From 082e4bfad84093ca9acebb2935385b14b5d9d5a7 Mon Sep 17 00:00:00 2001 From: Tomas Turek Date: Fri, 15 May 2026 14:03:32 +0200 Subject: [PATCH] fix: set explicit RHTAS service URLs in gitsign e2e test Without explicit fulcio/rekor/issuer URLs in the git config, gitsign falls back to public Sigstore defaults (fulcio.sigstore.dev), causing test failures when the OIDC token from RHTAS Keycloak is rejected by the public instance. Co-Authored-By: Claude Opus 4.6 --- test/gitsign/gitsign_sign_verify_test.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/test/gitsign/gitsign_sign_verify_test.go b/test/gitsign/gitsign_sign_verify_test.go index a6862e6..00c571d 100644 --- a/test/gitsign/gitsign_sign_verify_test.go +++ b/test/gitsign/gitsign_sign_verify_test.go @@ -43,7 +43,7 @@ var _ = Describe("Signing and verifying commits by using Gitsign from the comman err error ) BeforeAll(func() { - err = testsupport.CheckMandatoryAPIConfigValues(api.OidcIssuerURL, api.RekorURL, api.TufURL) + err = testsupport.CheckMandatoryAPIConfigValues(api.OidcIssuerURL, api.RekorURL, api.TufURL, api.FulcioURL) if err != nil { Fail(err.Error()) } @@ -94,6 +94,9 @@ var _ = Describe("Signing and verifying commits by using Gitsign from the comman config.Raw.AddOption("tag", "", "gpgsign", "true") config.Raw.AddOption("gpg", "x509", "program", "gitsign") config.Raw.AddOption("gpg", "", "format", "x509") + config.Raw.AddOption("gitsign", "", "fulcio", api.GetValueFor(api.FulcioURL)) + config.Raw.AddOption("gitsign", "", "rekor", api.GetValueFor(api.RekorURL)) + config.Raw.AddOption("gitsign", "", "issuer", api.GetValueFor(api.OidcIssuerURL)) Expect(repo.SetConfig(config)).To(Succeed()) })