Run commands in subshell (in-toto#25)

* [WIP] add integration tests for verify - redirects not working * hack in sh -c
sudo-bmitch · Feb 17, 2021 · 2b3c6e7 · 2b3c6e7
1 parent 346a2d0
commit 2b3c6e7
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 7 deletions.
diff --git a/Makefile b/Makefile
@@ -50,8 +50,14 @@ test-verify: build
 
 test-run: build
 	#Step 1
-	@mkdir -p ./test/products/step1
-	@./bin/in-toto run -k ./certs/example.com.step1.key.pem -m ./test/data/foo.tar.gz -n step1 -p ./test/products/step1/ -- tar -xzf ./test/data/foo.tar.gz -C ./test/products/step1
+	@./bin/in-toto run -n write-code -c ./certs/example.com.write-code.cert.pem -k ./certs/example.com.write-code.key.pem -p ./test/data/foo.py -- "-c" "echo hello > ./test/data/foo.py"
+	#Step 2
+	@./bin/in-toto run -n package -c ./certs/example.com.package.cert.pem -k ./certs/example.com.package.key.pem -m ./test/data/foo.py -p ./test/data/foo.tar.gz -- tar zcvf ./test/data/foo.py
+
+
+
+
+
 go-test:
 	@go test ./...
 
@@ -90,8 +96,8 @@ intermediate_cert: root-cert
 	@openssl verify -CAfile ./certs/root.cert.pem ./certs/$(TRUST_DOMAIN_FQDN).intermediate.cert.pem
 
 leaf_certs: intermediate_cert
-	$(call gernerate_leaf_cert,step1)
-	$(call gernerate_leaf_cert,step2)
+	$(call gernerate_leaf_cert,write-code)
+	$(call gernerate_leaf_cert,package)
 
 define gernerate_leaf_cert
 	$(call generate_openssl_conf,$(1))

diff --git a/go.mod b/go.mod
@@ -3,7 +3,6 @@ module github.com/boxboat/in-toto-golang
 go 1.15
 
 require (
-	github.com/davecgh/go-spew v1.1.1
 	github.com/shibumi/go-pathspec v1.2.0
 	github.com/spf13/cobra v1.1.1
 )
diff --git a/in_toto/cmd/root.go b/in_toto/cmd/root.go
@@ -16,6 +16,7 @@ var rootCmd = &cobra.Command{
 	},
 }
 
+//Execute root
 func Execute() {
 	if err := rootCmd.Execute(); err != nil {
 		fmt.Fprintln(os.Stderr, err)

diff --git a/in_toto/runlib.go b/in_toto/runlib.go
@@ -4,13 +4,14 @@ import (
 	"bytes"
 	"errors"
 	"fmt"
-	"github.com/shibumi/go-pathspec"
 	"io/ioutil"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"reflect"
 	"syscall"
+
+	"github.com/shibumi/go-pathspec"
 )
 
 // ErrSymCycle signals a detected symlink cycle in our RecordArtifacts() function.
@@ -229,8 +230,10 @@ NOTE: Since stdout and stderr are captured, they cannot be seen during the
 command execution.
 */
 func RunCommand(cmdArgs []string) (map[string]interface{}, error) {
+	//Hacky should be resolved with #21
+	cmdArgs = append([]string{"-c"}, cmdArgs...)
+	cmd := exec.Command("sh", cmdArgs[1:]...)
 
-	cmd := exec.Command(cmdArgs[0], cmdArgs[1:]...)
 	stderrPipe, err := cmd.StderrPipe()
 	if err != nil {
 		return nil, err