97cdb9c6b5
Rather than requiring an operator to create a GPG key and a K8s secret, the registry now provisions itself: on first start artifactapi generates a signing keypair and persists it in a new signing_keys table, so all replicas share one key and there is nothing to set up. TF_SIGNING_KEY_PATH still overrides with a bring-your-own key when set. - signing_keys table + GetSigningKey / InsertSigningKeyIfAbsent (ON CONFLICT DO NOTHING so a replica race converges on one key) - tfsign.Generate, LoadArmored, and LoadOrCreate(store, purpose) - server prefers a configured key file, else LoadOrCreate against the DB - tests: generate/load round-trip, load-or-create generates once then reuses, DB insert idempotency
32 lines
889 B
Go
32 lines
889 B
Go
package database
|
|
|
|
import "testing"
|
|
|
|
func TestSigningKeyRoundTripAndIdempotency(t *testing.T) {
|
|
requireDB(t)
|
|
|
|
const purpose = "terraform-provider-test"
|
|
|
|
// Absent to start.
|
|
if _, _, found, err := testDB.GetSigningKey(ctx(), purpose); err != nil || found {
|
|
t.Fatalf("expected no key, got found=%v err=%v", found, err)
|
|
}
|
|
|
|
if err := testDB.InsertSigningKeyIfAbsent(ctx(), purpose, "ARMOR-1", "KEYID1"); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
// A second insert must not overwrite (models the replica race).
|
|
if err := testDB.InsertSigningKeyIfAbsent(ctx(), purpose, "ARMOR-2", "KEYID2"); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
armor, keyID, found, err := testDB.GetSigningKey(ctx(), purpose)
|
|
if err != nil || !found {
|
|
t.Fatalf("expected key, found=%v err=%v", found, err)
|
|
}
|
|
if armor != "ARMOR-1" || keyID != "KEYID1" {
|
|
t.Errorf("key was overwritten: armor=%q key_id=%q", armor, keyID)
|
|
}
|
|
}
|