Merge pull request #13 from pjbgf-forks/fixes

Add mapping for rancher/rancher and expand on arch suffixes
rancherlabs · Dec 6, 2024 · 6c0550e · 6c0550e
2 parents a16beae + 71ad8b3
commit 6c0550e
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 7 deletions.
diff --git a/pkg/verify/mapping.go b/pkg/verify/mapping.go
@@ -18,4 +18,5 @@ var imageRepo = map[string]string{
 	"rancher/hardened-coredns":                "rancher/image-build-coredns",
 	"rancher/hardened-cni-plugins":            "rancher/image-build-cni-plugins",
 	"rancher/nginx-ingress-controller":        "rancher/ingress-nginx",
+	"rancher/rancher":                         "rancher/rancher-prime",
 }
diff --git a/pkg/verify/verify.go b/pkg/verify/verify.go
@@ -16,10 +16,13 @@ import (
 const timeout = 45 * time.Second
 
 var archSuffixes = []string{
+	"-linux-amd64",
+	"-linux-arm64",
 	"-windows-amd64",
 	"-windows-arm64",
 	"-amd64",
 	"-arm64",
+	"-s390x",
 }
 
 // Verify checks whether a given Rancher Prime image is signed based on the Cosign Signature spec.

diff --git a/pkg/verify/verify_test.go b/pkg/verify/verify_test.go
@@ -47,35 +47,47 @@ func TestCertificateIdentity(t *testing.T) {
 			wantErr: "unsupported image name",
 		},
 		{
-			image: "tocker.local/foo/bar:v0.0.7",
+			image: "rocker.local/foo/bar:v0.0.7",
 			want:  "https://github.com/foo/bar/.github/workflows/release.yml@refs/tags/v0.0.7",
 		},
 		{
-			image: "tocker.local/bar/foo/bar:v3.14",
+			image: "rocker.local/bar/foo/bar:v3.14",
 			want:  "https://github.com/foo/bar/.github/workflows/release.yml@refs/tags/v3.14",
 		},
 		{
 			image: "rancher/rke2-runtime:v0.0.7",
 			want:  "https://github.com/rancher/rke2/.github/workflows/release.yml@refs/tags/v0.0.7",
 		},
 		{
-			image: "tocker.local/foo/bar:v0.0.7-amd64", // single tag may yield arch-specific images
+			image: "rocker.local/foo/bar:v0.0.7-amd64", // single tag may yield arch-specific images
 			want:  "https://github.com/foo/bar/.github/workflows/release.yml@refs/tags/v0.0.7",
 		},
 		{
-			image: "tocker.local/foo/bar:v0.0.7-arm64", // single tag may yield arch-specific images
+			image: "rocker.local/foo/bar:v0.0.7-arm64", // single tag may yield arch-specific images
 			want:  "https://github.com/foo/bar/.github/workflows/release.yml@refs/tags/v0.0.7",
 		},
 		{
-			image: "tocker.local/foo/bar:v0.0.7-windows-amd64", // single tag may yield arch-specific images
+			image: "rocker.local/foo/bar:v0.0.7-s390x", // single tag may yield arch-specific images
 			want:  "https://github.com/foo/bar/.github/workflows/release.yml@refs/tags/v0.0.7",
 		},
 		{
-			image: "tocker.local/foo/bar:v0.0.7-windows-arm64", // single tag may yield arch-specific images
+			image: "rocker.local/foo/bar:v0.0.7-windows-amd64", // single tag may yield arch-specific images
 			want:  "https://github.com/foo/bar/.github/workflows/release.yml@refs/tags/v0.0.7",
 		},
 		{
-			image: "tocker.local/foo/bar:v0.0.7-build12345",
+			image: "rocker.local/foo/bar:v0.0.7-windows-arm64", // single tag may yield arch-specific images
+			want:  "https://github.com/foo/bar/.github/workflows/release.yml@refs/tags/v0.0.7",
+		},
+		{
+			image: "rocker.local/foo/bar:v0.0.7-linux-amd64", // single tag may yield arch-specific images
+			want:  "https://github.com/foo/bar/.github/workflows/release.yml@refs/tags/v0.0.7",
+		},
+		{
+			image: "rocker.local/foo/bar:v0.0.7-linux-arm64", // single tag may yield arch-specific images
+			want:  "https://github.com/foo/bar/.github/workflows/release.yml@refs/tags/v0.0.7",
+		},
+		{
+			image: "rocker.local/foo/bar:v0.0.7-build12345",
 			want:  "https://github.com/foo/bar/.github/workflows/release.yml@refs/tags/v0.0.7-build12345",
 		},
 	}