chore: Stop using invocation image

Instead bundle image should be used Signed-off-by: Kim Christensen <[email protected]>
getporter · Aug 23, 2024 · 9d5af30 · 9d5af30
1 parent 1852741
commit 9d5af30
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 22 deletions.
diff --git a/pkg/porter/copy.go b/pkg/porter/copy.go
@@ -107,7 +107,7 @@ func (p *Porter) CopyBundle(ctx context.Context, opts *CopyOpts) error {
 	if opts.SignBundle {
 		for _, invImage := range bunRef.Definition.InvocationImages {
 			relocInvImage := bunRef.RelocationMap[invImage.Image]
-			span.Debugf("Signing invocation image %s...", relocInvImage)
+			span.Debugf("Signing bundle image %s...", relocInvImage)
 			err = p.Signer.Sign(ctx, relocInvImage)
 			if err != nil {
 				return span.Errorf("failed to sign image %s: %w", relocInvImage, err)

diff --git a/pkg/porter/install.go b/pkg/porter/install.go
@@ -112,12 +112,12 @@ func (p *Porter) InstallBundle(ctx context.Context, opts InstallOptions) error {
 		if relocInvImage, ok := bun.RelocationMap[invocationImage]; ok {
 			invocationImage = relocInvImage
 		}
-		log.Debugf("verifying invocation image signature for %s", invocationImage)
+		log.Debugf("verifying bundle image signature for %s", invocationImage)
 		err = p.Signer.Verify(ctx, invocationImage)
 		if err != nil {
 			return log.Errorf("unable to verify signature: %w", err)
 		}
-		log.Debugf("invocation image signature verified for %s", invocationImage)
+		log.Debugf("bundle image signature verified for %s", invocationImage)
 	}
 
 	// Run install using the updated installation record

diff --git a/pkg/porter/publish.go b/pkg/porter/publish.go
@@ -222,10 +222,10 @@ func (p *Porter) publishFromFile(ctx context.Context, opts PublishOptions) error
 		if err != nil {
 			return log.Errorf("error calculation temporary image tag: %w", err)
 		}
-		log.Debugf("Signing invocation image %s.", inImage.String())
+		log.Debugf("Signing bundle image %s.", inImage.String())
 		err = p.signImage(ctx, inImage)
 		if err != nil {
-			return log.Errorf("error signing invocation image: %w", err)
+			return log.Errorf("error signing bundle image: %w", err)
 		}
 		log.Debugf("Signing bundle artifact %s.", bundleRef.Reference.String())
 		err = p.signImage(ctx, bundleRef.Reference)
@@ -314,7 +314,7 @@ func (p *Porter) publishFromArchive(ctx context.Context, opts PublishOptions) er
 
 		if opts.SignBundle {
 			relocInvImage := relocMap[invImg.Image]
-			log.Debugf("Signing invocation image %s...", relocInvImage)
+			log.Debugf("Signing bundle image %s...", relocInvImage)
 			invImageRef, err := cnab.ParseOCIReference(relocInvImage)
 			if err != nil {
 				return log.Errorf("failed to parse OCI reference %s: %w", relocInvImage, err)

diff --git a/tests/integration/signing_test.go b/tests/integration/signing_test.go
@@ -34,11 +34,11 @@ func TestCosign(t *testing.T) {
 	require.NoError(t, err, "Publish failed")
 
 	ref = toRefWithDigest(t, ref)
-	invocationImageRef := resolveInvocationImageDigest(t, output, "sign")
+	bundleImageRef := resolveBundleImageDigest(t, output, "sign")
 
 	_, output = testr.RequirePorter("install", "--verify-bundle", "--reference", ref.String(), "--insecure-registry", "--force")
 	require.Contains(t, output, fmt.Sprintf("bundle signature verified for %s", ref.String()))
-	require.Contains(t, output, fmt.Sprintf("invocation image signature verified for %s", invocationImageRef.String()))
+	require.Contains(t, output, fmt.Sprintf("bundle image signature verified for %s", bundleImageRef.String()))
 }
 
 func TestCosignFromArchive(t *testing.T) {
@@ -74,11 +74,11 @@ func TestCosignFromArchive(t *testing.T) {
 	require.NoError(t, err, "Publish archive failed")
 
 	ref = toRefWithDigest(t, ref)
-	invocationImageRef := getInvocationImageDigest(t, output, "sign-from-archive")
+	bundleImageRef := getBundleImageDigest(t, output, "sign-from-archive")
 
 	_, output = testr.RequirePorter("install", "--verify-bundle", "--reference", ref.String(), "--insecure-registry", "--force")
 	require.Contains(t, output, fmt.Sprintf("bundle signature verified for %s", ref.String()))
-	require.Contains(t, output, fmt.Sprintf("invocation image signature verified for %s", invocationImageRef.String()))
+	require.Contains(t, output, fmt.Sprintf("bundle image signature verified for %s", bundleImageRef.String()))
 }
 
 func TestCosignCopyBundle(t *testing.T) {
@@ -107,11 +107,11 @@ func TestCosignCopyBundle(t *testing.T) {
 	require.NoError(t, err, "Copy failed")
 
 	ref = toRefWithDigest(t, ref)
-	invocationImageRef := getInvocationImageDigest(t, output, "sign")
+	bundleImageRef := getBundleImageDigest(t, output, "sign")
 
 	_, output = testr.RequirePorter("install", "--verify-bundle", "--reference", copiedRef.String(), "--insecure-registry", "--force")
 	require.Contains(t, output, fmt.Sprintf("bundle signature verified for %s", copiedRef.String()))
-	require.Contains(t, output, fmt.Sprintf("invocation image signature verified for %s", invocationImageRef.String()))
+	require.Contains(t, output, fmt.Sprintf("bundle image signature verified for %s", bundleImageRef.String()))
 }
 
 func setupCosign(t *testing.T, testr tester.Tester) {
@@ -136,12 +136,12 @@ func TestNotation(t *testing.T) {
 	require.NoError(t, err, "Publish failed")
 
 	ref = toRefWithDigest(t, ref)
-	invocationImageRef := resolveInvocationImageDigest(t, output, "sign")
+	bundleImageRef := resolveBundleImageDigest(t, output, "sign")
 
 	_, output = testr.RequirePorter("install", "--verify-bundle", "--reference", ref.String(), "--insecure-registry", "--force")
 	fmt.Println(output)
 	require.Contains(t, output, fmt.Sprintf("bundle signature verified for %s", ref.String()))
-	require.Contains(t, output, fmt.Sprintf("invocation image signature verified for %s", invocationImageRef.String()))
+	require.Contains(t, output, fmt.Sprintf("bundle image signature verified for %s", bundleImageRef.String()))
 }
 
 func TestNotationFromArchive(t *testing.T) {
@@ -176,11 +176,11 @@ func TestNotationFromArchive(t *testing.T) {
 	require.NoError(t, err, "Publish archive failed")
 
 	ref = toRefWithDigest(t, ref)
-	invocationImageRef := getInvocationImageDigest(t, output, "sign-from-archive")
+	bundleImageRef := getBundleImageDigest(t, output, "sign-from-archive")
 
 	_, output = testr.RequirePorter("install", "--verify-bundle", "--reference", ref.String(), "--insecure-registry", "--force")
 	require.Contains(t, output, fmt.Sprintf("bundle signature verified for %s", ref.String()))
-	require.Contains(t, output, fmt.Sprintf("invocation image signature verified for %s", invocationImageRef.String()))
+	require.Contains(t, output, fmt.Sprintf("bundle image signature verified for %s", bundleImageRef.String()))
 }
 
 func TestNotationCopyBundle(t *testing.T) {
@@ -207,11 +207,11 @@ func TestNotationCopyBundle(t *testing.T) {
 	require.NoError(t, err, "Copy failed")
 
 	ref = toRefWithDigest(t, ref)
-	invocationImageRef := getInvocationImageDigest(t, output, "sign")
+	bundleImageRef := getBundleImageDigest(t, output, "sign")
 
 	_, output = testr.RequirePorter("install", "--verify-bundle", "--reference", copiedRef.String(), "--insecure-registry", "--force")
 	require.Contains(t, output, fmt.Sprintf("bundle signature verified for %s", copiedRef.String()))
-	require.Contains(t, output, fmt.Sprintf("invocation image signature verified for %s", invocationImageRef.String()))
+	require.Contains(t, output, fmt.Sprintf("bundle image signature verified for %s", bundleImageRef.String()))
 }
 
 func setupNotation(t *testing.T, testr tester.Tester) {
@@ -270,8 +270,8 @@ func toRefWithDigest(t *testing.T, ref cnab.OCIReference) cnab.OCIReference {
 	return ref
 }
 
-func resolveInvocationImageDigest(t *testing.T, output string, imageName string) cnab.OCIReference {
-	r := regexp.MustCompile(fmt.Sprintf(`(?m:^Signing invocation image (localhost:\d+/%s:porter-[0-9a-z]+)\.)`, imageName))
+func resolveBundleImageDigest(t *testing.T, output string, imageName string) cnab.OCIReference {
+	r := regexp.MustCompile(fmt.Sprintf(`(?m:^Signing bundle image (localhost:\d+/%s:porter-[0-9a-z]+)\.)`, imageName))
 	matches := r.FindAllStringSubmatch(output, -1)
 	require.Len(t, matches, 1)
 	invocationImageRefString := matches[0][1]
@@ -284,8 +284,8 @@ func resolveInvocationImageDigest(t *testing.T, output string, imageName string)
 	return ref
 }
 
-func getInvocationImageDigest(t *testing.T, output string, imageName string) cnab.OCIReference {
-	r := regexp.MustCompile(fmt.Sprintf(`(?m:^Signing invocation image (localhost:\d+/%s@sha256:[0-9a-z]+)\.)`, imageName))
+func getBundleImageDigest(t *testing.T, output string, imageName string) cnab.OCIReference {
+	r := regexp.MustCompile(fmt.Sprintf(`(?m:^Signing bundle image (localhost:\d+/%s@sha256:[0-9a-z]+)\.)`, imageName))
 	matches := r.FindAllStringSubmatch(output, -1)
 	require.Len(t, matches, 1)
 	invocationImageRefString := matches[0][1]