handle cached artifactory manifests

coder · Dec 12, 2024 · 35c997b · 35c997b
1 parent f8b3714
commit 35c997b
Show file tree

Hide file tree

Showing 5 changed files with 59 additions and 20 deletions.
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
@@ -33,4 +33,4 @@ jobs:
       - name: golangci-lint
         uses: golangci/[email protected]
         with:
-          version: v1.60.0
+          version: v1.58.0
diff --git a/storage/signature.go b/storage/signature.go
@@ -17,7 +17,7 @@ import (
 var _ Storage = (*Signature)(nil)
 
 const (
-	sigzipFilename  = "extension.sigzip"
+	SigzipFilename  = "extension.sigzip"
 	sigManifestName = ".signature.manifest"
 )
 
@@ -67,17 +67,24 @@ func (s *Signature) Manifest(ctx context.Context, publisher, name string, versio
 	}
 
 	if s.SigningEnabled() {
+		for _, asset := range manifest.Assets.Asset {
+			if asset.Path == SigzipFilename {
+				// Already signed
+				return manifest, nil
+			}
+		}
 		manifest.Assets.Asset = append(manifest.Assets.Asset, VSIXAsset{
 			Type:        VSIXSignatureType,
-			Path:        sigzipFilename,
+			Path:        SigzipFilename,
 			Addressable: "true",
 		})
+		return manifest, nil
 	}
 	return manifest, nil
 }
 
 // Open will intercept requests for signed extensions payload.
-// It does this by looking for 'sigzipFilename' or p7s.sig.
+// It does this by looking for 'SigzipFilename' or p7s.sig.
 //
 // The signed payload and signing process is taken from:
 // https://github.com/filiptronicek/node-ovsx-sign
@@ -98,7 +105,7 @@ func (s *Signature) Manifest(ctx context.Context, publisher, name string, versio
 //     source implementation. Ideally this marketplace would match Microsoft's
 //     marketplace API.
 func (s *Signature) Open(ctx context.Context, fp string) (fs.File, error) {
-	if s.SigningEnabled() && filepath.Base(fp) == sigzipFilename {
+	if s.SigningEnabled() && filepath.Base(fp) == SigzipFilename {
 		// hijack this request, sign the sig manifest
 		manifest, err := s.Storage.Open(ctx, filepath.Join(filepath.Dir(fp), sigManifestName))
 		if err != nil {
@@ -119,7 +126,7 @@ func (s *Signature) Open(ctx context.Context, fp string) (fs.File, error) {
 			return nil, xerrors.Errorf("sign and zip manifest: %w", err)
 		}
 
-		f := mem.NewFileHandle(mem.CreateFile(sigzipFilename))
+		f := mem.NewFileHandle(mem.CreateFile(SigzipFilename))
 		_, err = f.Write(signed)
 		return f, err
 	}

diff --git a/storage/signature_test.go b/storage/signature_test.go
@@ -1,21 +1,37 @@
 package storage_test
 
 import (
+	"crypto"
 	"testing"
 
 	"github.com/coder/code-marketplace/extensionsign"
 	"github.com/coder/code-marketplace/storage"
 )
 
-func signed(factory func(t *testing.T) testStorage) func(t *testing.T) testStorage {
+func expectSignature(manifest *storage.VSIXManifest) {
+	manifest.Assets.Asset = append(manifest.Assets.Asset, storage.VSIXAsset{
+		Type:        storage.VSIXSignatureType,
+		Path:        storage.SigzipFilename,
+		Addressable: "true",
+	})
+}
+
+//nolint:revive // test control flag
+func signed(signer bool, factory func(t *testing.T) testStorage) func(t *testing.T) testStorage {
 	return func(t *testing.T) testStorage {
 		st := factory(t)
-		key, _ := extensionsign.GenerateKey()
+		var key crypto.Signer
+		var exp func(*storage.VSIXManifest)
+		if signer {
+			key, _ = extensionsign.GenerateKey()
+			exp = expectSignature
+		}
 
 		return testStorage{
-			storage: storage.NewSignatureStorage(key, st.storage),
-			write:   st.write,
-			exists:  st.exists,
+			storage:          storage.NewSignatureStorage(key, st.storage),
+			write:            st.write,
+			exists:           st.exists,
+			expectedManifest: exp,
 		}
 	}
 }
diff --git a/storage/storage_test.go b/storage/storage_test.go
@@ -15,6 +15,7 @@ import (
 	"strconv"
 	"testing"
 
+	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
 	"github.com/coder/code-marketplace/storage"
@@ -25,6 +26,8 @@ type testStorage struct {
 	storage storage.Storage
 	write   func(content []byte, elem ...string)
 	exists  func(elem ...string) bool
+
+	expectedManifest func(man *storage.VSIXManifest)
 }
 type storageFactory = func(t *testing.T) testStorage
 
@@ -132,14 +135,14 @@ func TestStorage(t *testing.T) {
 			name:    "Artifactory",
 			factory: artifactoryFactory,
 		},
-		//{
-		//	name:    "SignedLocal",
-		//	factory: signed(localFactory),
-		//},
-		//{
-		//	name:    "SignedArtifactory",
-		//	factory: signed(artifactoryFactory),
-		//},
+		{
+			name:    "SignedLocal",
+			factory: signed(true, localFactory),
+		},
+		{
+			name:    "SignedArtifactory",
+			factory: signed(true, artifactoryFactory),
+		},
 	}
 	for _, sf := range factories {
 		t.Run(sf.name, func(t *testing.T) {
@@ -332,7 +335,12 @@ func testManifest(t *testing.T, factory storageFactory) {
 					Path:        fmt.Sprintf("%s.%s-%s.vsix", test.extension.Publisher, test.extension.Name, test.version),
 					Addressable: "true",
 				})
-				require.Equal(t, test.expected, manifest)
+				if f.expectedManifest != nil {
+					f.expectedManifest(test.expected)
+				}
+				if !assert.Equal(t, test.expected, manifest) {
+					fmt.Println("Asd")
+				}
 			}
 		})
 	}

diff --git a/testutil/extensions.go b/testutil/extensions.go
@@ -26,6 +26,13 @@ type Extension struct {
 	Pack          []string
 }
 
+func (e Extension) Copy() Extension {
+	var n Extension
+	data, _ := json.Marshal(e)
+	_ = json.Unmarshal(data, &n)
+	return n
+}
+
 var Extensions = []Extension{
 	{
 		Publisher:   "foo",
@@ -113,6 +120,7 @@ var Extensions = []Extension{
 }
 
 func ConvertExtensionToManifest(ext Extension, version storage.Version) *storage.VSIXManifest {
+	ext = ext.Copy()
 	return &storage.VSIXManifest{
 		Metadata: storage.VSIXMetadata{
 			Identity: storage.VSIXIdentity{