particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

internal: remove kojiapi

Browse source 
We no longer use it, let's remove it. If you are wondering what to use instead,
use Cloud API. It supports everything that Koji API supported and more.

Signed-off-by: Ondřej Budai <ondrej@budai.cz>
This commit is contained in:
Ondřej Budai 2022-07-12 10:02:52 +02:00 committed by Ondřej Budai
parent 058edd3d76
commit 74eb3860df
10 changed files with 4 additions and 1659 deletions
Download patch file Download diff file Expand all files Collapse all files

51
cmd/osbuild-auth-tests/main_test.go
View file

@ -1,3 +1,4 @@
//go:build integration
// +build integration
package main
@ -96,56 +97,6 @@ func TestWorkerAPIAuth(t *testing.T) {
})
}
func TestKojiAPIAuth(t *testing.T) {
t.Run("certificate signed by a trusted CA", func(t *testing.T) {
cases := []struct {
caseDesc string
subj string
addext string
success bool
}{
{"valid CN and SAN 1", "/CN=client.osbuild.org/emailAddress=osbuild@example.com", "subjectAltName=DNS:example.com,DNS:client.osbuild.org", true},
{"valid CN and SAN 2", "/CN=localhost/emailAddress=osbuild@example.com", "subjectAltName=DNS:example.com,DNS:localhost", true},
{"invalid CN and SAN", "/CN=example.com/emailAddress=osbuild@example.com", "subjectAltName=DNS:example.com", false},
}
authority := &ca{BaseDir: trustedCADir}
for _, c := range cases {
t.Run(c.caseDesc, func(t *testing.T) {
ckp, err := authority.newCertificateKeyPair(c.subj, osbuildClientExt, c.addext)
require.NoError(t, err)
defer ckp.remove()
testRoute(t, "https://localhost/api/composer-koji/v1/status", ckp, c.success)
})
}
})
t.Run("certificate signed by an untrusted CA", func(t *testing.T) {
// generate a new CA
ca, err := newCA("/CN=osbuild.org")
require.NoError(t, err)
defer ca.remove()
// create a new certificate and signed it with the new CA
ckp, err := ca.newCertificateKeyPair("/CN=localhost/emailAddress=osbuild@example.com", osbuildClientExt, "subjectAltName=DNS:localhost")
require.NoError(t, err)
defer ckp.remove()
testRoute(t, "https://localhost/api/composer-koji/v1/status", ckp, false)
})
t.Run("self-signed certificate", func(t *testing.T) {
// generate a new self-signed certificate
ckp, err := newSelfSignedCertificateKeyPair("/CN=osbuild.org")
require.NoError(t, err)
defer ckp.remove()
testRoute(t, "https://localhost/api/composer-koji/v1/status", ckp, false)
})
}
func testRoute(t *testing.T, route string, ckp *certificateKeyPair, expectSuccess bool) {
tlsConfig, err := createTLSConfig(&connectionConfig{
CACertFile: "/etc/osbuild-composer/ca-crt.pem",