returns a result value, which
is used by command/init to display the result of the authentication
process.
There are three tiers of signature, each of which is presented
differently to the user:
- Signatures from the embedded HashiCorp public key indicate that the
provider is officially supported by HashiCorp;
- If the signing key is not from HashiCorp, it may have an associated
trust signature, which indicates that the provider is from one of
HashiCorp's trusted partners;
- Otherwise, if the signature is valid, this is a community provider.
2020-04-08 22:22:07 +02:00
|
|
|
"context"
|
2020-03-12 02:00:43 +01:00
|
|
|
"io/ioutil"
|
|
|
|
"os"
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/apparentlymart/go-versions/versions"
|
|
|
|
"github.com/google/go-cmp/cmp"
|
|
|
|
|
|
|
|
"github.com/hashicorp/terraform/addrs"
|
|
|
|
"github.com/hashicorp/terraform/internal/getproviders"
|
|
|
|
)
|
|
|
|
|
internal: Verify provider signatures on install
Providers installed from the registry are accompanied by a list of
checksums (the "SHA256SUMS" file), which is cryptographically signed to
allow package authentication. The process of verifying this has multiple
steps:
- First we must verify that the SHA256 hash of the package archive
matches the expected hash. This could be done for local installations
too, in the future.
- Next we ensure that the expected hash returned as part of the registry
API response matches an entry in the checksum list.
- Finally we verify the cryptographic signature of the checksum list,
using the public keys provided by the registry.
Each of these steps is implemented as a separate PackageAuthentication
type. The local archive installation mechanism uses only the archive
checksum authenticator, and the HTTP installation uses all three in the
order given.
The package authentication system now also returns a result value, which
is used by command/init to display the result of the authentication
process.
There are three tiers of signature, each of which is presented
differently to the user:
- Signatures from the embedded HashiCorp public key indicate that the
provider is officially supported by HashiCorp;
- If the signing key is not from HashiCorp, it may have an associated
trust signature, which indicates that the provider is from one of
HashiCorp's trusted partners;
- Otherwise, if the signature is valid, this is a community provider.
2020-04-08 22:22:07 +02:00
|
|
|
func TestInstallPackage(t *testing.T) {
|
|
|
|
tmpDirPath, err := ioutil.TempDir("", "terraform-test-providercache")
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
defer os.RemoveAll(tmpDirPath)
|
|
|
|
|
|
|
|
linuxPlatform := getproviders.Platform{
|
|
|
|
OS: "linux",
|
|
|
|
Arch: "amd64",
|
|
|
|
}
|
|
|
|
nullProvider := addrs.NewProvider(
|
|
|
|
addrs.DefaultRegistryHost, "hashicorp", "null",
|
|
|
|
)
|
|
|
|
|
2020-04-22 16:52:49 +02:00
|
|
|
tmpDir := NewDirWithPlatform(tmpDirPath, linuxPlatform)
|
internal: Verify provider signatures on install
Providers installed from the registry are accompanied by a list of
checksums (the "SHA256SUMS" file), which is cryptographically signed to
allow package authentication. The process of verifying this has multiple
steps:
- First we must verify that the SHA256 hash of the package archive
matches the expected hash. This could be done for local installations
too, in the future.
- Next we ensure that the expected hash returned as part of the registry
API response matches an entry in the checksum list.
- Finally we verify the cryptographic signature of the checksum list,
using the public keys provided by the registry.
Each of these steps is implemented as a separate PackageAuthentication
type. The local archive installation mechanism uses only the archive
checksum authenticator, and the HTTP installation uses all three in the
order given.
The package authentication system now also returns a result value, which
is used by command/init to display the result of the authentication
process.
There are three tiers of signature, each of which is presented
differently to the user:
- Signatures from the embedded HashiCorp public key indicate that the
provider is officially supported by HashiCorp;
- If the signing key is not from HashiCorp, it may have an associated
trust signature, which indicates that the provider is from one of
HashiCorp's trusted partners;
- Otherwise, if the signature is valid, this is a community provider.
2020-04-08 22:22:07 +02:00
|
|
|
|
|
|
|
meta := getproviders.PackageMeta{
|
|
|
|
Provider: nullProvider,
|
|
|
|
Version: versions.MustParseVersion("2.1.0"),
|
|
|
|
|
|
|
|
ProtocolVersions: getproviders.VersionList{versions.MustParseVersion("5.0.0")},
|
|
|
|
TargetPlatform: linuxPlatform,
|
|
|
|
|
|
|
|
Filename: "terraform-provider-null_2.1.0_linux_amd64.zip",
|
|
|
|
Location: getproviders.PackageLocalArchive("testdata/terraform-provider-null_2.1.0_linux_amd64.zip"),
|
|
|
|
}
|
|
|
|
|
|
|
|
result, err := tmpDir.InstallPackage(context.TODO(), meta)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("InstallPackage failed: %s", err)
|
|
|
|
}
|
|
|
|
if result != nil {
|
|
|
|
t.Errorf("unexpected result %#v, wanted nil", result)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Now we should see the same version reflected in the temporary directory.
|
|
|
|
got := tmpDir.AllAvailablePackages()
|
|
|
|
want := map[addrs.Provider][]CachedProvider{
|
|
|
|
nullProvider: {
|
|
|
|
CachedProvider{
|
|
|
|
Provider: nullProvider,
|
|
|
|
|
|
|
|
Version: versions.MustParseVersion("2.1.0"),
|
|
|
|
|
2020-07-07 20:36:04 +02:00
|
|
|
PackageDir: tmpDirPath + "/registry.terraform.io/hashicorp/null/2.1.0/linux_amd64",
|
internal: Verify provider signatures on install
Providers installed from the registry are accompanied by a list of
checksums (the "SHA256SUMS" file), which is cryptographically signed to
allow package authentication. The process of verifying this has multiple
steps:
- First we must verify that the SHA256 hash of the package archive
matches the expected hash. This could be done for local installations
too, in the future.
- Next we ensure that the expected hash returned as part of the registry
API response matches an entry in the checksum list.
- Finally we verify the cryptographic signature of the checksum list,
using the public keys provided by the registry.
Each of these steps is implemented as a separate PackageAuthentication
type. The local archive installation mechanism uses only the archive
checksum authenticator, and the HTTP installation uses all three in the
order given.
The package authentication system now also returns a result value, which
is used by command/init to display the result of the authentication
process.
There are three tiers of signature, each of which is presented
differently to the user:
- Signatures from the embedded HashiCorp public key indicate that the
provider is officially supported by HashiCorp;
- If the signing key is not from HashiCorp, it may have an associated
trust signature, which indicates that the provider is from one of
HashiCorp's trusted partners;
- Otherwise, if the signature is valid, this is a community provider.
2020-04-08 22:22:07 +02:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
if diff := cmp.Diff(want, got); diff != "" {
|
|
|
|
t.Errorf("wrong cache contents after install\n%s", diff)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-03-25 20:26:36 +01:00
|
|
|
func TestLinkFromOtherCache(t *testing.T) {
|
2020-03-12 02:00:43 +01:00
|
|
|
srcDirPath := "testdata/cachedir"
|
|
|
|
tmpDirPath, err := ioutil.TempDir("", "terraform-test-providercache")
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
defer os.RemoveAll(tmpDirPath)
|
|
|
|
|
|
|
|
windowsPlatform := getproviders.Platform{
|
|
|
|
OS: "windows",
|
|
|
|
Arch: "amd64",
|
|
|
|
}
|
|
|
|
nullProvider := addrs.NewProvider(
|
|
|
|
addrs.DefaultRegistryHost, "hashicorp", "null",
|
|
|
|
)
|
|
|
|
|
2020-04-21 23:09:29 +02:00
|
|
|
srcDir := NewDirWithPlatform(srcDirPath, windowsPlatform)
|
|
|
|
tmpDir := NewDirWithPlatform(tmpDirPath, windowsPlatform)
|
2020-03-12 02:00:43 +01:00
|
|
|
|
|
|
|
// First we'll check our preconditions: srcDir should have only the
|
|
|
|
// null provider version 2.0.0 in it, because we're faking that we're on
|
|
|
|
// Windows, and tmpDir should have no providers in it at all.
|
|
|
|
|
|
|
|
gotSrcInitial := srcDir.AllAvailablePackages()
|
|
|
|
wantSrcInitial := map[addrs.Provider][]CachedProvider{
|
|
|
|
nullProvider: {
|
|
|
|
CachedProvider{
|
|
|
|
Provider: nullProvider,
|
|
|
|
|
|
|
|
// We want 2.0.0 rather than 2.1.0 because the 2.1.0 package is
|
|
|
|
// still packed and thus not considered to be a cache member.
|
|
|
|
Version: versions.MustParseVersion("2.0.0"),
|
|
|
|
|
2020-07-07 20:36:04 +02:00
|
|
|
PackageDir: "testdata/cachedir/registry.terraform.io/hashicorp/null/2.0.0/windows_amd64",
|
2020-03-12 02:00:43 +01:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
if diff := cmp.Diff(wantSrcInitial, gotSrcInitial); diff != "" {
|
|
|
|
t.Fatalf("incorrect initial source directory contents\n%s", diff)
|
|
|
|
}
|
|
|
|
|
|
|
|
gotTmpInitial := tmpDir.AllAvailablePackages()
|
|
|
|
wantTmpInitial := map[addrs.Provider][]CachedProvider{}
|
|
|
|
if diff := cmp.Diff(wantTmpInitial, gotTmpInitial); diff != "" {
|
|
|
|
t.Fatalf("incorrect initial temp directory contents\n%s", diff)
|
|
|
|
}
|
|
|
|
|
|
|
|
cacheEntry := srcDir.ProviderLatestVersion(nullProvider)
|
|
|
|
if cacheEntry == nil {
|
|
|
|
// This is weird because we just checked for the presence of this above
|
|
|
|
t.Fatalf("null provider has no latest version in source directory")
|
|
|
|
}
|
|
|
|
|
|
|
|
err = tmpDir.LinkFromOtherCache(cacheEntry)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("LinkFromOtherCache failed: %s", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Now we should see the same version reflected in the temporary directory.
|
|
|
|
got := tmpDir.AllAvailablePackages()
|
|
|
|
want := map[addrs.Provider][]CachedProvider{
|
|
|
|
nullProvider: {
|
|
|
|
CachedProvider{
|
|
|
|
Provider: nullProvider,
|
|
|
|
|
|
|
|
// We want 2.0.0 rather than 2.1.0 because the 2.1.0 package is
|
|
|
|
// still packed and thus not considered to be a cache member.
|
|
|
|
Version: versions.MustParseVersion("2.0.0"),
|
|
|
|
|
2020-07-07 20:36:04 +02:00
|
|
|
PackageDir: tmpDirPath + "/registry.terraform.io/hashicorp/null/2.0.0/windows_amd64",
|
2020-03-12 02:00:43 +01:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
if diff := cmp.Diff(want, got); diff != "" {
|
|
|
|
t.Errorf("wrong cache contents after link\n%s", diff)
|
|
|
|
}
|
|
|
|
}
|