remove TLS test coverage

docker-compose.backfill-test.yml

@@ -36,10 +36,7 @@ services:
       "--max_request_body_size=32792576",
       "--search_index.storage_provider=${INDEX_BACKEND:-mysql}",
       "--search_index.mysql.dsn=test:zaphod@tcp(mysql:3306)/test",
-      "--tls_ca_cert=/tests/tls/ca.crt"
       ]
-    volumes:
-    - "./tests/tls:/tests/tls:z"
     ports:
       - "3000:3000"
       - "2112:2112"

docker-compose.debug.yml

@@ -35,10 +35,7 @@ services:
       "--redis_server.port=6379",
       "--rekor_server.address=0.0.0.0",
       "--rekor_server.signer=memory",
-      "--tls_ca_cert=/tests/tls/ca.crt"
       ]
-    volumes:
-    - "./tests/tls:/tests/tls:z"
     restart: always # keep the server running
     ports:
       - "3000:3000"

docker-compose.test.yml

@@ -40,10 +40,7 @@ services:
       "--rekor_server.publish_events_json=true",
       "--search_index.storage_provider=${INDEX_BACKEND:-mysql}",
       "--search_index.mysql.dsn=test:zaphod@tcp(mysql:3306)/test",
-      "--tls_ca_cert=/tests/tls/ca.crt"
       ]
-    volumes:
-    - "./tests/tls:/tests/tls:z"
     ports:
       - "3000:3000"
       - "2112:2112"

docker-compose.yml

@@ -58,11 +58,7 @@ services:
       "--rpc_endpoint=0.0.0.0:8090",
       "--http_endpoint=0.0.0.0:8091",
       "--alsologtostderr",
-      "--tls_cert_file=/tests/tls/tls.crt",
-      "--tls_key_file=/tests/tls/tls.key"
     ]
-    volumes:
-      - "./tests/tls:/tests/tls:z"
     restart: always # retry while mysql is starting up
     ports:
       - "8090:8090"
@@ -106,13 +102,11 @@ services:
       "--enable_stable_checkpoint",
       "--search_index.storage_provider=mysql",
       "--search_index.mysql.dsn=test:zaphod@tcp(mysql:3306)/test",
-      "--tls_ca_cert=/tests/tls/ca.crt"
       # Uncomment this for production logging
       # "--log_type=prod",
       ]
     volumes:
     - "/var/run/attestations:/var/run/attestations:z"
-    - "./tests/tls:/tests/tls:z"
     restart: always # keep the server running
     ports:
       - "3000:3000"

tests/issue-872-e2e-test.sh

@@ -80,13 +80,11 @@ services:
       "--rekor_server.signer=memory",
       "--enable_attestation_storage",
       "--attestation_storage_bucket=file:///ko-app/attestations",
-      "--tls_ca_cert=/tests/tls/ca.crt"
       # Uncomment this for production logging
       # "--log_type=prod",
       ]
     volumes:
     - "$ATT_VOLUME:/ko-app/attestations:z"
-    - "./tls:/tests/tls:z"
     restart: always # keep the server running
     ports:
       - "0.0.0.0:3000:3000"
@@ -162,13 +160,11 @@ services:
       "--enable_attestation_storage",
       "--attestation_storage_bucket=file:///var/run/attestations",
       "--trillian_log_server.tlog_id=$REKOR_TRILLIAN_LOG_SERVER_TLOG_ID",
-      "--tls_ca_cert=/tests/tls/ca.crt"
       # Uncomment this for production logging
       # "--log_type=prod",
       ]
     volumes:
     - "$ATT_VOLUME:/var/run/attestations:z"
-    - "./tls:/tests/tls:z"
     restart: always # keep the server running
     ports:
       - "3000:3000"

tests/sharding-e2e-test.sh

@@ -19,20 +19,23 @@ set -ex
 # Things to install first:
 # - jq, createtree
 
+docker_compose="docker compose"
+if ! ${docker_compose} version >/dev/null 2>&1; then
+    docker_compose="docker-compose"
+fi
+
 # Spin up services as usual
 
 echo "Installing createtree..."
 go install github.com/google/trillian/cmd/createtree@latest
 
 echo "starting services"
-docker-compose up -d
+${docker_compose} up -d --build
 rm ~/.rekor/state.json || true
 
-echo "building CLI and server"
+echo "building CLI"
 go build -o rekor-cli ./cmd/rekor-cli
 REKOR_CLI=$(pwd)/rekor-cli
-go build -o rekor-server ./cmd/rekor-server
-
 
 function check_log_index () {
   logIndex=$1
@@ -64,7 +67,7 @@ function waitForRekorServer () {
   count=0
 
   echo -n "waiting up to 60 sec for system to start"
-  until [ $(docker-compose ps | grep -c "(healthy)") == 3 ];
+  until [ $(${docker_compose} ps | grep -c "(healthy)") == 3 ];
   do
       if [ $count -eq 6 ]; then
         echo "! timeout reached"
@@ -84,17 +87,17 @@ function waitForRekorServer () {
 function collectLogsOnFailure () {
     if [[ "$1" -ne "0" ]]; then
         echo "failure detected, collecting docker-compose logs"
-        docker-compose logs --no-color > /tmp/docker-compose.log
+        ${docker_compose} logs --no-color > /tmp/docker-compose.log
         exit $1
-    elif docker-compose logs --no-color | grep -q "panic: runtime error:" ; then
+    elif ${docker_compose} logs --no-color | grep -q "panic: runtime error:" ; then
         # if we're here, we found a panic
         echo "failing due to panics detected in logs"
-        docker-compose logs --no-color > /tmp/docker-compose.log
+        ${docker_compose} logs --no-color > /tmp/docker-compose.log
         exit 1
     fi
     exit 0
 }
-trap "collectLogsOnFailure $?" EXIT
+trap "collectLogsOnFailure \$?" EXIT
 
 echo "Waiting for rekor server to come up..."
 waitForRekorServer
@@ -169,14 +172,12 @@ services:
       "--attestation_storage_bucket=file:///var/run/attestations",
       "--trillian_log_server.tlog_id=$SHARD_TREE_ID",
       "--trillian_log_server.sharding_config=/$SHARDING_CONFIG"
-      "--tls_ca_cert=/tests/tls/ca.crt"
       # Uncomment this for production logging
       # "--log_type=prod",
       ]
     volumes:
     - "/var/run/attestations:/var/run/attestations:z"
     - "./$SHARDING_CONFIG:/$SHARDING_CONFIG:z"
-    - "./tls:/tests/tls:z"
     restart: always # keep the server running
     ports:
       - "3000:3000"
@@ -191,7 +192,7 @@ EOF
 
 # Spin up the new Rekor
 
-docker-compose -f $COMPOSE_FILE up  -d
+${docker_compose} -f $COMPOSE_FILE up -d
 waitForRekorServer
 $REKOR_CLI loginfo --rekor_server http://localhost:3000 
 
@@ -267,13 +268,13 @@ NUM_ELEMENTS=$(curl -f -H "Content-Type: application/json" --data '{"logIndexes"
 stringsMatch $NUM_ELEMENTS "2"
 
 # Make sure we get the expected LogIndex in the response when calling /retrieve endpoint
-RETRIEVE_LOGINDEX1=$(curl -f http://localhost:3000/api/v1/log/entries/retrieve -H "Content-Type: application/json" -H "Accept: application/json" -d "{ \"logIndexes\": [1]}" | jq '.[0]' | jq  -r .$UUID1.logIndex)
+RETRIEVE_LOGINDEX1=$(curl -f http://localhost:3000/api/v1/log/entries/retrieve -H "Content-Type: application/json" -H "Accept: application/json" -d "{ \"logIndexes\": [1]}" | jq '.[0]' | jq -r "with_entries(select(.key|test(\"^"$ENTRY_ID_1"$\"))) | .[].logIndex")
 stringsMatch $RETRIEVE_LOGINDEX1 "1"
 
 # Make sure that verification succeeds via UUID
 echo
 echo "Testing rekor-cli verification via UUID..."
-$REKOR_CLI verify --uuid $UUID1 --rekor_server http://localhost:3000
+$REKOR_CLI verify --uuid $ENTRY_ID_1 --rekor_server http://localhost:3000
 
 # Make sure that verification succeeds via Entry ID (Tree ID in hex + UUID)
 echo