refactor(pkg/test): split logic in pkg/test/common.go into multiple packages (#1861)

Which could be imported independently. See more details:
1. "zotregistry.io/zot/pkg/test/common" - currently used as
   tcommon "zotregistry.io/zot/pkg/test/common" - inside pkg/test
   test "zotregistry.io/zot/pkg/test/common" - in tests
   . "zotregistry.io/zot/pkg/test/common" - in tests
Decouple zb from code in test/pkg in order to keep the size small.

2. "zotregistry.io/zot/pkg/test/image-utils" - curently used as
   . "zotregistry.io/zot/pkg/test/image-utils"

3. "zotregistry.io/zot/pkg/test/deprecated" -  curently used as
   "zotregistry.io/zot/pkg/test/deprecated"
This one will bre replaced gradually by image-utils in the future.

4. "zotregistry.io/zot/pkg/test/signature" - (cosign + notation) use as
   "zotregistry.io/zot/pkg/test/signature"

5. "zotregistry.io/zot/pkg/test/auth" - (bearer + oidc)  curently used as
   authutils "zotregistry.io/zot/pkg/test/auth"

 6. "zotregistry.io/zot/pkg/test/oci-utils" -  curently used as
   ociutils "zotregistry.io/zot/pkg/test/oci-utils"

Some unused functions were removed, some were replaced, and in
a few cases specific funtions were moved to the files they were used in.

Added an interface for the StoreController, this reduces the number of imports
of the entire image store, decreasing binary size for tests.
If the zb code was still coupled with pkg/test, this would have reflected in zb size.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

cmd/zb/helper.go

@@ -8,6 +8,7 @@ import (
 	"log"
 	"math/rand"
 	"net/http"
+	"net/url"
 	"os"
 	"path"
 	"sync"
@@ -21,8 +22,6 @@ import (
 
 	zerr "zotregistry.io/zot/errors"
 	"zotregistry.io/zot/pkg/common"
-	testc "zotregistry.io/zot/pkg/test/common"
-	"zotregistry.io/zot/pkg/test/image-utils"
 )
 
 func makeHTTPGetRequest(url string, resultPtr interface{}, client *resty.Client) error {
@@ -344,7 +343,7 @@ func pushMonolithImage(workdir, url, trepo string, repos []string, config testCo
 			resp.StatusCode(), string(resp.Body())) //nolint: goerr113
 	}
 
-	loc := testc.Location(url, resp)
+	loc := getLocation(url, resp)
 
 	var size int
 
@@ -398,8 +397,8 @@ func pushMonolithImage(workdir, url, trepo string, repos []string, config testCo
 			resp.StatusCode(), string(resp.Body()))
 	}
 
-	loc = testc.Location(url, resp)
-	cblob, cdigest := getRandomImageConfig()
+	loc = getLocation(url, resp)
+	cblob, cdigest := getImageConfig()
 	resp, err = client.R().
 		SetContentLength(true).
 		SetHeader("Content-Length", fmt.Sprintf("%d", len(cblob))).
@@ -526,7 +525,7 @@ func pushMonolithAndCollect(workdir, url, trepo string, count int,
 			return
 		}
 
-		loc := testc.Location(url, resp)
+		loc := getLocation(url, resp)
 
 		var size int
 
@@ -594,8 +593,8 @@ func pushMonolithAndCollect(workdir, url, trepo string, count int,
 			return
 		}
 
-		loc = testc.Location(url, resp)
-		cblob, cdigest := getRandomImageConfig()
+		loc = getLocation(url, resp)
+		cblob, cdigest := getImageConfig()
 		resp, err = client.R().
 			SetContentLength(true).
 			SetHeader("Content-Length", fmt.Sprintf("%d", len(cblob))).
@@ -730,7 +729,7 @@ func pushChunkAndCollect(workdir, url, trepo string, count int,
 			return
 		}
 
-		loc := testc.Location(url, resp)
+		loc := getLocation(url, resp)
 
 		var size int
 
@@ -768,7 +767,7 @@ func pushChunkAndCollect(workdir, url, trepo string, count int,
 			return
 		}
 
-		loc = testc.Location(url, resp)
+		loc = getLocation(url, resp)
 
 		// request specific check
 		statusCode = resp.StatusCode()
@@ -822,8 +821,8 @@ func pushChunkAndCollect(workdir, url, trepo string, count int,
 			return
 		}
 
-		loc = testc.Location(url, resp)
-		cblob, cdigest := getRandomImageConfig()
+		loc = getLocation(url, resp)
+		cblob, cdigest := getImageConfig()
 		resp, err = client.R().
 			SetContentLength(true).
 			SetHeader("Content-Type", "application/octet-stream").
@@ -859,7 +858,7 @@ func pushChunkAndCollect(workdir, url, trepo string, count int,
 			return
 		}
 
-		loc = testc.Location(url, resp)
+		loc = getLocation(url, resp)
 
 		// request specific check
 		statusCode = resp.StatusCode()
@@ -1020,9 +1019,21 @@ func loadOrStore(statusRequests *sync.Map, key string, value int) int { //nolint
 	return intValue
 }
 
-// TO DO: replace with pkg/test/images when available.
-func getRandomImageConfig() ([]byte, godigest.Digest) {
-	config := image.GetDefaultConfig()
+func getImageConfig() ([]byte, godigest.Digest) {
+	createdTime := time.Date(2011, time.Month(1), 1, 1, 1, 1, 0, time.UTC)
+
+	config := ispec.Image{
+		Created: &createdTime,
+		Author:  "ZotUser",
+		Platform: ispec.Platform{
+			OS:           "linux",
+			Architecture: "amd64",
+		},
+		RootFS: ispec.RootFS{
+			Type:    "layers",
+			DiffIDs: []godigest.Digest{},
+		},
+	}
 
 	configBlobContent, err := json.MarshalIndent(&config, "", "\t")
 	if err != nil {
@@ -1033,3 +1044,21 @@ func getRandomImageConfig() ([]byte, godigest.Digest) {
 
 	return configBlobContent, configBlobDigestRaw
 }
+
+func getLocation(baseURL string, resp *resty.Response) string {
+	// For some API responses, the Location header is set and is supposed to
+	// indicate an opaque value. However, it is not clear if this value is an
+	// absolute URL (https://server:port/v2/...) or just a path (/v2/...)
+	// zot implements the latter as per the spec, but some registries appear to
+	// return the former - this needs to be clarified
+	loc := resp.Header().Get("Location")
+
+	uloc, err := url.Parse(loc)
+	if err != nil {
+		return ""
+	}
+
+	path := uloc.Path
+
+	return baseURL + path
+}

pkg/api/authn_test.go

@@ -26,7 +26,8 @@ import (
 	"zotregistry.io/zot/pkg/log"
 	mTypes "zotregistry.io/zot/pkg/meta/types"
 	reqCtx "zotregistry.io/zot/pkg/requestcontext"
-	"zotregistry.io/zot/pkg/test"
+	authutils "zotregistry.io/zot/pkg/test/auth"
+	test "zotregistry.io/zot/pkg/test/common"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
 
@@ -81,7 +82,7 @@ func TestAPIKeys(t *testing.T) {
 		htpasswdPath := test.MakeHtpasswdFile()
 		defer os.Remove(htpasswdPath)
 
-		mockOIDCServer, err := test.MockOIDCRun()
+		mockOIDCServer, err := authutils.MockOIDCRun()
 		if err != nil {
 			panic(err)
 		}
@@ -834,7 +835,7 @@ func TestAPIKeysOpenDBError(t *testing.T) {
 		htpasswdPath := test.MakeHtpasswdFile()
 		defer os.Remove(htpasswdPath)
 
-		mockOIDCServer, err := test.MockOIDCRun()
+		mockOIDCServer, err := authutils.MockOIDCRun()
 		if err != nil {
 			panic(err)
 		}

pkg/api/controller_test.go

@@ -61,11 +61,14 @@ import (
 	"zotregistry.io/zot/pkg/storage"
 	storageConstants "zotregistry.io/zot/pkg/storage/constants"
 	"zotregistry.io/zot/pkg/storage/gc"
-	"zotregistry.io/zot/pkg/test"
-	testc "zotregistry.io/zot/pkg/test/common"
+	authutils "zotregistry.io/zot/pkg/test/auth"
+	test "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/inject"
 	"zotregistry.io/zot/pkg/test/mocks"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
+	"zotregistry.io/zot/pkg/test/signature"
 )
 
 const (
@@ -446,7 +449,7 @@ func TestObjectStorageController(t *testing.T) {
 			"versiontablename":      "Version",
 		}
 
-		mockOIDCServer, err := test.MockOIDCRun()
+		mockOIDCServer, err := authutils.MockOIDCRun()
 		if err != nil {
 			panic(err)
 		}
@@ -2159,7 +2162,7 @@ func TestLDAPFailures(t *testing.T) {
 
 func TestBearerAuth(t *testing.T) {
 	Convey("Make a new controller", t, func() {
-		authTestServer := test.MakeAuthTestServer(ServerKey, UnauthorizedNamespace)
+		authTestServer := authutils.MakeAuthTestServer(ServerKey, UnauthorizedNamespace)
 		defer authTestServer.Close()
 
 		port := test.GetFreePort()
@@ -2192,7 +2195,7 @@ func TestBearerAuth(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader := test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader := authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -2200,7 +2203,7 @@ func TestBearerAuth(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusOK)
-		var goodToken test.AccessTokenResponse
+		var goodToken authutils.AccessTokenResponse
 		err = json.Unmarshal(resp.Body(), &goodToken)
 		So(err, ShouldBeNil)
 
@@ -2222,7 +2225,7 @@ func TestBearerAuth(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -2251,7 +2254,7 @@ func TestBearerAuth(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -2280,7 +2283,7 @@ func TestBearerAuth(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -2304,7 +2307,7 @@ func TestBearerAuth(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -2312,7 +2315,7 @@ func TestBearerAuth(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusOK)
-		var badToken test.AccessTokenResponse
+		var badToken authutils.AccessTokenResponse
 		err = json.Unmarshal(resp.Body(), &badToken)
 		So(err, ShouldBeNil)
 
@@ -2348,7 +2351,7 @@ func TestBearerAuthWrongAuthorizer(t *testing.T) {
 
 func TestBearerAuthWithAllowReadAccess(t *testing.T) {
 	Convey("Make a new controller", t, func() {
-		authTestServer := test.MakeAuthTestServer(ServerKey, UnauthorizedNamespace)
+		authTestServer := authutils.MakeAuthTestServer(ServerKey, UnauthorizedNamespace)
 		defer authTestServer.Close()
 
 		port := test.GetFreePort()
@@ -2389,7 +2392,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader := test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader := authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -2397,7 +2400,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusOK)
-		var goodToken test.AccessTokenResponse
+		var goodToken authutils.AccessTokenResponse
 		err = json.Unmarshal(resp.Body(), &goodToken)
 		So(err, ShouldBeNil)
 
@@ -2413,7 +2416,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -2442,7 +2445,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -2471,7 +2474,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -2495,7 +2498,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -2503,7 +2506,7 @@ func TestBearerAuthWithAllowReadAccess(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusOK)
-		var badToken test.AccessTokenResponse
+		var badToken authutils.AccessTokenResponse
 		err = json.Unmarshal(resp.Body(), &badToken)
 		So(err, ShouldBeNil)
 
@@ -2520,7 +2523,7 @@ func TestNewRelyingPartyOIDC(t *testing.T) {
 	Convey("Test NewRelyingPartyOIDC", t, func() {
 		conf := config.New()
 
-		mockOIDCServer, err := test.MockOIDCRun()
+		mockOIDCServer, err := authutils.MockOIDCRun()
 		if err != nil {
 			panic(err)
 		}
@@ -2631,7 +2634,7 @@ func TestOpenIDMiddleware(t *testing.T) {
 	ldapServer.Start(ldapPort)
 	defer ldapServer.Stop()
 
-	mockOIDCServer, err := test.MockOIDCRun()
+	mockOIDCServer, err := authutils.MockOIDCRun()
 	if err != nil {
 		panic(err)
 	}
@@ -2942,7 +2945,7 @@ func TestIsOpenIDEnabled(t *testing.T) {
 		conf := config.New()
 		conf.HTTP.Port = port
 
-		mockOIDCServer, err := test.MockOIDCRun()
+		mockOIDCServer, err := authutils.MockOIDCRun()
 		if err != nil {
 			panic(err)
 		}
@@ -3053,7 +3056,7 @@ func TestAuthnSessionErrors(t *testing.T) {
 		ldapServer.Start(ldapPort)
 		defer ldapServer.Stop()
 
-		mockOIDCServer, err := test.MockOIDCRun()
+		mockOIDCServer, err := authutils.MockOIDCRun()
 		if err != nil {
 			panic(err)
 		}
@@ -3444,7 +3447,7 @@ func TestAuthnMetaDBErrors(t *testing.T) {
 		htpasswdPath := test.MakeHtpasswdFile()
 		defer os.Remove(htpasswdPath)
 
-		mockOIDCServer, err := test.MockOIDCRun()
+		mockOIDCServer, err := authutils.MockOIDCRun()
 		if err != nil {
 			panic(err)
 		}
@@ -3577,7 +3580,7 @@ func TestAuthorization(t *testing.T) {
 		}
 
 		Convey("with openid", func() {
-			mockOIDCServer, err := test.MockOIDCRun()
+			mockOIDCServer, err := authutils.MockOIDCRun()
 			if err != nil {
 				panic(err)
 			}
@@ -3607,8 +3610,8 @@ func TestAuthorization(t *testing.T) {
 			ctlr := api.NewController(conf)
 			ctlr.Config.Storage.RootDirectory = t.TempDir()
 
-			err = test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1",
-				test.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log))
+			err = WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1",
+				ociutils.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log))
 			So(err, ShouldBeNil)
 
 			cm := test.NewControllerManager(ctlr)
@@ -3643,8 +3646,8 @@ func TestAuthorization(t *testing.T) {
 			ctlr := api.NewController(conf)
 			ctlr.Config.Storage.RootDirectory = t.TempDir()
 
-			err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1",
-				test.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log))
+			err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1",
+				ociutils.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log))
 			So(err, ShouldBeNil)
 
 			cm := test.NewControllerManager(ctlr)
@@ -3783,13 +3786,13 @@ func TestAuthorizationWithOnlyAnonymousPolicy(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusCreated)
 
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 
 		resp, err = resty.R().Post(baseURL + "/v2/" + TestRepo + "/blobs/uploads/")
 		So(err, ShouldBeNil)
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-		loc = testc.Location(baseURL, resp)
+		loc = test.Location(baseURL, resp)
 
 		// uploading blob should get 201
 		resp, err = resty.R().SetHeader("Content-Length", fmt.Sprintf("%d", len(cblob))).
@@ -3834,7 +3837,7 @@ func TestAuthorizationWithOnlyAnonymousPolicy(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-		loc = testc.Location(baseURL, resp)
+		loc = test.Location(baseURL, resp)
 		// uploading blob should get 201
 		resp, err = resty.R().
 			SetHeader("Content-Length", fmt.Sprintf("%d", len(updateBlob))).
@@ -3920,7 +3923,7 @@ func TestAuthorizationWithOnlyAnonymousPolicy(t *testing.T) {
 		err = os.Mkdir(path.Join(dir, "zot-test"), storageConstants.DefaultDirPerms)
 		So(err, ShouldBeNil)
 
-		err = test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "tag", ctlr.StoreController)
+		err = WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "tag", ctlr.StoreController)
 		So(err, ShouldBeNil)
 
 		// should not have read rights on zot-test
@@ -4198,7 +4201,7 @@ func TestAuthorizationWithMultiplePolicies(t *testing.T) {
 		Convey("with openid", func() {
 			dir := t.TempDir()
 
-			mockOIDCServer, err := test.MockOIDCRun()
+			mockOIDCServer, err := authutils.MockOIDCRun()
 			if err != nil {
 				panic(err)
 			}
@@ -4228,8 +4231,8 @@ func TestAuthorizationWithMultiplePolicies(t *testing.T) {
 			ctlr := api.NewController(conf)
 			ctlr.Config.Storage.RootDirectory = dir
 
-			err = test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1",
-				test.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log))
+			err = WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1",
+				ociutils.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log))
 			So(err, ShouldBeNil)
 
 			cm := test.NewControllerManager(ctlr)
@@ -4287,8 +4290,8 @@ func TestAuthorizationWithMultiplePolicies(t *testing.T) {
 			ctlr := api.NewController(conf)
 			ctlr.Config.Storage.RootDirectory = dir
 
-			err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1",
-				test.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log))
+			err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1",
+				ociutils.GetDefaultStoreController(ctlr.Config.Storage.RootDirectory, ctlr.Log))
 			So(err, ShouldBeNil)
 
 			cm := test.NewControllerManager(ctlr)
@@ -4450,8 +4453,8 @@ func TestCrossRepoMount(t *testing.T) {
 		ctlr.Config.Storage.Dedupe = false
 
 		image := CreateDefaultImage()
-		err := test.WriteImageToFileSystem(image, "zot-cve-test", "test", storage.StoreController{
-			DefaultStore: test.GetDefaultImageStore(dir, ctlr.Log),
+		err := WriteImageToFileSystem(image, "zot-cve-test", "test", storage.StoreController{
+			DefaultStore: ociutils.GetDefaultImageStore(dir, ctlr.Log),
 		})
 		So(err, ShouldBeNil)
 
@@ -4495,7 +4498,7 @@ func TestCrossRepoMount(t *testing.T) {
 			Post(baseURL + "/v2/zot-y-test/blobs/uploads/")
 		So(err, ShouldBeNil)
 		So(postResponse.StatusCode(), ShouldEqual, http.StatusAccepted)
-		So(testc.Location(baseURL, postResponse), ShouldStartWith, fmt.Sprintf("%s%s/zot-y-test/%s/%s",
+		So(test.Location(baseURL, postResponse), ShouldStartWith, fmt.Sprintf("%s%s/zot-y-test/%s/%s",
 			baseURL, constants.RoutePrefix, constants.Blobs, constants.Uploads))
 
 		// Use correct request
@@ -4506,7 +4509,7 @@ func TestCrossRepoMount(t *testing.T) {
 			Post(baseURL + "/v2/zot-c-test/blobs/uploads/")
 		So(err, ShouldBeNil)
 		So(postResponse.StatusCode(), ShouldEqual, http.StatusAccepted)
-		So(testc.Location(baseURL, postResponse), ShouldStartWith, fmt.Sprintf("%s%s/zot-c-test/%s/%s",
+		So(test.Location(baseURL, postResponse), ShouldStartWith, fmt.Sprintf("%s%s/zot-c-test/%s/%s",
 			baseURL, constants.RoutePrefix, constants.Blobs, constants.Uploads))
 
 		// Send same request again
@@ -4579,7 +4582,7 @@ func TestCrossRepoMount(t *testing.T) {
 			Post(baseURL + "/v2/zot-mount-test/blobs/uploads/")
 		So(err, ShouldBeNil)
 		So(postResponse.StatusCode(), ShouldEqual, http.StatusCreated)
-		So(testc.Location(baseURL, postResponse), ShouldEqual, fmt.Sprintf("%s%s/zot-mount-test/%s/%s:%s",
+		So(test.Location(baseURL, postResponse), ShouldEqual, fmt.Sprintf("%s%s/zot-mount-test/%s/%s:%s",
 			baseURL, constants.RoutePrefix, constants.Blobs, godigest.SHA256, blob))
 
 		// Check os.SameFile here
@@ -4604,7 +4607,7 @@ func TestCrossRepoMount(t *testing.T) {
 			Post(baseURL + "/v2/zot-mount1-test/blobs/uploads/")
 		So(err, ShouldBeNil)
 		So(postResponse.StatusCode(), ShouldEqual, http.StatusCreated)
-		So(testc.Location(baseURL, postResponse), ShouldEqual, fmt.Sprintf("%s%s/zot-mount1-test/%s/%s:%s",
+		So(test.Location(baseURL, postResponse), ShouldEqual, fmt.Sprintf("%s%s/zot-mount1-test/%s/%s:%s",
 			baseURL, constants.RoutePrefix, constants.Blobs, godigest.SHA256, blob))
 
 		linkPath = path.Join(ctlr.Config.Storage.RootDirectory, "zot-mount1-test", "blobs/sha256", dgst.Encoded())
@@ -4662,8 +4665,8 @@ func TestCrossRepoMount(t *testing.T) {
 
 		image := CreateImageWith().RandomLayers(1, 10).DefaultConfig().Build()
 
-		err := test.WriteImageToFileSystem(image, "zot-cve-test", "0.0.1",
-			test.GetDefaultStoreController(dir, ctlr.Log))
+		err := WriteImageToFileSystem(image, "zot-cve-test", "0.0.1",
+			ociutils.GetDefaultStoreController(dir, ctlr.Log))
 		So(err, ShouldBeNil)
 
 		cm := test.NewControllerManager(ctlr)
@@ -4805,12 +4808,12 @@ func TestParallelRequests(t *testing.T) {
 	ctlr.Config.Storage.SubPaths = subPaths
 
 	testImagesDir := t.TempDir()
-	testImagesController := test.GetDefaultStoreController(testImagesDir, ctlr.Log)
+	testImagesController := ociutils.GetDefaultStoreController(testImagesDir, ctlr.Log)
 
-	err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testImagesController)
+	err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testImagesController)
 	assert.Equal(t, err, nil, "Error should be nil")
 
-	err = test.WriteImageToFileSystem(CreateRandomImage(), "zot-cve-test", "0.0.1", testImagesController)
+	err = WriteImageToFileSystem(CreateRandomImage(), "zot-cve-test", "0.0.1", testImagesController)
 	assert.Equal(t, err, nil, "Error should be nil")
 
 	cm := test.NewControllerManager(ctlr)
@@ -5171,26 +5174,26 @@ func TestImageSignatures(t *testing.T) {
 			tdir := t.TempDir()
 			_ = os.Chdir(tdir)
 
-			test.NotationPathLock.Lock()
-			defer test.NotationPathLock.Unlock()
+			signature.NotationPathLock.Lock()
+			defer signature.NotationPathLock.Unlock()
 
-			test.LoadNotationPath(tdir)
+			signature.LoadNotationPath(tdir)
 
-			err = test.GenerateNotationCerts(tdir, "good")
+			err = signature.GenerateNotationCerts(tdir, "good")
 			So(err, ShouldBeNil)
 
-			err = test.GenerateNotationCerts(tdir, "bad")
+			err = signature.GenerateNotationCerts(tdir, "bad")
 			So(err, ShouldBeNil)
 
 			image := fmt.Sprintf("localhost:%s/%s:%s", port, repoName, "1.0")
-			err = test.SignWithNotation("good", image, tdir)
+			err = signature.SignWithNotation("good", image, tdir)
 			So(err, ShouldBeNil)
 
-			err = test.VerifyWithNotation(image, tdir)
+			err = signature.VerifyWithNotation(image, tdir)
 			So(err, ShouldBeNil)
 
 			// check list
-			sigs, err := test.ListNotarySignatures(image, tdir)
+			sigs, err := signature.ListNotarySignatures(image, tdir)
 			So(len(sigs), ShouldEqual, 1)
 			So(err, ShouldBeNil)
 
@@ -5224,7 +5227,7 @@ func TestImageSignatures(t *testing.T) {
 				So(err, ShouldBeNil)
 				So(resp.StatusCode(), ShouldEqual, http.StatusInternalServerError)
 
-				err = test.VerifyWithNotation(image, tdir)
+				err = signature.VerifyWithNotation(image, tdir)
 				So(err, ShouldNotBeNil)
 			})
 
@@ -5246,7 +5249,7 @@ func TestImageSignatures(t *testing.T) {
 				So(err, ShouldBeNil)
 				So(resp.StatusCode(), ShouldEqual, http.StatusNotFound)
 
-				err = test.VerifyWithNotation(image, tdir)
+				err = signature.VerifyWithNotation(image, tdir)
 				So(err, ShouldNotBeNil)
 			})
 		})
@@ -5523,7 +5526,7 @@ func TestArtifactReferences(t *testing.T) {
 		digest := godigest.FromBytes(content)
 		So(digest, ShouldNotBeNil)
 
-		cfg, layers, manifest, err := test.GetImageComponents(2) //nolint:staticcheck
+		cfg, layers, manifest, err := deprecated.GetImageComponents(2) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImage(
@@ -5557,7 +5560,7 @@ func TestArtifactReferences(t *testing.T) {
 			resp, err = resty.R().Post(baseURL + fmt.Sprintf("/v2/%s/blobs/uploads/", repoName))
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-			loc := testc.Location(baseURL, resp)
+			loc := test.Location(baseURL, resp)
 			cblob, cdigest := getEmptyImageConfig()
 
 			resp, err = resty.R().
@@ -5654,7 +5657,7 @@ func TestArtifactReferences(t *testing.T) {
 				resp, err = resty.R().Post(baseURL + fmt.Sprintf("/v2/%s/blobs/uploads/", repoName))
 				So(err, ShouldBeNil)
 				So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-				loc := testc.Location(baseURL, resp)
+				loc := test.Location(baseURL, resp)
 				cblob = []byte("{}")
 				cdigest = godigest.FromBytes(cblob)
 				So(cdigest, ShouldNotBeNil)
@@ -6558,7 +6561,7 @@ func TestStorageCommit(t *testing.T) {
 		Convey("Manifests", func() {
 			_, _ = Print("\nManifests")
 
-			cfg, layers, manifest, err := test.GetImageComponents(2) //nolint:staticcheck
+			cfg, layers, manifest, err := deprecated.GetImageComponents(2) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			content := []byte("this is a blob5")
@@ -6613,7 +6616,7 @@ func TestStorageCommit(t *testing.T) {
 				}, baseURL, repoName, "test:1.0.1")
 			So(err, ShouldBeNil)
 
-			cfg, layers, manifest, err = test.GetImageComponents(1) //nolint:staticcheck
+			cfg, layers, manifest, err = deprecated.GetImageComponents(1) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			err = UploadImage(
@@ -6711,7 +6714,7 @@ func TestManifestImageIndex(t *testing.T) {
 
 		rthdlr := api.NewRouteHandler(ctlr)
 
-		cfg, layers, manifest, err := test.GetImageComponents(2) //nolint:staticcheck
+		cfg, layers, manifest, err := deprecated.GetImageComponents(2) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		content := []byte("this is a blob1")
@@ -7138,7 +7141,7 @@ func TestManifestCollision(t *testing.T) {
 		cm.StartAndWait(port)
 		defer cm.StopServer()
 
-		cfg, layers, manifest, err := test.GetImageComponents(2) //nolint:staticcheck
+		cfg, layers, manifest, err := deprecated.GetImageComponents(2) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImage(
@@ -7217,7 +7220,7 @@ func TestPullRange(t *testing.T) {
 		resp, err := resty.R().Post(baseURL + "/v2/index/blobs/uploads/")
 		So(err, ShouldBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-		loc := testc.Location(baseURL, resp)
+		loc := test.Location(baseURL, resp)
 		So(loc, ShouldNotBeEmpty)
 
 		// since we are not specifying any prefix i.e provided in config while starting server,
@@ -7380,7 +7383,7 @@ func TestInjectInterruptedImageManifest(t *testing.T) {
 			resp, err := resty.R().Post(baseURL + "/v2/repotest/blobs/uploads/")
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-			loc := testc.Location(baseURL, resp)
+			loc := test.Location(baseURL, resp)
 			So(loc, ShouldNotBeEmpty)
 
 			// since we are not specifying any prefix i.e provided in config while starting server,
@@ -7408,8 +7411,8 @@ func TestInjectInterruptedImageManifest(t *testing.T) {
 			resp, err = resty.R().Post(baseURL + "/v2/repotest/blobs/uploads/")
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-			loc = testc.Location(baseURL, resp)
-			cblob, cdigest := test.GetRandomImageConfig()
+			loc = test.Location(baseURL, resp)
+			cblob, cdigest := GetRandomImageConfig()
 
 			resp, err = resty.R().
 				SetContentLength(true).
@@ -7489,7 +7492,7 @@ func TestInjectTooManyOpenFiles(t *testing.T) {
 		resp, err := resty.R().Post(baseURL + "/v2/repotest/blobs/uploads/")
 		So(err, ShouldBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-		loc := testc.Location(baseURL, resp)
+		loc := test.Location(baseURL, resp)
 		So(loc, ShouldNotBeEmpty)
 
 		// since we are not specifying any prefix i.e provided in config while starting server,
@@ -7541,8 +7544,8 @@ func TestInjectTooManyOpenFiles(t *testing.T) {
 		resp, err = resty.R().Post(baseURL + "/v2/repotest/blobs/uploads/")
 		So(err, ShouldBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-		loc = testc.Location(baseURL, resp)
-		cblob, cdigest := test.GetRandomImageConfig()
+		loc = test.Location(baseURL, resp)
+		cblob, cdigest := GetRandomImageConfig()
 
 		resp, err = resty.R().
 			SetContentLength(true).
@@ -7746,17 +7749,17 @@ func TestGCSignaturesAndUntaggedManifestsWithMetaDB(t *testing.T) {
 
 			So(err, ShouldBeNil)
 
-			test.NotationPathLock.Lock()
-			defer test.NotationPathLock.Unlock()
+			signature.NotationPathLock.Lock()
+			defer signature.NotationPathLock.Unlock()
 
-			test.LoadNotationPath(tdir)
+			signature.LoadNotationPath(tdir)
 
 			// generate a keypair
-			err = test.GenerateNotationCerts(tdir, "good")
+			err = signature.GenerateNotationCerts(tdir, "good")
 			So(err, ShouldBeNil)
 
 			// sign the image
-			err = test.SignWithNotation("good", image, tdir)
+			err = signature.SignWithNotation("good", image, tdir)
 			So(err, ShouldBeNil)
 
 			// get cosign signature manifest
@@ -7831,7 +7834,7 @@ func TestGCSignaturesAndUntaggedManifestsWithMetaDB(t *testing.T) {
 
 			Convey("Overwrite original image, signatures should be garbage-collected", func() {
 				// push an image without tag
-				cfg, layers, manifest, err := test.GetImageComponents(2) //nolint:staticcheck
+				cfg, layers, manifest, err := deprecated.GetImageComponents(2) //nolint:staticcheck
 				So(err, ShouldBeNil)
 
 				manifestBuf, err := json.Marshal(manifest)
@@ -7858,7 +7861,7 @@ func TestGCSignaturesAndUntaggedManifestsWithMetaDB(t *testing.T) {
 				So(ok, ShouldBeTrue)
 
 				// overwrite image so that signatures will get invalidated and gc'ed
-				cfg, layers, manifest, err = test.GetImageComponents(3) //nolint:staticcheck
+				cfg, layers, manifest, err = deprecated.GetImageComponents(3) //nolint:staticcheck
 				So(err, ShouldBeNil)
 
 				err = UploadImage(
@@ -7938,8 +7941,8 @@ func TestGCSignaturesAndUntaggedManifestsWithMetaDB(t *testing.T) {
 			ctlr.Config.Storage.GCDelay = 1 * time.Second
 			ctlr.Config.Storage.UntaggedImageRetentionDelay = 1 * time.Second
 
-			err := test.WriteImageToFileSystem(CreateDefaultImage(), repoName, tag,
-				test.GetDefaultStoreController(dir, ctlr.Log))
+			err := WriteImageToFileSystem(CreateDefaultImage(), repoName, tag,
+				ociutils.GetDefaultStoreController(dir, ctlr.Log))
 			So(err, ShouldBeNil)
 
 			cm := test.NewControllerManager(ctlr)
@@ -7967,7 +7970,7 @@ func TestGCSignaturesAndUntaggedManifestsWithMetaDB(t *testing.T) {
 
 			// upload multiple manifests
 			for i := 0; i < 4; i++ {
-				config, layers, manifest, err := test.GetImageComponents(1000 + i) //nolint:staticcheck
+				config, layers, manifest, err := deprecated.GetImageComponents(1000 + i) //nolint:staticcheck
 				So(err, ShouldBeNil)
 
 				manifestContent, err := json.Marshal(manifest)
@@ -8044,8 +8047,8 @@ func TestPeriodicGC(t *testing.T) {
 		ctlr.Config.Storage.GCInterval = 1 * time.Hour
 		ctlr.Config.Storage.GCDelay = 1 * time.Second
 
-		err = test.WriteImageToFileSystem(CreateDefaultImage(), repoName, "0.0.1",
-			test.GetDefaultStoreController(dir, ctlr.Log))
+		err = WriteImageToFileSystem(CreateDefaultImage(), repoName, "0.0.1",
+			ociutils.GetDefaultStoreController(dir, ctlr.Log))
 		So(err, ShouldBeNil)
 
 		cm := test.NewControllerManager(ctlr)
@@ -8123,8 +8126,8 @@ func TestPeriodicGC(t *testing.T) {
 		ctlr.Config.Storage.GCInterval = 1 * time.Hour
 		ctlr.Config.Storage.GCDelay = 1 * time.Second
 
-		err = test.WriteImageToFileSystem(CreateDefaultImage(), repoName, "0.0.1",
-			test.GetDefaultStoreController(dir, ctlr.Log))
+		err = WriteImageToFileSystem(CreateDefaultImage(), repoName, "0.0.1",
+			ociutils.GetDefaultStoreController(dir, ctlr.Log))
 		So(err, ShouldBeNil)
 
 		So(os.Chmod(dir, 0o000), ShouldBeNil)
@@ -8164,7 +8167,7 @@ func TestSearchRoutes(t *testing.T) {
 		repoName := "testrepo" //nolint:goconst
 		inaccessibleRepo := "inaccessible"
 
-		cfg, layers, manifest, err := test.GetImageComponents(10000) //nolint:staticcheck
+		cfg, layers, manifest, err := deprecated.GetImageComponents(10000) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImage(
@@ -8177,7 +8180,7 @@ func TestSearchRoutes(t *testing.T) {
 		So(err, ShouldBeNil)
 
 		// data for the inaccessible repo
-		cfg, layers, manifest, err = test.GetImageComponents(10000) //nolint:staticcheck
+		cfg, layers, manifest, err = deprecated.GetImageComponents(10000) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImage(
@@ -8250,7 +8253,7 @@ func TestSearchRoutes(t *testing.T) {
 			cm.StartAndWait(port)
 			defer cm.StopServer()
 
-			cfg, layers, manifest, err := test.GetImageComponents(10000) //nolint:staticcheck
+			cfg, layers, manifest, err := deprecated.GetImageComponents(10000) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			err = UploadImageWithBasicAuth(
@@ -8263,7 +8266,7 @@ func TestSearchRoutes(t *testing.T) {
 			So(err, ShouldBeNil)
 
 			// data for the inaccessible repo
-			cfg, layers, manifest, err = test.GetImageComponents(10000) //nolint:staticcheck
+			cfg, layers, manifest, err = deprecated.GetImageComponents(10000) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			err = UploadImageWithBasicAuth(
@@ -9529,14 +9532,14 @@ func RunAuthorizationTests(t *testing.T, client *resty.Client, baseURL string, c
 		So(resp.StatusCode(), ShouldEqual, http.StatusCreated)
 
 		// create update config and post it.
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 
 		resp, err = client.R().
 			Post(baseURL + "/v2/zot-test/blobs/uploads/")
 		So(err, ShouldBeNil)
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-		loc = testc.Location(baseURL, resp)
+		loc = test.Location(baseURL, resp)
 
 		// uploading blob should get 201
 		resp, err = client.R().
@@ -9556,7 +9559,7 @@ func RunAuthorizationTests(t *testing.T, client *resty.Client, baseURL string, c
 		So(err, ShouldBeNil)
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-		loc = testc.Location(baseURL, resp)
+		loc = test.Location(baseURL, resp)
 
 		// uploading blob should get 201
 		resp, err = client.R().

pkg/api/routes_test.go

@@ -31,7 +31,7 @@ import (
 	mTypes "zotregistry.io/zot/pkg/meta/types"
 	reqCtx "zotregistry.io/zot/pkg/requestcontext"
 	storageTypes "zotregistry.io/zot/pkg/storage/types"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
 

pkg/cli/client/cve_cmd_internal_test.go

@@ -36,9 +36,11 @@ import (
 	mTypes "zotregistry.io/zot/pkg/meta/types"
 	"zotregistry.io/zot/pkg/storage"
 	"zotregistry.io/zot/pkg/storage/local"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
 )
 
 func TestSearchCVECmd(t *testing.T) {
@@ -404,8 +406,8 @@ func TestNegativeServerResponse(t *testing.T) {
 
 		dir := t.TempDir()
 
-		srcStorageCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
-		err := test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr)
+		srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+		err := WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		conf.Storage.RootDirectory = dir
@@ -478,10 +480,10 @@ func TestNegativeServerResponse(t *testing.T) {
 		}
 
 		num := 10
-		config, layers, manifest, err := test.GetRandomImageComponents(num) //nolint:staticcheck
+		config, layers, manifest, err := deprecated.GetRandomImageComponents(num) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
-		err = test.WriteImageToFileSystem(
+		err = WriteImageToFileSystem(
 			Image{
 				Manifest: manifest,
 				Layers:   layers,
@@ -618,7 +620,7 @@ func TestServerCVEResponse(t *testing.T) {
 
 	test.WaitTillServerReady(url)
 
-	config, layers, manifest, err := test.GetImageComponents(100) //nolint:staticcheck
+	config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 	if err != nil {
 		panic(err)
 	}
@@ -934,9 +936,9 @@ func TestCVESort(t *testing.T) {
 
 	image1 := CreateRandomImage()
 
-	storeController := test.GetDefaultStoreController(rootDir, ctlr.Log)
+	storeController := ociutils.GetDefaultStoreController(rootDir, ctlr.Log)
 
-	err := test.WriteImageToFileSystem(image1, "repo", "tag", storeController)
+	err := WriteImageToFileSystem(image1, "repo", "tag", storeController)
 	if err != nil {
 		t.FailNow()
 	}

pkg/cli/client/elevated_internal_test.go

@@ -19,7 +19,7 @@ import (
 	"zotregistry.io/zot/pkg/api"
 	"zotregistry.io/zot/pkg/api/config"
 	"zotregistry.io/zot/pkg/api/constants"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 )
 
 func TestElevatedPrivilegesTLSNewControllerPrivilegedCert(t *testing.T) {

pkg/cli/client/gql_queries_internal_test.go

@@ -12,7 +12,7 @@ import (
 	"zotregistry.io/zot/pkg/api"
 	"zotregistry.io/zot/pkg/api/config"
 	extconf "zotregistry.io/zot/pkg/extensions/config"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 )
 
 func TestGQLQueries(t *testing.T) {

pkg/cli/client/image_cmd_internal_test.go

@@ -12,6 +12,7 @@ import (
 	"log"
 	"os"
 	"path"
+	"path/filepath"
 	"regexp"
 	"strings"
 	"sync"
@@ -32,9 +33,12 @@ import (
 	"zotregistry.io/zot/pkg/common"
 	extconf "zotregistry.io/zot/pkg/extensions/config"
 	zlog "zotregistry.io/zot/pkg/log"
-	"zotregistry.io/zot/pkg/test"
-	testc "zotregistry.io/zot/pkg/test/common"
+	stypes "zotregistry.io/zot/pkg/storage/types"
+	test "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
+	"zotregistry.io/zot/pkg/test/signature"
 )
 
 func TestSearchImageCmd(t *testing.T) {
@@ -331,7 +335,7 @@ func TestSignature(t *testing.T) {
 		err = UploadImage(CreateDefaultImage(), url, repoName, "0.0.1")
 		So(err, ShouldBeNil)
 
-		err = test.SignImageUsingNotary("repo7:0.0.1", port)
+		err = signature.SignImageUsingNotary("repo7:0.0.1", port)
 		So(err, ShouldBeNil)
 
 		searchConfig := getTestSearchConfig(url, new(searchService))
@@ -1233,8 +1237,8 @@ func TestServerResponseGQLWithoutPermissions(t *testing.T) {
 
 		dir := t.TempDir()
 
-		srcStorageCtlr := test.GetDefaultStoreController(dir, zlog.NewLogger("debug", ""))
-		err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr)
+		srcStorageCtlr := ociutils.GetDefaultStoreController(dir, zlog.NewLogger("debug", ""))
+		err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		err = os.Chmod(path.Join(dir, "zot-test", "blobs"), 0o000)
@@ -1381,14 +1385,14 @@ func TestImagesSortFlag(t *testing.T) {
 	image2 := CreateImageWith().DefaultLayers().
 		ImageConfig(ispec.Image{Created: DateRef(2020, 1, 1, 1, 1, 1, 0, time.UTC)}).Build()
 
-	storeController := test.GetDefaultStoreController(rootDir, ctlr.Log)
+	storeController := ociutils.GetDefaultStoreController(rootDir, ctlr.Log)
 
-	err := test.WriteImageToFileSystem(image1, "a-repo", "tag1", storeController)
+	err := WriteImageToFileSystem(image1, "a-repo", "tag1", storeController)
 	if err != nil {
 		t.FailNow()
 	}
 
-	err = test.WriteImageToFileSystem(image2, "b-repo", "tag2", storeController)
+	err = WriteImageToFileSystem(image2, "b-repo", "tag2", storeController)
 	if err != nil {
 		t.FailNow()
 	}
@@ -1452,7 +1456,7 @@ func TestImagesCommandGQL(t *testing.T) {
 	defer cm.StopServer()
 
 	Convey("commands with gql", t, func() {
-		err := test.RemoveLocalStorageContents(ctlr.StoreController.DefaultStore)
+		err := removeLocalStorageContents(ctlr.StoreController.DefaultStore)
 		So(err, ShouldBeNil)
 
 		Convey("base and derived command", func() {
@@ -1849,7 +1853,7 @@ func TestImageCommandREST(t *testing.T) {
 	defer cm.StopServer()
 
 	Convey("commands without gql", t, func() {
-		err := test.RemoveLocalStorageContents(ctlr.StoreController.DefaultStore)
+		err := removeLocalStorageContents(ctlr.StoreController.DefaultStore)
 		So(err, ShouldBeNil)
 
 		Convey("base and derived command", func() {
@@ -2008,7 +2012,7 @@ func uploadTestMultiarch(baseURL string) {
 
 	// ------- Upload The multiarch image
 
-	multiarch := test.GetMultiarchImageForImages([]Image{image1, image2}) //nolint:staticcheck
+	multiarch := deprecated.GetMultiarchImageForImages([]Image{image1, image2}) //nolint:staticcheck
 
 	err := UploadMultiarchImage(multiarch, baseURL, "repo", "multi-arch")
 	So(err, ShouldBeNil)
@@ -2017,7 +2021,7 @@ func uploadTestMultiarch(baseURL string) {
 func uploadManifest(url string) error {
 	// create and upload a blob/layer
 	resp, _ := resty.R().Post(url + "/v2/repo7/blobs/uploads/")
-	loc := testc.Location(url, resp)
+	loc := test.Location(url, resp)
 
 	content := []byte("this is a blob5")
 	digest := godigest.FromBytes(content)
@@ -2049,7 +2053,7 @@ func uploadManifest(url string) error {
 
 	// upload image config blob
 	resp, _ = resty.R().Post(url + "/v2/repo7/blobs/uploads/")
-	loc = testc.Location(url, resp)
+	loc = test.Location(url, resp)
 
 	_, _ = resty.R().
 		SetContentLength(true).
@@ -2155,7 +2159,7 @@ func uploadManifestDerivedBase(url string) error {
 
 	// upload image config blob
 	resp, _ := resty.R().Post(url + "/v2/repo7/blobs/uploads/")
-	loc := testc.Location(url, resp)
+	loc := test.Location(url, resp)
 
 	_, _ = resty.R().
 		SetContentLength(true).
@@ -2705,3 +2709,20 @@ func getTestSearchConfig(url string, searchService SearchService) searchConfig {
 		resultWriter:  nil,
 	}
 }
+
+func removeLocalStorageContents(imageStore stypes.ImageStore) error {
+	repos, err := imageStore.GetRepositories()
+	if err != nil {
+		return err
+	}
+
+	for _, repo := range repos {
+		// take just the first path
+		err = os.RemoveAll(filepath.Join(imageStore.RootDir(), filepath.SplitList(repo)[0]))
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}

pkg/cli/client/internal_test.go

@@ -19,7 +19,7 @@ import (
 	"zotregistry.io/zot/pkg/api/config"
 	"zotregistry.io/zot/pkg/api/constants"
 	extConf "zotregistry.io/zot/pkg/extensions/config"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 )
 
 const (
@@ -167,7 +167,10 @@ func TestTLSWithoutAuth(t *testing.T) {
 
 			home := os.Getenv("HOME")
 			destCertsDir := filepath.Join(home, certsDir1)
-			test.CopyTestFiles(sourceCertsDir, destCertsDir)
+
+			err := test.CopyFiles(sourceCertsDir, destCertsDir)
+			So(err, ShouldBeNil)
+
 			defer os.RemoveAll(destCertsDir)
 
 			args := []string{"list", "--config", "imagetest"}
@@ -176,7 +179,7 @@ func TestTLSWithoutAuth(t *testing.T) {
 			imageCmd.SetOut(imageBuff)
 			imageCmd.SetErr(imageBuff)
 			imageCmd.SetArgs(args)
-			err := imageCmd.Execute()
+			err = imageCmd.Execute()
 			So(err, ShouldBeNil)
 		})
 	})

pkg/cli/client/repo_internal_test.go

@@ -15,7 +15,7 @@ import (
 
 	"zotregistry.io/zot/pkg/api"
 	"zotregistry.io/zot/pkg/api/config"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 )
 

pkg/cli/client/search_cmd_internal_test.go

@@ -18,8 +18,9 @@ import (
 	"zotregistry.io/zot/pkg/api"
 	"zotregistry.io/zot/pkg/api/config"
 	extconf "zotregistry.io/zot/pkg/extensions/config"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 	. "zotregistry.io/zot/pkg/test/image-utils"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
 )
 
 const (
@@ -890,14 +891,14 @@ func TestSearchSort(t *testing.T) {
 		ImageConfig(ispec.Image{Created: DateRef(2020, 1, 1, 1, 1, 1, 0, time.UTC)}).
 		Build()
 
-	storeController := test.GetDefaultStoreController(rootDir, ctlr.Log)
+	storeController := ociutils.GetDefaultStoreController(rootDir, ctlr.Log)
 
-	err := test.WriteImageToFileSystem(image1, "b-repo", "tag2", storeController)
+	err := WriteImageToFileSystem(image1, "b-repo", "tag2", storeController)
 	if err != nil {
 		t.FailNow()
 	}
 
-	err = test.WriteImageToFileSystem(image2, "a-test-repo", "tag2", storeController)
+	err = WriteImageToFileSystem(image2, "a-test-repo", "tag2", storeController)
 	if err != nil {
 		t.FailNow()
 	}

pkg/cli/client/utils_internal_test.go

@@ -5,6 +5,7 @@ package client
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -16,7 +17,7 @@ import (
 	ispec "github.com/opencontainers/image-spec/specs-go/v1"
 	. "github.com/smartystreets/goconvey/convey"
 
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 )
 
 func getDefaultSearchConf(baseURL string) searchConfig {
@@ -35,10 +36,52 @@ func getDefaultSearchConf(baseURL string) searchConfig {
 	}
 }
 
+type RouteHandler struct {
+	Route string
+	// HandlerFunc is the HTTP handler function that receives a writer for output and an HTTP request as input.
+	HandlerFunc http.HandlerFunc
+	// AllowedMethods specifies the HTTP methods allowed for the current route.
+	AllowedMethods []string
+}
+
+// Routes is a map that associates HTTP paths to their corresponding HTTP handlers.
+type HTTPRoutes []RouteHandler
+
+func StartTestHTTPServer(routes HTTPRoutes, port string) *http.Server {
+	baseURL := test.GetBaseURL(port)
+	mux := mux.NewRouter()
+
+	mux.HandleFunc("/test", func(w http.ResponseWriter, r *http.Request) {
+		_, err := w.Write([]byte("{}"))
+		if err != nil {
+			return
+		}
+	}).Methods(http.MethodGet)
+
+	for _, routeHandler := range routes {
+		mux.HandleFunc(routeHandler.Route, routeHandler.HandlerFunc).Methods(routeHandler.AllowedMethods...)
+	}
+
+	server := &http.Server{ //nolint:gosec
+		Addr:    fmt.Sprintf(":%s", port),
+		Handler: mux,
+	}
+
+	go func() {
+		if err := server.ListenAndServe(); !errors.Is(err, http.ErrServerClosed) {
+			return
+		}
+	}()
+
+	test.WaitTillServerReady(baseURL + "/test")
+
+	return server
+}
+
 func TestDoHTTPRequest(t *testing.T) {
 	Convey("doHTTPRequest nil result pointer", t, func() {
 		port := test.GetFreePort()
-		server := test.StartTestHTTPServer(nil, port)
+		server := StartTestHTTPServer(nil, port)
 		defer server.Close()
 
 		url := fmt.Sprintf("http://127.0.0.1:%s/asd", port)
@@ -50,7 +93,7 @@ func TestDoHTTPRequest(t *testing.T) {
 
 	Convey("doHTTPRequest bad return json", t, func() {
 		port := test.GetFreePort()
-		server := test.StartTestHTTPServer(test.HTTPRoutes{
+		server := StartTestHTTPServer(HTTPRoutes{
 			{
 				Route: "/test",
 				HandlerFunc: func(w http.ResponseWriter, r *http.Request) {
@@ -92,7 +135,7 @@ func TestDoHTTPRequest(t *testing.T) {
 		searchConf := getDefaultSearchConf(baseURL)
 
 		// 404 erorr will appear
-		server := test.StartTestHTTPServer(test.HTTPRoutes{}, port)
+		server := StartTestHTTPServer(HTTPRoutes{}, port)
 		defer server.Close()
 
 		URL := baseURL + "/v2/repo/manifests/tag"
@@ -115,7 +158,7 @@ func TestDoHTTPRequest(t *testing.T) {
 		searchConf := getDefaultSearchConf(baseURL)
 
 		Convey("makeGETRequest manifest error, context is done", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{}, port)
+			server := StartTestHTTPServer(HTTPRoutes{}, port)
 			defer server.Close()
 
 			ctx, cancel := context.WithCancel(context.Background())
@@ -129,7 +172,7 @@ func TestDoHTTPRequest(t *testing.T) {
 		})
 
 		Convey("makeGETRequest manifest error, context is not done", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{}, port)
+			server := StartTestHTTPServer(HTTPRoutes{}, port)
 			defer server.Close()
 
 			_, err := fetchManifestStruct(context.Background(), "repo", "tag", searchConf,
@@ -139,7 +182,7 @@ func TestDoHTTPRequest(t *testing.T) {
 		})
 
 		Convey("makeGETRequest config error, context is not done", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{
+			server := StartTestHTTPServer(HTTPRoutes{
 				{
 					Route: "/v2/{name}/manifests/{reference}",
 					HandlerFunc: func(w http.ResponseWriter, r *http.Request) {
@@ -160,7 +203,7 @@ func TestDoHTTPRequest(t *testing.T) {
 		})
 
 		Convey("Platforms on config", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{
+			server := StartTestHTTPServer(HTTPRoutes{
 				{
 					Route: "/v2/{name}/manifests/{reference}",
 					HandlerFunc: func(w http.ResponseWriter, r *http.Request) {
@@ -215,7 +258,7 @@ func TestDoHTTPRequest(t *testing.T) {
 		})
 
 		Convey("fetchImageIndexStruct no errors", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{
+			server := StartTestHTTPServer(HTTPRoutes{
 				{
 					Route: "/v2/{name}/manifests/{reference}",
 					HandlerFunc: func(writer http.ResponseWriter, req *http.Request) {
@@ -284,7 +327,7 @@ func TestDoHTTPRequest(t *testing.T) {
 		})
 
 		Convey("fetchImageIndexStruct makeGETRequest errors context done", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{}, port)
+			server := StartTestHTTPServer(HTTPRoutes{}, port)
 			defer server.Close()
 
 			ctx, cancel := context.WithCancel(context.Background())
@@ -306,7 +349,7 @@ func TestDoHTTPRequest(t *testing.T) {
 		})
 
 		Convey("fetchImageIndexStruct makeGETRequest errors context not done", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{}, port)
+			server := StartTestHTTPServer(HTTPRoutes{}, port)
 			defer server.Close()
 
 			URL := baseURL + "/v2/repo/manifests/indexRef"
@@ -341,7 +384,7 @@ func TestDoJobErrors(t *testing.T) {
 		reqPool.wtgrp.Add(1)
 
 		Convey("Do Job makeHEADRequest error context done", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{}, port)
+			server := StartTestHTTPServer(HTTPRoutes{}, port)
 			defer server.Close()
 
 			URL := baseURL + "/v2/repo/manifests/manifestRef"
@@ -361,7 +404,7 @@ func TestDoJobErrors(t *testing.T) {
 		})
 
 		Convey("Do Job makeHEADRequest error context not done", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{}, port)
+			server := StartTestHTTPServer(HTTPRoutes{}, port)
 			defer server.Close()
 
 			URL := baseURL + "/v2/repo/manifests/manifestRef"
@@ -383,7 +426,7 @@ func TestDoJobErrors(t *testing.T) {
 		})
 
 		Convey("Do Job fetchManifestStruct errors context canceled", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{
+			server := StartTestHTTPServer(HTTPRoutes{
 				{
 					Route: "/v2/{name}/manifests/{reference}",
 					HandlerFunc: func(w http.ResponseWriter, r *http.Request) {
@@ -416,7 +459,7 @@ func TestDoJobErrors(t *testing.T) {
 		})
 
 		Convey("Do Job fetchManifestStruct errors context not canceled", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{
+			server := StartTestHTTPServer(HTTPRoutes{
 				{
 					Route: "/v2/{name}/manifests/{reference}",
 					HandlerFunc: func(w http.ResponseWriter, r *http.Request) {
@@ -450,7 +493,7 @@ func TestDoJobErrors(t *testing.T) {
 		})
 
 		Convey("Do Job fetchIndexStruct errors context canceled", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{
+			server := StartTestHTTPServer(HTTPRoutes{
 				{
 					Route: "/v2/{name}/manifests/{reference}",
 					HandlerFunc: func(w http.ResponseWriter, r *http.Request) {
@@ -483,7 +526,7 @@ func TestDoJobErrors(t *testing.T) {
 		})
 
 		Convey("Do Job fetchIndexStruct errors context not canceled", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{
+			server := StartTestHTTPServer(HTTPRoutes{
 				{
 					Route: "/v2/{name}/manifests/{reference}",
 					HandlerFunc: func(w http.ResponseWriter, r *http.Request) {
@@ -516,7 +559,7 @@ func TestDoJobErrors(t *testing.T) {
 			So(result.StrValue, ShouldResemble, "")
 		})
 		Convey("Do Job fetchIndexStruct not supported content type", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{
+			server := StartTestHTTPServer(HTTPRoutes{
 				{
 					Route: "/v2/{name}/manifests/{reference}",
 					HandlerFunc: func(w http.ResponseWriter, r *http.Request) {
@@ -546,7 +589,7 @@ func TestDoJobErrors(t *testing.T) {
 		})
 
 		Convey("Media type is MediaTypeImageIndex image.string erorrs", func() {
-			server := test.StartTestHTTPServer(test.HTTPRoutes{
+			server := StartTestHTTPServer(HTTPRoutes{
 				{
 					Route: "/v2/{name}/manifests/{reference}",
 					HandlerFunc: func(w http.ResponseWriter, r *http.Request) {

pkg/cli/server/config_reloader_test.go

@@ -14,7 +14,7 @@ import (
 	"golang.org/x/crypto/bcrypt"
 
 	cli "zotregistry.io/zot/pkg/cli/server"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 )
 
 func TestConfigReloader(t *testing.T) {

pkg/cli/server/extensions_test.go

@@ -15,7 +15,7 @@ import (
 
 	"zotregistry.io/zot/pkg/api/config"
 	cli "zotregistry.io/zot/pkg/cli/server"
-	. "zotregistry.io/zot/pkg/test"
+	. "zotregistry.io/zot/pkg/test/common"
 )
 
 const readLogFileTimeout = 5 * time.Second

pkg/cli/server/root_test.go

@@ -14,7 +14,7 @@ import (
 	"zotregistry.io/zot/pkg/api/config"
 	cli "zotregistry.io/zot/pkg/cli/server"
 	storageConstants "zotregistry.io/zot/pkg/storage/constants"
-	. "zotregistry.io/zot/pkg/test"
+	. "zotregistry.io/zot/pkg/test/common"
 )
 
 func TestServerUsage(t *testing.T) {

pkg/cli/server/stress_test.go

@@ -17,7 +17,7 @@ import (
 	"zotregistry.io/zot/pkg/api"
 	"zotregistry.io/zot/pkg/api/config"
 	cli "zotregistry.io/zot/pkg/cli/server"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 )
 
 const (

pkg/common/http_client_test.go

@@ -14,7 +14,7 @@ import (
 	"zotregistry.io/zot/pkg/api/config"
 	"zotregistry.io/zot/pkg/common"
 	"zotregistry.io/zot/pkg/log"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 )
 
 func TestHTTPClient(t *testing.T) {

pkg/compliance/v1_0_0/check.go

@@ -22,8 +22,8 @@ import (
 	"zotregistry.io/zot/pkg/api"
 	"zotregistry.io/zot/pkg/api/constants"
 	"zotregistry.io/zot/pkg/compliance"
-	"zotregistry.io/zot/pkg/test"
-	testc "zotregistry.io/zot/pkg/test/common"
+	test "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	"zotregistry.io/zot/pkg/test/image-utils"
 )
 
@@ -120,7 +120,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 			resp, err := resty.R().Post(baseURL + "/v2/repo2/blobs/uploads/")
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-			loc := testc.Location(baseURL, resp)
+			loc := test.Location(baseURL, resp)
 			So(loc, ShouldNotBeEmpty)
 
 			resp, err = resty.R().Get(loc)
@@ -156,7 +156,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 				SetHeader("Content-Type", "application/octet-stream").SetBody(content).Put(loc)
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusCreated)
-			blobLoc := testc.Location(baseURL, resp)
+			blobLoc := test.Location(baseURL, resp)
 			So(blobLoc, ShouldNotBeEmpty)
 			So(resp.Header().Get("Content-Length"), ShouldEqual, "0")
 			So(resp.Header().Get(constants.DistContentDigestKey), ShouldNotBeEmpty)
@@ -200,7 +200,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 				Post(baseURL + "/v2/repo2/blobs/uploads/")
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusCreated)
-			loc := testc.Location(baseURL, resp)
+			loc := test.Location(baseURL, resp)
 			So(loc, ShouldNotBeEmpty)
 			// blob reference should be accessible
 			resp, err = resty.R().Get(loc)
@@ -213,7 +213,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 			resp, err := resty.R().Post(baseURL + "/v2/repo10/repo20/repo30/blobs/uploads/")
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-			loc := testc.Location(baseURL, resp)
+			loc := test.Location(baseURL, resp)
 			So(loc, ShouldNotBeEmpty)
 
 			resp, err = resty.R().Get(loc)
@@ -249,7 +249,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 				SetHeader("Content-Type", "application/octet-stream").SetBody(content).Put(loc)
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusCreated)
-			blobLoc := testc.Location(baseURL, resp)
+			blobLoc := test.Location(baseURL, resp)
 			So(blobLoc, ShouldNotBeEmpty)
 			So(resp.Header().Get("Content-Length"), ShouldEqual, "0")
 			So(resp.Header().Get(constants.DistContentDigestKey), ShouldNotBeEmpty)
@@ -268,7 +268,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 			resp, err := resty.R().Post(baseURL + "/v2/repo3/blobs/uploads/")
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-			loc := testc.Location(baseURL, resp)
+			loc := test.Location(baseURL, resp)
 			So(loc, ShouldNotBeEmpty)
 
 			var buf bytes.Buffer
@@ -315,7 +315,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 				SetHeader("Content-Type", "application/octet-stream").SetBody(chunk2).Put(loc)
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusCreated)
-			blobLoc := testc.Location(baseURL, resp)
+			blobLoc := test.Location(baseURL, resp)
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusCreated)
 			So(blobLoc, ShouldNotBeEmpty)
@@ -336,7 +336,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 			resp, err := resty.R().Post(baseURL + "/v2/repo40/repo50/repo60/blobs/uploads/")
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-			loc := testc.Location(baseURL, resp)
+			loc := test.Location(baseURL, resp)
 			So(loc, ShouldNotBeEmpty)
 
 			var buf bytes.Buffer
@@ -383,7 +383,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 				SetHeader("Content-Type", "application/octet-stream").SetBody(chunk2).Put(loc)
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusCreated)
-			blobLoc := testc.Location(baseURL, resp)
+			blobLoc := test.Location(baseURL, resp)
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusCreated)
 			So(blobLoc, ShouldNotBeEmpty)
@@ -405,7 +405,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 			resp, err := resty.R().Post(baseURL + "/v2/repo4/blobs/uploads/")
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-			loc := testc.Location(baseURL, resp)
+			loc := test.Location(baseURL, resp)
 			So(loc, ShouldNotBeEmpty)
 
 			// delete this upload
@@ -420,7 +420,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 			resp, err := resty.R().Post(baseURL + "/v2/repo5/blobs/uploads/")
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-			loc := testc.Location(baseURL, resp)
+			loc := test.Location(baseURL, resp)
 			So(loc, ShouldNotBeEmpty)
 
 			content := []byte("this is a blob4")
@@ -431,7 +431,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 				SetHeader("Content-Type", "application/octet-stream").SetBody(content).Put(loc)
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusCreated)
-			blobLoc := testc.Location(baseURL, resp)
+			blobLoc := test.Location(baseURL, resp)
 			So(blobLoc, ShouldNotBeEmpty)
 			So(resp.Header().Get(constants.DistContentDigestKey), ShouldNotBeEmpty)
 
@@ -456,7 +456,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 			resp, err := resty.R().Post(baseURL + "/v2/repo7/blobs/uploads/")
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-			loc := testc.Location(baseURL, resp)
+			loc := test.Location(baseURL, resp)
 			So(loc, ShouldNotBeEmpty)
 
 			// since we are not specifying any prefix i.e provided in config while starting server,
@@ -486,7 +486,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusNotFound)
 
-			cfg, layers, manifest, err := test.GetImageComponents(1) //nolint:staticcheck
+			cfg, layers, manifest, err := deprecated.GetImageComponents(1) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			repoName := "repo7"
@@ -594,7 +594,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 			_, _ = Print("\nPagination")
 
 			for index := 0; index <= 4; index++ {
-				cfg, layers, manifest, err := test.GetImageComponents(1) //nolint:staticcheck
+				cfg, layers, manifest, err := deprecated.GetImageComponents(1) //nolint:staticcheck
 				So(err, ShouldBeNil)
 
 				repoName := "page0"
@@ -668,7 +668,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 			resp, err := resty.R().Post(baseURL + "/v2/firsttest/first/blobs/uploads/")
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-			firstloc := testc.Location(baseURL, resp)
+			firstloc := test.Location(baseURL, resp)
 			So(firstloc, ShouldNotBeEmpty)
 
 			resp, err = resty.R().Get(firstloc)
@@ -683,7 +683,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 			resp, err = resty.R().Post(baseURL + "/v2/secondtest/second/blobs/uploads/")
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-			secondloc := testc.Location(baseURL, resp)
+			secondloc := test.Location(baseURL, resp)
 			So(secondloc, ShouldNotBeEmpty)
 
 			resp, err = resty.R().Get(secondloc)
@@ -734,7 +734,7 @@ func CheckWorkflows(t *testing.T, config *compliance.Config) {
 			So(err, ShouldBeNil)
 			So(resp.StatusCode(), ShouldEqual, http.StatusNotFound)
 
-			cfg, layers, manifest, err := test.GetImageComponents(1) //nolint:staticcheck
+			cfg, layers, manifest, err := deprecated.GetImageComponents(1) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			// subpath firsttest

pkg/compliance/v1_0_0/check_test.go

@@ -13,7 +13,7 @@ import (
 	"zotregistry.io/zot/pkg/api/config"
 	"zotregistry.io/zot/pkg/compliance"
 	"zotregistry.io/zot/pkg/compliance/v1_0_0"
-	. "zotregistry.io/zot/pkg/test"
+	. "zotregistry.io/zot/pkg/test/common"
 )
 
 //nolint:gochecknoglobals

pkg/debug/pprof/pprof_test.go

@@ -15,7 +15,7 @@ import (
 	"zotregistry.io/zot/pkg/api/config"
 	"zotregistry.io/zot/pkg/api/constants"
 	debugConstants "zotregistry.io/zot/pkg/debug/constants"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 )
 
 func TestProfilingAuthz(t *testing.T) {

pkg/exporter/api/controller_test.go

@@ -25,7 +25,7 @@ import (
 	zotcfg "zotregistry.io/zot/pkg/api/config"
 	"zotregistry.io/zot/pkg/exporter/api"
 	"zotregistry.io/zot/pkg/extensions/monitoring"
-	. "zotregistry.io/zot/pkg/test"
+	. "zotregistry.io/zot/pkg/test/common"
 )
 
 func getRandomLatencyN(max int64) time.Duration {

pkg/extensions/extension_image_trust_disabled_test.go

@@ -11,7 +11,7 @@ import (
 	"zotregistry.io/zot/pkg/api"
 	"zotregistry.io/zot/pkg/api/config"
 	extconf "zotregistry.io/zot/pkg/extensions/config"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 )
 
 func TestImageTrustExtension(t *testing.T) {

pkg/extensions/extension_image_trust_test.go

@@ -33,8 +33,9 @@ import (
 	"zotregistry.io/zot/pkg/log"
 	"zotregistry.io/zot/pkg/storage"
 	"zotregistry.io/zot/pkg/storage/local"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 	. "zotregistry.io/zot/pkg/test/image-utils"
+	"zotregistry.io/zot/pkg/test/signature"
 )
 
 type errReader int
@@ -203,7 +204,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[
 		}
 
 		image := CreateRandomImage()
-		err = test.WriteImageToFileSystem(image, repo, tag, storeController)
+		err = WriteImageToFileSystem(image, repo, tag, storeController)
 		So(err, ShouldBeNil)
 
 		ctlr := api.NewController(conf)
@@ -323,7 +324,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[
 		}
 
 		image := CreateRandomImage()
-		err = test.WriteImageToFileSystem(image, repo, tag, storeController)
+		err = WriteImageToFileSystem(image, repo, tag, storeController)
 		So(err, ShouldBeNil)
 
 		ctlr := api.NewController(conf)
@@ -341,13 +342,13 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[
 
 		rootDir := t.TempDir()
 
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
 
-		test.LoadNotationPath(rootDir)
+		signature.LoadNotationPath(rootDir)
 
 		// generate a keypair
-		err = test.GenerateNotationCerts(rootDir, certName)
+		err = signature.GenerateNotationCerts(rootDir, certName)
 		So(err, ShouldBeNil)
 
 		// upload the certificate
@@ -364,7 +365,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[
 		// sign the image
 		imageURL := fmt.Sprintf("localhost:%s/%s", port, fmt.Sprintf("%s:%s", repo, tag))
 
-		err = test.SignWithNotation(certName, imageURL, rootDir)
+		err = signature.SignWithNotation(certName, imageURL, rootDir)
 		So(err, ShouldBeNil)
 
 		found, err = test.ReadLogFileAndSearchString(logFile.Name(), "update signatures validity", 10*time.Second)
@@ -430,7 +431,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[
 		}
 
 		image := CreateRandomImage()
-		err = test.WriteImageToFileSystem(image, repo, tag, storeController)
+		err = WriteImageToFileSystem(image, repo, tag, storeController)
 		So(err, ShouldBeNil)
 
 		ctlr := api.NewController(conf)
@@ -474,13 +475,13 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[
 
 		rootDir := t.TempDir()
 
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
 
-		test.LoadNotationPath(rootDir)
+		signature.LoadNotationPath(rootDir)
 
 		// generate a keypair
-		err = test.GenerateNotationCerts(rootDir, certName)
+		err = signature.GenerateNotationCerts(rootDir, certName)
 		So(err, ShouldBeNil)
 
 		// upload the certificate
@@ -497,7 +498,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[
 		// sign the image
 		imageURL := fmt.Sprintf("localhost:%s/%s", port, fmt.Sprintf("%s:%s", repo, tag))
 
-		err = test.SignWithNotation(certName, imageURL, rootDir)
+		err = signature.SignWithNotation(certName, imageURL, rootDir)
 		So(err, ShouldBeNil)
 
 		found, err = test.ReadLogFileAndSearchString(logFile.Name(), "update signatures validity", 10*time.Second)
@@ -592,7 +593,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[
 		}
 
 		image := CreateRandomImage()
-		err = test.WriteImageToFileSystem(image, repo, tag, storeController)
+		err = WriteImageToFileSystem(image, repo, tag, storeController)
 		So(err, ShouldBeNil)
 
 		ctlr := api.NewController(conf)
@@ -854,15 +855,15 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[
 
 		// Write image
 		image := CreateRandomImage()
-		err = test.WriteImageToFileSystem(image, repo, tag, storeController)
+		err = WriteImageToFileSystem(image, repo, tag, storeController)
 		So(err, ShouldBeNil)
 
 		// Write signature
-		signature := CreateImageWith().RandomLayers(1, 2).RandomConfig().Build()
+		sig := CreateImageWith().RandomLayers(1, 2).RandomConfig().Build()
 		So(err, ShouldBeNil)
-		ref, err := test.GetCosignSignatureTagForManifest(image.Manifest)
+		ref, err := signature.GetCosignSignatureTagForManifest(image.Manifest)
 		So(err, ShouldBeNil)
-		err = test.WriteImageToFileSystem(signature, repo, ref, storeController)
+		err = WriteImageToFileSystem(sig, repo, ref, storeController)
 		So(err, ShouldBeNil)
 
 		ctlr := api.NewController(conf)
@@ -950,13 +951,13 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[
 
 		rootDir := t.TempDir()
 
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
 
-		test.LoadNotationPath(rootDir)
+		signature.LoadNotationPath(rootDir)
 
 		// generate Notation cert
-		err := test.GenerateNotationCerts(rootDir, "test")
+		err := signature.GenerateNotationCerts(rootDir, "test")
 		So(err, ShouldBeNil)
 
 		certificateContent, err := os.ReadFile(path.Join(rootDir, "notation/localkeys", "test.crt"))

pkg/extensions/extension_ui_test.go

@@ -16,7 +16,8 @@ import (
 	"zotregistry.io/zot/pkg/api"
 	"zotregistry.io/zot/pkg/api/config"
 	extconf "zotregistry.io/zot/pkg/extensions/config"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 )
 
@@ -58,7 +59,7 @@ func TestUIExtension(t *testing.T) {
 		So(found, ShouldBeTrue)
 		So(err, ShouldBeNil)
 
-		cfg, layers, manifest, err := test.GetImageComponents(1) //nolint:staticcheck
+		cfg, layers, manifest, err := deprecated.GetImageComponents(1) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		repoName := "test-repo"

pkg/extensions/extension_userprefs_test.go

@@ -23,7 +23,7 @@ import (
 	extconf "zotregistry.io/zot/pkg/extensions/config"
 	"zotregistry.io/zot/pkg/log"
 	mTypes "zotregistry.io/zot/pkg/meta/types"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
 

pkg/extensions/extensions_test.go

@@ -21,7 +21,8 @@ import (
 	"zotregistry.io/zot/pkg/extensions"
 	extconf "zotregistry.io/zot/pkg/extensions/config"
 	syncconf "zotregistry.io/zot/pkg/extensions/config/sync"
-	"zotregistry.io/zot/pkg/test"
+	authutils "zotregistry.io/zot/pkg/test/auth"
+	test "zotregistry.io/zot/pkg/test/common"
 )
 
 const (
@@ -124,7 +125,7 @@ func TestMgmtExtension(t *testing.T) {
 
 	defaultValue := true
 
-	mockOIDCServer, err := test.MockOIDCRun()
+	mockOIDCServer, err := authutils.MockOIDCRun()
 	if err != nil {
 		panic(err)
 	}
@@ -756,7 +757,7 @@ func TestMgmtWithBearer(t *testing.T) {
 	Convey("Make a new controller", t, func() {
 		authorizedNamespace := "allowedrepo"
 		unauthorizedNamespace := "notallowedrepo"
-		authTestServer := test.MakeAuthTestServer(ServerKey, unauthorizedNamespace)
+		authTestServer := authutils.MakeAuthTestServer(ServerKey, unauthorizedNamespace)
 		defer authTestServer.Close()
 
 		port := test.GetFreePort()
@@ -798,7 +799,7 @@ func TestMgmtWithBearer(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader := test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader := authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -806,7 +807,7 @@ func TestMgmtWithBearer(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusOK)
-		var goodToken test.AccessTokenResponse
+		var goodToken authutils.AccessTokenResponse
 		err = json.Unmarshal(resp.Body(), &goodToken)
 		So(err, ShouldBeNil)
 
@@ -828,7 +829,7 @@ func TestMgmtWithBearer(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -852,7 +853,7 @@ func TestMgmtWithBearer(t *testing.T) {
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusUnauthorized)
 
-		authorizationHeader = test.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
+		authorizationHeader = authutils.ParseBearerAuthHeader(resp.Header().Get("Www-Authenticate"))
 		resp, err = resty.R().
 			SetQueryParam("service", authorizationHeader.Service).
 			SetQueryParam("scope", authorizationHeader.Scope).
@@ -860,7 +861,7 @@ func TestMgmtWithBearer(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(resp, ShouldNotBeNil)
 		So(resp.StatusCode(), ShouldEqual, http.StatusOK)
-		var badToken test.AccessTokenResponse
+		var badToken authutils.AccessTokenResponse
 		err = json.Unmarshal(resp.Body(), &badToken)
 		So(err, ShouldBeNil)
 

pkg/extensions/get_extensions_disabled_test.go

@@ -15,7 +15,7 @@ import (
 	"zotregistry.io/zot/pkg/api/config"
 	"zotregistry.io/zot/pkg/api/constants"
 	extconf "zotregistry.io/zot/pkg/extensions/config"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 )
 
 func TestGetExensionsDisabled(t *testing.T) {

pkg/extensions/imagetrust/image_trust_disabled_test.go

@@ -11,7 +11,7 @@ import (
 	. "github.com/smartystreets/goconvey/convey"
 
 	"zotregistry.io/zot/pkg/extensions/imagetrust"
-	"zotregistry.io/zot/pkg/test"
+	"zotregistry.io/zot/pkg/test/deprecated"
 )
 
 func TestImageTrust(t *testing.T) {
@@ -28,7 +28,7 @@ func TestImageTrust(t *testing.T) {
 
 		repo := "repo"
 
-		image, err := test.GetRandomImage() //nolint:staticcheck
+		image, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		manifestContent, err := json.Marshal(image.Manifest)

pkg/extensions/imagetrust/image_trust_test.go

@@ -37,9 +37,11 @@ import (
 	zcommon "zotregistry.io/zot/pkg/common"
 	extconf "zotregistry.io/zot/pkg/extensions/config"
 	"zotregistry.io/zot/pkg/extensions/imagetrust"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
+	"zotregistry.io/zot/pkg/test/signature"
 )
 
 var (
@@ -99,13 +101,13 @@ func TestInitCosignAndNotationDirs(t *testing.T) {
 	Convey("UploadCertificate - notationDir is not set", t, func() {
 		rootDir := t.TempDir()
 
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
 
-		test.LoadNotationPath(rootDir)
+		signature.LoadNotationPath(rootDir)
 
 		// generate a keypair
-		err := test.GenerateNotationCerts(rootDir, "notation-upload-test")
+		err := signature.GenerateNotationCerts(rootDir, "notation-upload-test")
 		So(err, ShouldBeNil)
 
 		certificateContent, err := os.ReadFile(path.Join(rootDir, "notation/localkeys", "notation-upload-test.crt"))
@@ -154,7 +156,7 @@ func TestVerifySignatures(t *testing.T) {
 	})
 
 	Convey("empty manifest digest", t, func() {
-		image, err := test.GetRandomImage() //nolint:staticcheck
+		image, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		manifestContent, err := json.Marshal(image.Manifest)
@@ -167,7 +169,7 @@ func TestVerifySignatures(t *testing.T) {
 	})
 
 	Convey("wrong signature type", t, func() {
-		image, err := test.GetRandomImage() //nolint:staticcheck
+		image, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		manifestContent, err := json.Marshal(image.Manifest)
@@ -182,9 +184,9 @@ func TestVerifySignatures(t *testing.T) {
 	})
 
 	Convey("verify cosign signature", t, func() {
-		repo := "repo"                      //nolint:goconst
-		tag := "test"                       //nolint:goconst
-		image, err := test.GetRandomImage() //nolint:staticcheck
+		repo := "repo"                            //nolint:goconst
+		tag := "test"                             //nolint:goconst
+		image, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		manifestContent, err := json.Marshal(image.Manifest)
@@ -334,9 +336,9 @@ func TestVerifySignatures(t *testing.T) {
 	})
 
 	Convey("verify notation signature", t, func() {
-		repo := "repo"                      //nolint:goconst
-		tag := "test"                       //nolint:goconst
-		image, err := test.GetRandomImage() //nolint:staticcheck
+		repo := "repo"                            //nolint:goconst
+		tag := "test"                             //nolint:goconst
+		image, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		manifestContent, err := json.Marshal(image.Manifest)
@@ -437,19 +439,19 @@ func TestVerifySignatures(t *testing.T) {
 			notationDir, err := certStorage.GetNotationDirPath()
 			So(err, ShouldBeNil)
 
-			test.NotationPathLock.Lock()
-			defer test.NotationPathLock.Unlock()
+			signature.NotationPathLock.Lock()
+			defer signature.NotationPathLock.Unlock()
 
-			test.LoadNotationPath(notationDir)
+			signature.LoadNotationPath(notationDir)
 
 			// generate a keypair
-			err = test.GenerateNotationCerts(notationDir, "notation-sign-test")
+			err = signature.GenerateNotationCerts(notationDir, "notation-sign-test")
 			So(err, ShouldBeNil)
 
 			// sign the image
 			image := fmt.Sprintf("localhost:%s/%s", port, fmt.Sprintf("%s:%s", repo, tag))
 
-			err = test.SignWithNotation("notation-sign-test", image, notationDir)
+			err = signature.SignWithNotation("notation-sign-test", image, notationDir)
 			So(err, ShouldBeNil)
 
 			err = test.CopyFiles(path.Join(notationDir, "notation", "truststore"), path.Join(notationDir, "truststore"))
@@ -559,13 +561,13 @@ func TestLocalTrustStoreUploadErr(t *testing.T) {
 	Convey("certificate can't be stored", t, func() {
 		rootDir := t.TempDir()
 
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
 
-		test.LoadNotationPath(rootDir)
+		signature.LoadNotationPath(rootDir)
 
 		// generate a keypair
-		err := test.GenerateNotationCerts(rootDir, "notation-upload-test")
+		err := signature.GenerateNotationCerts(rootDir, "notation-upload-test")
 		So(err, ShouldBeNil)
 
 		certificateContent, err := os.ReadFile(path.Join(rootDir, "notation/localkeys", "notation-upload-test.crt"))
@@ -1123,13 +1125,13 @@ func RunUploadTests(t *testing.T, imageTrustStore imagetrust.ImageTrustStore) {
 	Convey("upload certificate successfully", func() {
 		certDir := t.TempDir()
 
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
 
-		test.LoadNotationPath(certDir)
+		signature.LoadNotationPath(certDir)
 
 		// generate a keypair
-		err := test.GenerateNotationCerts(certDir, "notation-upload-test")
+		err := signature.GenerateNotationCerts(certDir, "notation-upload-test")
 		So(err, ShouldBeNil)
 
 		certificateContent, err := os.ReadFile(path.Join(certDir, "notation/localkeys", "notation-upload-test.crt"))
@@ -1181,7 +1183,7 @@ func RunVerificationTests(t *testing.T, dbDriverParams map[string]interface{}) {
 		tag := "test"  //nolint:goconst
 
 		Convey("verify cosign signature is trusted", func() {
-			image, err := test.GetRandomImage() //nolint:staticcheck
+			image, err := deprecated.GetRandomImage() //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			manifestContent, err := json.Marshal(image.Manifest)
@@ -1265,7 +1267,7 @@ func RunVerificationTests(t *testing.T, dbDriverParams map[string]interface{}) {
 		})
 
 		Convey("verify notation signature is trusted", func() {
-			image, err := test.GetRandomImage() //nolint:staticcheck
+			image, err := deprecated.GetRandomImage() //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			manifestContent, err := json.Marshal(image.Manifest)
@@ -1278,10 +1280,10 @@ func RunVerificationTests(t *testing.T, dbDriverParams map[string]interface{}) {
 
 			notationDir := t.TempDir()
 
-			test.NotationPathLock.Lock()
-			defer test.NotationPathLock.Unlock()
+			signature.NotationPathLock.Lock()
+			defer signature.NotationPathLock.Unlock()
 
-			test.LoadNotationPath(notationDir)
+			signature.LoadNotationPath(notationDir)
 
 			uuid, err := guuid.NewV4()
 			So(err, ShouldBeNil)
@@ -1289,13 +1291,13 @@ func RunVerificationTests(t *testing.T, dbDriverParams map[string]interface{}) {
 			certName := fmt.Sprintf("notation-sign-test-%s", uuid)
 
 			// generate a keypair
-			err = test.GenerateNotationCerts(notationDir, certName)
+			err = signature.GenerateNotationCerts(notationDir, certName)
 			So(err, ShouldBeNil)
 
 			// sign the image
 			imageURL := fmt.Sprintf("localhost:%s/%s", port, fmt.Sprintf("%s:%s", repo, tag))
 
-			err = test.SignWithNotation(certName, imageURL, notationDir)
+			err = signature.SignWithNotation(certName, imageURL, notationDir)
 			So(err, ShouldBeNil)
 
 			indexContent, err := ctlr.StoreController.DefaultStore.GetIndexContent(repo)

pkg/extensions/lint/lint_test.go

@@ -23,9 +23,9 @@ import (
 	"zotregistry.io/zot/pkg/extensions/monitoring"
 	"zotregistry.io/zot/pkg/log"
 	"zotregistry.io/zot/pkg/storage/local"
-	"zotregistry.io/zot/pkg/test"
-	testc "zotregistry.io/zot/pkg/test/common"
+	test "zotregistry.io/zot/pkg/test/common"
 	. "zotregistry.io/zot/pkg/test/image-utils"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
 )
 
 const (
@@ -56,9 +56,9 @@ func TestVerifyMandatoryAnnotations(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 		dir := t.TempDir()
-		testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log)
 
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		ctlr.Config.Storage.RootDirectory = dir
@@ -103,9 +103,9 @@ func TestVerifyMandatoryAnnotations(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 		dir := t.TempDir()
-		testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log)
 
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		ctlr.Config.Storage.RootDirectory = dir
@@ -151,8 +151,8 @@ func TestVerifyMandatoryAnnotations(t *testing.T) {
 		ctlr := api.NewController(conf)
 		dir := t.TempDir()
 
-		testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log)
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log)
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		ctlr.Config.Storage.RootDirectory = dir
@@ -204,8 +204,8 @@ func TestVerifyMandatoryAnnotations(t *testing.T) {
 		ctlr := api.NewController(conf)
 		dir := t.TempDir()
 
-		testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log)
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log)
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		ctlr.Config.Storage.RootDirectory = dir
@@ -259,7 +259,7 @@ func TestVerifyMandatoryAnnotations(t *testing.T) {
 		resp, err = resty.R().
 			Post(fmt.Sprintf("%s/v2/zot-test/blobs/uploads/", baseURL))
 		So(err, ShouldBeNil)
-		loc := testc.Location(baseURL, resp)
+		loc := test.Location(baseURL, resp)
 
 		_, err = resty.R().
 			SetContentLength(true).
@@ -292,8 +292,8 @@ func TestVerifyMandatoryAnnotations(t *testing.T) {
 		ctlr := api.NewController(conf)
 		dir := t.TempDir()
 
-		testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log)
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log)
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		ctlr.Config.Storage.RootDirectory = dir
@@ -346,7 +346,7 @@ func TestVerifyMandatoryAnnotations(t *testing.T) {
 		_, err = resty.R().
 			Post(fmt.Sprintf("%s/v2/zot-test/blobs/uploads/", baseURL))
 		So(err, ShouldBeNil)
-		loc := testc.Location(baseURL, resp)
+		loc := test.Location(baseURL, resp)
 
 		_, err = resty.R().
 			SetContentLength(true).
@@ -379,8 +379,8 @@ func TestVerifyMandatoryAnnotations(t *testing.T) {
 		ctlr := api.NewController(conf)
 		dir := t.TempDir()
 
-		testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log)
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log)
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		ctlr.Config.Storage.RootDirectory = dir
@@ -430,8 +430,8 @@ func TestVerifyMandatoryAnnotations(t *testing.T) {
 		ctlr := api.NewController(conf)
 		dir := t.TempDir()
 
-		testStoreCtlr := test.GetDefaultStoreController(dir, ctlr.Log)
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, ctlr.Log)
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		files, err := os.ReadDir(dir)
@@ -485,8 +485,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) {
 
 		dir := t.TempDir()
 
-		testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		var index ispec.Index
@@ -517,8 +517,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) {
 
 		dir := t.TempDir()
 
-		testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		var index ispec.Index
@@ -549,8 +549,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) {
 
 		dir := t.TempDir()
 
-		testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		var index ispec.Index
@@ -612,8 +612,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) {
 
 		dir := t.TempDir()
 
-		testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		var index ispec.Index
@@ -674,8 +674,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) {
 
 		dir := t.TempDir()
 
-		testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		var index ispec.Index
@@ -738,8 +738,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) {
 
 		dir := t.TempDir()
 
-		testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		var index ispec.Index
@@ -811,8 +811,8 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) {
 
 		dir := t.TempDir()
 
-		testStoreCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
-		err := test.WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
+		testStoreCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+		err := WriteImageToFileSystem(CreateRandomImage(), "zot-test", "0.0.1", testStoreCtlr)
 		So(err, ShouldBeNil)
 
 		var index ispec.Index

pkg/extensions/monitoring/monitoring_test.go

@@ -15,8 +15,9 @@ import (
 	"zotregistry.io/zot/pkg/api/config"
 	extconf "zotregistry.io/zot/pkg/extensions/config"
 	"zotregistry.io/zot/pkg/extensions/monitoring"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 	. "zotregistry.io/zot/pkg/test/image-utils"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
 )
 
 func TestExtensionMetrics(t *testing.T) {
@@ -55,8 +56,8 @@ func TestExtensionMetrics(t *testing.T) {
 		monitoring.IncDownloadCounter(ctlr.Metrics, "alpine")
 		monitoring.IncUploadCounter(ctlr.Metrics, "alpine")
 
-		srcStorageCtlr := test.GetDefaultStoreController(rootDir, ctlr.Log)
-		err := test.WriteImageToFileSystem(CreateDefaultImage(), "alpine", "0.0.1", srcStorageCtlr)
+		srcStorageCtlr := ociutils.GetDefaultStoreController(rootDir, ctlr.Log)
+		err := WriteImageToFileSystem(CreateDefaultImage(), "alpine", "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		monitoring.SetStorageUsage(ctlr.Metrics, rootDir, "alpine")

pkg/extensions/scrub/scrub_test.go

@@ -22,8 +22,9 @@ import (
 	"zotregistry.io/zot/pkg/storage"
 	"zotregistry.io/zot/pkg/storage/cache"
 	"zotregistry.io/zot/pkg/storage/local"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 	. "zotregistry.io/zot/pkg/test/image-utils"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
 )
 
 const (
@@ -63,8 +64,8 @@ func TestScrubExtension(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		srcStorageCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
-		err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), repoName, "0.0.1", srcStorageCtlr)
+		srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+		err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), repoName, "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		cm := test.NewControllerManager(ctlr)
@@ -107,9 +108,9 @@ func TestScrubExtension(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		srcStorageCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+		srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
 		image := CreateDefaultVulnerableImage()
-		err = test.WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr)
+		err = WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		manifestDigest := image.ManifestDescriptor.Digest
@@ -159,10 +160,10 @@ func TestScrubExtension(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		srcStorageCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+		srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
 		image := CreateDefaultVulnerableImage()
 
-		err = test.WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr)
+		err = WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		So(os.Chmod(path.Join(dir, repoName), 0o000), ShouldBeNil)
@@ -203,10 +204,10 @@ func TestRunScrubRepo(t *testing.T) {
 		imgStore := local.NewImageStore(dir, true,
 			true, log, metrics, nil, cacheDriver)
 
-		srcStorageCtlr := test.GetDefaultStoreController(dir, log)
+		srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log)
 		image := CreateDefaultVulnerableImage()
 
-		err = test.WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr)
+		err = WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		err = scrub.RunScrubRepo(context.Background(), imgStore, repoName, log)
@@ -239,10 +240,10 @@ func TestRunScrubRepo(t *testing.T) {
 		imgStore := local.NewImageStore(dir, true,
 			true, log, metrics, nil, cacheDriver)
 
-		srcStorageCtlr := test.GetDefaultStoreController(dir, log)
+		srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log)
 		image := CreateDefaultVulnerableImage()
 
-		err = test.WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr)
+		err = WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		manifestDigest := image.ManifestDescriptor.Digest
@@ -280,10 +281,10 @@ func TestRunScrubRepo(t *testing.T) {
 		}, log)
 		imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver)
 
-		srcStorageCtlr := test.GetDefaultStoreController(dir, log)
+		srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log)
 		image := CreateDefaultVulnerableImage()
 
-		err = test.WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr)
+		err = WriteImageToFileSystem(image, repoName, "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		So(os.Chmod(path.Join(dir, repoName), 0o000), ShouldBeNil)

pkg/extensions/search/convert/convert_test.go

@@ -20,9 +20,9 @@ import (
 	"zotregistry.io/zot/pkg/extensions/search/pagination"
 	"zotregistry.io/zot/pkg/log"
 	mTypes "zotregistry.io/zot/pkg/meta/types"
-	"zotregistry.io/zot/pkg/test"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
 )
 
 var ErrTestError = errors.New("TestError")
@@ -441,10 +441,10 @@ func TestPaginatedConvert(t *testing.T) {
 			[]Image{badOsImage, badArchImage, randomImage2, goodImage}).Build()
 	)
 
-	reposMeta, manifestMetaMap, indexDataMap := test.GetMetadataForRepos(
-		test.Repo{
+	reposMeta, manifestMetaMap, indexDataMap := ociutils.GetMetadataForRepos(
+		ociutils.Repo{
 			Name: "repo1-only-images",
-			Images: []test.RepoImage{
+			Images: []ociutils.RepoImage{
 				{Image: goodImage, Tag: "goodImage"},
 				{Image: badOsImage, Tag: "badOsImage"},
 				{Image: badArchImage, Tag: "badArchImage"},
@@ -453,9 +453,9 @@ func TestPaginatedConvert(t *testing.T) {
 			IsBookmarked: true,
 			IsStarred:    true,
 		},
-		test.Repo{
+		ociutils.Repo{
 			Name: "repo2-only-bad-images",
-			Images: []test.RepoImage{
+			Images: []ociutils.RepoImage{
 				{Image: randomImage1, Tag: "randomImage1"},
 				{Image: randomImage2, Tag: "randomImage2"},
 				{Image: badBothImage, Tag: "badBothImage"},
@@ -463,27 +463,27 @@ func TestPaginatedConvert(t *testing.T) {
 			IsBookmarked: true,
 			IsStarred:    true,
 		},
-		test.Repo{
+		ociutils.Repo{
 			Name: "repo3-only-multiarch",
-			MultiArchImages: []test.RepoMultiArchImage{
+			MultiArchImages: []ociutils.RepoMultiArchImage{
 				{MultiarchImage: badMultiArch, Tag: "badMultiArch"},
 				{MultiarchImage: goodMultiArch, Tag: "goodMultiArch"},
 			},
 			IsBookmarked: true,
 			IsStarred:    true,
 		},
-		test.Repo{
+		ociutils.Repo{
 			Name: "repo4-not-bookmarked-or-starred",
-			Images: []test.RepoImage{
+			Images: []ociutils.RepoImage{
 				{Image: goodImage, Tag: "goodImage"},
 			},
-			MultiArchImages: []test.RepoMultiArchImage{
+			MultiArchImages: []ociutils.RepoMultiArchImage{
 				{MultiarchImage: goodMultiArch, Tag: "goodMultiArch"},
 			},
 		},
-		test.Repo{
+		ociutils.Repo{
 			Name: "repo5-signed",
-			Images: []test.RepoImage{
+			Images: []ociutils.RepoImage{
 				{Image: goodImage, Tag: "goodImage"}, // is fake signed by the image below
 				{Image: CreateFakeTestSignature(goodImage.DescriptorRef())},
 			},
@@ -746,9 +746,9 @@ func TestIndexAnnotations(t *testing.T) {
 			[]Image{imageWithManifestAndConfigAnnotations},
 		).Annotations(indexAnnotations).Build()
 
-		repoMeta, manifestMetadata, indexData := test.GetMetadataForRepos(test.Repo{
+		repoMeta, manifestMetadata, indexData := ociutils.GetMetadataForRepos(ociutils.Repo{
 			Name: "repo",
-			MultiArchImages: []test.RepoMultiArchImage{
+			MultiArchImages: []ociutils.RepoMultiArchImage{
 				{MultiarchImage: indexWithAnnotations, Tag: "tag"},
 			},
 		})
@@ -771,9 +771,9 @@ func TestIndexAnnotations(t *testing.T) {
 			[]Image{imageWithManifestAndConfigAnnotations, CreateRandomImage(), CreateRandomImage()},
 		).Build()
 
-		repoMeta, manifestMetadata, indexData = test.GetMetadataForRepos(test.Repo{
+		repoMeta, manifestMetadata, indexData = ociutils.GetMetadataForRepos(ociutils.Repo{
 			Name:            "repo",
-			MultiArchImages: []test.RepoMultiArchImage{{MultiarchImage: indexWithManifestAndConfigAnnotations}},
+			MultiArchImages: []ociutils.RepoMultiArchImage{{MultiarchImage: indexWithManifestAndConfigAnnotations}},
 		})
 		digest = indexWithManifestAndConfigAnnotations.Digest()
 
@@ -792,9 +792,9 @@ func TestIndexAnnotations(t *testing.T) {
 			[]Image{imageWithConfigAnnotations, CreateRandomImage(), CreateRandomImage()},
 		).Build()
 
-		repoMeta, manifestMetadata, indexData = test.GetMetadataForRepos(test.Repo{
+		repoMeta, manifestMetadata, indexData = ociutils.GetMetadataForRepos(ociutils.Repo{
 			Name:            "repo",
-			MultiArchImages: []test.RepoMultiArchImage{{MultiarchImage: indexWithConfigAnnotations, Tag: "tag"}},
+			MultiArchImages: []ociutils.RepoMultiArchImage{{MultiarchImage: indexWithConfigAnnotations, Tag: "tag"}},
 		})
 		digest = indexWithConfigAnnotations.Digest()
 
@@ -834,9 +834,9 @@ func TestIndexAnnotations(t *testing.T) {
 			},
 		).Build()
 
-		repoMeta, manifestMetadata, indexData = test.GetMetadataForRepos(test.Repo{
+		repoMeta, manifestMetadata, indexData = ociutils.GetMetadataForRepos(ociutils.Repo{
 			Name:            "repo",
-			MultiArchImages: []test.RepoMultiArchImage{{MultiarchImage: indexWithMixAnnotations, Tag: "tag"}},
+			MultiArchImages: []ociutils.RepoMultiArchImage{{MultiarchImage: indexWithMixAnnotations, Tag: "tag"}},
 		})
 		digest = indexWithMixAnnotations.Digest()
 
@@ -854,9 +854,9 @@ func TestIndexAnnotations(t *testing.T) {
 		//--------------------------------------------------------
 		indexWithNoAnnotations := CreateRandomMultiarch()
 
-		repoMeta, manifestMetadata, indexData = test.GetMetadataForRepos(test.Repo{
+		repoMeta, manifestMetadata, indexData = ociutils.GetMetadataForRepos(ociutils.Repo{
 			Name:            "repo",
-			MultiArchImages: []test.RepoMultiArchImage{{MultiarchImage: indexWithNoAnnotations, Tag: "tag"}},
+			MultiArchImages: []ociutils.RepoMultiArchImage{{MultiarchImage: indexWithNoAnnotations, Tag: "tag"}},
 		})
 		digest = indexWithNoAnnotations.Digest()
 
@@ -875,10 +875,10 @@ func TestIndexAnnotations(t *testing.T) {
 
 func TestDownloadCount(t *testing.T) {
 	Convey("manifest", t, func() {
-		repoMeta, manifestMetaMap, indexDataMap := test.GetMetadataForRepos(
-			test.Repo{
+		repoMeta, manifestMetaMap, indexDataMap := ociutils.GetMetadataForRepos(
+			ociutils.Repo{
 				Name: "repo",
-				Images: []test.RepoImage{
+				Images: []ociutils.RepoImage{
 					{
 						Image: CreateRandomImage(),
 						Tag:   "10-downloads",
@@ -899,10 +899,10 @@ func TestDownloadCount(t *testing.T) {
 		img1, img2, img3 := CreateRandomImage(), CreateRandomImage(), CreateRandomImage()
 		multiArch := CreateMultiarchWith().Images([]Image{img1, img2, img3}).Build()
 
-		repoMeta, manifestMetaMap, indexDataMap := test.GetMetadataForRepos(
-			test.Repo{
+		repoMeta, manifestMetaMap, indexDataMap := ociutils.GetMetadataForRepos(
+			ociutils.Repo{
 				Name: "repo",
-				MultiArchImages: []test.RepoMultiArchImage{
+				MultiArchImages: []ociutils.RepoMultiArchImage{
 					{
 						MultiarchImage: multiArch,
 						Tag:            "160-multiarch",
@@ -931,17 +931,17 @@ func TestDownloadCount(t *testing.T) {
 
 		multiArch := CreateMultiarchWith().Images([]Image{img1, img2, img3}).Build()
 
-		repoMeta, manifestMetaMap, indexDataMap := test.GetMetadataForRepos(
-			test.Repo{
+		repoMeta, manifestMetaMap, indexDataMap := ociutils.GetMetadataForRepos(
+			ociutils.Repo{
 				Name: "repo",
-				Images: []test.RepoImage{
+				Images: []ociutils.RepoImage{
 					{
 						Image:      CreateRandomImage(),
 						Tag:        "5-downloads",
 						Statistics: mTypes.DescriptorStatistics{DownloadCount: 5},
 					},
 				},
-				MultiArchImages: []test.RepoMultiArchImage{
+				MultiArchImages: []ociutils.RepoMultiArchImage{
 					{
 						MultiarchImage: multiArch,
 						Tag:            "160-multiarch",

pkg/extensions/search/cve/cve_test.go

@@ -38,9 +38,11 @@ import (
 	mTypes "zotregistry.io/zot/pkg/meta/types"
 	"zotregistry.io/zot/pkg/storage"
 	"zotregistry.io/zot/pkg/storage/local"
-	. "zotregistry.io/zot/pkg/test"
+	. "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
 )
 
 const (
@@ -88,7 +90,7 @@ func testSetup(t *testing.T) (string, error) {
 		return "", err
 	}
 
-	testStorageCtrl := GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+	testStorageCtrl := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
 
 	err = WriteImageToFileSystem(CreateRandomVulnerableImage(), "zot-test", "0.0.1", testStorageCtrl)
 	if err != nil {
@@ -1647,28 +1649,29 @@ func TestFixedTagsWithIndex(t *testing.T) {
 		defer cm.StopServer()
 		// push index with 2 manifests: one with vulns and one without
 		vulnManifestCreated := time.Date(2010, 1, 1, 1, 1, 1, 1, time.UTC)
-		vulnManifest, err := GetVulnImageWithConfig(ispec.Image{
+		vulnManifest, err := deprecated.GetVulnImageWithConfig(ispec.Image{ //nolint:staticcheck
 			Created:  &vulnManifestCreated,
 			Platform: ispec.Platform{OS: "linux", Architecture: "amd64"},
 		})
 		So(err, ShouldBeNil)
 
 		fixedManifestCreated := time.Date(2010, 1, 1, 1, 1, 1, 1, time.UTC)
-		fixedManifest, err := GetImageWithConfig(ispec.Image{
+		fixedManifest, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck
 			Created:  &fixedManifestCreated,
 			Platform: ispec.Platform{OS: "windows", Architecture: "amd64"},
 		})
 		So(err, ShouldBeNil)
 		fixedDigest := fixedManifest.Digest()
 
-		multiArch := GetMultiarchImageForImages([]Image{fixedManifest, vulnManifest})
+		multiArch := deprecated.GetMultiarchImageForImages([]Image{fixedManifest, //nolint:staticcheck
+			vulnManifest})
 
 		err = UploadMultiarchImage(multiArch, baseURL, "repo", "multi-arch-tag")
 		So(err, ShouldBeNil)
 
 		// oldest vulnerability
 		simpleVulnCreated := time.Date(2005, 1, 1, 1, 1, 1, 1, time.UTC)
-		simpleVulnImg, err := GetVulnImageWithConfig(ispec.Image{
+		simpleVulnImg, err := deprecated.GetVulnImageWithConfig(ispec.Image{ //nolint:staticcheck
 			Created:  &simpleVulnCreated,
 			Platform: ispec.Platform{OS: "windows", Architecture: "amd64"},
 		})

pkg/extensions/search/cve/scan_test.go

@@ -31,7 +31,7 @@ import (
 	"zotregistry.io/zot/pkg/scheduler"
 	"zotregistry.io/zot/pkg/storage"
 	"zotregistry.io/zot/pkg/storage/local"
-	. "zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
@@ -530,7 +530,7 @@ func TestScanGeneratorWithMockedData(t *testing.T) { //nolint: gocyclo
 		defer cancel()
 
 		// Make sure the scanner generator has completed despite errors
-		found, err := ReadLogFileAndSearchString(logPath,
+		found, err := test.ReadLogFileAndSearchString(logPath,
 			"Scheduled CVE scan: finished for available images", 20*time.Second)
 		So(err, ShouldBeNil)
 		So(found, ShouldBeTrue)
@@ -553,19 +553,19 @@ func TestScanGeneratorWithMockedData(t *testing.T) { //nolint: gocyclo
 		}
 
 		// Make sure the scanner generator is catching the metadb error for repo5:nonexitent-manifest
-		found, err = ReadLogFileAndSearchString(logPath,
+		found, err = test.ReadLogFileAndSearchString(logPath,
 			"Scheduled CVE scan: error while obtaining repo metadata", 20*time.Second)
 		So(err, ShouldBeNil)
 		So(found, ShouldBeTrue)
 
 		// Make sure the scanner generator is catching the scanning error for repo7
-		found, err = ReadLogFileAndSearchString(logPath,
+		found, err = test.ReadLogFileAndSearchString(logPath,
 			"Scheduled CVE scan errored for image", 20*time.Second)
 		So(err, ShouldBeNil)
 		So(found, ShouldBeTrue)
 
 		// Make sure the scanner generator is triggered at least twice
-		found, err = ReadLogFileAndCountStringOccurence(logPath,
+		found, err = test.ReadLogFileAndCountStringOccurence(logPath,
 			"Scheduled CVE scan: finished for available images", 30*time.Second, 2)
 		So(err, ShouldBeNil)
 		So(found, ShouldBeTrue)
@@ -627,17 +627,17 @@ func TestScanGeneratorWithRealData(t *testing.T) {
 		defer cancel()
 
 		// Make sure the scanner generator has completed
-		found, err := ReadLogFileAndSearchString(logPath,
+		found, err := test.ReadLogFileAndSearchString(logPath,
 			"Scheduled CVE scan: finished for available images", 120*time.Second)
 		So(err, ShouldBeNil)
 		So(found, ShouldBeTrue)
 
-		found, err = ReadLogFileAndSearchString(logPath,
+		found, err = test.ReadLogFileAndSearchString(logPath,
 			image.ManifestDescriptor.Digest.String(), 120*time.Second)
 		So(err, ShouldBeNil)
 		So(found, ShouldBeTrue)
 
-		found, err = ReadLogFileAndSearchString(logPath,
+		found, err = test.ReadLogFileAndSearchString(logPath,
 			"Scheduled CVE scan completed successfully for image", 120*time.Second)
 		So(err, ShouldBeNil)
 		So(found, ShouldBeTrue)

pkg/extensions/search/cve/trivy/scanner_internal_test.go

@@ -27,7 +27,8 @@ import (
 	"zotregistry.io/zot/pkg/storage/imagestore"
 	"zotregistry.io/zot/pkg/storage/local"
 	storageTypes "zotregistry.io/zot/pkg/storage/types"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
@@ -35,7 +36,7 @@ import (
 func generateTestImage(storeController storage.StoreController, image string) {
 	repoName, tag := common.GetImageDirAndTag(image)
 
-	config, layers, manifest, err := test.GetImageComponents(10) //nolint:staticcheck
+	config, layers, manifest, err := deprecated.GetImageComponents(10) //nolint:staticcheck
 	So(err, ShouldBeNil)
 
 	store := storeController.GetImageStore(repoName)
@@ -178,10 +179,6 @@ func TestTrivyLibraryErrors(t *testing.T) {
 		// Create temporary directory
 		rootDir := t.TempDir()
 
-		storageCtlr := test.GetDefaultStoreController(rootDir, log.NewLogger("debug", ""))
-		err := test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storageCtlr)
-		So(err, ShouldBeNil)
-
 		log := log.NewLogger("debug", "")
 		metrics := monitoring.NewMetricsServer(false, log)
 
@@ -191,6 +188,9 @@ func TestTrivyLibraryErrors(t *testing.T) {
 		storeController := storage.StoreController{}
 		storeController.DefaultStore = store
 
+		err := WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storeController)
+		So(err, ShouldBeNil)
+
 		params := boltdb.DBParameters{
 			RootDir: rootDir,
 		}

pkg/extensions/search/cve/trivy/scanner_test.go

@@ -23,21 +23,21 @@ import (
 	mTypes "zotregistry.io/zot/pkg/meta/types"
 	"zotregistry.io/zot/pkg/storage"
 	"zotregistry.io/zot/pkg/storage/local"
-	"zotregistry.io/zot/pkg/test"
-	testc "zotregistry.io/zot/pkg/test/common"
+	. "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
 
 func TestScanBigTestFile(t *testing.T) {
 	Convey("Scan zot-test", t, func() {
-		projRootDir, err := testc.GetProjectRootDir()
+		projRootDir, err := GetProjectRootDir()
 		So(err, ShouldBeNil)
 
 		testImage := filepath.Join(projRootDir, "test/data/zot-test")
 
 		tempDir := t.TempDir()
-		port := test.GetFreePort()
+		port := GetFreePort()
 		conf := config.New()
 		conf.HTTP.Port = port
 		defaultVal := true
@@ -50,10 +50,10 @@ func TestScanBigTestFile(t *testing.T) {
 		ctlr := api.NewController(conf)
 		So(ctlr, ShouldNotBeNil)
 
-		err = test.CopyFiles(testImage, filepath.Join(tempDir, "zot-test"))
+		err = CopyFiles(testImage, filepath.Join(tempDir, "zot-test"))
 		So(err, ShouldBeNil)
 
-		cm := test.NewControllerManager(ctlr)
+		cm := NewControllerManager(ctlr)
 		cm.StartAndWait(port)
 		defer cm.StopServer()
 		// scan
@@ -72,8 +72,8 @@ func TestScanningByDigest(t *testing.T) {
 	Convey("Scan the individual manifests inside an index", t, func() {
 		// start server
 		tempDir := t.TempDir()
-		port := test.GetFreePort()
-		baseURL := test.GetBaseURL(port)
+		port := GetFreePort()
+		baseURL := GetBaseURL(port)
 		conf := config.New()
 		conf.HTTP.Port = port
 		defaultVal := true
@@ -86,7 +86,7 @@ func TestScanningByDigest(t *testing.T) {
 		ctlr := api.NewController(conf)
 		So(ctlr, ShouldNotBeNil)
 
-		cm := test.NewControllerManager(ctlr)
+		cm := NewControllerManager(ctlr)
 		cm.StartAndWait(port)
 		defer cm.StopServer()
 		// push index with 2 manifests: one with vulns and one without
@@ -94,7 +94,8 @@ func TestScanningByDigest(t *testing.T) {
 
 		simpleImage := CreateRandomImage()
 
-		multiArch := test.GetMultiarchImageForImages([]Image{simpleImage, vulnImage}) //nolint:staticcheck
+		multiArch := deprecated.GetMultiarchImageForImages([]Image{simpleImage, //nolint:staticcheck
+			vulnImage})
 
 		err := UploadMultiarchImage(multiArch, baseURL, "multi-arch", "multi-arch-tag")
 		So(err, ShouldBeNil)
@@ -193,7 +194,7 @@ func TestVulnerableLayer(t *testing.T) {
 			DefaultStore: imageStore,
 		}
 
-		err = test.WriteImageToFileSystem(img, "repo", img.DigestStr(), storeController)
+		err = WriteImageToFileSystem(img, "repo", img.DigestStr(), storeController)
 		So(err, ShouldBeNil)
 
 		params := boltdb.DBParameters{

pkg/extensions/search/cve/update_test.go

@@ -19,7 +19,7 @@ import (
 	mTypes "zotregistry.io/zot/pkg/meta/types"
 	"zotregistry.io/zot/pkg/scheduler"
 	"zotregistry.io/zot/pkg/storage"
-	. "zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
 
@@ -68,7 +68,7 @@ func TestCVEDBGenerator(t *testing.T) {
 		defer cancel()
 
 		// Wait for trivy db to download
-		found, err := ReadLogFileAndCountStringOccurence(logPath,
+		found, err := test.ReadLogFileAndCountStringOccurence(logPath,
 			"DB update completed, next update scheduled", 140*time.Second, 2)
 		So(err, ShouldBeNil)
 		So(found, ShouldBeTrue)

pkg/extensions/search/digest_test.go

@@ -20,7 +20,8 @@ import (
 	"zotregistry.io/zot/pkg/api/constants"
 	"zotregistry.io/zot/pkg/common"
 	extconf "zotregistry.io/zot/pkg/extensions/config"
-	. "zotregistry.io/zot/pkg/test"
+	. "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 )
 
@@ -74,7 +75,7 @@ func TestDigestSearchHTTP(t *testing.T) {
 		layers1 := [][]byte{
 			{3, 2, 2},
 		}
-		image1, err := GetImageWithComponents(
+		image1, err := deprecated.GetImageWithComponents( //nolint: staticcheck
 			ispec.Image{
 				Created: &createdTime1,
 				History: []ispec.History{
@@ -93,7 +94,7 @@ func TestDigestSearchHTTP(t *testing.T) {
 		So(err, ShouldBeNil)
 
 		createdTime2 := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC)
-		image2, err := GetImageWithComponents(
+		image2, err := deprecated.GetImageWithComponents( //nolint: staticcheck
 			ispec.Image{
 				History: []ispec.History{{Created: &createdTime2}},
 				Platform: ispec.Platform{
@@ -292,7 +293,7 @@ func TestDigestSearchHTTPSubPaths(t *testing.T) {
 		// shut down server
 		defer ctrlManager.StopServer()
 
-		config, layers, manifest, err := GetImageComponents(100)
+		config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint: staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImage(Image{Manifest: manifest, Config: config, Layers: layers}, baseURL, "a/zot-cve-test", "0.0.1")

pkg/extensions/search/search_test.go

@@ -42,10 +42,12 @@ import (
 	"zotregistry.io/zot/pkg/storage"
 	"zotregistry.io/zot/pkg/storage/local"
 	storageTypes "zotregistry.io/zot/pkg/storage/types"
-	. "zotregistry.io/zot/pkg/test"
+	. "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
-	ocilayout "zotregistry.io/zot/pkg/test/oci-layout"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
+	"zotregistry.io/zot/pkg/test/signature"
 )
 
 const (
@@ -381,7 +383,7 @@ func TestRepoListWithNewestImage(t *testing.T) {
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
-		config, layers, _, err := GetImageComponents(100)
+		config, layers, _, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		uploadedImage := CreateImageWith().LayerBlobs(layers).ImageConfig(config).Build()
@@ -722,7 +724,7 @@ func TestRepoListWithNewestImage(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(resp.StatusCode(), ShouldEqual, 422)
 
-		config, layers, manifest, err := GetImageComponents(100)
+		config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImage(Image{Manifest: manifest, Config: config, Layers: layers}, baseURL, "zot-cve-test", "0.0.1")
@@ -810,7 +812,7 @@ func TestGetReferrersGQL(t *testing.T) {
 
 		// =======================
 
-		config, layers, manifest, err := GetImageComponents(1000)
+		config, layers, manifest, err := deprecated.GetImageComponents(1000) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		repo := "artifact-ref"
@@ -943,7 +945,7 @@ func TestGetReferrersGQL(t *testing.T) {
 
 		// =======================
 
-		multiarch, err := GetRandomMultiarchImage("multiarch")
+		multiarch, err := deprecated.GetRandomMultiarchImage("multiarch") //nolint:staticcheck
 		So(err, ShouldBeNil)
 		repo := "artifact-ref"
 
@@ -1069,14 +1071,14 @@ func TestGetReferrersGQL(t *testing.T) {
 
 		// Upload the index referrer
 
-		targetImg, err := GetRandomImage()
+		targetImg, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 		targetDigest := targetImg.Digest()
 
 		err = UploadImage(targetImg, baseURL, "repo", targetDigest.String())
 		So(err, ShouldBeNil)
 
-		indexReferrer, err := GetRandomMultiarchImage("ref")
+		indexReferrer, err := deprecated.GetRandomMultiarchImage("ref") //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		artifactType := "com.artifact.art/type"
@@ -1171,7 +1173,7 @@ func TestExpandedRepoInfo(t *testing.T) {
 
 		// init storage layout with 3 images
 		for i := 1; i <= 3; i++ {
-			config, layers, manifest, err := GetImageComponents(100)
+			config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			err = WriteImageToFileSystem(
@@ -1270,7 +1272,7 @@ func TestExpandedRepoInfo(t *testing.T) {
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
-		config, layers, _, err := GetImageComponents(100)
+		config, layers, _, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		annotations := make(map[string]string)
@@ -1362,7 +1364,7 @@ func TestExpandedRepoInfo(t *testing.T) {
 		}
 		So(found, ShouldEqual, true)
 
-		err = SignImageUsingCosign("zot-cve-test:0.0.1", port)
+		err = signature.SignImageUsingCosign("zot-cve-test:0.0.1", port)
 		So(err, ShouldBeNil)
 
 		resp, err = resty.R().Get(baseURL + graphqlQueryPrefix + "?query=" + url.QueryEscape(query))
@@ -1434,7 +1436,7 @@ func TestExpandedRepoInfo(t *testing.T) {
 		}
 		So(found, ShouldEqual, true)
 
-		err = SignImageUsingCosign("zot-test@"+testManifestDigest.String(), port)
+		err = signature.SignImageUsingCosign("zot-test@"+testManifestDigest.String(), port)
 		So(err, ShouldBeNil)
 
 		resp, err = resty.R().Get(baseURL + graphqlQueryPrefix + "/query?query=" + url.QueryEscape(query))
@@ -1474,7 +1476,7 @@ func TestExpandedRepoInfo(t *testing.T) {
 	})
 
 	Convey("Test expanded repo info with tagged referrers", t, func() {
-		const test = "test"
+		const testTag = "test"
 		rootDir := t.TempDir()
 		port := GetFreePort()
 		baseURL := GetBaseURL(port)
@@ -1494,14 +1496,15 @@ func TestExpandedRepoInfo(t *testing.T) {
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
-		image, err := GetRandomImage()
+		image, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 		manifestDigest := image.Digest()
 
-		err = UploadImage(image, baseURL, "repo", test)
+		err = UploadImage(image, baseURL, "repo", testTag)
 		So(err, ShouldBeNil)
 
-		referrer, err := GetImageWithSubject(manifestDigest, ispec.MediaTypeImageManifest)
+		referrer, err := deprecated.GetImageWithSubject(manifestDigest, //nolint:staticcheck
+			ispec.MediaTypeImageManifest)
 		So(err, ShouldBeNil)
 
 		tag := "test-ref-tag"
@@ -1539,7 +1542,7 @@ func TestExpandedRepoInfo(t *testing.T) {
 
 		for _, imgSum := range repoInfo.ImageSummaries {
 			switch imgSum.Tag {
-			case test:
+			case testTag:
 				foundTagTest = true
 			case "test-ref-tag":
 				foundTagRefTag = true
@@ -1646,7 +1649,7 @@ func TestExpandedRepoInfo(t *testing.T) {
 
 		// ------- Create test images
 
-		indexSubImage11, err := GetImageWithConfig(ispec.Image{
+		indexSubImage11, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck
 			Platform: ispec.Platform{
 				OS:           "os11",
 				Architecture: "arch11",
@@ -1654,7 +1657,7 @@ func TestExpandedRepoInfo(t *testing.T) {
 		})
 		So(err, ShouldBeNil)
 
-		indexSubImage12, err := GetImageWithConfig(ispec.Image{
+		indexSubImage12, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck
 			Platform: ispec.Platform{
 				OS:           "os12",
 				Architecture: "arch12",
@@ -1662,9 +1665,10 @@ func TestExpandedRepoInfo(t *testing.T) {
 		})
 		So(err, ShouldBeNil)
 
-		multiImage1 := GetMultiarchImageForImages([]Image{indexSubImage11, indexSubImage12})
+		multiImage1 := deprecated.GetMultiarchImageForImages([]Image{indexSubImage11, //nolint:staticcheck
+			indexSubImage12})
 
-		indexSubImage21, err := GetImageWithConfig(ispec.Image{
+		indexSubImage21, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck
 			Platform: ispec.Platform{
 				OS:           "os21",
 				Architecture: "arch21",
@@ -1672,7 +1676,7 @@ func TestExpandedRepoInfo(t *testing.T) {
 		})
 		So(err, ShouldBeNil)
 
-		indexSubImage22, err := GetImageWithConfig(ispec.Image{
+		indexSubImage22, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck
 			Platform: ispec.Platform{
 				OS:           "os22",
 				Architecture: "arch22",
@@ -1680,7 +1684,7 @@ func TestExpandedRepoInfo(t *testing.T) {
 		})
 		So(err, ShouldBeNil)
 
-		indexSubImage23, err := GetImageWithConfig(ispec.Image{
+		indexSubImage23, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck
 			Platform: ispec.Platform{
 				OS:           "os23",
 				Architecture: "arch23",
@@ -1688,7 +1692,8 @@ func TestExpandedRepoInfo(t *testing.T) {
 		})
 		So(err, ShouldBeNil)
 
-		multiImage2 := GetMultiarchImageForImages([]Image{indexSubImage21, indexSubImage22, indexSubImage23})
+		multiImage2 := deprecated.GetMultiarchImageForImages([]Image{indexSubImage21, //nolint:staticcheck
+			indexSubImage22, indexSubImage23})
 
 		// ------- Write test Images
 		err = WriteMultiArchImageToFileSystem(multiImage1, "repo", "1.0.0", storeController)
@@ -2199,7 +2204,7 @@ func TestGetImageManifest(t *testing.T) {
 		storeController := storage.StoreController{
 			DefaultStore: mockImageStore,
 		}
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		_, _, err := olu.GetImageManifest("nonexistent-repo", "latest")
 		So(err, ShouldNotBeNil)
@@ -2215,7 +2220,7 @@ func TestGetImageManifest(t *testing.T) {
 		storeController := storage.StoreController{
 			DefaultStore: mockImageStore,
 		}
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		_, _, err := olu.GetImageManifest("test-repo", "latest") //nolint:goconst
 		So(err, ShouldNotBeNil)
@@ -2847,7 +2852,7 @@ func TestGetRepositories(t *testing.T) {
 			DefaultStore: mockImageStore,
 			SubStore:     map[string]storageTypes.ImageStore{"test": mockImageStore},
 		}
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		repoList, err := olu.GetRepositories()
 		So(repoList, ShouldBeEmpty)
@@ -2857,7 +2862,7 @@ func TestGetRepositories(t *testing.T) {
 			DefaultStore: mocks.MockedImageStore{},
 			SubStore:     map[string]storageTypes.ImageStore{"test": mockImageStore},
 		}
-		olu = ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu = ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		repoList, err = olu.GetRepositories()
 		So(repoList, ShouldBeEmpty)
@@ -2887,7 +2892,7 @@ func TestGlobalSearchImageAuthor(t *testing.T) {
 	defer ctlrManager.StopServer()
 
 	Convey("Test global search with author in manifest's annotations", t, func() {
-		cfg, layers, manifest, err := GetImageComponents(10000)
+		cfg, layers, manifest, err := deprecated.GetImageComponents(10000) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		manifest.Annotations = make(map[string]string)
@@ -2951,7 +2956,7 @@ func TestGlobalSearchImageAuthor(t *testing.T) {
 	})
 
 	Convey("Test global search with author in manifest's config", t, func() {
-		cfg, layers, manifest, err := GetImageComponents(10000)
+		cfg, layers, manifest, err := deprecated.GetImageComponents(10000) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImage(
@@ -3043,7 +3048,7 @@ func TestGlobalSearch(t *testing.T) {
 		defer ctlrManager.StopServer()
 
 		// push test images to repo 1 image 1
-		_, layers1, manifest1, err := GetImageComponents(100)
+		_, layers1, manifest1, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		createdTime := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC)
@@ -3096,7 +3101,7 @@ func TestGlobalSearch(t *testing.T) {
 		So(err, ShouldBeNil)
 
 		// push test images to repo 1 image 2
-		config2, layers2, manifest2, err := GetImageComponents(200)
+		config2, layers2, manifest2, err := deprecated.GetImageComponents(200) //nolint:staticcheck
 		So(err, ShouldBeNil)
 		createdTime2 := time.Date(2009, 1, 1, 12, 0, 0, 0, time.UTC)
 		createdTimeL2 = time.Date(2009, 2, 1, 12, 0, 0, 0, time.UTC)
@@ -3135,7 +3140,7 @@ func TestGlobalSearch(t *testing.T) {
 		So(err, ShouldBeNil)
 
 		// push test images to repo 2 image 1
-		config3, layers3, manifest3, err := GetImageComponents(300)
+		config3, layers3, manifest3, err := deprecated.GetImageComponents(300) //nolint:staticcheck
 		So(err, ShouldBeNil)
 		createdTime3 := time.Date(2009, 2, 1, 12, 0, 0, 0, time.UTC)
 		config3.History = append(config3.History, ispec.History{Created: &createdTime3})
@@ -3156,7 +3161,7 @@ func TestGlobalSearch(t *testing.T) {
 		)
 		So(err, ShouldBeNil)
 
-		olu := ocilayout.NewBaseOciLayoutUtils(ctlr.StoreController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(ctlr.StoreController, log.NewLogger("debug", ""))
 
 		// Initialize the objects containing the expected data
 		repos, err := olu.GetRepositories()
@@ -3412,7 +3417,7 @@ func TestGlobalSearch(t *testing.T) {
 		WaitTillServerReady(baseURL)
 
 		// push test images to repo 1 image 1
-		config1, layers1, manifest1, err := GetImageComponents(100)
+		config1, layers1, manifest1, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 		createdTime := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC)
 		config1.History = append(config1.History, ispec.History{Created: &createdTime})
@@ -3434,7 +3439,7 @@ func TestGlobalSearch(t *testing.T) {
 		So(err, ShouldBeNil)
 
 		// push test images to repo 1 image 2
-		config2, layers2, manifest2, err := GetImageComponents(200)
+		config2, layers2, manifest2, err := deprecated.GetImageComponents(200) //nolint:staticcheck
 		So(err, ShouldBeNil)
 		createdTime2 := time.Date(2009, 1, 1, 12, 0, 0, 0, time.UTC)
 		config2.History = append(config2.History, ispec.History{Created: &createdTime2})
@@ -3456,7 +3461,7 @@ func TestGlobalSearch(t *testing.T) {
 		So(err, ShouldBeNil)
 
 		// push test images to repo 2 image 1
-		config3, layers3, manifest3, err := GetImageComponents(300)
+		config3, layers3, manifest3, err := deprecated.GetImageComponents(300) //nolint:staticcheck
 		So(err, ShouldBeNil)
 		createdTime3 := time.Date(2009, 2, 1, 12, 0, 0, 0, time.UTC)
 		config3.History = append(config3.History, ispec.History{Created: &createdTime3})
@@ -3477,7 +3482,7 @@ func TestGlobalSearch(t *testing.T) {
 		)
 		So(err, ShouldBeNil)
 
-		olu := ocilayout.NewBaseOciLayoutUtils(ctlr.StoreController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(ctlr.StoreController, log.NewLogger("debug", ""))
 
 		// Initialize the objects containing the expected data
 		repos, err := olu.GetRepositories()
@@ -3679,7 +3684,7 @@ func TestCleaningFilteringParamsGlobalSearch(t *testing.T) {
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
-		image, err := GetImageWithConfig(ispec.Image{
+		image, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck
 			Platform: ispec.Platform{
 				OS:           "windows",
 				Architecture: "amd64",
@@ -3690,7 +3695,7 @@ func TestCleaningFilteringParamsGlobalSearch(t *testing.T) {
 		err = UploadImage(image, baseURL, "repo1", image.DigestStr())
 		So(err, ShouldBeNil)
 
-		image, err = GetImageWithConfig(ispec.Image{
+		image, err = deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck
 			Platform: ispec.Platform{
 				OS:           "linux",
 				Architecture: "amd64",
@@ -3743,7 +3748,7 @@ func TestGlobalSearchFiltering(t *testing.T) {
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
-		config, layers, manifest, err := GetRandomImageComponents(100)
+		config, layers, manifest, err := deprecated.GetRandomImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImage(
@@ -3755,7 +3760,7 @@ func TestGlobalSearchFiltering(t *testing.T) {
 		)
 		So(err, ShouldBeNil)
 
-		config, layers, manifest, err = GetRandomImageComponents(100)
+		config, layers, manifest, err = deprecated.GetRandomImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImage(
@@ -3767,7 +3772,7 @@ func TestGlobalSearchFiltering(t *testing.T) {
 		)
 		So(err, ShouldBeNil)
 
-		err = SignImageUsingCosign("signed-repo:test", port)
+		err = signature.SignImageUsingCosign("signed-repo:test", port)
 		So(err, ShouldBeNil)
 
 		query := `{
@@ -3907,7 +3912,7 @@ func TestImageList(t *testing.T) {
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
-		config, layers, manifest, err := GetImageComponents(100)
+		config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		createdTime := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC)
@@ -4059,7 +4064,7 @@ func TestGlobalSearchPagination(t *testing.T) {
 		defer ctlrManager.StopServer()
 
 		for i := 0; i < 3; i++ {
-			config, layers, manifest, err := GetImageComponents(10)
+			config, layers, manifest, err := deprecated.GetImageComponents(10) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			err = UploadImage(
@@ -4259,7 +4264,7 @@ func TestMetaDBWhenSigningImages(t *testing.T) {
 		// push test images to repo 1 image 1
 		createdTime := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC)
 
-		image1, err := GetImageWithConfig(ispec.Image{
+		image1, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck
 			History: []ispec.History{
 				{
 					Created: &createdTime,
@@ -4291,7 +4296,7 @@ func TestMetaDBWhenSigningImages(t *testing.T) {
 
 		manifestDigest := godigest.FromBytes(manifestBlob)
 
-		multiArch, err := GetRandomMultiarchImage("index")
+		multiArch, err := deprecated.GetRandomMultiarchImage("index") //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadMultiarchImage(multiArch, baseURL, "repo1", "index")
@@ -4331,7 +4336,7 @@ func TestMetaDBWhenSigningImages(t *testing.T) {
 		`
 
 		Convey("Sign with cosign", func() {
-			err = SignImageUsingCosign("repo1:1.0.1", port)
+			err = signature.SignImageUsingCosign("repo1:1.0.1", port)
 			So(err, ShouldBeNil)
 
 			resp, err := resty.R().Get(baseURL + graphqlQueryPrefix + "?query=" + url.QueryEscape(queryImage1))
@@ -4411,13 +4416,13 @@ func TestMetaDBWhenSigningImages(t *testing.T) {
 					},
 				}
 
-				err := SignImageUsingCosign("repo1:1.0.1", port)
+				err := signature.SignImageUsingCosign("repo1:1.0.1", port)
 				So(err, ShouldNotBeNil)
 			})
 		})
 
 		Convey("Sign with notation", func() {
-			err = SignImageUsingNotary("repo1:1.0.1", port)
+			err = signature.SignImageUsingNotary("repo1:1.0.1", port)
 			So(err, ShouldBeNil)
 
 			resp, err := resty.R().Get(baseURL + graphqlQueryPrefix + "?query=" + url.QueryEscape(queryImage1))
@@ -4434,7 +4439,7 @@ func TestMetaDBWhenSigningImages(t *testing.T) {
 		})
 
 		Convey("Sign with notation index", func() {
-			err = SignImageUsingNotary("repo1:index", port)
+			err = signature.SignImageUsingNotary("repo1:index", port)
 			So(err, ShouldBeNil)
 
 			resp, err := resty.R().Get(baseURL + graphqlQueryPrefix + "?query=" + url.QueryEscape(queryIndex))
@@ -4451,7 +4456,7 @@ func TestMetaDBWhenSigningImages(t *testing.T) {
 		})
 
 		Convey("Sign with cosign index", func() {
-			err = SignImageUsingCosign("repo1:index", port)
+			err = signature.SignImageUsingCosign("repo1:index", port)
 			So(err, ShouldBeNil)
 
 			resp, err := resty.R().Get(baseURL + graphqlQueryPrefix + "?query=" + url.QueryEscape(queryIndex))
@@ -4496,7 +4501,7 @@ func TestMetaDBWhenPushingImages(t *testing.T) {
 					return ErrTestError
 				},
 			}
-			config1, layers1, manifest1, err := GetImageComponents(100)
+			config1, layers1, manifest1, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			configBlob, err := json.Marshal(config1)
@@ -4530,7 +4535,7 @@ func TestMetaDBWhenPushingImages(t *testing.T) {
 				},
 			}
 
-			config1, layers1, manifest1, err := GetImageComponents(100)
+			config1, layers1, manifest1, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			configBlob, err := json.Marshal(config1)
@@ -4585,7 +4590,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 	Convey("Push test index", func() {
 		const repo = "repo"
 
-		multiarchImage, err := GetRandomMultiarchImage("tag1")
+		multiarchImage, err := deprecated.GetRandomMultiarchImage("tag1") //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		indexBlob, err := json.Marshal(multiarchImage.Index)
@@ -4629,7 +4634,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		responseImage := responseImages[0]
 		So(len(responseImage.Manifests), ShouldEqual, 3)
 
-		err = SignImageUsingCosign(fmt.Sprintf("repo@%s", indexDigest), port)
+		err = signature.SignImageUsingCosign(fmt.Sprintf("repo@%s", indexDigest), port)
 		So(err, ShouldBeNil)
 
 		resp, err = resty.R().Get(baseURL + graphqlQueryPrefix + "?query=" + url.QueryEscape(query))
@@ -4671,7 +4676,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 	})
 	Convey("Index base images", func() {
 		// ---------------- BASE IMAGE -------------------
-		imageAMD64, err := GetImageWithComponents(
+		imageAMD64, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			ispec.Image{
 				Platform: ispec.Platform{
 					OS:           "linux",
@@ -4684,7 +4689,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 			})
 		So(err, ShouldBeNil)
 
-		imageSomeArch, err := GetImageWithComponents(
+		imageSomeArch, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			ispec.Image{
 				Platform: ispec.Platform{
 					OS:           "linux",
@@ -4696,7 +4701,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 			})
 		So(err, ShouldBeNil)
 
-		multiImage := GetMultiarchImageForImages([]Image{
+		multiImage := deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck
 			imageAMD64,
 			imageSomeArch,
 		})
@@ -4705,7 +4710,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		// ---------------- BASE IMAGE -------------------
 
 		//  ---------------- SAME LAYERS -------------------
-		image1, err := GetImageWithComponents(
+		image1, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageSomeArch.Config,
 			[][]byte{
 				{0, 0, 2},
@@ -4713,20 +4718,20 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		)
 		So(err, ShouldBeNil)
 
-		image2, err := GetImageWithComponents(
+		image2, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageAMD64.Config,
 			imageAMD64.Layers,
 		)
 		So(err, ShouldBeNil)
 
-		multiImage = GetMultiarchImageForImages([]Image{image1, image2})
+		multiImage = deprecated.GetMultiarchImageForImages([]Image{image1, image2}) //nolint:staticcheck
 
 		err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-same-layers", "index-one-arch-same-layers")
 		So(err, ShouldBeNil)
 		//  ---------------- SAME LAYERS -------------------
 
 		//  ---------------- LESS LAYERS -------------------
-		image1, err = GetImageWithComponents(
+		image1, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageSomeArch.Config,
 			[][]byte{
 				{3, 2, 2},
@@ -4735,19 +4740,19 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		)
 		So(err, ShouldBeNil)
 
-		image2, err = GetImageWithComponents(
+		image2, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageAMD64.Config,
 			[][]byte{imageAMD64.Layers[0]},
 		)
 		So(err, ShouldBeNil)
-		multiImage = GetMultiarchImageForImages([]Image{image1, image2})
+		multiImage = deprecated.GetMultiarchImageForImages([]Image{image1, image2}) //nolint:staticcheck
 
 		err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-less-layers", "index-one-arch-less-layers")
 		So(err, ShouldBeNil)
 		//  ---------------- LESS LAYERS -------------------
 
 		//  ---------------- LESS LAYERS FALSE -------------------
-		image1, err = GetImageWithComponents(
+		image1, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageSomeArch.Config,
 			[][]byte{
 				{3, 2, 2},
@@ -4758,19 +4763,19 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		auxLayer := imageAMD64.Layers[0]
 		auxLayer[0] = 20
 
-		image2, err = GetImageWithComponents(
+		image2, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageAMD64.Config,
 			[][]byte{auxLayer},
 		)
 		So(err, ShouldBeNil)
-		multiImage = GetMultiarchImageForImages([]Image{image1, image2})
+		multiImage = deprecated.GetMultiarchImageForImages([]Image{image1, image2}) //nolint:staticcheck
 		err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-less-layers-false",
 			"index-one-arch-less-layers-false")
 		So(err, ShouldBeNil)
 		//  ---------------- LESS LAYERS FALSE -------------------
 
 		//  ---------------- MORE LAYERS -------------------
-		image1, err = GetImageWithComponents(
+		image1, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageSomeArch.Config,
 			[][]byte{
 				{0, 0, 2},
@@ -4779,12 +4784,12 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		)
 		So(err, ShouldBeNil)
 
-		image2, err = GetImageWithComponents(
+		image2, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageAMD64.Config,
 			append(imageAMD64.Layers, []byte{1, 3, 55}),
 		)
 		So(err, ShouldBeNil)
-		multiImage = GetMultiarchImageForImages([]Image{image1, image2})
+		multiImage = deprecated.GetMultiarchImageForImages([]Image{image1, image2}) //nolint:staticcheck
 
 		err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-more-layers", "index-one-arch-more-layers")
 		So(err, ShouldBeNil)
@@ -4820,7 +4825,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 
 	Convey("Index base images for digest", func() {
 		// ---------------- BASE IMAGE -------------------
-		imageAMD64, err := GetImageWithComponents(
+		imageAMD64, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			ispec.Image{
 				Platform: ispec.Platform{
 					OS:           "linux",
@@ -4835,7 +4840,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 
 		baseLinuxAMD64Digest := imageAMD64.Digest()
 
-		imageSomeArch, err := GetImageWithComponents(
+		imageSomeArch, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			ispec.Image{
 				Platform: ispec.Platform{
 					OS:           "linux",
@@ -4849,12 +4854,13 @@ func RunMetaDBIndexTests(baseURL, port string) {
 
 		baseLinuxSomeArchDigest := imageSomeArch.Digest()
 
-		multiImage := GetMultiarchImageForImages([]Image{imageAMD64, imageSomeArch})
+		multiImage := deprecated.GetMultiarchImageForImages([]Image{imageAMD64, //nolint:staticcheck
+			imageSomeArch})
 		err = UploadMultiarchImage(multiImage, baseURL, "test-repo", "index")
 		So(err, ShouldBeNil)
 		// ---------------- BASE IMAGE FOR LINUX AMD64 -------------------
 
-		image, err := GetImageWithComponents(
+		image, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageAMD64.Config,
 			[][]byte{imageAMD64.Layers[0]},
 		)
@@ -4865,7 +4871,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 
 		// ---------------- BASE IMAGE FOR LINUX SOMEARCH -------------------
 
-		image, err = GetImageWithComponents(
+		image, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageAMD64.Config,
 			[][]byte{imageSomeArch.Layers[0]},
 		)
@@ -4918,7 +4924,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 
 	Convey("Index derived images", func() {
 		// ---------------- BASE IMAGE -------------------
-		imageAMD64, err := GetImageWithComponents(
+		imageAMD64, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			ispec.Image{
 				Platform: ispec.Platform{
 					OS:           "linux",
@@ -4931,7 +4937,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 			})
 		So(err, ShouldBeNil)
 
-		imageSomeArch, err := GetImageWithComponents(
+		imageSomeArch, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			ispec.Image{
 				Platform: ispec.Platform{
 					OS:           "linux",
@@ -4943,7 +4949,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 			})
 		So(err, ShouldBeNil)
 
-		multiImage := GetMultiarchImageForImages([]Image{
+		multiImage := deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck
 			imageAMD64, imageSomeArch,
 		})
 		err = UploadMultiarchImage(multiImage, baseURL, "test-repo", "latest")
@@ -4951,7 +4957,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		// ---------------- BASE IMAGE -------------------
 
 		//  ---------------- SAME LAYERS -------------------
-		image1, err := GetImageWithComponents(
+		image1, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageSomeArch.Config,
 			[][]byte{
 				{0, 0, 2},
@@ -4959,13 +4965,13 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		)
 		So(err, ShouldBeNil)
 
-		image2, err := GetImageWithComponents(
+		image2, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageAMD64.Config,
 			imageAMD64.Layers,
 		)
 		So(err, ShouldBeNil)
 
-		multiImage = GetMultiarchImageForImages([]Image{
+		multiImage = deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck
 			image1, image2,
 		})
 		err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-same-layers", "index-one-arch-same-layers")
@@ -4973,7 +4979,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		//  ---------------- SAME LAYERS -------------------
 
 		//  ---------------- LESS LAYERS -------------------
-		image1, err = GetImageWithComponents(
+		image1, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageSomeArch.Config,
 			[][]byte{
 				{3, 2, 2},
@@ -4982,12 +4988,12 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		)
 		So(err, ShouldBeNil)
 
-		image2, err = GetImageWithComponents(
+		image2, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageAMD64.Config,
 			[][]byte{imageAMD64.Layers[0]},
 		)
 		So(err, ShouldBeNil)
-		multiImage = GetMultiarchImageForImages([]Image{
+		multiImage = deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck
 			image1, image2,
 		})
 		err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-less-layers", "index-one-arch-less-layers")
@@ -4995,7 +5001,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		//  ---------------- LESS LAYERS -------------------
 
 		//  ---------------- LESS LAYERS FALSE -------------------
-		image1, err = GetImageWithComponents(
+		image1, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageSomeArch.Config,
 			[][]byte{
 				{3, 2, 2},
@@ -5004,12 +5010,12 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		)
 		So(err, ShouldBeNil)
 
-		image2, err = GetImageWithComponents(
+		image2, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageAMD64.Config,
 			[][]byte{{99, 100, 102}},
 		)
 		So(err, ShouldBeNil)
-		multiImage = GetMultiarchImageForImages([]Image{
+		multiImage = deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck
 			image1, image2,
 		})
 		err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-less-layers-false",
@@ -5018,7 +5024,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		//  ---------------- LESS LAYERS FALSE -------------------
 
 		//  ---------------- MORE LAYERS -------------------
-		image1, err = GetImageWithComponents(
+		image1, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageSomeArch.Config,
 			[][]byte{
 				{0, 0, 2},
@@ -5027,7 +5033,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		)
 		So(err, ShouldBeNil)
 
-		image2, err = GetImageWithComponents(
+		image2, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageAMD64.Config,
 			[][]byte{
 				imageAMD64.Layers[0],
@@ -5037,7 +5043,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 		)
 		So(err, ShouldBeNil)
 
-		multiImage = GetMultiarchImageForImages([]Image{
+		multiImage = deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck
 			image1, image2,
 		})
 		err = UploadMultiarchImage(multiImage, baseURL, "index-one-arch-more-layers", "index-one-arch-more-layers")
@@ -5074,7 +5080,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 
 	Convey("Index derived images for digest", func() {
 		// ---------------- BASE IMAGE -------------------
-		imageAMD64, err := GetImageWithComponents(
+		imageAMD64, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			ispec.Image{
 				Platform: ispec.Platform{
 					OS:           "linux",
@@ -5089,7 +5095,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 
 		baseLinuxAMD64Digest := imageAMD64.Digest()
 
-		imageSomeArch, err := GetImageWithComponents(
+		imageSomeArch, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			ispec.Image{
 				Platform: ispec.Platform{
 					OS:           "linux",
@@ -5103,14 +5109,14 @@ func RunMetaDBIndexTests(baseURL, port string) {
 
 		baseLinuxSomeArchDigest := imageSomeArch.Digest()
 
-		multiImage := GetMultiarchImageForImages([]Image{
+		multiImage := deprecated.GetMultiarchImageForImages([]Image{ //nolint:staticcheck
 			imageAMD64, imageSomeArch,
 		})
 		err = UploadMultiarchImage(multiImage, baseURL, "test-repo", "index")
 		So(err, ShouldBeNil)
 		// ---------------- BASE IMAGE FOR LINUX AMD64 -------------------
 
-		image, err := GetImageWithComponents(
+		image, err := deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageAMD64.Config,
 			[][]byte{
 				imageAMD64.Layers[0],
@@ -5126,7 +5132,7 @@ func RunMetaDBIndexTests(baseURL, port string) {
 
 		// ---------------- BASE IMAGE FOR LINUX SOMEARCH -------------------
 
-		image, err = GetImageWithComponents(
+		image, err = deprecated.GetImageWithComponents( //nolint:staticcheck
 			imageAMD64.Config,
 			[][]byte{
 				imageSomeArch.Layers[0],
@@ -5203,7 +5209,7 @@ func TestMetaDBWhenReadingImages(t *testing.T) {
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
-		config1, layers1, manifest1, err := GetImageComponents(100)
+		config1, layers1, manifest1, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImage(
@@ -5289,7 +5295,7 @@ func TestMetaDBWhenDeletingImages(t *testing.T) {
 		defer ctlrManager.StopServer()
 
 		// push test images to repo 1 image 1
-		image1, err := GetRandomImage()
+		image1, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImage(image1, baseURL, "repo1", "1.0.1")
@@ -5297,7 +5303,7 @@ func TestMetaDBWhenDeletingImages(t *testing.T) {
 
 		// push test images to repo 1 image 2
 		createdTime2 := time.Date(2009, 1, 1, 12, 0, 0, 0, time.UTC)
-		image2, err := GetImageWithConfig(ispec.Image{
+		image2, err := deprecated.GetImageWithConfig(ispec.Image{ //nolint:staticcheck
 			Created: &createdTime2,
 			History: []ispec.History{
 				{
@@ -5357,7 +5363,7 @@ func TestMetaDBWhenDeletingImages(t *testing.T) {
 
 		Convey("Delete a cosign signature", func() {
 			repo := "repo1"
-			err := SignImageUsingCosign("repo1:1.0.1", port)
+			err := signature.SignImageUsingCosign("repo1:1.0.1", port)
 			So(err, ShouldBeNil)
 
 			query := `
@@ -5432,7 +5438,7 @@ func TestMetaDBWhenDeletingImages(t *testing.T) {
 
 		Convey("Delete a notary signature", func() {
 			repo := "repo1"
-			err := SignImageUsingNotary("repo1:1.0.1", port)
+			err := signature.SignImageUsingNotary("repo1:1.0.1", port)
 			So(err, ShouldBeNil)
 
 			query := `
@@ -5526,7 +5532,8 @@ func TestMetaDBWhenDeletingImages(t *testing.T) {
 		Convey("Delete a referrer", func() {
 			referredImageDigest := image1.Digest()
 
-			referrerImage, err := GetImageWithSubject(referredImageDigest, ispec.MediaTypeImageManifest)
+			referrerImage, err := deprecated.GetImageWithSubject(referredImageDigest, //nolint:staticcheck
+				ispec.MediaTypeImageManifest)
 			So(err, ShouldBeNil)
 
 			err = UploadImage(referrerImage, baseURL, "repo1", referrerImage.DigestStr())
@@ -5724,7 +5731,7 @@ func TestSearchSize(t *testing.T) {
 		defer ctlrManager.StopServer()
 
 		repoName := "testrepo"
-		config, layers, manifest, err := GetImageComponents(10000)
+		config, layers, manifest, err := deprecated.GetImageComponents(10000) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		configBlob, err := json.Marshal(config)
@@ -5986,7 +5993,7 @@ func TestImageSummary(t *testing.T) {
 
 		createdTime := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC)
 
-		image, err := GetImageWithConfig(
+		image, err := deprecated.GetImageWithConfig( //nolint:staticcheck
 			ispec.Image{
 				History: []ispec.History{{Created: &createdTime}},
 				Platform: ispec.Platform{
@@ -6002,7 +6009,7 @@ func TestImageSummary(t *testing.T) {
 		So(err, ShouldBeNil)
 
 		// ------ Add a referrer
-		referrerImage, err := GetImageWithConfig(ispec.Image{})
+		referrerImage, err := deprecated.GetImageWithConfig(ispec.Image{}) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		referrerImage.Manifest.Subject = &ispec.Descriptor{
@@ -6179,7 +6186,7 @@ func TestImageSummary(t *testing.T) {
 			}`
 
 		gqlEndpoint := fmt.Sprintf("%s%s?query=", baseURL, graphqlQueryPrefix)
-		config, layers, manifest, err := GetImageComponents(100)
+		config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 		createdTime := time.Date(2010, 1, 1, 12, 0, 0, 0, time.UTC)
 		config.History = append(config.History, ispec.History{Created: &createdTime})
@@ -6309,7 +6316,7 @@ func TestImageSummary(t *testing.T) {
 		artType1 := "application/test.signature.v1"
 		artType2 := "application/test.signature.v2"
 
-		img1, err := GetRandomImage()
+		img1, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 		img1.Manifest.Config = ispec.DescriptorEmptyJSON
 		img1.Manifest.ArtifactType = artType1
@@ -6318,7 +6325,7 @@ func TestImageSummary(t *testing.T) {
 		err = UploadImage(img1, baseURL, "repo", "art1")
 		So(err, ShouldBeNil)
 
-		img2, err := GetRandomImage()
+		img2, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 		img2.Manifest.Config.MediaType = artType2
 		digest2 := img2.Digest()

pkg/extensions/search/userprefs_test.go

@@ -23,7 +23,8 @@ import (
 	"zotregistry.io/zot/pkg/log"
 	"zotregistry.io/zot/pkg/storage"
 	"zotregistry.io/zot/pkg/storage/local"
-	. "zotregistry.io/zot/pkg/test"
+	. "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 )
 
@@ -97,7 +98,7 @@ func TestUserData(t *testing.T) {
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
-		config, layers, manifest, err := GetImageComponents(100)
+		config, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImageWithBasicAuth(
@@ -538,7 +539,7 @@ func TestChangingRepoState(t *testing.T) {
 
 	ctlr := api.NewController(conf)
 
-	img, err := GetRandomImage()
+	img, err := deprecated.GetRandomImage() //nolint:staticcheck
 	if err != nil {
 		t.FailNow()
 	}
@@ -672,14 +673,14 @@ func TestGlobalSearchWithUserPrefFiltering(t *testing.T) {
 
 		// ------ Add simple repo
 		repo := "repo"
-		img, err := GetRandomImage()
+		img, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 		err = UploadImageWithBasicAuth(img, baseURL, repo, "tag", simpleUser, simpleUserPassword)
 		So(err, ShouldBeNil)
 
 		// ------ Add repo and star it
 		sRepo := "starred-repo"
-		img, err = GetRandomImage()
+		img, err = deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 		err = UploadImageWithBasicAuth(img, baseURL, sRepo, "tag", simpleUser, simpleUserPassword)
 		So(err, ShouldBeNil)
@@ -690,7 +691,7 @@ func TestGlobalSearchWithUserPrefFiltering(t *testing.T) {
 
 		// ------ Add repo and bookmark it
 		bRepo := "bookmarked-repo"
-		img, err = GetRandomImage()
+		img, err = deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 		err = UploadImageWithBasicAuth(img, baseURL, bRepo, "tag", simpleUser, simpleUserPassword)
 		So(err, ShouldBeNil)
@@ -701,7 +702,7 @@ func TestGlobalSearchWithUserPrefFiltering(t *testing.T) {
 
 		// ------ Add repo, star and bookmark it
 		sbRepo := "starred-bookmarked-repo"
-		img, err = GetRandomImage()
+		img, err = deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 		err = UploadImageWithBasicAuth(img, baseURL, sbRepo, "tag", simpleUser, simpleUserPassword)
 		So(err, ShouldBeNil)
@@ -868,7 +869,7 @@ func TestExpandedRepoInfoWithUserPrefs(t *testing.T) {
 
 		// ------ Add sbrepo and star/bookmark it
 		sbrepo := "sbrepo"
-		img, err := GetRandomImage()
+		img, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 		err = UploadImageWithBasicAuth(img, baseURL, sbrepo, "tag", simpleUser, simpleUserPassword)
 		So(err, ShouldBeNil)
@@ -908,7 +909,7 @@ func TestExpandedRepoInfoWithUserPrefs(t *testing.T) {
 
 		// ------ Add srepo and star it
 		srepo := "srepo"
-		img, err = GetRandomImage()
+		img, err = deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 		err = UploadImageWithBasicAuth(img, baseURL, srepo, "tag", simpleUser, simpleUserPassword)
 		So(err, ShouldBeNil)
@@ -943,7 +944,7 @@ func TestExpandedRepoInfoWithUserPrefs(t *testing.T) {
 
 		// ------ Add brepo and bookmark it
 		brepo := "brepo"
-		img, err = GetRandomImage()
+		img, err = deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 		err = UploadImageWithBasicAuth(img, baseURL, brepo, "tag", simpleUser, simpleUserPassword)
 		So(err, ShouldBeNil)
@@ -978,7 +979,7 @@ func TestExpandedRepoInfoWithUserPrefs(t *testing.T) {
 
 		// ------ Add repo without star/bookmark
 		repo := "repo"
-		img, err = GetRandomImage()
+		img, err = deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 		err = UploadImageWithBasicAuth(img, baseURL, repo, "tag", simpleUser, simpleUserPassword)
 		So(err, ShouldBeNil)

pkg/extensions/sync/sync_disabled_test.go

@@ -14,7 +14,7 @@ import (
 	"zotregistry.io/zot/pkg/api/config"
 	extconf "zotregistry.io/zot/pkg/extensions/config"
 	syncconf "zotregistry.io/zot/pkg/extensions/config/sync"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
 )
 
 func TestSyncExtension(t *testing.T) {

pkg/extensions/sync/sync_internal_test.go

@@ -31,10 +31,10 @@ import (
 	"zotregistry.io/zot/pkg/storage/cache"
 	storageConstants "zotregistry.io/zot/pkg/storage/constants"
 	"zotregistry.io/zot/pkg/storage/local"
-	"zotregistry.io/zot/pkg/test"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/inject"
 	"zotregistry.io/zot/pkg/test/mocks"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
 )
 
 const (
@@ -222,7 +222,7 @@ func TestLocalRegistry(t *testing.T) {
 			So(err, ShouldBeNil)
 			So(upload, ShouldNotBeEmpty)
 
-			cblob, cdigest := test.GetRandomImageConfig()
+			cblob, cdigest := GetRandomImageConfig()
 			buf := bytes.NewBuffer(cblob)
 			buflen := buf.Len()
 			blob, err := imgStore.PutBlobChunkStreamed(repoName, upload, buf)
@@ -394,7 +394,7 @@ func TestLocalRegistry(t *testing.T) {
 			So(err, ShouldBeNil)
 			So(upload, ShouldNotBeEmpty)
 
-			cblob, cdigest := test.GetRandomImageConfig()
+			cblob, cdigest := GetRandomImageConfig()
 			buf = bytes.NewBuffer(cblob)
 			buflen = buf.Len()
 			blob, err = imgStore.PutBlobChunkStreamed(repoName, upload, buf)
@@ -445,9 +445,9 @@ func TestConvertDockerToOCI(t *testing.T) {
 	Convey("test converting docker to oci functions", t, func() {
 		dir := t.TempDir()
 
-		srcStorageCtlr := test.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
+		srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log.NewLogger("debug", ""))
 
-		err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr)
+		err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		imageRef, err := layout.NewReference(path.Join(dir, "zot-test"), "0.0.1")

pkg/extensions/sync/sync_test.go

@@ -47,10 +47,12 @@ import (
 	"zotregistry.io/zot/pkg/log"
 	mTypes "zotregistry.io/zot/pkg/meta/types"
 	storageConstants "zotregistry.io/zot/pkg/storage/constants"
-	"zotregistry.io/zot/pkg/test"
-	testc "zotregistry.io/zot/pkg/test/common"
+	test "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
+	"zotregistry.io/zot/pkg/test/signature"
 )
 
 const (
@@ -138,14 +140,14 @@ func makeUpstreamServer(
 	srcConfig.Storage.GC = false
 
 	srcDir := t.TempDir()
-	srcStorageCtrl := test.GetDefaultStoreController(srcDir, log.NewLogger("debug", ""))
+	srcStorageCtrl := ociutils.GetDefaultStoreController(srcDir, log.NewLogger("debug", ""))
 
-	err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtrl)
+	err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtrl)
 	if err != nil {
 		panic(err)
 	}
 
-	err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtrl)
+	err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtrl)
 	if err != nil {
 		panic(err)
 	}
@@ -735,7 +737,7 @@ func TestOnDemand(t *testing.T) {
 			cm.StartAndWait(conf.HTTP.Port)
 			defer cm.StopServer()
 
-			imageConfig, layers, manifest, err := test.GetRandomImageComponents(10) //nolint:staticcheck
+			imageConfig, layers, manifest, err := deprecated.GetRandomImageComponents(10) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			manifestBlob, err := json.Marshal(manifest)
@@ -750,7 +752,7 @@ func TestOnDemand(t *testing.T) {
 			So(err, ShouldBeNil)
 
 			// sign using cosign
-			err = test.SignImageUsingCosign(fmt.Sprintf("remote-repo@%s", manifestDigest.String()), port)
+			err = signature.SignImageUsingCosign(fmt.Sprintf("remote-repo@%s", manifestDigest.String()), port)
 			So(err, ShouldBeNil)
 
 			// add cosign sbom
@@ -1089,7 +1091,7 @@ func TestSyncWithNonDistributableBlob(t *testing.T) {
 
 		dcm := test.NewControllerManager(dctlr)
 
-		imageConfig, layers, manifest, err := test.GetRandomImageComponents(10) //nolint:staticcheck
+		imageConfig, layers, manifest, err := deprecated.GetRandomImageComponents(10) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		nonDistributableLayer := make([]byte, 10)
@@ -1278,7 +1280,7 @@ func TestDockerImagesAreSkipped(t *testing.T) {
 
 			// upload multiple manifests
 			for i := 0; i < 4; i++ {
-				config, layers, manifest, err := test.GetImageComponents(1000 + i) //nolint:staticcheck
+				config, layers, manifest, err := deprecated.GetImageComponents(1000 + i) //nolint:staticcheck
 				So(err, ShouldBeNil)
 
 				manifestContent, err := json.Marshal(manifest)
@@ -3113,12 +3115,12 @@ func TestSubPaths(t *testing.T) {
 		srcDir := t.TempDir()
 
 		subpath := "/subpath"
-		srcStorageCtlr := test.GetDefaultStoreController(path.Join(srcDir, subpath), log.NewLogger("debug", ""))
+		srcStorageCtlr := ociutils.GetDefaultStoreController(path.Join(srcDir, subpath), log.NewLogger("debug", ""))
 
-		err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr)
+		err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
-		err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr)
+		err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		srcConfig.Storage.RootDirectory = srcDir
@@ -4108,9 +4110,9 @@ func TestSignatures(t *testing.T) {
 			IgnoreTlog:      true,
 		}
 
-		test.LoadNotationPath(tdir)
+		signature.LoadNotationPath(tdir)
 		// notation verify signed image
-		err = test.VerifyWithNotation(image, tdir)
+		err = signature.VerifyWithNotation(image, tdir)
 		So(err, ShouldBeNil)
 
 		// cosign verify signed image
@@ -4143,9 +4145,9 @@ func TestSignatures(t *testing.T) {
 		// verify sbom signature
 		sbom := fmt.Sprintf("localhost:%s/%s@%s", destPort, repoName, sbomDigest)
 
-		test.LoadNotationPath(tdir)
+		signature.LoadNotationPath(tdir)
 		// notation verify signed sbom
-		err = test.VerifyWithNotation(sbom, tdir)
+		err = signature.VerifyWithNotation(sbom, tdir)
 		So(err, ShouldBeNil)
 
 		vrfy = verify.VerifyCommand{
@@ -4511,16 +4513,16 @@ func TestSyncedSignaturesMetaDB(t *testing.T) {
 		defer scm.StopServer()
 
 		// Push an image
-		signedImage, err := test.GetRandomImage() //nolint:staticcheck
+		signedImage, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		err = UploadImage(signedImage, srcBaseURL, repoName, tag)
 		So(err, ShouldBeNil)
 
-		err = test.SignImageUsingNotary(repoName+":"+tag, srcPort)
+		err = signature.SignImageUsingNotary(repoName+":"+tag, srcPort)
 		So(err, ShouldBeNil)
 
-		err = test.SignImageUsingCosign(repoName+":"+tag, srcPort)
+		err = signature.SignImageUsingCosign(repoName+":"+tag, srcPort)
 		So(err, ShouldBeNil)
 
 		// Create destination registry
@@ -4587,12 +4589,12 @@ func TestOnDemandRetryGoroutine(t *testing.T) {
 
 		srcDir := t.TempDir()
 
-		srcStorageCtlr := test.GetDefaultStoreController(srcDir, log.NewLogger("debug", ""))
+		srcStorageCtlr := ociutils.GetDefaultStoreController(srcDir, log.NewLogger("debug", ""))
 
-		err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr)
+		err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
-		err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr)
+		err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		srcConfig.Storage.RootDirectory = srcDir
@@ -4800,12 +4802,12 @@ func TestOnDemandMultipleImage(t *testing.T) {
 
 		srcDir := t.TempDir()
 
-		srcStorageCtlr := test.GetDefaultStoreController(srcDir, log.NewLogger("debug", ""))
+		srcStorageCtlr := ociutils.GetDefaultStoreController(srcDir, log.NewLogger("debug", ""))
 
-		err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr)
+		err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
-		err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr)
+		err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		srcConfig.Storage.RootDirectory = srcDir
@@ -5126,7 +5128,7 @@ func TestSignaturesOnDemand(t *testing.T) {
 
 		// notation verify the synced image
 		image := fmt.Sprintf("localhost:%s/%s:%s", destPort, repoName, testImageTag)
-		err = test.VerifyWithNotation(image, tdir)
+		err = signature.VerifyWithNotation(image, tdir)
 		So(err, ShouldBeNil)
 
 		// cosign verify the synced image
@@ -5363,7 +5365,7 @@ func TestOnlySignaturesOnDemand(t *testing.T) {
 
 		// sync signature on demand when upstream doesn't have the signature
 		image := fmt.Sprintf("localhost:%s/%s:%s", destPort, repoName, testImageTag)
-		err = test.VerifyWithNotation(image, tdir)
+		err = signature.VerifyWithNotation(image, tdir)
 		So(err, ShouldNotBeNil)
 
 		// cosign verify the synced image
@@ -5382,7 +5384,7 @@ func TestOnlySignaturesOnDemand(t *testing.T) {
 
 		// now it should sync signatures on demand, even if we already have the image
 		image = fmt.Sprintf("localhost:%s/%s:%s", destPort, repoName, testImageTag)
-		err = test.VerifyWithNotation(image, tdir)
+		err = signature.VerifyWithNotation(image, tdir)
 		So(err, ShouldBeNil)
 
 		// cosign verify the synced image
@@ -5448,12 +5450,12 @@ func TestSyncOnlyDiff(t *testing.T) {
 		destDir := t.TempDir()
 
 		// copy images so we have them before syncing, sync should not pull them again
-		destStorageCtrl := test.GetDefaultStoreController(destDir, log.NewLogger("debug", ""))
+		destStorageCtrl := ociutils.GetDefaultStoreController(destDir, log.NewLogger("debug", ""))
 
-		err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", destStorageCtrl)
+		err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", destStorageCtrl)
 		So(err, ShouldBeNil)
 
-		err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", destStorageCtrl)
+		err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", destStorageCtrl)
 		So(err, ShouldBeNil)
 
 		destConfig.Storage.RootDirectory = destDir
@@ -5534,12 +5536,12 @@ func TestSyncWithDiffDigest(t *testing.T) {
 		destDir := t.TempDir()
 
 		// copy images so we have them before syncing, sync should not pull them again
-		srcStorageCtlr := test.GetDefaultStoreController(destDir, log.NewLogger("debug", ""))
+		srcStorageCtlr := ociutils.GetDefaultStoreController(destDir, log.NewLogger("debug", ""))
 
-		err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr)
+		err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
-		err = test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr)
+		err = WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-cve-test", "0.0.1", srcStorageCtlr)
 		So(err, ShouldBeNil)
 
 		destConfig.Storage.RootDirectory = destDir
@@ -5735,7 +5737,7 @@ func TestSyncSignaturesDiff(t *testing.T) {
 
 		// notation verify the image
 		image := fmt.Sprintf("localhost:%s/%s:%s", destPort, repoName, testImageTag)
-		err = test.VerifyWithNotation(image, tdir)
+		err = signature.VerifyWithNotation(image, tdir)
 		So(err, ShouldBeNil)
 
 		// cosign verify the image
@@ -5761,7 +5763,7 @@ func TestSyncSignaturesDiff(t *testing.T) {
 
 		// notation verify the image
 		image = fmt.Sprintf("localhost:%s/%s:%s", destPort, repoName, testImageTag)
-		err = test.VerifyWithNotation(image, tdir)
+		err = signature.VerifyWithNotation(image, tdir)
 		So(err, ShouldBeNil)
 
 		// cosign verify the image
@@ -6091,7 +6093,7 @@ func TestSyncWithDestination(t *testing.T) {
 
 				// notation verify the synced image
 				image := fmt.Sprintf("localhost:%s/%s:%s", destPort, testCase.expected, testImageTag)
-				err = test.VerifyWithNotation(image, tdir)
+				err = signature.VerifyWithNotation(image, tdir)
 				So(err, ShouldBeNil)
 
 				// cosign verify the synced image
@@ -6141,7 +6143,7 @@ func TestSyncWithDestination(t *testing.T) {
 
 				// notation verify the synced image
 				image := fmt.Sprintf("localhost:%s/%s:%s", destPort, testCase.expected, testImageTag)
-				err = test.VerifyWithNotation(image, tdir)
+				err = signature.VerifyWithNotation(image, tdir)
 				So(err, ShouldBeNil)
 
 				// cosign verify the synced image
@@ -6202,7 +6204,7 @@ func TestSyncImageIndex(t *testing.T) {
 
 		// upload multiple manifests
 		for i := 0; i < 4; i++ {
-			config, layers, manifest, err := test.GetImageComponents(1000 + i) //nolint:staticcheck
+			config, layers, manifest, err := deprecated.GetImageComponents(1000 + i) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			manifestContent, err := json.Marshal(manifest)
@@ -6306,12 +6308,12 @@ func generateKeyPairs(tdir string) {
 		}
 	}
 
-	test.NotationPathLock.Lock()
-	defer test.NotationPathLock.Unlock()
+	signature.NotationPathLock.Lock()
+	defer signature.NotationPathLock.Unlock()
 
-	test.LoadNotationPath(tdir)
+	signature.LoadNotationPath(tdir)
 
-	err := test.GenerateNotationCerts(tdir, "good")
+	err := signature.GenerateNotationCerts(tdir, "good")
 	if err != nil {
 		panic(err)
 	}
@@ -6360,20 +6362,20 @@ func signImage(tdir, port, repoName string, digest godigest.Digest) {
 		panic(err)
 	}
 
-	test.NotationPathLock.Lock()
-	defer test.NotationPathLock.Unlock()
+	signature.NotationPathLock.Lock()
+	defer signature.NotationPathLock.Unlock()
 
-	test.LoadNotationPath(tdir)
+	signature.LoadNotationPath(tdir)
 
 	// sign the image
 	image := fmt.Sprintf("localhost:%s/%s@%s", port, repoName, digest.String())
 
-	err = test.SignWithNotation("good", image, tdir)
+	err = signature.SignWithNotation("good", image, tdir)
 	if err != nil {
 		panic(err)
 	}
 
-	err = test.VerifyWithNotation(image, tdir)
+	err = signature.VerifyWithNotation(image, tdir)
 	if err != nil {
 		panic(err)
 	}
@@ -6386,7 +6388,7 @@ func pushRepo(url, repoName string) godigest.Digest {
 		panic(err)
 	}
 
-	loc := testc.Location(url, resp)
+	loc := test.Location(url, resp)
 
 	_, err = resty.R().Get(loc)
 	if err != nil {
@@ -6413,7 +6415,7 @@ func pushRepo(url, repoName string) godigest.Digest {
 		panic(fmt.Errorf("invalid status code: %d %w", resp.StatusCode(), errBadStatus))
 	}
 
-	loc = testc.Location(url, resp)
+	loc = test.Location(url, resp)
 	cblob, cdigest := ispec.DescriptorEmptyJSON.Data, ispec.DescriptorEmptyJSON.Digest
 
 	resp, err = resty.R().
@@ -6442,8 +6444,8 @@ func pushRepo(url, repoName string) godigest.Digest {
 		panic(fmt.Errorf("invalid status code: %d %w", resp.StatusCode(), errBadStatus))
 	}
 
-	loc = testc.Location(url, resp)
-	cblob, cdigest = test.GetRandomImageConfig()
+	loc = test.Location(url, resp)
+	cblob, cdigest = GetRandomImageConfig()
 
 	resp, err = resty.R().
 		SetContentLength(true).
@@ -6610,7 +6612,7 @@ func pushBlob(url string, repoName string, buf []byte) godigest.Digest {
 		panic(fmt.Errorf("invalid status code: %d %w", resp.StatusCode(), errBadStatus))
 	}
 
-	loc := testc.Location(url, resp)
+	loc := test.Location(url, resp)
 
 	digest := godigest.FromBytes(buf)
 	resp, err = resty.R().

pkg/log/log_test.go

@@ -24,8 +24,7 @@ import (
 	"zotregistry.io/zot/pkg/api/config"
 	"zotregistry.io/zot/pkg/api/constants"
 	"zotregistry.io/zot/pkg/log"
-	. "zotregistry.io/zot/pkg/test"
-	testc "zotregistry.io/zot/pkg/test/common"
+	. "zotregistry.io/zot/pkg/test/common"
 )
 
 const (
@@ -128,7 +127,7 @@ func TestAuditLogMessages(t *testing.T) {
 				resp, err := resty.R().SetBasicAuth(username, passphrase).Post(baseURL + path)
 				So(err, ShouldBeNil)
 				So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-				loc := testc.Location(baseURL, resp)
+				loc := Location(baseURL, resp)
 				So(loc, ShouldNotBeEmpty)
 				location := resp.Header().Get("Location")
 				So(location, ShouldNotBeEmpty)
@@ -164,7 +163,7 @@ func TestAuditLogMessages(t *testing.T) {
 					SetHeader("Content-Type", "application/octet-stream").SetBody(content).Put(loc)
 				So(err, ShouldBeNil)
 				So(resp.StatusCode(), ShouldEqual, http.StatusCreated)
-				blobLoc := testc.Location(baseURL, resp)
+				blobLoc := Location(baseURL, resp)
 				So(blobLoc, ShouldNotBeEmpty)
 				So(resp.Header().Get(constants.DistContentDigestKey), ShouldNotBeEmpty)
 
@@ -224,7 +223,7 @@ func TestAuditLogMessages(t *testing.T) {
 				resp, err := resty.R().SetBasicAuth(username, passphrase).Post(baseURL + path)
 				So(err, ShouldBeNil)
 				So(resp.StatusCode(), ShouldEqual, http.StatusAccepted)
-				loc := testc.Location(baseURL, resp)
+				loc := Location(baseURL, resp)
 				So(loc, ShouldNotBeEmpty)
 				location := resp.Header().Get("Location")
 				So(location, ShouldNotBeEmpty)

pkg/meta/boltdb/boltdb_test.go

@@ -20,7 +20,7 @@ import (
 	"zotregistry.io/zot/pkg/meta/boltdb"
 	mTypes "zotregistry.io/zot/pkg/meta/types"
 	reqCtx "zotregistry.io/zot/pkg/requestcontext"
-	"zotregistry.io/zot/pkg/test"
+	. "zotregistry.io/zot/pkg/test/image-utils"
 )
 
 type imgTrustStore struct{}
@@ -815,7 +815,7 @@ func TestWrapperErrors(t *testing.T) {
 				err := boltdbWrapper.SetRepoReference("repo", "tag1", indexDigest, ispec.MediaTypeImageIndex) //nolint:contextcheck
 				So(err, ShouldBeNil)
 
-				indexBlob, err := test.GetIndexBlobWithManifests([]digest.Digest{
+				indexBlob, err := GetIndexBlobWithManifests([]digest.Digest{
 					manifestDigestFromIndex1, manifestDigestFromIndex2,
 				})
 				So(err, ShouldBeNil)

pkg/meta/dynamodb/dynamodb_test.go

@@ -22,7 +22,7 @@ import (
 	mdynamodb "zotregistry.io/zot/pkg/meta/dynamodb"
 	mTypes "zotregistry.io/zot/pkg/meta/types"
 	reqCtx "zotregistry.io/zot/pkg/requestcontext"
-	"zotregistry.io/zot/pkg/test"
+	. "zotregistry.io/zot/pkg/test/image-utils"
 )
 
 const badTablename = "bad tablename"
@@ -1050,7 +1050,7 @@ func TestWrapperErrors(t *testing.T) {
 			err := dynamoWrapper.SetRepoReference("repo", "tag1", indexDigest, ispec.MediaTypeImageIndex) //nolint:contextcheck
 			So(err, ShouldBeNil)
 
-			indexBlob, err := test.GetIndexBlobWithManifests([]digest.Digest{
+			indexBlob, err := GetIndexBlobWithManifests([]digest.Digest{
 				manifestDigestFromIndex1, manifestDigestFromIndex2,
 			})
 			So(err, ShouldBeNil)

pkg/meta/hooks_test.go

@@ -18,7 +18,7 @@ import (
 	mTypes "zotregistry.io/zot/pkg/meta/types"
 	"zotregistry.io/zot/pkg/storage"
 	"zotregistry.io/zot/pkg/storage/local"
-	"zotregistry.io/zot/pkg/test"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
@@ -42,10 +42,10 @@ func TestOnUpdateManifest(t *testing.T) {
 		metaDB, err := boltdb.New(boltDriver, log)
 		So(err, ShouldBeNil)
 
-		config, layers, manifest, err := test.GetRandomImageComponents(100) //nolint:staticcheck
+		config, layers, manifest, err := deprecated.GetRandomImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
-		err = test.WriteImageToFileSystem(
+		err = WriteImageToFileSystem(
 			Image{
 				Config: config, Manifest: manifest, Layers: layers,
 			}, "repo", "tag1", storeController)

pkg/meta/meta_test.go

@@ -31,7 +31,10 @@ import (
 	mdynamodb "zotregistry.io/zot/pkg/meta/dynamodb"
 	mTypes "zotregistry.io/zot/pkg/meta/types"
 	reqCtx "zotregistry.io/zot/pkg/requestcontext"
-	"zotregistry.io/zot/pkg/test"
+	test "zotregistry.io/zot/pkg/test/common"
+	"zotregistry.io/zot/pkg/test/deprecated"
+	. "zotregistry.io/zot/pkg/test/image-utils"
+	signature "zotregistry.io/zot/pkg/test/signature"
 )
 
 const (
@@ -1376,7 +1379,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func
 					ShouldBeZeroValue)
 			})
 			Convey("trusted signature", func() {
-				_, _, manifest, _ := test.GetRandomImageComponents(10) //nolint:staticcheck
+				_, _, manifest, _ := deprecated.GetRandomImageComponents(10) //nolint:staticcheck
 				manifestContent, _ := json.Marshal(manifest)
 				manifestDigest := godigest.FromBytes(manifestContent)
 				repo := "repo"
@@ -1405,19 +1408,19 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func
 
 				keyName := fmt.Sprintf("notation-sign-test-%s", uuid)
 
-				test.NotationPathLock.Lock()
-				defer test.NotationPathLock.Unlock()
+				signature.NotationPathLock.Lock()
+				defer signature.NotationPathLock.Unlock()
 
-				test.LoadNotationPath(tdir)
+				signature.LoadNotationPath(tdir)
 
-				err = test.GenerateNotationCerts(tdir, keyName)
+				err = signature.GenerateNotationCerts(tdir, keyName)
 				So(err, ShouldBeNil)
 
 				// getSigner
 				var newSigner notation.Signer
 
 				// ResolveKey
-				signingKeys, err := test.LoadNotationSigningkeys(tdir)
+				signingKeys, err := signature.LoadNotationSigningkeys(tdir)
 				So(err, ShouldBeNil)
 
 				idx := test.Index(signingKeys.Keys, keyName)
@@ -1987,7 +1990,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func
 				})
 				So(err, ShouldBeNil)
 
-				indexBlob, err := test.GetIndexBlobWithManifests(
+				indexBlob, err := GetIndexBlobWithManifests(
 					[]godigest.Digest{
 						manifestDigest1,
 						manifestDigest2,
@@ -2119,7 +2122,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func
 			err = metaDB.SetRepoReference(repo1, "2.0.0", indexDigest, ispec.MediaTypeImageIndex)
 			So(err, ShouldBeNil)
 
-			indexBlob, err := test.GetIndexBlobWithManifests([]godigest.Digest{
+			indexBlob, err := GetIndexBlobWithManifests([]godigest.Digest{
 				manifestFromIndexDigest1,
 				manifestFromIndexDigest2,
 			})
@@ -2248,7 +2251,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func
 		})
 
 		Convey("Test index logic", func() {
-			multiArch, err := test.GetRandomMultiarchImage("tag1") //nolint:staticcheck
+			multiArch, err := deprecated.GetRandomMultiarchImage("tag1") //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			indexDigest := multiArch.Digest()
@@ -2267,7 +2270,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func
 		})
 
 		Convey("Test Referrers", func() {
-			image, err := test.GetRandomImage() //nolint:staticcheck
+			image, err := deprecated.GetRandomImage() //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			referredDigest := image.Digest()
@@ -2291,7 +2294,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func
 
 			// ------- Add Artifact 1
 
-			artifact1, err := test.GetImageWithSubject( //nolint:staticcheck
+			artifact1, err := deprecated.GetImageWithSubject( //nolint:staticcheck
 				referredDigest,
 				ispec.MediaTypeImageManifest,
 			)
@@ -2307,7 +2310,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func
 
 			// ------- Add Artifact 2
 
-			artifact2, err := test.GetImageWithSubject( //nolint:staticcheck
+			artifact2, err := deprecated.GetImageWithSubject( //nolint:staticcheck
 				referredDigest,
 				ispec.MediaTypeImageManifest,
 			)
@@ -2430,7 +2433,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func
 		})
 
 		Convey("FilterRepos", func() {
-			img, err := test.GetRandomImage() //nolint:staticcheck
+			img, err := deprecated.GetRandomImage() //nolint:staticcheck
 			So(err, ShouldBeNil)
 			imgDigest := img.Digest()
 
@@ -2440,7 +2443,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func
 			err = metaDB.SetManifestData(imgDigest, manifestData)
 			So(err, ShouldBeNil)
 
-			multiarch, err := test.GetRandomMultiarchImage("multi") //nolint:staticcheck
+			multiarch, err := deprecated.GetRandomMultiarchImage("multi") //nolint:staticcheck
 			So(err, ShouldBeNil)
 			multiarchDigest := multiarch.Digest()
 

pkg/meta/parse_test.go

@@ -24,9 +24,10 @@ import (
 	"zotregistry.io/zot/pkg/storage"
 	"zotregistry.io/zot/pkg/storage/local"
 	storageTypes "zotregistry.io/zot/pkg/storage/types"
-	"zotregistry.io/zot/pkg/test"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
+	"zotregistry.io/zot/pkg/test/signature"
 )
 
 const repo = "repo"
@@ -309,9 +310,9 @@ func TestParseStorageErrors(t *testing.T) {
 				err = meta.ParseRepo("repo", metaDB, storeController, log)
 				So(err, ShouldNotBeNil)
 
-				_, _, cosignManifestContent, _ := test.GetRandomImageComponents(10) //nolint:staticcheck
-				_, _, signedManifest, _ := test.GetRandomImageComponents(10)        //nolint:staticcheck
-				signatureTag, err := test.GetCosignSignatureTagForManifest(signedManifest)
+				_, _, cosignManifestContent, _ := deprecated.GetRandomImageComponents(10) //nolint:staticcheck
+				_, _, signedManifest, _ := deprecated.GetRandomImageComponents(10)        //nolint:staticcheck
+				signatureTag, err := signature.GetCosignSignatureTagForManifest(signedManifest)
 				So(err, ShouldBeNil)
 
 				cosignManifestContent.Annotations = map[string]string{ispec.AnnotationRefName: signatureTag}
@@ -406,12 +407,12 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB) {
 		storeController := storage.StoreController{DefaultStore: imageStore}
 		manifests := []ispec.Manifest{}
 		for i := 0; i < 3; i++ {
-			config, layers, manifest, err := test.GetRandomImageComponents(100) //nolint:staticcheck
+			config, layers, manifest, err := deprecated.GetRandomImageComponents(100) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			manifests = append(manifests, manifest)
 
-			err = test.WriteImageToFileSystem(
+			err = WriteImageToFileSystem(
 				Image{
 					Config:   config,
 					Layers:   layers,
@@ -421,7 +422,7 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB) {
 		}
 
 		// add fake signature for tag1
-		signatureTag, err := test.GetCosignSignatureTagForManifest(manifests[1])
+		signatureTag, err := signature.GetCosignSignatureTagForManifest(manifests[1])
 		So(err, ShouldBeNil)
 
 		manifestBlob, err := json.Marshal(manifests[1])
@@ -429,10 +430,10 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB) {
 
 		signedManifestDigest := godigest.FromBytes(manifestBlob)
 
-		config, layers, manifest, err := test.GetRandomImageComponents(100) //nolint:staticcheck
+		config, layers, manifest, err := deprecated.GetRandomImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
-		err = test.WriteImageToFileSystem(
+		err = WriteImageToFileSystem(
 			Image{
 				Config:   config,
 				Layers:   layers,
@@ -491,10 +492,10 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB) {
 
 		storeController := storage.StoreController{DefaultStore: imageStore}
 		// add an image
-		config, layers, manifest, err := test.GetRandomImageComponents(100) //nolint:staticcheck
+		config, layers, manifest, err := deprecated.GetRandomImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
-		err = test.WriteImageToFileSystem(
+		err = WriteImageToFileSystem(
 			Image{
 				Config:   config,
 				Layers:   layers,
@@ -503,19 +504,19 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB) {
 		So(err, ShouldBeNil)
 
 		// add mock cosign signature without pushing the signed image
-		image, err := test.GetRandomImage() //nolint:staticcheck
+		image, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 
-		signatureTag, err := test.GetCosignSignatureTagForManifest(image.Manifest)
+		signatureTag, err := signature.GetCosignSignatureTagForManifest(image.Manifest)
 		So(err, ShouldBeNil)
 
 		missingImageDigest := image.Digest()
 
 		// get the body of the signature
-		config, layers, manifest, err = test.GetRandomImageComponents(100) //nolint:staticcheck
+		config, layers, manifest, err = deprecated.GetRandomImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
-		err = test.WriteImageToFileSystem(
+		err = WriteImageToFileSystem(
 			Image{
 				Config:   config,
 				Layers:   layers,
@@ -548,12 +549,12 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB) {
 
 		storeController := storage.StoreController{DefaultStore: imageStore}
 		// add an image
-		image, err := test.GetRandomImage() //nolint:staticcheck
+		image, err := deprecated.GetRandomImage() //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		manifestDigest := image.Digest()
 
-		err = test.WriteImageToFileSystem(image, repo, "tag", storeController)
+		err = WriteImageToFileSystem(image, repo, "tag", storeController)
 		So(err, ShouldBeNil)
 
 		err = metaDB.SetRepoReference(repo, "tag", manifestDigest, ispec.MediaTypeImageManifest)

pkg/storage/common/common_test.go

@@ -20,7 +20,6 @@ import (
 	"zotregistry.io/zot/pkg/storage/cache"
 	common "zotregistry.io/zot/pkg/storage/common"
 	"zotregistry.io/zot/pkg/storage/local"
-	"zotregistry.io/zot/pkg/test"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
@@ -46,7 +45,7 @@ func TestValidateManifest(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(blen, ShouldEqual, len(content))
 
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 		_, clen, err := imgStore.FullBlobUpload("test", bytes.NewReader(cblob), cdigest)
 		So(err, ShouldBeNil)
 		So(clen, ShouldEqual, len(cblob))
@@ -180,7 +179,7 @@ func TestGetReferrersErrors(t *testing.T) {
 		})
 
 		storageCtlr := storage.StoreController{DefaultStore: imgStore}
-		err := test.WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", storageCtlr)
+		err := WriteImageToFileSystem(CreateDefaultImage(), "zot-test", "0.0.1", storageCtlr)
 		So(err, ShouldBeNil)
 
 		digest := godigest.FromBytes([]byte("{}"))

pkg/storage/gc/gc_internal_test.go

@@ -24,7 +24,7 @@ import (
 	common "zotregistry.io/zot/pkg/storage/common"
 	storageConstants "zotregistry.io/zot/pkg/storage/constants"
 	"zotregistry.io/zot/pkg/storage/local"
-	"zotregistry.io/zot/pkg/test"
+	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
 
@@ -96,7 +96,7 @@ func TestGarbageCollectManifestErrors(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(blen, ShouldEqual, len(content))
 
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 		_, clen, err := imgStore.FullBlobUpload(repoName, bytes.NewReader(cblob), cdigest)
 		So(err, ShouldBeNil)
 		So(clen, ShouldEqual, len(cblob))
@@ -198,7 +198,7 @@ func TestGarbageCollectIndexErrors(t *testing.T) {
 			So(err, ShouldBeNil)
 			So(upload, ShouldNotBeEmpty)
 
-			cblob, cdigest := test.GetRandomImageConfig()
+			cblob, cdigest := GetRandomImageConfig()
 			buf := bytes.NewBuffer(cblob)
 			buflen := buf.Len()
 			blob, err := imgStore.PutBlobChunkStreamed(repoName, upload, buf)

pkg/storage/local/local_test.go

@@ -37,9 +37,9 @@ import (
 	"zotregistry.io/zot/pkg/storage/gc"
 	"zotregistry.io/zot/pkg/storage/local"
 	storageTypes "zotregistry.io/zot/pkg/storage/types"
-	"zotregistry.io/zot/pkg/test"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
+	"zotregistry.io/zot/pkg/test/signature"
 )
 
 const (
@@ -93,7 +93,7 @@ func TestStorageFSAPIs(t *testing.T) {
 			annotationsMap := make(map[string]string)
 			annotationsMap[ispec.AnnotationRefName] = tag
 
-			cblob, cdigest := test.GetRandomImageConfig()
+			cblob, cdigest := GetRandomImageConfig()
 			_, clen, err := imgStore.FullBlobUpload(repoName, bytes.NewReader(cblob), cdigest)
 			So(err, ShouldBeNil)
 			So(clen, ShouldEqual, len(cblob))
@@ -210,7 +210,7 @@ func TestGetOrasReferrers(t *testing.T) {
 	imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver)
 
 	Convey("Get referrers", t, func(c C) {
-		err := test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storage.StoreController{
+		err := WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storage.StoreController{
 			DefaultStore: imgStore,
 		})
 		So(err, ShouldBeNil)
@@ -384,7 +384,7 @@ func FuzzTestPutGetImageManifest(f *testing.F) {
 		}, *log)
 		imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver)
 
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 
 		ldigest, lblob, err := newRandomBlobForFuzz(data)
 		if err != nil {
@@ -435,7 +435,7 @@ func FuzzTestPutDeleteImageManifest(f *testing.F) {
 		}, *log)
 		imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver)
 
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 
 		ldigest, lblob, err := newRandomBlobForFuzz(data)
 		if err != nil {
@@ -753,7 +753,7 @@ func TestStorageCacheErrors(t *testing.T) {
 		originRepo := "dedupe1"
 		dedupedRepo := "dedupe2"
 
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 
 		getBlobPath := ""
 
@@ -1068,7 +1068,7 @@ func FuzzGetOrasReferrers(f *testing.F) {
 		imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver)
 
 		storageCtlr := storage.StoreController{DefaultStore: imgStore}
-		err := test.WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storageCtlr)
+		err := WriteImageToFileSystem(CreateDefaultVulnerableImage(), "zot-test", "0.0.1", storageCtlr)
 		if err != nil {
 			t.Error(err)
 		}
@@ -1214,7 +1214,7 @@ func TestDedupeLinks(t *testing.T) {
 			err = blobrc.Close()
 			So(err, ShouldBeNil)
 
-			cblob, cdigest := test.GetRandomImageConfig()
+			cblob, cdigest := GetRandomImageConfig()
 			_, clen, err := imgStore.FullBlobUpload("dedupe1", bytes.NewReader(cblob), cdigest)
 			So(err, ShouldBeNil)
 			So(clen, ShouldEqual, len(cblob))
@@ -1274,7 +1274,7 @@ func TestDedupeLinks(t *testing.T) {
 			err = blobrc.Close()
 			So(err, ShouldBeNil)
 
-			cblob, cdigest = test.GetRandomImageConfig()
+			cblob, cdigest = GetRandomImageConfig()
 			_, clen, err = imgStore.FullBlobUpload("dedupe2", bytes.NewReader(cblob), cdigest)
 			So(err, ShouldBeNil)
 			So(clen, ShouldEqual, len(cblob))
@@ -2012,8 +2012,7 @@ func TestGarbageCollectForImageStore(t *testing.T) {
 			}, log)
 
 			image := CreateDefaultVulnerableImage()
-
-			err := test.WriteImageToFileSystem(image, repoName, "0.0.1", storage.StoreController{
+			err := WriteImageToFileSystem(image, repoName, "0.0.1", storage.StoreController{
 				DefaultStore: imgStore,
 			})
 			So(err, ShouldBeNil)
@@ -2058,8 +2057,7 @@ func TestGarbageCollectForImageStore(t *testing.T) {
 			}, log)
 
 			image := CreateDefaultVulnerableImage()
-
-			err := test.WriteImageToFileSystem(image, repoName, "0.0.1", storage.StoreController{
+			err := WriteImageToFileSystem(image, repoName, "0.0.1", storage.StoreController{
 				DefaultStore: imgStore,
 			})
 			So(err, ShouldBeNil)
@@ -2102,17 +2100,17 @@ func TestGarbageCollectForImageStore(t *testing.T) {
 			storeController := storage.StoreController{DefaultStore: imgStore}
 			img := CreateRandomImage()
 
-			err := test.WriteImageToFileSystem(img, repoName, "tag1", storeController)
+			err := WriteImageToFileSystem(img, repoName, "tag1", storeController)
 			So(err, ShouldBeNil)
 
 			// add fake signature for tag1
-			cosignTag, err := test.GetCosignSignatureTagForManifest(img.Manifest)
+			cosignTag, err := signature.GetCosignSignatureTagForManifest(img.Manifest)
 			So(err, ShouldBeNil)
 
 			cosignSig := CreateRandomImage()
 			So(err, ShouldBeNil)
 
-			err = test.WriteImageToFileSystem(cosignSig, repoName, cosignTag, storeController)
+			err = WriteImageToFileSystem(cosignSig, repoName, cosignTag, storeController)
 			So(err, ShouldBeNil)
 
 			// add sbom
@@ -2126,7 +2124,7 @@ func TestGarbageCollectForImageStore(t *testing.T) {
 			sbomImg := CreateRandomImage()
 			So(err, ShouldBeNil)
 
-			err = test.WriteImageToFileSystem(sbomImg, repoName, sbomTag, storeController)
+			err = WriteImageToFileSystem(sbomImg, repoName, sbomTag, storeController)
 			So(err, ShouldBeNil)
 
 			// add fake signature for tag1
@@ -2135,7 +2133,7 @@ func TestGarbageCollectForImageStore(t *testing.T) {
 				ArtifactConfig("application/vnd.cncf.notary.signature").
 				Subject(img.DescriptorRef()).Build()
 
-			err = test.WriteImageToFileSystem(notationSig, repoName, "notation", storeController)
+			err = WriteImageToFileSystem(notationSig, repoName, "notation", storeController)
 			So(err, ShouldBeNil)
 
 			err = gc.CleanRepo(repoName)
@@ -2172,20 +2170,20 @@ func TestGarbageCollectImageUnknownManifest(t *testing.T) {
 
 		img := CreateRandomImage()
 
-		err := test.WriteImageToFileSystem(img, repoName, "v1", storeController)
+		err := WriteImageToFileSystem(img, repoName, "v1", storeController)
 		So(err, ShouldBeNil)
 
 		// add image with unsupported media type
 		artifact := CreateRandomImage()
 
-		err = test.WriteImageToFileSystem(artifact, repoName, "artifact", storeController)
+		err = WriteImageToFileSystem(artifact, repoName, "artifact", storeController)
 		So(err, ShouldBeNil)
 
 		// add referrer with unsupported media type
 		subjectDesc := img.Descriptor()
 		referrer := CreateRandomImageWith().Subject(&subjectDesc).Build()
 
-		err = test.WriteImageToFileSystem(referrer, repoName, referrer.Digest().String(), storeController)
+		err = WriteImageToFileSystem(referrer, repoName, referrer.Digest().String(), storeController)
 		So(err, ShouldBeNil)
 
 		// modify artifact media type
@@ -2374,7 +2372,7 @@ func TestGarbageCollectErrors(t *testing.T) {
 				So(err, ShouldBeNil)
 				So(upload, ShouldNotBeEmpty)
 
-				cblob, cdigest := test.GetRandomImageConfig()
+				cblob, cdigest := GetRandomImageConfig()
 				buf = bytes.NewBuffer(cblob)
 				buflen = buf.Len()
 				blob, err = imgStore.PutBlobChunkStreamed(repoName, upload, buf)
@@ -2439,7 +2437,7 @@ func TestGarbageCollectErrors(t *testing.T) {
 			So(err, ShouldBeNil)
 			So(upload, ShouldNotBeEmpty)
 
-			cblob, cdigest := test.GetRandomImageConfig()
+			cblob, cdigest := GetRandomImageConfig()
 			buf = bytes.NewBuffer(cblob)
 			buflen = buf.Len()
 			blob, err = imgStore.PutBlobChunkStreamed(repoName, upload, buf)
@@ -2497,7 +2495,7 @@ func TestGarbageCollectErrors(t *testing.T) {
 			So(err, ShouldBeNil)
 			So(upload, ShouldNotBeEmpty)
 
-			cblob, cdigest := test.GetRandomImageConfig()
+			cblob, cdigest := GetRandomImageConfig()
 			buf = bytes.NewBuffer(cblob)
 			buflen = buf.Len()
 			blob, err = imgStore.PutBlobChunkStreamed(repoName, upload, buf)
@@ -2855,13 +2853,13 @@ func TestGetNextRepository(t *testing.T) {
 	srcStorageCtlr := storage.StoreController{DefaultStore: imgStore}
 	image := CreateDefaultImage()
 
-	err := test.WriteImageToFileSystem(image, firstRepoName, "0.0.1", srcStorageCtlr)
+	err := WriteImageToFileSystem(image, firstRepoName, "0.0.1", srcStorageCtlr)
 	if err != nil {
 		t.Log(err)
 		t.FailNow()
 	}
 
-	err = test.WriteImageToFileSystem(image, secondRepoName, "0.0.1", srcStorageCtlr)
+	err = WriteImageToFileSystem(image, secondRepoName, "0.0.1", srcStorageCtlr)
 	if err != nil {
 		t.Log(err)
 		t.FailNow()

pkg/storage/s3/s3_test.go

@@ -36,7 +36,8 @@ import (
 	storageConstants "zotregistry.io/zot/pkg/storage/constants"
 	"zotregistry.io/zot/pkg/storage/s3"
 	storageTypes "zotregistry.io/zot/pkg/storage/types"
-	"zotregistry.io/zot/pkg/test"
+	"zotregistry.io/zot/pkg/test/deprecated"
+	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/inject"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
@@ -476,7 +477,7 @@ func TestGetOrasAndOCIReferrers(t *testing.T) {
 	_, imgStore, _ := createObjectsStore(testDir, tdir, true)
 
 	Convey("Upload test image", t, func(c C) {
-		cfg, layers, manifest, err := test.GetImageComponents(100) //nolint:staticcheck
+		cfg, layers, manifest, err := deprecated.GetImageComponents(100) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		for _, content := range layers {
@@ -1288,7 +1289,7 @@ func TestS3Dedupe(t *testing.T) {
 		err = blobReadCloser.Close()
 		So(err, ShouldBeNil)
 
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 		_, clen, err := imgStore.FullBlobUpload("dedupe1", bytes.NewReader(cblob), cdigest)
 		So(err, ShouldBeNil)
 		So(clen, ShouldEqual, len(cblob))
@@ -1363,7 +1364,7 @@ func TestS3Dedupe(t *testing.T) {
 		err = blobReadCloser.Close()
 		So(err, ShouldBeNil)
 
-		cblob, cdigest = test.GetRandomImageConfig()
+		cblob, cdigest = GetRandomImageConfig()
 		_, clen, err = imgStore.FullBlobUpload("dedupe2", bytes.NewReader(cblob), cdigest)
 		So(err, ShouldBeNil)
 		So(clen, ShouldEqual, len(cblob))
@@ -1522,7 +1523,7 @@ func TestS3Dedupe(t *testing.T) {
 			So(checkBlobSize3, ShouldBeGreaterThan, 0)
 			So(checkBlobSize3, ShouldEqual, getBlobSize3)
 
-			cblob, cdigest = test.GetRandomImageConfig()
+			cblob, cdigest = GetRandomImageConfig()
 			_, clen, err = imgStore.FullBlobUpload("dedupe3", bytes.NewReader(cblob), cdigest)
 			So(err, ShouldBeNil)
 			So(clen, ShouldEqual, len(cblob))
@@ -1691,7 +1692,7 @@ func TestS3Dedupe(t *testing.T) {
 		err = blobReadCloser.Close()
 		So(err, ShouldBeNil)
 
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 		_, clen, err := imgStore.FullBlobUpload("dedupe1", bytes.NewReader(cblob), cdigest)
 		So(err, ShouldBeNil)
 		So(clen, ShouldEqual, len(cblob))
@@ -1758,7 +1759,7 @@ func TestS3Dedupe(t *testing.T) {
 		err = blobReadCloser.Close()
 		So(err, ShouldBeNil)
 
-		cblob, cdigest = test.GetRandomImageConfig()
+		cblob, cdigest = GetRandomImageConfig()
 		_, clen, err = imgStore.FullBlobUpload("dedupe2", bytes.NewReader(cblob), cdigest)
 		So(err, ShouldBeNil)
 		So(clen, ShouldEqual, len(cblob))
@@ -1959,7 +1960,7 @@ func TestRebuildDedupeIndex(t *testing.T) {
 		So(hasBlob, ShouldEqual, true)
 		So(err, ShouldBeNil)
 
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 		_, clen, err := imgStore.FullBlobUpload("dedupe1", bytes.NewReader(cblob), cdigest)
 		So(err, ShouldBeNil)
 		So(clen, ShouldEqual, len(cblob))
@@ -2996,7 +2997,7 @@ func TestS3ManifestImageIndex(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(upload, ShouldNotBeEmpty)
 
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 		buf = bytes.NewBuffer(cblob)
 		buflen = buf.Len()
 		blob, err = imgStore.PutBlobChunkStreamed("index", upload, buf)
@@ -3038,7 +3039,7 @@ func TestS3ManifestImageIndex(t *testing.T) {
 		So(err, ShouldBeNil)
 		So(upload, ShouldNotBeEmpty)
 
-		cblob, cdigest = test.GetRandomImageConfig()
+		cblob, cdigest = GetRandomImageConfig()
 		buf = bytes.NewBuffer(cblob)
 		buflen = buf.Len()
 		blob, err = imgStore.PutBlobChunkStreamed("index", upload, buf)
@@ -3080,7 +3081,7 @@ func TestS3ManifestImageIndex(t *testing.T) {
 			So(err, ShouldBeNil)
 			So(upload, ShouldNotBeEmpty)
 
-			cblob, cdigest = test.GetRandomImageConfig()
+			cblob, cdigest = GetRandomImageConfig()
 			buf = bytes.NewBuffer(cblob)
 			buflen = buf.Len()
 			blob, err = imgStore.PutBlobChunkStreamed("index", upload, buf)
@@ -3144,7 +3145,7 @@ func TestS3ManifestImageIndex(t *testing.T) {
 			So(err, ShouldBeNil)
 			So(upload, ShouldNotBeEmpty)
 
-			cblob, cdigest = test.GetRandomImageConfig()
+			cblob, cdigest = GetRandomImageConfig()
 			buf = bytes.NewBuffer(cblob)
 			buflen = buf.Len()
 			blob, err = imgStore.PutBlobChunkStreamed("index", upload, buf)
@@ -3437,7 +3438,7 @@ func TestS3ManifestImageIndex(t *testing.T) {
 		So(clen, ShouldEqual, buflen)
 
 		// first config
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 		buf = bytes.NewBuffer(cblob)
 		buflen = buf.Len()
 
@@ -3471,7 +3472,7 @@ func TestS3ManifestImageIndex(t *testing.T) {
 		So(err, ShouldBeNil)
 
 		// second config
-		cblob, cdigest = test.GetRandomImageConfig()
+		cblob, cdigest = GetRandomImageConfig()
 		buf = bytes.NewBuffer(cblob)
 		buflen = buf.Len()
 

pkg/storage/scrub_test.go

@@ -26,7 +26,7 @@ import (
 	"zotregistry.io/zot/pkg/storage/local"
 	"zotregistry.io/zot/pkg/storage/s3"
 	storageTypes "zotregistry.io/zot/pkg/storage/types"
-	"zotregistry.io/zot/pkg/test"
+	"zotregistry.io/zot/pkg/test/deprecated"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
@@ -91,7 +91,7 @@ func RunCheckAllBlobsIntegrityTests( //nolint: thelper
 		storeCtlr.DefaultStore = imgStore
 		So(storeCtlr.GetImageStore(repoName), ShouldResemble, imgStore)
 
-		config, layers, manifest, err := test.GetImageComponents(1000) //nolint:staticcheck
+		config, layers, manifest, err := deprecated.GetImageComponents(1000) //nolint:staticcheck
 		So(err, ShouldBeNil)
 
 		layerReader := bytes.NewReader(layers[0])
@@ -306,7 +306,7 @@ func RunCheckAllBlobsIntegrityTests( //nolint: thelper
 		})
 
 		Convey("Scrub index", func() {
-			newConfig, newLayers, newManifest, err := test.GetImageComponents(10) //nolint:staticcheck
+			newConfig, newLayers, newManifest, err := deprecated.GetImageComponents(10) //nolint:staticcheck
 			So(err, ShouldBeNil)
 
 			newLayerReader := bytes.NewReader(newLayers[0])
@@ -474,7 +474,7 @@ func RunCheckAllBlobsIntegrityTests( //nolint: thelper
 			manifestDescriptor, ok := common.GetManifestDescByReference(index, manifestDigest.String())
 			So(ok, ShouldBeTrue)
 
-			err = test.WriteImageToFileSystem(CreateDefaultImageWith().Subject(&manifestDescriptor).Build(),
+			err = WriteImageToFileSystem(CreateDefaultImageWith().Subject(&manifestDescriptor).Build(),
 				repoName, "0.0.1", storeCtlr)
 			So(err, ShouldBeNil)
 

pkg/storage/storage_controller.go

@@ -45,3 +45,11 @@ func (sc StoreController) GetImageStore(name string) storageTypes.ImageStore {
 
 	return sc.DefaultStore
 }
+
+func (sc StoreController) GetDefaultImageStore() storageTypes.ImageStore {
+	return sc.DefaultStore
+}
+
+func (sc StoreController) GetImageSubStores() map[string]storageTypes.ImageStore {
+	return sc.SubStore
+}

pkg/storage/storage_test.go

@@ -39,7 +39,7 @@ import (
 	"zotregistry.io/zot/pkg/storage/local"
 	"zotregistry.io/zot/pkg/storage/s3"
 	storageTypes "zotregistry.io/zot/pkg/storage/types"
-	"zotregistry.io/zot/pkg/test"
+	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
 )
 
@@ -317,7 +317,7 @@ func TestStorageAPIs(t *testing.T) {
 						})
 
 						Convey("Good image manifest", func() {
-							cblob, cdigest := test.GetRandomImageConfig()
+							cblob, cdigest := GetRandomImageConfig()
 							_, clen, err := imgStore.FullBlobUpload("test", bytes.NewReader(cblob), cdigest)
 							So(err, ShouldBeNil)
 							So(clen, ShouldEqual, len(cblob))
@@ -534,7 +534,7 @@ func TestStorageAPIs(t *testing.T) {
 						})
 
 						Convey("Good image manifest", func() {
-							cblob, cdigest := test.GetRandomImageConfig()
+							cblob, cdigest := GetRandomImageConfig()
 							_, clen, err := imgStore.FullBlobUpload("test", bytes.NewReader(cblob), cdigest)
 							So(err, ShouldBeNil)
 							So(clen, ShouldEqual, len(cblob))
@@ -631,7 +631,7 @@ func TestStorageAPIs(t *testing.T) {
 					So(err, ShouldBeNil)
 					So(blob, ShouldEqual, buflen)
 
-					cblob, cdigest := test.GetRandomImageConfig()
+					cblob, cdigest := GetRandomImageConfig()
 					_, clen, err := imgStore.FullBlobUpload("replace", bytes.NewReader(cblob), cdigest)
 					So(err, ShouldBeNil)
 					So(clen, ShouldEqual, len(cblob))
@@ -683,7 +683,7 @@ func TestStorageAPIs(t *testing.T) {
 					So(err, ShouldBeNil)
 					So(blob, ShouldEqual, buflen)
 
-					cblob, cdigest = test.GetRandomImageConfig()
+					cblob, cdigest = GetRandomImageConfig()
 					_, clen, err = imgStore.FullBlobUpload("replace", bytes.NewReader(cblob), cdigest)
 					So(err, ShouldBeNil)
 					So(clen, ShouldEqual, len(cblob))
@@ -797,7 +797,7 @@ func TestMandatoryAnnotations(t *testing.T) {
 				_, _, err := imgStore.FullBlobUpload("test", bytes.NewReader(buf.Bytes()), digest)
 				So(err, ShouldBeNil)
 
-				cblob, cdigest := test.GetRandomImageConfig()
+				cblob, cdigest := GetRandomImageConfig()
 				_, clen, err := imgStore.FullBlobUpload("test", bytes.NewReader(cblob), cdigest)
 				So(err, ShouldBeNil)
 				So(clen, ShouldEqual, len(cblob))
@@ -918,7 +918,7 @@ func TestDeleteBlobsInUse(t *testing.T) {
 				_, _, err = imgStore.FullBlobUpload("repo", bytes.NewReader(buf.Bytes()), digest)
 				So(err, ShouldBeNil)
 
-				cblob, cdigest := test.GetRandomImageConfig()
+				cblob, cdigest := GetRandomImageConfig()
 				_, clen, err := imgStore.FullBlobUpload("repo", bytes.NewReader(cblob), cdigest)
 				So(err, ShouldBeNil)
 				So(clen, ShouldEqual, len(cblob))
@@ -1037,7 +1037,7 @@ func TestDeleteBlobsInUse(t *testing.T) {
 					So(err, ShouldBeNil)
 					So(upload, ShouldNotBeEmpty)
 
-					cblob, cdigest = test.GetRandomImageConfig()
+					cblob, cdigest = GetRandomImageConfig()
 					buf = bytes.NewBuffer(cblob)
 					buflen = buf.Len()
 					blob, err = imgStore.PutBlobChunkStreamed(repoName, upload, buf)
@@ -1317,7 +1317,7 @@ func TestGarbageCollectImageManifest(t *testing.T) {
 					annotationsMap := make(map[string]string)
 					annotationsMap[ispec.AnnotationRefName] = tag
 
-					cblob, cdigest := test.GetRandomImageConfig()
+					cblob, cdigest := GetRandomImageConfig()
 					_, clen, err := imgStore.FullBlobUpload(repoName, bytes.NewReader(cblob), cdigest)
 					So(err, ShouldBeNil)
 					So(clen, ShouldEqual, len(cblob))
@@ -1499,7 +1499,7 @@ func TestGarbageCollectImageManifest(t *testing.T) {
 					annotationsMap := make(map[string]string)
 					annotationsMap[ispec.AnnotationRefName] = tag
 
-					cblob, cdigest := test.GetRandomImageConfig()
+					cblob, cdigest := GetRandomImageConfig()
 					_, clen, err := imgStore.FullBlobUpload(repoName, bytes.NewReader(cblob), cdigest)
 					So(err, ShouldBeNil)
 					So(clen, ShouldEqual, len(cblob))
@@ -1794,7 +1794,7 @@ func TestGarbageCollectImageManifest(t *testing.T) {
 					annotationsMap := make(map[string]string)
 					annotationsMap[ispec.AnnotationRefName] = tag
 
-					cblob, cdigest := test.GetRandomImageConfig()
+					cblob, cdigest := GetRandomImageConfig()
 					_, clen, err := imgStore.FullBlobUpload(repo1Name, bytes.NewReader(cblob), cdigest)
 					So(err, ShouldBeNil)
 					So(clen, ShouldEqual, len(cblob))
@@ -1857,7 +1857,7 @@ func TestGarbageCollectImageManifest(t *testing.T) {
 					annotationsMap = make(map[string]string)
 					annotationsMap[ispec.AnnotationRefName] = tag
 
-					cblob, cdigest = test.GetRandomImageConfig()
+					cblob, cdigest = GetRandomImageConfig()
 					_, clen, err = imgStore.FullBlobUpload(repo2Name, bytes.NewReader(cblob), cdigest)
 					So(err, ShouldBeNil)
 					So(clen, ShouldEqual, len(cblob))
@@ -1913,7 +1913,7 @@ func TestGarbageCollectImageManifest(t *testing.T) {
 					annotationsMap = make(map[string]string)
 					annotationsMap[ispec.AnnotationRefName] = tag
 
-					cblob, cdigest = test.GetRandomImageConfig()
+					cblob, cdigest = GetRandomImageConfig()
 					_, clen, err = imgStore.FullBlobUpload(repo2Name, bytes.NewReader(cblob), cdigest)
 					So(err, ShouldBeNil)
 					So(clen, ShouldEqual, len(cblob))
@@ -2493,7 +2493,7 @@ func TestGarbageCollectChainedImageIndexes(t *testing.T) {
 					So(err, ShouldBeNil)
 					So(upload, ShouldNotBeEmpty)
 
-					cblob, cdigest := test.GetRandomImageConfig()
+					cblob, cdigest := GetRandomImageConfig()
 					buf := bytes.NewBuffer(cblob)
 					buflen := buf.Len()
 					blob, err := imgStore.PutBlobChunkStreamed(repoName, upload, buf)
@@ -2575,7 +2575,7 @@ func TestGarbageCollectChainedImageIndexes(t *testing.T) {
 					So(err, ShouldBeNil)
 					So(upload, ShouldNotBeEmpty)
 
-					cblob, cdigest := test.GetRandomImageConfig()
+					cblob, cdigest := GetRandomImageConfig()
 					buf := bytes.NewBuffer(cblob)
 					buflen := buf.Len()
 					blob, err := imgStore.PutBlobChunkStreamed(repoName, upload, buf)
@@ -2913,7 +2913,7 @@ func pushRandomImageIndex(imgStore storageTypes.ImageStore, repoName string,
 		So(err, ShouldBeNil)
 		So(upload, ShouldNotBeEmpty)
 
-		cblob, cdigest := test.GetRandomImageConfig()
+		cblob, cdigest := GetRandomImageConfig()
 		buf := bytes.NewBuffer(cblob)
 		buflen := buf.Len()
 		blob, err := imgStore.PutBlobChunkStreamed(repoName, upload, buf)

pkg/storage/types/types.go

@@ -12,6 +12,12 @@ import (
 	"zotregistry.io/zot/pkg/scheduler"
 )
 
+type StoreController interface {
+	GetImageStore(name string) ImageStore
+	GetDefaultImageStore() ImageStore
+	GetImageSubStores() map[string]ImageStore
+}
+
 type ImageStore interface { //nolint:interfacebloat
 	DirExists(d string) bool
 	RootDir() string

pkg/test/auth/bearer.go

@@ -1,4 +1,4 @@
-package test
+package auth
 
 import (
 	"fmt"

pkg/test/auth/bearer_test.go

@@ -0,0 +1,15 @@
+package auth_test
+
+import (
+	"testing"
+
+	. "github.com/smartystreets/goconvey/convey"
+
+	auth "zotregistry.io/zot/pkg/test/auth"
+)
+
+func TestBearerServer(t *testing.T) {
+	Convey("test MakeAuthTestServer() no serve key", t, func() {
+		So(func() { auth.MakeAuthTestServer("", "") }, ShouldPanic)
+	})
+}

pkg/test/auth/oidc.go

@@ -0,0 +1,44 @@
+package auth
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"net"
+	"net/http"
+	"strings"
+
+	"github.com/project-zot/mockoidc"
+)
+
+func MockOIDCRun() (*mockoidc.MockOIDC, error) {
+	// Create a fresh RSA Private Key for token signing
+	rsaKey, _ := rsa.GenerateKey(rand.Reader, 2048) //nolint: gomnd
+
+	// Create an unstarted MockOIDC server
+	mockServer, _ := mockoidc.NewServer(rsaKey)
+
+	// Create the net.Listener, kernel will chose a valid port
+	listener, _ := net.Listen("tcp", "127.0.0.1:0")
+
+	bearerMiddleware := func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(response http.ResponseWriter, req *http.Request) {
+			// stateVal := req.Form.Get("state")
+			header := req.Header.Get("Authorization")
+			parts := strings.SplitN(header, " ", 2) //nolint: gomnd
+			if header != "" {
+				if strings.ToLower(parts[0]) == "bearer" {
+					req.Header.Set("Authorization", strings.Join([]string{"Bearer", parts[1]}, " "))
+				}
+			}
+
+			next.ServeHTTP(response, req)
+		})
+	}
+
+	err := mockServer.AddMiddleware(bearerMiddleware)
+	if err != nil {
+		return mockServer, err
+	}
+	// tlsConfig can be nil if you want HTTP
+	return mockServer, mockServer.Start(listener, nil)
+}

pkg/test/common/fs.go

@@ -0,0 +1,246 @@
+package common
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"io"
+	"io/fs"
+	"os"
+	"path"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"golang.org/x/crypto/bcrypt"
+)
+
+var ErrNoGoModFileFound = errors.New("test: no go.mod file found in parent directories")
+
+func GetProjectRootDir() (string, error) {
+	workDir, err := os.Getwd()
+	if err != nil {
+		return "", err
+	}
+
+	for {
+		goModPath := filepath.Join(workDir, "go.mod")
+
+		_, err := os.Stat(goModPath)
+		if err == nil {
+			return workDir, nil
+		}
+
+		if workDir == filepath.Dir(workDir) {
+			return "", ErrNoGoModFileFound
+		}
+
+		workDir = filepath.Dir(workDir)
+	}
+}
+
+func CopyFile(sourceFilePath, destFilePath string) error {
+	destFile, err := os.Create(destFilePath)
+	if err != nil {
+		return err
+	}
+	defer destFile.Close()
+
+	sourceFile, err := os.Open(sourceFilePath)
+	if err != nil {
+		return err
+	}
+	defer sourceFile.Close()
+
+	if _, err = io.Copy(destFile, sourceFile); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func CopyFiles(sourceDir, destDir string) error {
+	sourceMeta, err := os.Stat(sourceDir)
+	if err != nil {
+		return fmt.Errorf("CopyFiles os.Stat failed: %w", err)
+	}
+
+	if err := os.MkdirAll(destDir, sourceMeta.Mode()); err != nil {
+		return fmt.Errorf("CopyFiles os.MkdirAll failed: %w", err)
+	}
+
+	files, err := os.ReadDir(sourceDir)
+	if err != nil {
+		return fmt.Errorf("CopyFiles os.ReadDir failed: %w", err)
+	}
+
+	for _, file := range files {
+		sourceFilePath := path.Join(sourceDir, file.Name())
+		destFilePath := path.Join(destDir, file.Name())
+
+		if file.IsDir() {
+			if strings.HasPrefix(file.Name(), "_") {
+				// Some tests create the trivy related folders under test/_trivy
+				continue
+			}
+
+			if err = CopyFiles(sourceFilePath, destFilePath); err != nil {
+				return err
+			}
+		} else {
+			sourceFile, err := os.Open(sourceFilePath)
+			if err != nil {
+				return fmt.Errorf("CopyFiles os.Open failed: %w", err)
+			}
+			defer sourceFile.Close()
+
+			destFile, err := os.Create(destFilePath)
+			if err != nil {
+				return fmt.Errorf("CopyFiles os.Create failed: %w", err)
+			}
+			defer destFile.Close()
+
+			if _, err = io.Copy(destFile, sourceFile); err != nil {
+				return fmt.Errorf("io.Copy failed: %w", err)
+			}
+		}
+	}
+
+	return nil
+}
+
+func CopyTestKeysAndCerts(destDir string) error {
+	files := []string{
+		"ca.crt", "ca.key", "client.cert", "client.csr",
+		"client.key", "server.cert", "server.csr", "server.key",
+	}
+
+	rootPath, err := GetProjectRootDir()
+	if err != nil {
+		return err
+	}
+
+	sourceDir := filepath.Join(rootPath, "test/data")
+
+	sourceMeta, err := os.Stat(sourceDir)
+	if err != nil {
+		return fmt.Errorf("CopyFiles os.Stat failed: %w", err)
+	}
+
+	if err := os.MkdirAll(destDir, sourceMeta.Mode()); err != nil {
+		return err
+	}
+
+	for _, file := range files {
+		err = CopyFile(filepath.Join(sourceDir, file), filepath.Join(destDir, file))
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func WriteFileWithPermission(path string, data []byte, perm fs.FileMode, overwrite bool) error {
+	if err := os.MkdirAll(filepath.Dir(path), os.ModePerm); err != nil {
+		return err
+	}
+	flag := os.O_WRONLY | os.O_CREATE
+
+	if overwrite {
+		flag |= os.O_TRUNC
+	} else {
+		flag |= os.O_EXCL
+	}
+
+	file, err := os.OpenFile(path, flag, perm)
+	if err != nil {
+		return err
+	}
+
+	_, err = file.Write(data)
+	if err != nil {
+		file.Close()
+
+		return err
+	}
+
+	return file.Close()
+}
+
+func ReadLogFileAndSearchString(logPath string, stringToMatch string, timeout time.Duration) (bool, error) {
+	ctx, cancelFunc := context.WithTimeout(context.Background(), timeout)
+	defer cancelFunc()
+
+	for {
+		select {
+		case <-ctx.Done():
+			return false, nil
+		default:
+			content, err := os.ReadFile(logPath)
+			if err != nil {
+				return false, err
+			}
+
+			if strings.Contains(string(content), stringToMatch) {
+				return true, nil
+			}
+		}
+	}
+}
+
+func ReadLogFileAndCountStringOccurence(logPath string, stringToMatch string,
+	timeout time.Duration, count int,
+) (bool, error) {
+	ctx, cancelFunc := context.WithTimeout(context.Background(), timeout)
+	defer cancelFunc()
+
+	for {
+		select {
+		case <-ctx.Done():
+			return false, nil
+		default:
+			content, err := os.ReadFile(logPath)
+			if err != nil {
+				return false, err
+			}
+
+			if strings.Count(string(content), stringToMatch) >= count {
+				return true, nil
+			}
+		}
+	}
+}
+
+func MakeHtpasswdFile() string {
+	// bcrypt(username="test", passwd="test")
+	content := "test:$2y$05$hlbSXDp6hzDLu6VwACS39ORvVRpr3OMR4RlJ31jtlaOEGnPjKZI1m\n"
+
+	return MakeHtpasswdFileFromString(content)
+}
+
+func GetCredString(username, password string) string {
+	hash, err := bcrypt.GenerateFromPassword([]byte(password), 10)
+	if err != nil {
+		panic(err)
+	}
+
+	usernameAndHash := fmt.Sprintf("%s:%s", username, string(hash))
+
+	return usernameAndHash
+}
+
+func MakeHtpasswdFileFromString(fileContent string) string {
+	htpasswdFile, err := os.CreateTemp("", "htpasswd-")
+	if err != nil {
+		panic(err)
+	}
+
+	// bcrypt(username="test", passwd="test")
+	content := []byte(fileContent)
+	if err := os.WriteFile(htpasswdFile.Name(), content, 0o600); err != nil { //nolint:gomnd
+		panic(err)
+	}
+
+	return htpasswdFile.Name()
+}

pkg/test/common/fs_test.go

@@ -0,0 +1,219 @@
+package common_test
+
+import (
+	"encoding/json"
+	"errors"
+	"os"
+	"path"
+	"path/filepath"
+	"testing"
+	"time"
+
+	ispec "github.com/opencontainers/image-spec/specs-go/v1"
+	. "github.com/smartystreets/goconvey/convey"
+
+	tcommon "zotregistry.io/zot/pkg/test/common"
+)
+
+var ErrTestError = errors.New("ErrTestError")
+
+func TestCopyFiles(t *testing.T) {
+	Convey("sourceDir does not exist", t, func() {
+		err := tcommon.CopyFiles("/path/to/some/unexisting/directory", os.TempDir())
+		So(err, ShouldNotBeNil)
+	})
+	Convey("destDir is a file", t, func() {
+		dir := t.TempDir()
+
+		err := tcommon.CopyFiles("../../../test/data", dir)
+		So(err, ShouldBeNil)
+
+		err = tcommon.CopyFiles(dir, "/etc/passwd")
+		So(err, ShouldNotBeNil)
+	})
+	Convey("sourceDir does not have read permissions", t, func() {
+		dir := t.TempDir()
+
+		err := os.Chmod(dir, 0o300)
+		So(err, ShouldBeNil)
+
+		err = tcommon.CopyFiles(dir, os.TempDir())
+		So(err, ShouldNotBeNil)
+	})
+	Convey("sourceDir has a subfolder that does not have read permissions", t, func() {
+		dir := t.TempDir()
+
+		sdir := "subdir"
+		err := os.Mkdir(path.Join(dir, sdir), 0o300)
+		So(err, ShouldBeNil)
+
+		err = tcommon.CopyFiles(dir, os.TempDir())
+		So(err, ShouldNotBeNil)
+	})
+	Convey("sourceDir has a file that does not have read permissions", t, func() {
+		dir := t.TempDir()
+
+		filePath := path.Join(dir, "file.txt")
+		err := os.WriteFile(filePath, []byte("some dummy file content"), 0o644) //nolint: gosec
+		if err != nil {
+			panic(err)
+		}
+
+		err = os.Chmod(filePath, 0o300)
+		So(err, ShouldBeNil)
+
+		err = tcommon.CopyFiles(dir, os.TempDir())
+		So(err, ShouldNotBeNil)
+	})
+	Convey("sourceDir contains a folder starting with invalid characters", t, func() {
+		srcDir := t.TempDir()
+		dstDir := t.TempDir()
+
+		err := os.MkdirAll(path.Join(srcDir, "_trivy", "db"), 0o755)
+		if err != nil {
+			panic(err)
+		}
+
+		err = os.MkdirAll(path.Join(srcDir, "test-index"), 0o755)
+		if err != nil {
+			panic(err)
+		}
+
+		filePathTrivy := path.Join(srcDir, "_trivy", "db", "trivy.db")
+		err = os.WriteFile(filePathTrivy, []byte("some dummy file content"), 0o644) //nolint: gosec
+		if err != nil {
+			panic(err)
+		}
+
+		var index ispec.Index
+		content, err := json.Marshal(index)
+		if err != nil {
+			panic(err)
+		}
+
+		err = os.WriteFile(path.Join(srcDir, "test-index", "index.json"), content, 0o644) //nolint: gosec
+		if err != nil {
+			panic(err)
+		}
+
+		err = tcommon.CopyFiles(srcDir, dstDir)
+		So(err, ShouldBeNil)
+
+		_, err = os.Stat(path.Join(dstDir, "_trivy", "db", "trivy.db"))
+		So(err, ShouldNotBeNil)
+		So(os.IsNotExist(err), ShouldBeTrue)
+
+		_, err = os.Stat(path.Join(dstDir, "test-index", "index.json"))
+		So(err, ShouldBeNil)
+	})
+}
+
+func TestCopyFile(t *testing.T) {
+	Convey("destFilePath does not exist", t, func() {
+		err := tcommon.CopyFile("/path/to/srcFile", "~/path/to/some/unexisting/destDir/file")
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("sourceFile does not exist", t, func() {
+		err := tcommon.CopyFile("/path/to/some/unexisting/file", path.Join(t.TempDir(), "destFile.txt"))
+		So(err, ShouldNotBeNil)
+	})
+}
+
+func TestReadLogFileAndSearchString(t *testing.T) {
+	logFile, err := os.CreateTemp(t.TempDir(), "zot-log*.txt")
+	if err != nil {
+		panic(err)
+	}
+
+	logPath := logFile.Name()
+	defer os.Remove(logPath)
+
+	Convey("Invalid path", t, func() {
+		_, err = tcommon.ReadLogFileAndSearchString("invalidPath",
+			"DB update completed, next update scheduled", 1*time.Second)
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("Time too short", t, func() {
+		ok, err := tcommon.ReadLogFileAndSearchString(logPath, "invalid string", time.Microsecond)
+		So(err, ShouldBeNil)
+		So(ok, ShouldBeFalse)
+	})
+}
+
+func TestReadLogFileAndCountStringOccurence(t *testing.T) {
+	logFile, err := os.CreateTemp(t.TempDir(), "zot-log*.txt")
+	if err != nil {
+		panic(err)
+	}
+
+	_, err = logFile.Write([]byte("line1\n line2\n line3 line1 line2\n line1"))
+	if err != nil {
+		panic(err)
+	}
+
+	logPath := logFile.Name()
+	defer os.Remove(logPath)
+
+	Convey("Invalid path", t, func() {
+		_, err = tcommon.ReadLogFileAndCountStringOccurence("invalidPath",
+			"DB update completed, next update scheduled", 1*time.Second, 1)
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("Time too short", t, func() {
+		ok, err := tcommon.ReadLogFileAndCountStringOccurence(logPath, "invalid string", time.Microsecond, 1)
+		So(err, ShouldBeNil)
+		So(ok, ShouldBeFalse)
+	})
+
+	Convey("Count occurrence working", t, func() {
+		ok, err := tcommon.ReadLogFileAndCountStringOccurence(logPath, "line1", 90*time.Second, 3)
+		So(err, ShouldBeNil)
+		So(ok, ShouldBeTrue)
+	})
+}
+
+func TestCopyTestKeysAndCerts(t *testing.T) {
+	Convey("CopyTestKeysAndCerts", t, func() {
+		// ------- Make test files unreadable -------
+		dir := t.TempDir()
+		file := filepath.Join(dir, "ca.crt")
+
+		_, err := os.Create(file)
+		So(err, ShouldBeNil)
+
+		err = os.Chmod(file, 0o000)
+		So(err, ShouldBeNil)
+
+		err = tcommon.CopyTestKeysAndCerts(dir)
+		So(err, ShouldNotBeNil)
+
+		err = os.Chmod(file, 0o777)
+		So(err, ShouldBeNil)
+
+		// ------- Copy fails -------
+
+		err = os.Chmod(dir, 0o000)
+		So(err, ShouldBeNil)
+
+		err = tcommon.CopyTestKeysAndCerts(file)
+		So(err, ShouldNotBeNil)
+
+		err = os.Chmod(dir, 0o777)
+		So(err, ShouldBeNil)
+
+		// ------- Folder creation fails -------
+
+		file = filepath.Join(dir, "a-file.file")
+		_, err = os.Create(file)
+		So(err, ShouldBeNil)
+
+		_, err = os.Stat(file)
+		So(err, ShouldBeNil)
+
+		err = tcommon.CopyTestKeysAndCerts(file)
+		So(err, ShouldNotBeNil)
+	})
+}

pkg/test/common/utils.go

@@ -1,15 +1,45 @@
 package common
 
 import (
+	"context"
 	"errors"
+	"fmt"
+	"net/http"
 	"net/url"
 	"os"
-	"path/filepath"
+	"path"
+	"time"
 
+	"github.com/phayes/freeport"
 	"gopkg.in/resty.v1"
 )
 
-var ErrNoGoModFileFound = errors.New("test: no go.mod file found in parent directories")
+const (
+	BaseURL       = "http://127.0.0.1:%s"
+	BaseSecureURL = "https://127.0.0.1:%s"
+	SleepTime     = 100 * time.Millisecond
+)
+
+type isser interface {
+	Is(string) bool
+}
+
+// Index returns the index of the first occurrence of name in s,
+// or -1 if not present.
+func Index[E isser](s []E, name string) int {
+	for i, v := range s {
+		if v.Is(name) {
+			return i
+		}
+	}
+
+	return -1
+}
+
+// Contains reports whether name is present in s.
+func Contains[E isser](s []E, name string) bool {
+	return Index(s, name) >= 0
+}
 
 func Location(baseURL string, resp *resty.Response) string {
 	// For some API responses, the Location header is set and is supposed to
@@ -29,24 +59,121 @@ func Location(baseURL string, resp *resty.Response) string {
 	return baseURL + path
 }
 
-func GetProjectRootDir() (string, error) {
-	workDir, err := os.Getwd()
-	if err != nil {
-		return "", err
-	}
+type Controller interface {
+	Init(ctx context.Context) error
+	Run(ctx context.Context) error
+	Shutdown()
+	GetPort() int
+}
 
-	for {
-		goModPath := filepath.Join(workDir, "go.mod")
+type ControllerManager struct {
+	controller Controller
+	// used to stop background tasks(goroutines)
+	cancelRoutinesFunc context.CancelFunc
+}
 
-		_, err := os.Stat(goModPath)
-		if err == nil {
-			return workDir, nil
-		}
-
-		if workDir == filepath.Dir(workDir) {
-			return "", ErrNoGoModFileFound
-		}
-
-		workDir = filepath.Dir(workDir)
+func (cm *ControllerManager) RunServer(ctx context.Context) {
+	// Useful to be able to call in the same goroutine for testing purposes
+	if err := cm.controller.Run(ctx); !errors.Is(err, http.ErrServerClosed) {
+		panic(err)
 	}
 }
+
+func (cm *ControllerManager) StartServer() {
+	ctx, cancel := context.WithCancel(context.Background())
+	cm.cancelRoutinesFunc = cancel
+
+	if err := cm.controller.Init(ctx); err != nil {
+		panic(err)
+	}
+
+	go func() {
+		cm.RunServer(ctx)
+	}()
+}
+
+func (cm *ControllerManager) StopServer() {
+	// stop background tasks
+	if cm.cancelRoutinesFunc != nil {
+		cm.cancelRoutinesFunc()
+	}
+
+	cm.controller.Shutdown()
+}
+
+func (cm *ControllerManager) WaitServerToBeReady(port string) {
+	url := GetBaseURL(port)
+	WaitTillServerReady(url)
+}
+
+func (cm *ControllerManager) StartAndWait(port string) {
+	cm.StartServer()
+
+	url := GetBaseURL(port)
+	WaitTillServerReady(url)
+}
+
+func NewControllerManager(controller Controller) ControllerManager {
+	cm := ControllerManager{
+		controller: controller,
+	}
+
+	return cm
+}
+
+func WaitTillServerReady(url string) {
+	for {
+		_, err := resty.R().Get(url)
+		if err == nil {
+			break
+		}
+
+		time.Sleep(SleepTime)
+	}
+}
+
+func WaitTillTrivyDBDownloadStarted(rootDir string) {
+	for {
+		if _, err := os.Stat(path.Join(rootDir, "_trivy", "db", "trivy.db")); err == nil {
+			break
+		}
+
+		time.Sleep(SleepTime)
+	}
+}
+
+func GetFreePort() string {
+	port, err := freeport.GetFreePort()
+	if err != nil {
+		panic(err)
+	}
+
+	return fmt.Sprint(port)
+}
+
+func GetBaseURL(port string) string {
+	return fmt.Sprintf(BaseURL, port)
+}
+
+func GetSecureBaseURL(port string) string {
+	return fmt.Sprintf(BaseSecureURL, port)
+}
+
+func CustomRedirectPolicy(noOfRedirect int) resty.RedirectPolicy {
+	return resty.RedirectPolicyFunc(func(req *http.Request, via []*http.Request) error {
+		if len(via) >= noOfRedirect {
+			return fmt.Errorf("stopped after %d redirects", noOfRedirect) //nolint: goerr113
+		}
+
+		for key, val := range via[len(via)-1].Header {
+			req.Header[key] = val
+		}
+
+		respCookies := req.Response.Cookies()
+		for _, cookie := range respCookies {
+			req.AddCookie(cookie)
+		}
+
+		return nil
+	})
+}

pkg/test/common/utils_test.go

@@ -0,0 +1,63 @@
+package common_test
+
+import (
+	"context"
+	"os"
+	"path"
+	"testing"
+	"time"
+
+	. "github.com/smartystreets/goconvey/convey"
+
+	"zotregistry.io/zot/pkg/api"
+	"zotregistry.io/zot/pkg/api/config"
+	tcommon "zotregistry.io/zot/pkg/test/common"
+)
+
+func TestWaitTillTrivyDBDownloadStarted(t *testing.T) {
+	Convey("finishes successfully", t, func() {
+		tempDir := t.TempDir()
+		go func() {
+			tcommon.WaitTillTrivyDBDownloadStarted(tempDir)
+		}()
+
+		time.Sleep(tcommon.SleepTime)
+
+		_, err := os.Create(path.Join(tempDir, "trivy.db"))
+		So(err, ShouldBeNil)
+	})
+}
+
+func TestControllerManager(t *testing.T) {
+	Convey("Test StartServer Init() panic", t, func() {
+		port := tcommon.GetFreePort()
+
+		conf := config.New()
+		conf.HTTP.Port = port
+
+		ctlr := api.NewController(conf)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
+
+		// No storage configured
+		So(func() { ctlrManager.StartServer() }, ShouldPanic)
+	})
+
+	Convey("Test RunServer panic", t, func() {
+		tempDir := t.TempDir()
+
+		// Invalid port
+		conf := config.New()
+		conf.HTTP.Port = "999999"
+		conf.Storage.RootDirectory = tempDir
+
+		ctlr := api.NewController(conf)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
+
+		ctx := context.Background()
+
+		err := ctlr.Init(ctx)
+		So(err, ShouldBeNil)
+
+		So(func() { ctlrManager.RunServer(ctx) }, ShouldPanic)
+	})
+}

pkg/test/common_test.go

@@ -1,849 +0,0 @@
-//go:build sync && scrub && metrics && search
-// +build sync,scrub,metrics,search
-
-package test_test
-
-import (
-	"context"
-	"encoding/json"
-	"errors"
-	"fmt"
-	"io"
-	"os"
-	"path"
-	"path/filepath"
-	"testing"
-	"time"
-
-	notconfig "github.com/notaryproject/notation-go/config"
-	godigest "github.com/opencontainers/go-digest"
-	ispec "github.com/opencontainers/image-spec/specs-go/v1"
-	. "github.com/smartystreets/goconvey/convey"
-
-	"zotregistry.io/zot/pkg/api"
-	"zotregistry.io/zot/pkg/api/config"
-	"zotregistry.io/zot/pkg/storage"
-	"zotregistry.io/zot/pkg/test"
-	. "zotregistry.io/zot/pkg/test/image-utils"
-	"zotregistry.io/zot/pkg/test/inject"
-	"zotregistry.io/zot/pkg/test/mocks"
-)
-
-var ErrTestError = errors.New("ErrTestError")
-
-func TestCopyFiles(t *testing.T) {
-	Convey("sourceDir does not exist", t, func() {
-		err := test.CopyFiles("/path/to/some/unexisting/directory", os.TempDir())
-		So(err, ShouldNotBeNil)
-	})
-	Convey("destDir is a file", t, func() {
-		dir := t.TempDir()
-
-		test.CopyTestFiles("../../test/data", dir)
-
-		err := test.CopyFiles(dir, "/etc/passwd")
-		So(err, ShouldNotBeNil)
-	})
-	Convey("sourceDir does not have read permissions", t, func() {
-		dir := t.TempDir()
-
-		err := os.Chmod(dir, 0o300)
-		So(err, ShouldBeNil)
-
-		err = test.CopyFiles(dir, os.TempDir())
-		So(err, ShouldNotBeNil)
-	})
-	Convey("sourceDir has a subfolder that does not have read permissions", t, func() {
-		dir := t.TempDir()
-
-		sdir := "subdir"
-		err := os.Mkdir(path.Join(dir, sdir), 0o300)
-		So(err, ShouldBeNil)
-
-		err = test.CopyFiles(dir, os.TempDir())
-		So(err, ShouldNotBeNil)
-	})
-	Convey("sourceDir has a file that does not have read permissions", t, func() {
-		dir := t.TempDir()
-
-		filePath := path.Join(dir, "file.txt")
-		err := os.WriteFile(filePath, []byte("some dummy file content"), 0o644) //nolint: gosec
-		if err != nil {
-			panic(err)
-		}
-
-		err = os.Chmod(filePath, 0o300)
-		So(err, ShouldBeNil)
-
-		err = test.CopyFiles(dir, os.TempDir())
-		So(err, ShouldNotBeNil)
-	})
-	Convey("sourceDir contains a folder starting with invalid characters", t, func() {
-		srcDir := t.TempDir()
-		dstDir := t.TempDir()
-
-		err := os.MkdirAll(path.Join(srcDir, "_trivy", "db"), 0o755)
-		if err != nil {
-			panic(err)
-		}
-
-		err = os.MkdirAll(path.Join(srcDir, "test-index"), 0o755)
-		if err != nil {
-			panic(err)
-		}
-
-		filePathTrivy := path.Join(srcDir, "_trivy", "db", "trivy.db")
-		err = os.WriteFile(filePathTrivy, []byte("some dummy file content"), 0o644) //nolint: gosec
-		if err != nil {
-			panic(err)
-		}
-
-		var index ispec.Index
-		content, err := json.Marshal(index)
-		if err != nil {
-			panic(err)
-		}
-
-		err = os.WriteFile(path.Join(srcDir, "test-index", "index.json"), content, 0o644) //nolint: gosec
-		if err != nil {
-			panic(err)
-		}
-
-		err = test.CopyFiles(srcDir, dstDir)
-		So(err, ShouldBeNil)
-
-		_, err = os.Stat(path.Join(dstDir, "_trivy", "db", "trivy.db"))
-		So(err, ShouldNotBeNil)
-		So(os.IsNotExist(err), ShouldBeTrue)
-
-		_, err = os.Stat(path.Join(dstDir, "test-index", "index.json"))
-		So(err, ShouldBeNil)
-	})
-	Convey("panic when sourceDir does not exist", t, func() {
-		So(func() { test.CopyTestFiles("/path/to/some/unexisting/directory", os.TempDir()) }, ShouldPanic)
-	})
-}
-
-func TestGetImageComponents(t *testing.T) {
-	Convey("Inject failures for unreachable lines", t, func() {
-		injected := inject.InjectFailure(0)
-		if injected {
-			_, _, _, err := test.GetImageComponents(100)
-			So(err, ShouldNotBeNil)
-		}
-	})
-	Convey("finishes successfully", t, func() {
-		_, _, _, err := test.GetImageComponents(100)
-		So(err, ShouldBeNil)
-	})
-}
-
-func TestGetRandomImageComponents(t *testing.T) {
-	Convey("Inject failures for unreachable lines", t, func() {
-		injected := inject.InjectFailure(0)
-		if injected {
-			_, _, _, err := test.GetRandomImageComponents(100)
-			So(err, ShouldNotBeNil)
-		}
-	})
-}
-
-func TestGetImageComponentsWithConfig(t *testing.T) {
-	Convey("Inject failures for unreachable lines", t, func() {
-		injected := inject.InjectFailure(0)
-		if injected {
-			_, _, _, err := test.GetImageComponentsWithConfig(ispec.Image{})
-			So(err, ShouldNotBeNil)
-		}
-	})
-}
-
-func TestWaitTillTrivyDBDownloadStarted(t *testing.T) {
-	Convey("finishes successfully", t, func() {
-		tempDir := t.TempDir()
-		go func() {
-			test.WaitTillTrivyDBDownloadStarted(tempDir)
-		}()
-
-		time.Sleep(test.SleepTime)
-
-		_, err := os.Create(path.Join(tempDir, "trivy.db"))
-		So(err, ShouldBeNil)
-	})
-}
-
-func TestControllerManager(t *testing.T) {
-	Convey("Test StartServer Init() panic", t, func() {
-		port := test.GetFreePort()
-
-		conf := config.New()
-		conf.HTTP.Port = port
-
-		ctlr := api.NewController(conf)
-		ctlrManager := test.NewControllerManager(ctlr)
-
-		// No storage configured
-		So(func() { ctlrManager.StartServer() }, ShouldPanic)
-	})
-
-	Convey("Test RunServer panic", t, func() {
-		tempDir := t.TempDir()
-
-		// Invalid port
-		conf := config.New()
-		conf.HTTP.Port = "999999"
-		conf.Storage.RootDirectory = tempDir
-
-		ctlr := api.NewController(conf)
-		ctlrManager := test.NewControllerManager(ctlr)
-
-		ctx := context.Background()
-
-		err := ctlr.Init(ctx)
-		So(err, ShouldBeNil)
-
-		So(func() { ctlrManager.RunServer(ctx) }, ShouldPanic)
-	})
-}
-
-func TestReadLogFileAndSearchString(t *testing.T) {
-	logFile, err := os.CreateTemp(t.TempDir(), "zot-log*.txt")
-	if err != nil {
-		panic(err)
-	}
-
-	logPath := logFile.Name()
-	defer os.Remove(logPath)
-
-	Convey("Invalid path", t, func() {
-		_, err = test.ReadLogFileAndSearchString("invalidPath", "DB update completed, next update scheduled", 1*time.Second)
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("Time too short", t, func() {
-		ok, err := test.ReadLogFileAndSearchString(logPath, "invalid string", time.Microsecond)
-		So(err, ShouldBeNil)
-		So(ok, ShouldBeFalse)
-	})
-}
-
-func TestReadLogFileAndCountStringOccurence(t *testing.T) {
-	logFile, err := os.CreateTemp(t.TempDir(), "zot-log*.txt")
-	if err != nil {
-		panic(err)
-	}
-
-	_, err = logFile.Write([]byte("line1\n line2\n line3 line1 line2\n line1"))
-	if err != nil {
-		panic(err)
-	}
-
-	logPath := logFile.Name()
-	defer os.Remove(logPath)
-
-	Convey("Invalid path", t, func() {
-		_, err = test.ReadLogFileAndCountStringOccurence("invalidPath",
-			"DB update completed, next update scheduled", 1*time.Second, 1)
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("Time too short", t, func() {
-		ok, err := test.ReadLogFileAndCountStringOccurence(logPath, "invalid string", time.Microsecond, 1)
-		So(err, ShouldBeNil)
-		So(ok, ShouldBeFalse)
-	})
-
-	Convey("Count occurrence working", t, func() {
-		ok, err := test.ReadLogFileAndCountStringOccurence(logPath, "line1", 90*time.Second, 3)
-		So(err, ShouldBeNil)
-		So(ok, ShouldBeTrue)
-	})
-}
-
-func TestCopyFile(t *testing.T) {
-	Convey("destFilePath does not exist", t, func() {
-		err := test.CopyFile("/path/to/srcFile", "~/path/to/some/unexisting/destDir/file")
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("sourceFile does not exist", t, func() {
-		err := test.CopyFile("/path/to/some/unexisting/file", path.Join(t.TempDir(), "destFile.txt"))
-		So(err, ShouldNotBeNil)
-	})
-}
-
-func TestIsDigestReference(t *testing.T) {
-	Convey("not digest reference", t, func() {
-		res := test.IsDigestReference("notDigestReference/input")
-		So(res, ShouldBeFalse)
-	})
-
-	Convey("wrong input format", t, func() {
-		res := test.IsDigestReference("wrongInput")
-		So(res, ShouldBeFalse)
-	})
-}
-
-func TestLoadNotationSigningkeys(t *testing.T) {
-	Convey("notation directory doesn't exist", t, func() {
-		_, err := test.LoadNotationSigningkeys(t.TempDir())
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("wrong content of signingkeys.json", t, func() {
-		tempDir := t.TempDir()
-		dir := path.Join(tempDir, "notation")
-		err := os.Mkdir(dir, 0o777)
-		So(err, ShouldBeNil)
-
-		filePath := path.Join(dir, "signingkeys.json")
-		err = os.WriteFile(filePath, []byte("some dummy file content"), 0o666) //nolint: gosec
-		So(err, ShouldBeNil)
-
-		_, err = test.LoadNotationSigningkeys(tempDir)
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("not enough permissions to access signingkeys.json", t, func() {
-		tempDir := t.TempDir()
-		dir := path.Join(tempDir, "notation")
-		err := os.Mkdir(dir, 0o777)
-		So(err, ShouldBeNil)
-
-		filePath := path.Join(dir, "signingkeys.json")
-		err = os.WriteFile(filePath, []byte("some dummy file content"), 0o300) //nolint: gosec
-		So(err, ShouldBeNil)
-
-		_, err = test.LoadNotationSigningkeys(tempDir)
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("signingkeys.json not exists so it is created successfully", t, func() {
-		tempDir := t.TempDir()
-		dir := path.Join(tempDir, "notation")
-		err := os.Mkdir(dir, 0o777)
-		So(err, ShouldBeNil)
-
-		_, err = test.LoadNotationSigningkeys(tempDir)
-		So(err, ShouldBeNil)
-	})
-
-	Convey("signingkeys.json not exists - error trying to create it", t, func() {
-		tempDir := t.TempDir()
-		dir := path.Join(tempDir, "notation")
-		// create notation directory without write permissions
-		err := os.Mkdir(dir, 0o555)
-		So(err, ShouldBeNil)
-
-		_, err = test.LoadNotationSigningkeys(tempDir)
-		So(err, ShouldNotBeNil)
-	})
-}
-
-func TestLoadNotationConfig(t *testing.T) {
-	Convey("directory doesn't exist", t, func() {
-		_, err := test.LoadNotationConfig(t.TempDir())
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("wrong content of signingkeys.json", t, func() {
-		tempDir := t.TempDir()
-		dir := path.Join(tempDir, "notation")
-		err := os.Mkdir(dir, 0o777)
-		So(err, ShouldBeNil)
-
-		filePath := path.Join(dir, "signingkeys.json")
-		err = os.WriteFile(filePath, []byte("some dummy file content"), 0o666) //nolint: gosec
-		So(err, ShouldBeNil)
-
-		_, err = test.LoadNotationConfig(tempDir)
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("check default value of signature format", t, func() {
-		tempDir := t.TempDir()
-		dir := path.Join(tempDir, "notation")
-		err := os.Mkdir(dir, 0o777)
-		So(err, ShouldBeNil)
-
-		filePath := path.Join(dir, "signingkeys.json")
-		err = os.WriteFile(filePath, []byte("{\"SignatureFormat\": \"\"}"), 0o666) //nolint: gosec
-		So(err, ShouldBeNil)
-
-		configInfo, err := test.LoadNotationConfig(tempDir)
-		So(err, ShouldBeNil)
-		So(configInfo.SignatureFormat, ShouldEqual, "jws")
-	})
-}
-
-func TestSignWithNotation(t *testing.T) {
-	Convey("notation directory doesn't exist", t, func() {
-		err := test.SignWithNotation("key", "reference", t.TempDir())
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("key not found", t, func() {
-		tempDir := t.TempDir()
-		dir := path.Join(tempDir, "notation")
-		err := os.Mkdir(dir, 0o777)
-		So(err, ShouldBeNil)
-
-		filePath := path.Join(dir, "signingkeys.json")
-		err = os.WriteFile(filePath, []byte("{}"), 0o666) //nolint: gosec
-		So(err, ShouldBeNil)
-
-		err = test.SignWithNotation("key", "reference", tempDir)
-		So(err, ShouldEqual, test.ErrKeyNotFound)
-	})
-
-	Convey("not enough permissions to access notation/localkeys dir", t, func() {
-		cwd, err := os.Getwd()
-		So(err, ShouldBeNil)
-		defer func() { _ = os.Chdir(cwd) }()
-		tdir := t.TempDir()
-		_ = os.Chdir(tdir)
-
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
-
-		test.LoadNotationPath(tdir)
-
-		err = test.GenerateNotationCerts(tdir, "key")
-		So(err, ShouldBeNil)
-
-		err = os.Chmod(path.Join(tdir, "notation", "localkeys"), 0o000)
-		So(err, ShouldBeNil)
-
-		err = test.SignWithNotation("key", "reference", tdir)
-		So(err, ShouldNotBeNil)
-
-		err = os.Chmod(path.Join(tdir, "notation", "localkeys"), 0o755)
-		So(err, ShouldBeNil)
-	})
-
-	Convey("error parsing reference", t, func() {
-		cwd, err := os.Getwd()
-		So(err, ShouldBeNil)
-		defer func() { _ = os.Chdir(cwd) }()
-		tdir := t.TempDir()
-		_ = os.Chdir(tdir)
-
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
-
-		test.LoadNotationPath(tdir)
-
-		err = test.GenerateNotationCerts(tdir, "key")
-		So(err, ShouldBeNil)
-
-		err = test.SignWithNotation("key", "invalidReference", tdir)
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("error signing", t, func() {
-		cwd, err := os.Getwd()
-		So(err, ShouldBeNil)
-		defer func() { _ = os.Chdir(cwd) }()
-		tdir := t.TempDir()
-		_ = os.Chdir(tdir)
-
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
-
-		test.LoadNotationPath(tdir)
-
-		err = test.GenerateNotationCerts(tdir, "key")
-		So(err, ShouldBeNil)
-
-		err = test.SignWithNotation("key", "localhost:8080/invalidreference:1.0", tdir)
-		So(err, ShouldNotBeNil)
-	})
-}
-
-func TestVerifyWithNotation(t *testing.T) {
-	Convey("notation directory doesn't exist", t, func() {
-		err := test.VerifyWithNotation("reference", t.TempDir())
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("error parsing reference", t, func() {
-		cwd, err := os.Getwd()
-		So(err, ShouldBeNil)
-		defer func() { _ = os.Chdir(cwd) }()
-		tdir := t.TempDir()
-		_ = os.Chdir(tdir)
-
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
-
-		test.LoadNotationPath(tdir)
-
-		err = test.GenerateNotationCerts(tdir, "key")
-		So(err, ShouldBeNil)
-
-		err = test.VerifyWithNotation("invalidReference", tdir)
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("error trying to get manifest", t, func() {
-		cwd, err := os.Getwd()
-		So(err, ShouldBeNil)
-		defer func() { _ = os.Chdir(cwd) }()
-		tdir := t.TempDir()
-		_ = os.Chdir(tdir)
-
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
-
-		test.LoadNotationPath(tdir)
-
-		err = test.GenerateNotationCerts(tdir, "key")
-		So(err, ShouldBeNil)
-
-		err = test.VerifyWithNotation("localhost:8080/invalidreference:1.0", tdir)
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("invalid content of trustpolicy.json", t, func() {
-		// start a new server
-		port := test.GetFreePort()
-		baseURL := test.GetBaseURL(port)
-		dir := t.TempDir()
-
-		conf := config.New()
-		conf.HTTP.Port = port
-		conf.Storage.RootDirectory = dir
-
-		ctlr := api.NewController(conf)
-		cm := test.NewControllerManager(ctlr)
-		// this blocks
-		cm.StartAndWait(port)
-		defer cm.StopServer()
-
-		repoName := "signed-repo"
-		tag := "1.0"
-		cfg, layers, manifest, err := test.GetImageComponents(2)
-		So(err, ShouldBeNil)
-
-		err = UploadImage(
-			Image{
-				Config:   cfg,
-				Layers:   layers,
-				Manifest: manifest,
-			}, baseURL, repoName, tag)
-		So(err, ShouldBeNil)
-
-		content, err := json.Marshal(manifest)
-		So(err, ShouldBeNil)
-		digest := godigest.FromBytes(content)
-		So(digest, ShouldNotBeNil)
-
-		tempDir := t.TempDir()
-		notationDir := path.Join(tempDir, "notation")
-		err = os.Mkdir(notationDir, 0o777)
-		So(err, ShouldBeNil)
-
-		filePath := path.Join(notationDir, "trustpolicy.json")
-		err = os.WriteFile(filePath, []byte("some dummy file content"), 0o666) //nolint: gosec
-		So(err, ShouldBeNil)
-
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
-
-		test.LoadNotationPath(tempDir)
-
-		err = test.VerifyWithNotation(fmt.Sprintf("localhost:%s/%s:%s", port, repoName, tag), tempDir)
-		So(err, ShouldNotBeNil)
-	})
-}
-
-func TestListNotarySignatures(t *testing.T) {
-	Convey("error parsing reference", t, func() {
-		cwd, err := os.Getwd()
-		So(err, ShouldBeNil)
-		defer func() { _ = os.Chdir(cwd) }()
-		tdir := t.TempDir()
-		_ = os.Chdir(tdir)
-
-		_, err = test.ListNotarySignatures("invalidReference", tdir)
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("error trying to get manifest", t, func() {
-		cwd, err := os.Getwd()
-		So(err, ShouldBeNil)
-		defer func() { _ = os.Chdir(cwd) }()
-		tdir := t.TempDir()
-		_ = os.Chdir(tdir)
-
-		_, err = test.ListNotarySignatures("localhost:8080/invalidreference:1.0", tdir)
-		So(err, ShouldNotBeNil)
-	})
-}
-
-func TestGenerateNotationCerts(t *testing.T) {
-	Convey("write key file with permission", t, func() {
-		tempDir := t.TempDir()
-
-		notationDir := path.Join(tempDir, "notation")
-		err := os.Mkdir(notationDir, 0o777)
-		So(err, ShouldBeNil)
-
-		filePath := path.Join(notationDir, "localkeys")
-		err = os.WriteFile(filePath, []byte("{}"), 0o666) //nolint: gosec
-		So(err, ShouldBeNil)
-
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
-
-		test.LoadNotationPath(tempDir)
-
-		err = test.GenerateNotationCerts(t.TempDir(), "cert")
-		So(err, ShouldNotBeNil)
-	})
-
-	Convey("write cert file with permission", t, func() {
-		tempDir := t.TempDir()
-
-		notationDir := path.Join(tempDir, "notation", "localkeys")
-		err := os.MkdirAll(notationDir, 0o777)
-		So(err, ShouldBeNil)
-
-		filePath := path.Join(notationDir, "cert.crt")
-		err = os.WriteFile(filePath, []byte("{}"), 0o666) //nolint: gosec
-		So(err, ShouldBeNil)
-
-		err = os.Chmod(filePath, 0o000)
-		So(err, ShouldBeNil)
-
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
-
-		test.LoadNotationPath(tempDir)
-
-		err = test.GenerateNotationCerts(t.TempDir(), "cert")
-		So(err, ShouldNotBeNil)
-
-		err = os.Chmod(filePath, 0o755)
-		So(err, ShouldBeNil)
-	})
-
-	Convey("signingkeys.json file - not enough permission", t, func() {
-		tempDir := t.TempDir()
-
-		notationDir := path.Join(tempDir, "notation")
-		err := os.Mkdir(notationDir, 0o777)
-		So(err, ShouldBeNil)
-
-		filePath := path.Join(notationDir, "signingkeys.json")
-		_, err = os.Create(filePath) //nolint: gosec
-		So(err, ShouldBeNil)
-		err = os.Chmod(filePath, 0o000)
-		So(err, ShouldBeNil)
-
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
-
-		test.LoadNotationPath(tempDir)
-
-		err = test.GenerateNotationCerts(t.TempDir(), "cert")
-		So(err, ShouldNotBeNil)
-
-		err = os.Remove(filePath)
-		So(err, ShouldBeNil)
-		err = os.RemoveAll(path.Join(notationDir, "localkeys"))
-		So(err, ShouldBeNil)
-		signingKeysBuf, err := json.Marshal(notconfig.SigningKeys{})
-		So(err, ShouldBeNil)
-		err = os.WriteFile(filePath, signingKeysBuf, 0o555) //nolint:gosec // test code
-		So(err, ShouldBeNil)
-		err = test.GenerateNotationCerts(t.TempDir(), "cert")
-		So(err, ShouldNotBeNil)
-	})
-	Convey("keysuite already exists in signingkeys.json", t, func() {
-		tempDir := t.TempDir()
-
-		notationDir := path.Join(tempDir, "notation")
-		err := os.Mkdir(notationDir, 0o777)
-		So(err, ShouldBeNil)
-
-		certName := "cert-test"
-		filePath := path.Join(notationDir, "signingkeys.json")
-		keyPath := path.Join(notationDir, "localkeys", certName+".key")
-		certPath := path.Join(notationDir, "localkeys", certName+".crt")
-		signingKeys := notconfig.SigningKeys{}
-		keySuite := notconfig.KeySuite{
-			Name: certName,
-			X509KeyPair: &notconfig.X509KeyPair{
-				KeyPath:         keyPath,
-				CertificatePath: certPath,
-			},
-		}
-		signingKeys.Keys = []notconfig.KeySuite{keySuite}
-		signingKeysBuf, err := json.Marshal(signingKeys)
-		So(err, ShouldBeNil)
-		err = os.WriteFile(filePath, signingKeysBuf, 0o600)
-		So(err, ShouldBeNil)
-
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
-
-		test.LoadNotationPath(tempDir)
-
-		err = test.GenerateNotationCerts(t.TempDir(), certName)
-		So(err, ShouldNotBeNil)
-	})
-	Convey("truststore files", t, func() {
-		tempDir := t.TempDir()
-
-		notationDir := path.Join(tempDir, "notation")
-		err := os.Mkdir(notationDir, 0o777)
-		So(err, ShouldBeNil)
-
-		certName := "cert-test"
-		trustStorePath := path.Join(notationDir, fmt.Sprintf("truststore/x509/ca/%s", certName))
-		err = os.MkdirAll(trustStorePath, 0o755)
-		So(err, ShouldBeNil)
-		err = os.Chmod(path.Join(notationDir, "truststore/x509"), 0o000)
-		So(err, ShouldBeNil)
-
-		test.NotationPathLock.Lock()
-		defer test.NotationPathLock.Unlock()
-
-		test.LoadNotationPath(tempDir)
-
-		err = test.GenerateNotationCerts(tempDir, certName)
-		So(err, ShouldNotBeNil)
-
-		err = os.RemoveAll(path.Join(notationDir, "localkeys"))
-		So(err, ShouldBeNil)
-		err = os.Chmod(path.Join(notationDir, "truststore/x509"), 0o755)
-		So(err, ShouldBeNil)
-		_, err = os.Create(path.Join(trustStorePath, "cert-test.crt"))
-		So(err, ShouldBeNil)
-
-		err = test.GenerateNotationCerts(tempDir, certName)
-		So(err, ShouldNotBeNil)
-
-		err = os.RemoveAll(path.Join(notationDir, "localkeys"))
-		So(err, ShouldBeNil)
-		err = os.Remove(path.Join(trustStorePath, "cert-test.crt"))
-		So(err, ShouldBeNil)
-		err = os.Chmod(path.Join(notationDir, "truststore/x509/ca", certName), 0o555)
-		So(err, ShouldBeNil)
-
-		err = test.GenerateNotationCerts(tempDir, certName)
-		So(err, ShouldNotBeNil)
-	})
-}
-
-func TestWriteImageToFileSystem(t *testing.T) {
-	Convey("WriteImageToFileSystem errors", t, func() {
-		err := test.WriteImageToFileSystem(Image{}, "repo", "dig", storage.StoreController{
-			DefaultStore: mocks.MockedImageStore{
-				InitRepoFn: func(name string) error {
-					return ErrTestError
-				},
-			},
-		})
-		So(err, ShouldNotBeNil)
-
-		err = test.WriteImageToFileSystem(
-			Image{Layers: [][]byte{[]byte("testLayer")}},
-			"repo",
-			"tag",
-			storage.StoreController{
-				DefaultStore: mocks.MockedImageStore{
-					FullBlobUploadFn: func(repo string, body io.Reader, digest godigest.Digest,
-					) (string, int64, error) {
-						return "", 0, ErrTestError
-					},
-				},
-			})
-		So(err, ShouldNotBeNil)
-
-		count := 0
-		err = test.WriteImageToFileSystem(
-			Image{Layers: [][]byte{[]byte("testLayer")}},
-			"repo",
-			"tag",
-			storage.StoreController{
-				DefaultStore: mocks.MockedImageStore{
-					FullBlobUploadFn: func(repo string, body io.Reader, digest godigest.Digest,
-					) (string, int64, error) {
-						if count == 0 {
-							count++
-
-							return "", 0, nil
-						}
-
-						return "", 0, ErrTestError
-					},
-				},
-			})
-		So(err, ShouldNotBeNil)
-
-		err = test.WriteImageToFileSystem(
-			Image{Layers: [][]byte{[]byte("testLayer")}},
-			"repo",
-			"tag",
-			storage.StoreController{
-				DefaultStore: mocks.MockedImageStore{
-					PutImageManifestFn: func(repo, reference, mediaType string, body []byte,
-					) (godigest.Digest, godigest.Digest, error) {
-						return "", "", ErrTestError
-					},
-				},
-			})
-		So(err, ShouldNotBeNil)
-	})
-}
-
-func TestBearerServer(t *testing.T) {
-	Convey("test MakeAuthTestServer() no serve key", t, func() {
-		So(func() { test.MakeAuthTestServer("", "") }, ShouldPanic)
-	})
-}
-
-func TestCopyTestKeysAndCerts(t *testing.T) {
-	Convey("CopyTestKeysAndCerts", t, func() {
-		// ------- Make test files unreadable -------
-		dir := t.TempDir()
-		file := filepath.Join(dir, "ca.crt")
-
-		_, err := os.Create(file)
-		So(err, ShouldBeNil)
-
-		err = os.Chmod(file, 0o000)
-		So(err, ShouldBeNil)
-
-		err = test.CopyTestKeysAndCerts(dir)
-		So(err, ShouldNotBeNil)
-
-		err = os.Chmod(file, 0o777)
-		So(err, ShouldBeNil)
-
-		// ------- Copy fails -------
-
-		err = os.Chmod(dir, 0o000)
-		So(err, ShouldBeNil)
-
-		err = test.CopyTestKeysAndCerts(file)
-		So(err, ShouldNotBeNil)
-
-		err = os.Chmod(dir, 0o777)
-		So(err, ShouldBeNil)
-
-		// ------- Folder creation fails -------
-
-		file = filepath.Join(dir, "a-file.file")
-		_, err = os.Create(file)
-		So(err, ShouldBeNil)
-
-		_, err = os.Stat(file)
-		So(err, ShouldBeNil)
-
-		err = test.CopyTestKeysAndCerts(file)
-		So(err, ShouldNotBeNil)
-	})
-}

pkg/test/deprecated/deprecated.go

@@ -0,0 +1,427 @@
+package deprecated
+
+import (
+	"crypto/rand"
+	"encoding/json"
+
+	godigest "github.com/opencontainers/go-digest"
+	"github.com/opencontainers/image-spec/specs-go"
+	ispec "github.com/opencontainers/image-spec/specs-go/v1"
+
+	"zotregistry.io/zot/pkg/test/image-utils"
+	"zotregistry.io/zot/pkg/test/inject"
+)
+
+// Deprecated: Should use the new functions starting with "Create".
+func GetImageComponents(layerSize int) (ispec.Image, [][]byte, ispec.Manifest, error) {
+	config := ispec.Image{
+		Platform: ispec.Platform{
+			Architecture: "amd64",
+			OS:           "linux",
+		},
+		RootFS: ispec.RootFS{
+			Type:    "layers",
+			DiffIDs: []godigest.Digest{},
+		},
+		Author: "ZotUser",
+	}
+
+	configBlob, err := json.Marshal(config)
+	if err = inject.Error(err); err != nil {
+		return ispec.Image{}, [][]byte{}, ispec.Manifest{}, err
+	}
+
+	configDigest := godigest.FromBytes(configBlob)
+
+	layers := [][]byte{
+		make([]byte, layerSize),
+	}
+
+	schemaVersion := 2
+
+	manifest := ispec.Manifest{
+		MediaType: ispec.MediaTypeImageManifest,
+		Versioned: specs.Versioned{
+			SchemaVersion: schemaVersion,
+		},
+		Config: ispec.Descriptor{
+			MediaType: "application/vnd.oci.image.config.v1+json",
+			Digest:    configDigest,
+			Size:      int64(len(configBlob)),
+		},
+		Layers: []ispec.Descriptor{
+			{
+				MediaType: "application/vnd.oci.image.layer.v1.tar",
+				Digest:    godigest.FromBytes(layers[0]),
+				Size:      int64(len(layers[0])),
+			},
+		},
+	}
+
+	return config, layers, manifest, nil
+}
+
+// Deprecated: Should use the new functions starting with "Create".
+func GetRandomImageComponents(layerSize int) (ispec.Image, [][]byte, ispec.Manifest, error) {
+	config := ispec.Image{
+		Platform: ispec.Platform{
+			Architecture: "amd64",
+			OS:           "linux",
+		},
+		RootFS: ispec.RootFS{
+			Type:    "layers",
+			DiffIDs: []godigest.Digest{},
+		},
+		Author: "ZotUser",
+	}
+
+	configBlob, err := json.Marshal(config)
+	if err = inject.Error(err); err != nil {
+		return ispec.Image{}, [][]byte{}, ispec.Manifest{}, err
+	}
+
+	configDigest := godigest.FromBytes(configBlob)
+
+	layers := [][]byte{
+		GetRandomLayer(layerSize),
+	}
+
+	schemaVersion := 2
+
+	manifest := ispec.Manifest{
+		MediaType: ispec.MediaTypeImageManifest,
+		Versioned: specs.Versioned{
+			SchemaVersion: schemaVersion,
+		},
+		Config: ispec.Descriptor{
+			MediaType: "application/vnd.oci.image.config.v1+json",
+			Digest:    configDigest,
+			Size:      int64(len(configBlob)),
+		},
+		Layers: []ispec.Descriptor{
+			{
+				MediaType: "application/vnd.oci.image.layer.v1.tar",
+				Digest:    godigest.FromBytes(layers[0]),
+				Size:      int64(len(layers[0])),
+			},
+		},
+	}
+
+	return config, layers, manifest, nil
+}
+
+func GetRandomLayer(size int) []byte {
+	layer := make([]byte, size)
+
+	_, err := rand.Read(layer)
+	if err != nil {
+		return layer
+	}
+
+	return layer
+}
+
+// Deprecated: Should use the new functions starting with "Create".
+func GetVulnImageWithConfig(config ispec.Image) (image.Image, error) {
+	vulnerableLayer, err := image.GetLayerWithVulnerability()
+	if err != nil {
+		return image.Image{}, err
+	}
+
+	vulnerableConfig := ispec.Image{
+		Platform: config.Platform,
+		Config:   config.Config,
+		RootFS: ispec.RootFS{
+			Type:    "layers",
+			DiffIDs: []godigest.Digest{"sha256:f1417ff83b319fbdae6dd9cd6d8c9c88002dcd75ecf6ec201c8c6894681cf2b5"},
+		},
+		Created: config.Created,
+		History: config.History,
+	}
+
+	img, err := GetImageWithComponents(
+		vulnerableConfig,
+		[][]byte{
+			vulnerableLayer,
+		})
+	if err != nil {
+		return image.Image{}, err
+	}
+
+	return img, err
+}
+
+// Deprecated: Should use the new functions starting with "Create".
+func GetRandomImage() (image.Image, error) {
+	const layerSize = 20
+
+	config, layers, manifest, err := GetRandomImageComponents(layerSize)
+	if err != nil {
+		return image.Image{}, err
+	}
+
+	return image.Image{
+		Manifest: manifest,
+		Layers:   layers,
+		Config:   config,
+	}, nil
+}
+
+// Deprecated: Should use the new functions starting with "Create".
+func GetImageComponentsWithConfig(conf ispec.Image) (ispec.Image, [][]byte, ispec.Manifest, error) {
+	configBlob, err := json.Marshal(conf)
+	if err = inject.Error(err); err != nil {
+		return ispec.Image{}, [][]byte{}, ispec.Manifest{}, err
+	}
+
+	configDigest := godigest.FromBytes(configBlob)
+
+	layerSize := 100
+	layer := make([]byte, layerSize)
+
+	_, err = rand.Read(layer)
+	if err != nil {
+		return ispec.Image{}, [][]byte{}, ispec.Manifest{}, err
+	}
+
+	layers := [][]byte{
+		layer,
+	}
+
+	schemaVersion := 2
+
+	manifest := ispec.Manifest{
+		MediaType: ispec.MediaTypeImageManifest,
+		Versioned: specs.Versioned{
+			SchemaVersion: schemaVersion,
+		},
+		Config: ispec.Descriptor{
+			MediaType: "application/vnd.oci.image.config.v1+json",
+			Digest:    configDigest,
+			Size:      int64(len(configBlob)),
+		},
+		Layers: []ispec.Descriptor{
+			{
+				MediaType: "application/vnd.oci.image.layer.v1.tar",
+				Digest:    godigest.FromBytes(layers[0]),
+				Size:      int64(len(layers[0])),
+			},
+		},
+	}
+
+	return conf, layers, manifest, nil
+}
+
+// Deprecated: Should use the new functions starting with "Create".
+func GetImageWithConfig(conf ispec.Image) (image.Image, error) {
+	config, layers, manifest, err := GetImageComponentsWithConfig(conf)
+	if err != nil {
+		return image.Image{}, err
+	}
+
+	return image.Image{
+		Manifest: manifest,
+		Config:   config,
+		Layers:   layers,
+	}, nil
+}
+
+// Deprecated: Should use the new functions starting with "Create".
+func GetImageWithComponents(config ispec.Image, layers [][]byte) (image.Image, error) {
+	configBlob, err := json.Marshal(config)
+	if err != nil {
+		return image.Image{}, err
+	}
+
+	manifestLayers := make([]ispec.Descriptor, 0, len(layers))
+
+	for _, layer := range layers {
+		manifestLayers = append(manifestLayers, ispec.Descriptor{
+			MediaType: "application/vnd.oci.image.layer.v1.tar",
+			Digest:    godigest.FromBytes(layer),
+			Size:      int64(len(layer)),
+		})
+	}
+
+	const schemaVersion = 2
+
+	manifest := ispec.Manifest{
+		MediaType: ispec.MediaTypeImageManifest,
+		Versioned: specs.Versioned{
+			SchemaVersion: schemaVersion,
+		},
+		Config: ispec.Descriptor{
+			MediaType: "application/vnd.oci.image.config.v1+json",
+			Digest:    godigest.FromBytes(configBlob),
+			Size:      int64(len(configBlob)),
+		},
+		Layers: manifestLayers,
+	}
+
+	return image.Image{
+		Manifest: manifest,
+		Config:   config,
+		Layers:   layers,
+	}, nil
+}
+
+// Deprecated: Should use the new functions starting with "Create".
+func GetImageWithSubject(subjectDigest godigest.Digest, mediaType string) (image.Image, error) {
+	num := 100
+
+	conf, layers, manifest, err := GetRandomImageComponents(num)
+	if err != nil {
+		return image.Image{}, err
+	}
+
+	manifest.Subject = &ispec.Descriptor{
+		Digest:    subjectDigest,
+		MediaType: mediaType,
+	}
+
+	return image.Image{
+		Manifest: manifest,
+		Config:   conf,
+		Layers:   layers,
+	}, nil
+}
+
+// Deprecated: Should use the new functions starting with "Create".
+func GetRandomMultiarchImageComponents() (ispec.Index, []image.Image, error) {
+	const layerSize = 100
+
+	randomLayer1 := make([]byte, layerSize)
+
+	_, err := rand.Read(randomLayer1)
+	if err != nil {
+		return ispec.Index{}, []image.Image{}, err
+	}
+
+	image1, err := GetImageWithComponents(
+		ispec.Image{
+			Platform: ispec.Platform{
+				OS:           "linux",
+				Architecture: "amd64",
+			},
+		},
+		[][]byte{
+			randomLayer1,
+		})
+	if err != nil {
+		return ispec.Index{}, []image.Image{}, err
+	}
+
+	randomLayer2 := make([]byte, layerSize)
+
+	_, err = rand.Read(randomLayer2)
+	if err != nil {
+		return ispec.Index{}, []image.Image{}, err
+	}
+
+	image2, err := GetImageWithComponents(
+		ispec.Image{
+			Platform: ispec.Platform{
+				OS:           "linux",
+				Architecture: "386",
+			},
+		},
+		[][]byte{
+			randomLayer2,
+		})
+	if err != nil {
+		return ispec.Index{}, []image.Image{}, err
+	}
+
+	randomLayer3 := make([]byte, layerSize)
+
+	_, err = rand.Read(randomLayer3)
+	if err != nil {
+		return ispec.Index{}, []image.Image{}, err
+	}
+
+	image3, err := GetImageWithComponents(
+		ispec.Image{
+			Platform: ispec.Platform{
+				OS:           "windows",
+				Architecture: "amd64",
+			},
+		},
+		[][]byte{
+			randomLayer3,
+		})
+	if err != nil {
+		return ispec.Index{}, []image.Image{}, err
+	}
+
+	index := ispec.Index{
+		MediaType: ispec.MediaTypeImageIndex,
+		Manifests: []ispec.Descriptor{
+			{
+				MediaType: ispec.MediaTypeImageManifest,
+				Digest:    getManifestDigest(image1.Manifest),
+				Size:      getManifestSize(image1.Manifest),
+			},
+			{
+				MediaType: ispec.MediaTypeImageManifest,
+				Digest:    getManifestDigest(image2.Manifest),
+				Size:      getManifestSize(image2.Manifest),
+			},
+			{
+				MediaType: ispec.MediaTypeImageManifest,
+				Digest:    getManifestDigest(image3.Manifest),
+				Size:      getManifestSize(image3.Manifest),
+			},
+		},
+	}
+
+	return index, []image.Image{image1, image2, image3}, nil
+}
+
+// Deprecated: Should use the new functions starting with "Create".
+func GetRandomMultiarchImage(reference string) (image.MultiarchImage, error) {
+	index, images, err := GetRandomMultiarchImageComponents()
+	if err != nil {
+		return image.MultiarchImage{}, err
+	}
+
+	index.SchemaVersion = 2
+
+	return image.MultiarchImage{
+		Index: index, Images: images, Reference: reference,
+	}, err
+}
+
+// Deprecated: Should use the new functions starting with "Create".
+func GetMultiarchImageForImages(images []image.Image) image.MultiarchImage {
+	var index ispec.Index
+
+	for _, image := range images {
+		index.Manifests = append(index.Manifests, ispec.Descriptor{
+			MediaType: ispec.MediaTypeImageManifest,
+			Digest:    getManifestDigest(image.Manifest),
+			Size:      getManifestSize(image.Manifest),
+		})
+	}
+
+	index.SchemaVersion = 2
+
+	return image.MultiarchImage{Index: index, Images: images}
+}
+
+func getManifestSize(manifest ispec.Manifest) int64 {
+	manifestBlob, err := json.Marshal(manifest)
+	if err != nil {
+		return 0
+	}
+
+	return int64(len(manifestBlob))
+}
+
+func getManifestDigest(manifest ispec.Manifest) godigest.Digest {
+	manifestBlob, err := json.Marshal(manifest)
+	if err != nil {
+		return ""
+	}
+
+	return godigest.FromBytes(manifestBlob)
+}

pkg/test/deprecated/deprecated_test.go

@@ -0,0 +1,45 @@
+package deprecated_test
+
+import (
+	"testing"
+
+	ispec "github.com/opencontainers/image-spec/specs-go/v1"
+	. "github.com/smartystreets/goconvey/convey"
+
+	"zotregistry.io/zot/pkg/test/deprecated"
+	"zotregistry.io/zot/pkg/test/inject"
+)
+
+func TestGetImageComponents(t *testing.T) {
+	Convey("Inject failures for unreachable lines", t, func() {
+		injected := inject.InjectFailure(0)
+		if injected {
+			_, _, _, err := deprecated.GetImageComponents(100) //nolint:staticcheck
+			So(err, ShouldNotBeNil)
+		}
+	})
+	Convey("finishes successfully", t, func() {
+		_, _, _, err := deprecated.GetImageComponents(100) //nolint:staticcheck
+		So(err, ShouldBeNil)
+	})
+}
+
+func TestGetRandomImageComponents(t *testing.T) {
+	Convey("Inject failures for unreachable lines", t, func() {
+		injected := inject.InjectFailure(0)
+		if injected {
+			_, _, _, err := deprecated.GetRandomImageComponents(100) //nolint:staticcheck
+			So(err, ShouldNotBeNil)
+		}
+	})
+}
+
+func TestGetImageComponentsWithConfig(t *testing.T) {
+	Convey("Inject failures for unreachable lines", t, func() {
+		injected := inject.InjectFailure(0)
+		if injected {
+			_, _, _, err := deprecated.GetImageComponentsWithConfig(ispec.Image{}) //nolint:staticcheck
+			So(err, ShouldNotBeNil)
+		}
+	})
+}

pkg/test/image-utils/upload.go

@@ -10,7 +10,7 @@ import (
 	ispec "github.com/opencontainers/image-spec/specs-go/v1"
 	"gopkg.in/resty.v1"
 
-	testc "zotregistry.io/zot/pkg/test/common"
+	tcommon "zotregistry.io/zot/pkg/test/common"
 	"zotregistry.io/zot/pkg/test/inject"
 )
 
@@ -81,7 +81,7 @@ func UploadImage(img Image, baseURL, repo, ref string) error {
 		return ErrPostBlob
 	}
 
-	loc := testc.Location(baseURL, resp)
+	loc := tcommon.Location(baseURL, resp)
 
 	// uploading blob should get 201
 	resp, err = resty.R().
@@ -181,7 +181,7 @@ func UploadImageWithBasicAuth(img Image, baseURL, repo, ref, user, password stri
 		return ErrPostBlob
 	}
 
-	loc := testc.Location(baseURL, resp)
+	loc := tcommon.Location(baseURL, resp)
 
 	// uploading blob should get 201
 	resp, err = resty.R().

pkg/test/image-utils/upload_test.go

@@ -13,15 +13,15 @@ import (
 
 	"zotregistry.io/zot/pkg/api"
 	"zotregistry.io/zot/pkg/api/config"
-	. "zotregistry.io/zot/pkg/test"
+	tcommon "zotregistry.io/zot/pkg/test/common"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/inject"
 )
 
 func TestUploadImage(t *testing.T) {
 	Convey("Manifest without schemaVersion should fail validation", t, func() {
-		port := GetFreePort()
-		baseURL := GetBaseURL(port)
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
 
 		conf := config.New()
 		conf.HTTP.Port = port
@@ -29,7 +29,7 @@ func TestUploadImage(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		ctlrManager := NewControllerManager(ctlr)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
@@ -57,8 +57,8 @@ func TestUploadImage(t *testing.T) {
 	})
 
 	Convey("Post request results in an error", t, func() {
-		port := GetFreePort()
-		baseURL := GetBaseURL(port)
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
 
 		conf := config.New()
 		conf.HTTP.Port = port
@@ -73,8 +73,8 @@ func TestUploadImage(t *testing.T) {
 	})
 
 	Convey("Post request status differs from accepted", t, func() {
-		port := GetFreePort()
-		baseURL := GetBaseURL(port)
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
 
 		tempDir := t.TempDir()
 		conf := config.New()
@@ -88,7 +88,7 @@ func TestUploadImage(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		ctlrManager := NewControllerManager(ctlr)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
@@ -101,8 +101,8 @@ func TestUploadImage(t *testing.T) {
 	})
 
 	Convey("Put request results in an error", t, func() {
-		port := GetFreePort()
-		baseURL := GetBaseURL(port)
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
 
 		conf := config.New()
 		conf.HTTP.Port = port
@@ -110,7 +110,7 @@ func TestUploadImage(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		ctlrManager := NewControllerManager(ctlr)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
@@ -124,8 +124,8 @@ func TestUploadImage(t *testing.T) {
 	})
 
 	Convey("Image uploaded successfully", t, func() {
-		port := GetFreePort()
-		baseURL := GetBaseURL(port)
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
 
 		conf := config.New()
 		conf.HTTP.Port = port
@@ -133,7 +133,7 @@ func TestUploadImage(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		ctlrManager := NewControllerManager(ctlr)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
@@ -166,13 +166,13 @@ func TestUploadImage(t *testing.T) {
 	Convey("Upload image with authentification", t, func() {
 		tempDir := t.TempDir()
 		conf := config.New()
-		port := GetFreePort()
-		baseURL := GetBaseURL(port)
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
 
 		user1 := "test"
 		password1 := "test"
-		testString1 := GetCredString(user1, password1)
-		htpasswdPath := MakeHtpasswdFileFromString(testString1)
+		testString1 := tcommon.GetCredString(user1, password1)
+		htpasswdPath := tcommon.MakeHtpasswdFileFromString(testString1)
 		defer os.Remove(htpasswdPath)
 		conf.HTTP.Auth = &config.AuthConfig{
 			HTPasswd: config.AuthHTPasswd{
@@ -213,7 +213,7 @@ func TestUploadImage(t *testing.T) {
 
 		ctlr.Config.Storage.RootDirectory = tempDir
 
-		ctlrManager := NewControllerManager(ctlr)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
@@ -236,8 +236,8 @@ func TestUploadImage(t *testing.T) {
 	})
 
 	Convey("Blob upload wrong response status code", t, func() {
-		port := GetFreePort()
-		baseURL := GetBaseURL(port)
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
 
 		tempDir := t.TempDir()
 		conf := config.New()
@@ -246,7 +246,7 @@ func TestUploadImage(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		ctlrManager := NewControllerManager(ctlr)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
@@ -289,8 +289,8 @@ func TestUploadImage(t *testing.T) {
 	})
 
 	Convey("CreateBlobUpload wrong response status code", t, func() {
-		port := GetFreePort()
-		baseURL := GetBaseURL(port)
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
 
 		tempDir := t.TempDir()
 		conf := config.New()
@@ -299,7 +299,7 @@ func TestUploadImage(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		ctlrManager := NewControllerManager(ctlr)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
@@ -331,8 +331,8 @@ func TestUploadImage(t *testing.T) {
 
 func TestInjectUploadImage(t *testing.T) {
 	Convey("Inject failures for unreachable lines", t, func() {
-		port := GetFreePort()
-		baseURL := GetBaseURL(port)
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
 
 		tempDir := t.TempDir()
 		conf := config.New()
@@ -341,7 +341,7 @@ func TestInjectUploadImage(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		ctlrManager := NewControllerManager(ctlr)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
@@ -395,8 +395,8 @@ func TestInjectUploadImage(t *testing.T) {
 
 func TestUploadMultiarchImage(t *testing.T) {
 	Convey("make controller", t, func() {
-		port := GetFreePort()
-		baseURL := GetBaseURL(port)
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
 
 		conf := config.New()
 		conf.HTTP.Port = port
@@ -404,7 +404,7 @@ func TestUploadMultiarchImage(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		ctlrManager := NewControllerManager(ctlr)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
@@ -474,8 +474,8 @@ func TestUploadMultiarchImage(t *testing.T) {
 
 func TestInjectUploadImageWithBasicAuth(t *testing.T) {
 	Convey("Inject failures for unreachable lines", t, func() {
-		port := GetFreePort()
-		baseURL := GetBaseURL(port)
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
 
 		tempDir := t.TempDir()
 		conf := config.New()
@@ -484,8 +484,8 @@ func TestInjectUploadImageWithBasicAuth(t *testing.T) {
 
 		user := "user"
 		password := "password"
-		testString := GetCredString(user, password)
-		htpasswdPath := MakeHtpasswdFileFromString(testString)
+		testString := tcommon.GetCredString(user, password)
+		htpasswdPath := tcommon.MakeHtpasswdFileFromString(testString)
 		defer os.Remove(htpasswdPath)
 		conf.HTTP.Auth = &config.AuthConfig{
 			HTPasswd: config.AuthHTPasswd{
@@ -495,7 +495,7 @@ func TestInjectUploadImageWithBasicAuth(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		ctlrManager := NewControllerManager(ctlr)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 

pkg/test/image-utils/utils.go

@@ -1,6 +1,10 @@
 package image
 
 import (
+	"crypto/rand"
+	"encoding/json"
+	"log"
+	"math/big"
 	mathRand "math/rand"
 	"os"
 	"path/filepath"
@@ -9,7 +13,7 @@ import (
 	godigest "github.com/opencontainers/go-digest"
 	ispec "github.com/opencontainers/image-spec/specs-go/v1"
 
-	testc "zotregistry.io/zot/pkg/test/common"
+	tcommon "zotregistry.io/zot/pkg/test/common"
 )
 
 var vulnerableLayer []byte //nolint: gochecknoglobals
@@ -26,7 +30,7 @@ func GetLayerWithVulnerability() ([]byte, error) {
 		return vulnerableLayer, nil
 	}
 
-	projectRootDir, err := testc.GetProjectRootDir()
+	projectRootDir, err := tcommon.GetProjectRootDir()
 	if err != nil {
 		return nil, err
 	}
@@ -127,3 +131,66 @@ func GetDefaultVulnConfig() ispec.Image {
 		},
 	}
 }
+
+// Adapted from https://gist.github.com/dopey/c69559607800d2f2f90b1b1ed4e550fb
+func RandomString(n int) string {
+	const letters = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-"
+
+	ret := make([]byte, n)
+
+	for count := 0; count < n; count++ {
+		num, err := rand.Int(rand.Reader, big.NewInt(int64(len(letters))))
+		if err != nil {
+			panic(err)
+		}
+
+		ret[count] = letters[num.Int64()]
+	}
+
+	return string(ret)
+}
+
+func GetRandomImageConfig() ([]byte, godigest.Digest) {
+	const maxLen = 16
+
+	randomAuthor := RandomString(maxLen)
+
+	config := ispec.Image{
+		Platform: ispec.Platform{
+			Architecture: "amd64",
+			OS:           "linux",
+		},
+		RootFS: ispec.RootFS{
+			Type:    "layers",
+			DiffIDs: []godigest.Digest{},
+		},
+		Author: randomAuthor,
+	}
+
+	configBlobContent, err := json.MarshalIndent(&config, "", "\t")
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	configBlobDigestRaw := godigest.FromBytes(configBlobContent)
+
+	return configBlobContent, configBlobDigestRaw
+}
+
+func GetIndexBlobWithManifests(manifestDigests []godigest.Digest) ([]byte, error) {
+	manifests := make([]ispec.Descriptor, 0, len(manifestDigests))
+
+	for _, manifestDigest := range manifestDigests {
+		manifests = append(manifests, ispec.Descriptor{
+			Digest:    manifestDigest,
+			MediaType: ispec.MediaTypeImageManifest,
+		})
+	}
+
+	indexContent := ispec.Index{
+		MediaType: ispec.MediaTypeImageIndex,
+		Manifests: manifests,
+	}
+
+	return json.Marshal(indexContent)
+}

pkg/test/image-utils/write.go

@@ -0,0 +1,83 @@
+package image
+
+import (
+	"bytes"
+	"encoding/json"
+
+	godigest "github.com/opencontainers/go-digest"
+	ispec "github.com/opencontainers/image-spec/specs-go/v1"
+
+	stypes "zotregistry.io/zot/pkg/storage/types"
+)
+
+func WriteImageToFileSystem(image Image, repoName, ref string, storeController stypes.StoreController) error {
+	store := storeController.GetImageStore(repoName)
+
+	err := store.InitRepo(repoName)
+	if err != nil {
+		return err
+	}
+
+	for _, layerBlob := range image.Layers {
+		layerReader := bytes.NewReader(layerBlob)
+		layerDigest := godigest.FromBytes(layerBlob)
+
+		_, _, err = store.FullBlobUpload(repoName, layerReader, layerDigest)
+		if err != nil {
+			return err
+		}
+	}
+
+	configBlob, err := json.Marshal(image.Config)
+	if err != nil {
+		return err
+	}
+
+	configReader := bytes.NewReader(configBlob)
+	configDigest := godigest.FromBytes(configBlob)
+
+	_, _, err = store.FullBlobUpload(repoName, configReader, configDigest)
+	if err != nil {
+		return err
+	}
+
+	manifestBlob, err := json.Marshal(image.Manifest)
+	if err != nil {
+		return err
+	}
+
+	_, _, err = store.PutImageManifest(repoName, ref, ispec.MediaTypeImageManifest, manifestBlob)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func WriteMultiArchImageToFileSystem(multiarchImage MultiarchImage, repoName, ref string,
+	storeController stypes.StoreController,
+) error {
+	store := storeController.GetImageStore(repoName)
+
+	err := store.InitRepo(repoName)
+	if err != nil {
+		return err
+	}
+
+	for _, image := range multiarchImage.Images {
+		err := WriteImageToFileSystem(image, repoName, image.DigestStr(), storeController)
+		if err != nil {
+			return err
+		}
+	}
+
+	indexBlob, err := json.Marshal(multiarchImage.Index)
+	if err != nil {
+		return err
+	}
+
+	_, _, err = store.PutImageManifest(repoName, ref, ispec.MediaTypeImageIndex,
+		indexBlob)
+
+	return err
+}

pkg/test/image-utils/write_test.go

@@ -0,0 +1,78 @@
+package image_test
+
+import (
+	"errors"
+	"io"
+	"testing"
+
+	godigest "github.com/opencontainers/go-digest"
+	. "github.com/smartystreets/goconvey/convey"
+
+	"zotregistry.io/zot/pkg/storage"
+	. "zotregistry.io/zot/pkg/test/image-utils"
+	"zotregistry.io/zot/pkg/test/mocks"
+)
+
+var ErrTestError = errors.New("ErrTestError")
+
+func TestWriteImageToFileSystem(t *testing.T) {
+	Convey("WriteImageToFileSystem errors", t, func() {
+		err := WriteImageToFileSystem(Image{}, "repo", "dig", storage.StoreController{
+			DefaultStore: mocks.MockedImageStore{
+				InitRepoFn: func(name string) error {
+					return ErrTestError
+				},
+			},
+		})
+		So(err, ShouldNotBeNil)
+
+		err = WriteImageToFileSystem(
+			Image{Layers: [][]byte{[]byte("testLayer")}},
+			"repo",
+			"tag",
+			storage.StoreController{
+				DefaultStore: mocks.MockedImageStore{
+					FullBlobUploadFn: func(repo string, body io.Reader, digest godigest.Digest,
+					) (string, int64, error) {
+						return "", 0, ErrTestError
+					},
+				},
+			})
+		So(err, ShouldNotBeNil)
+
+		count := 0
+		err = WriteImageToFileSystem(
+			Image{Layers: [][]byte{[]byte("testLayer")}},
+			"repo",
+			"tag",
+			storage.StoreController{
+				DefaultStore: mocks.MockedImageStore{
+					FullBlobUploadFn: func(repo string, body io.Reader, digest godigest.Digest,
+					) (string, int64, error) {
+						if count == 0 {
+							count++
+
+							return "", 0, nil
+						}
+
+						return "", 0, ErrTestError
+					},
+				},
+			})
+		So(err, ShouldNotBeNil)
+
+		err = WriteImageToFileSystem(
+			Image{Layers: [][]byte{[]byte("testLayer")}},
+			"repo",
+			"tag",
+			storage.StoreController{
+				DefaultStore: mocks.MockedImageStore{
+					PutImageManifestFn: func(repo, reference, mediaType string, body []byte,
+					) (godigest.Digest, godigest.Digest, error) {
+						return "", "", ErrTestError
+					},
+				},
+			})
+		So(err, ShouldNotBeNil)
+	})
+}

pkg/test/oci-utils/oci_layout.go

@@ -1,7 +1,7 @@
 //go:build sync && scrub && metrics && search
 // +build sync,scrub,metrics,search
 
-package ocilayout
+package ociutils
 
 import (
 	"encoding/json"
@@ -21,7 +21,7 @@ import (
 	"zotregistry.io/zot/pkg/extensions/search/convert"
 	cvemodel "zotregistry.io/zot/pkg/extensions/search/cve/model"
 	"zotregistry.io/zot/pkg/log"
-	"zotregistry.io/zot/pkg/storage"
+	stypes "zotregistry.io/zot/pkg/storage/types"
 )
 
 type OciUtils interface { //nolint: interfacebloat
@@ -44,11 +44,11 @@ type OciUtils interface { //nolint: interfacebloat
 // OciLayoutInfo ...
 type BaseOciLayoutUtils struct {
 	Log             log.Logger
-	StoreController storage.StoreController
+	StoreController stypes.StoreController
 }
 
 // NewBaseOciLayoutUtils initializes a new OciLayoutUtils object.
-func NewBaseOciLayoutUtils(storeController storage.StoreController, log log.Logger) *BaseOciLayoutUtils {
+func NewBaseOciLayoutUtils(storeController stypes.StoreController, log log.Logger) *BaseOciLayoutUtils {
 	return &BaseOciLayoutUtils{Log: log, StoreController: storeController}
 }
 
@@ -76,8 +76,8 @@ func (olu BaseOciLayoutUtils) GetImageManifest(repo string, reference string) (i
 
 // Provide a list of repositories from all the available image stores.
 func (olu BaseOciLayoutUtils) GetRepositories() ([]string, error) {
-	defaultStore := olu.StoreController.DefaultStore
-	substores := olu.StoreController.SubStore
+	defaultStore := olu.StoreController.GetDefaultImageStore()
+	substores := olu.StoreController.GetImageSubStores()
 
 	repoList, err := defaultStore.GetRepositories()
 	if err != nil {

pkg/test/oci-utils/oci_layout_test.go

@@ -1,7 +1,7 @@
 //go:build sync && scrub && metrics && search
 // +build sync,scrub,metrics,search
 
-package ocilayout_test
+package ociutils_test
 
 import (
 	"encoding/json"
@@ -24,10 +24,11 @@ import (
 	"zotregistry.io/zot/pkg/log"
 	"zotregistry.io/zot/pkg/storage"
 	"zotregistry.io/zot/pkg/storage/local"
-	. "zotregistry.io/zot/pkg/test"
+	tcommon "zotregistry.io/zot/pkg/test/common"
 	. "zotregistry.io/zot/pkg/test/image-utils"
 	"zotregistry.io/zot/pkg/test/mocks"
-	ocilayout "zotregistry.io/zot/pkg/test/oci-layout"
+	ociutils "zotregistry.io/zot/pkg/test/oci-utils"
+	signature "zotregistry.io/zot/pkg/test/signature"
 )
 
 var ErrTestError = fmt.Errorf("testError")
@@ -41,7 +42,7 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		}
 
 		storeController := storage.StoreController{DefaultStore: mockStoreController}
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		size := olu.GetImageManifestSize("", "")
 		So(size, ShouldBeZeroValue)
@@ -55,7 +56,7 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		}
 
 		storeController := storage.StoreController{DefaultStore: mockStoreController}
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		size := olu.GetImageConfigSize("", "")
 		So(size, ShouldBeZeroValue)
@@ -93,7 +94,7 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		}
 
 		storeController := storage.StoreController{DefaultStore: mockStoreController}
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		size := olu.GetImageConfigSize("", "")
 		So(size, ShouldBeZeroValue)
@@ -107,7 +108,7 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		}
 
 		storeController := storage.StoreController{DefaultStore: mockStoreController}
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		_, err := olu.GetRepoLastUpdated("")
 		So(err, ShouldNotBeNil)
@@ -133,7 +134,7 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		}
 
 		storeController := storage.StoreController{DefaultStore: mockStoreController}
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		_, err = olu.GetImageTagsWithTimestamp("rep")
 		So(err, ShouldNotBeNil)
@@ -177,7 +178,7 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		}
 
 		storeController := storage.StoreController{DefaultStore: mockStoreController}
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		_, err = olu.GetImageTagsWithTimestamp("repo")
 		So(err, ShouldNotBeNil)
@@ -220,7 +221,7 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		}
 
 		storeController := storage.StoreController{DefaultStore: mockStoreController}
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		_, err = olu.GetExpandedRepoInfo("rep")
 		So(err, ShouldNotBeNil)
@@ -233,7 +234,7 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		}
 
 		storeController = storage.StoreController{DefaultStore: mockStoreController}
-		olu = ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu = ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		_, err = olu.GetExpandedRepoInfo("rep")
 		So(err, ShouldNotBeNil)
@@ -250,7 +251,7 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		}
 
 		storeController = storage.StoreController{DefaultStore: mockStoreController}
-		olu = ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu = ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		_, err = olu.GetExpandedRepoInfo("rep")
 		So(err, ShouldBeNil)
@@ -264,7 +265,7 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		}
 
 		storeController := storage.StoreController{DefaultStore: mockStoreController}
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		_, err := olu.GetImageInfo("", "")
 		So(err, ShouldNotBeNil)
@@ -282,7 +283,7 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		}
 
 		storeController := storage.StoreController{DefaultStore: mockStoreController}
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, log.NewLogger("debug", ""))
 
 		check := olu.CheckManifestSignature("rep", godigest.FromString(""))
 		So(check, ShouldBeFalse)
@@ -290,8 +291,8 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		// checkNotarySignature -> true
 		dir := t.TempDir()
 
-		port := GetFreePort()
-		baseURL := GetBaseURL(port)
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
 		conf := config.New()
 		conf.HTTP.Port = port
 		conf.Storage.RootDirectory = dir
@@ -304,31 +305,19 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 
 		ctlr := api.NewController(conf)
 
-		ctlrManager := NewControllerManager(ctlr)
+		ctlrManager := tcommon.NewControllerManager(ctlr)
 		ctlrManager.StartAndWait(port)
 		defer ctlrManager.StopServer()
 
 		// push test image to repo
-		config, layers, manifest, err := GetImageComponents(100) //nolint:staticcheck
-		So(err, ShouldBeNil)
-
-		layersSize1 := 0
-		for _, l := range layers {
-			layersSize1 += len(l)
-		}
+		image := CreateRandomImage()
 
 		repo := "repo"
 		tag := "1.0.1"
-		err = UploadImage(
-			Image{
-				Manifest: manifest,
-				Config:   config,
-				Layers:   layers,
-			}, baseURL, repo, tag,
-		)
+		err := UploadImage(image, baseURL, repo, tag)
 		So(err, ShouldBeNil)
 
-		olu = ocilayout.NewBaseOciLayoutUtils(ctlr.StoreController, log.NewLogger("debug", ""))
+		olu = ociutils.NewBaseOciLayoutUtils(ctlr.StoreController, log.NewLogger("debug", ""))
 		manifestList, err := olu.GetImageManifests(repo)
 		So(err, ShouldBeNil)
 		So(len(manifestList), ShouldEqual, 1)
@@ -336,7 +325,7 @@ func TestBaseOciLayoutUtils(t *testing.T) {
 		isSigned := olu.CheckManifestSignature(repo, manifestList[0].Digest)
 		So(isSigned, ShouldBeFalse)
 
-		err = SignImageUsingNotary(fmt.Sprintf("%s:%s", repo, tag), port)
+		err = signature.SignImageUsingNotary(fmt.Sprintf("%s:%s", repo, tag), port)
 		So(err, ShouldBeNil)
 
 		isSigned = olu.CheckManifestSignature(repo, manifestList[0].Digest)
@@ -355,27 +344,15 @@ func TestExtractImageDetails(t *testing.T) {
 			DefaultStore: imageStore,
 		}
 
-		num := 10
-		config, layers, manifest, err := GetImageComponents(num) //nolint:staticcheck
+		image := CreateRandomImage()
+
+		err := WriteImageToFileSystem(image, "zot-test", "latest", storeController)
 		So(err, ShouldBeNil)
 
-		err = WriteImageToFileSystem(
-			Image{
-				Manifest: manifest,
-				Layers:   layers,
-				Config:   config,
-			}, "zot-test", "latest", storeController,
-		)
-		So(err, ShouldBeNil)
-
-		configBlob, err := json.Marshal(config)
-		So(err, ShouldBeNil)
-		configDigest := godigest.FromBytes(configBlob)
-
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, testLogger)
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, testLogger)
 		resDigest, resManifest, resIspecImage, resErr := olu.ExtractImageDetails("zot-test", "latest", testLogger)
-		So(string(resDigest), ShouldContainSubstring, "sha256:8492645f16")
-		So(resManifest.Config.Digest.String(), ShouldContainSubstring, configDigest.Encoded())
+		So(string(resDigest), ShouldEqual, image.ManifestDescriptor.Digest.String())
+		So(resManifest.Config.Digest.String(), ShouldEqual, image.ConfigDescriptor.Digest.String())
 
 		So(resIspecImage.Architecture, ShouldContainSubstring, "amd64")
 		So(resErr, ShouldBeNil)
@@ -391,7 +368,7 @@ func TestExtractImageDetails(t *testing.T) {
 			DefaultStore: imageStore,
 		}
 
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, testLogger)
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, testLogger)
 		resDigest, resManifest, resIspecImage, resErr := olu.ExtractImageDetails("zot-test",
 			"latest", testLogger)
 		So(resErr, ShouldEqual, zerr.ErrRepoNotFound)
@@ -411,29 +388,17 @@ func TestExtractImageDetails(t *testing.T) {
 			DefaultStore: imageStore,
 		}
 
-		num := 10
-		config, layers, manifest, err := GetImageComponents(num) //nolint:staticcheck
+		image := CreateRandomImage()
+
+		err := WriteImageToFileSystem(image, "zot-test", "latest", storeController)
 		So(err, ShouldBeNil)
 
-		err = WriteImageToFileSystem(
-			Image{
-				Manifest: manifest,
-				Layers:   layers,
-				Config:   config,
-			}, "zot-test", "latest", storeController,
-		)
-		So(err, ShouldBeNil)
-
-		configBlob, err := json.Marshal(config)
-		So(err, ShouldBeNil)
-		configDigest := godigest.FromBytes(configBlob)
-
-		err = os.Remove(path.Join(dir, "zot-test/blobs/sha256", configDigest.Encoded()))
+		err = os.Remove(path.Join(dir, "zot-test/blobs/sha256", image.ConfigDescriptor.Digest.Encoded()))
 		if err != nil {
 			panic(err)
 		}
 
-		olu := ocilayout.NewBaseOciLayoutUtils(storeController, testLogger)
+		olu := ociutils.NewBaseOciLayoutUtils(storeController, testLogger)
 		resDigest, resManifest, resIspecImage, resErr := olu.ExtractImageDetails("zot-test", "latest", testLogger)
 		So(resErr, ShouldEqual, zerr.ErrBlobNotFound)
 		So(string(resDigest), ShouldEqual, "")
@@ -481,7 +446,7 @@ func TestTagsInfo(t *testing.T) {
 
 		allTags = append(allTags, firstTag, secondTag, thirdTag, fourthTag)
 
-		latestTag := ocilayout.GetLatestTag(allTags)
+		latestTag := ociutils.GetLatestTag(allTags)
 		So(latestTag.Tag, ShouldEqual, "1.0.3")
 	})
 }

pkg/test/oci-utils/repo.go

@@ -1,4 +1,4 @@
-package test
+package ociutils
 
 import (
 	ispec "github.com/opencontainers/image-spec/specs-go/v1"

pkg/test/oci-utils/store.go

@@ -0,0 +1,30 @@
+package ociutils
+
+import (
+	godigest "github.com/opencontainers/go-digest"
+
+	"zotregistry.io/zot/pkg/extensions/monitoring"
+	zLog "zotregistry.io/zot/pkg/log"
+	"zotregistry.io/zot/pkg/storage"
+	"zotregistry.io/zot/pkg/storage/local"
+	stypes "zotregistry.io/zot/pkg/storage/types"
+	"zotregistry.io/zot/pkg/test/mocks"
+)
+
+func GetDefaultImageStore(rootDir string, log zLog.Logger) stypes.ImageStore {
+	return local.NewImageStore(rootDir, false, false, log,
+		monitoring.NewMetricsServer(false, log),
+		mocks.MockedLint{
+			LintFn: func(repo string, manifestDigest godigest.Digest, imageStore stypes.ImageStore) (bool, error) {
+				return true, nil
+			},
+		},
+		mocks.CacheMock{},
+	)
+}
+
+func GetDefaultStoreController(rootDir string, log zLog.Logger) stypes.StoreController {
+	return storage.StoreController{
+		DefaultStore: GetDefaultImageStore(rootDir, log),
+	}
+}

pkg/test/signature/cosign.go

@@ -0,0 +1,71 @@
+package signature
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"os"
+	"path"
+	"time"
+
+	godigest "github.com/opencontainers/go-digest"
+	ispec "github.com/opencontainers/image-spec/specs-go/v1"
+	"github.com/sigstore/cosign/v2/cmd/cosign/cli/generate"
+	"github.com/sigstore/cosign/v2/cmd/cosign/cli/options"
+	"github.com/sigstore/cosign/v2/cmd/cosign/cli/sign"
+)
+
+func GetCosignSignatureTagForManifest(manifest ispec.Manifest) (string, error) {
+	manifestBlob, err := json.Marshal(manifest)
+	if err != nil {
+		return "", err
+	}
+
+	manifestDigest := godigest.FromBytes(manifestBlob)
+
+	return GetCosignSignatureTagForDigest(manifestDigest), nil
+}
+
+func GetCosignSignatureTagForDigest(manifestDigest godigest.Digest) string {
+	return manifestDigest.Algorithm().String() + "-" + manifestDigest.Encoded() + ".sig"
+}
+
+func SignImageUsingCosign(repoTag, port string) error {
+	cwd, err := os.Getwd()
+	if err != nil {
+		return err
+	}
+
+	defer func() { _ = os.Chdir(cwd) }()
+
+	tdir, err := os.MkdirTemp("", "cosign")
+	if err != nil {
+		return err
+	}
+
+	defer os.RemoveAll(tdir)
+
+	_ = os.Chdir(tdir)
+
+	// generate a keypair
+	os.Setenv("COSIGN_PASSWORD", "")
+
+	err = generate.GenerateKeyPairCmd(context.TODO(), "", "cosign", nil)
+	if err != nil {
+		return err
+	}
+
+	imageURL := fmt.Sprintf("localhost:%s/%s", port, repoTag)
+
+	const timeoutPeriod = 5
+
+	// sign the image
+	return sign.SignCmd(&options.RootOptions{Verbose: true, Timeout: timeoutPeriod * time.Minute},
+		options.KeyOpts{KeyRef: path.Join(tdir, "cosign.key"), PassFunc: generate.GetPass},
+		options.SignOptions{
+			Registry:          options.RegistryOptions{AllowInsecure: true},
+			AnnotationOptions: options.AnnotationOptions{Annotations: []string{"tag=1.0"}},
+			Upload:            true,
+		},
+		[]string{imageURL})
+}

pkg/test/signature/notation.go

@@ -0,0 +1,469 @@
+package signature
+
+import (
+	"context"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/json"
+	"encoding/pem"
+	"errors"
+	"fmt"
+	"io/fs"
+	"math"
+	"os"
+	"path"
+	"path/filepath"
+	"strings"
+	"sync"
+
+	"github.com/notaryproject/notation-core-go/signature/jws"
+	"github.com/notaryproject/notation-core-go/testhelper"
+	"github.com/notaryproject/notation-go"
+	notconfig "github.com/notaryproject/notation-go/config"
+	"github.com/notaryproject/notation-go/dir"
+	notreg "github.com/notaryproject/notation-go/registry"
+	"github.com/notaryproject/notation-go/signer"
+	"github.com/notaryproject/notation-go/verifier"
+	godigest "github.com/opencontainers/go-digest"
+	ispec "github.com/opencontainers/image-spec/specs-go/v1"
+	"oras.land/oras-go/v2/registry"
+	"oras.land/oras-go/v2/registry/remote"
+	"oras.land/oras-go/v2/registry/remote/auth"
+
+	tcommon "zotregistry.io/zot/pkg/test/common"
+)
+
+var (
+	ErrAlreadyExists         = errors.New("already exists")
+	ErrKeyNotFound           = errors.New("key not found")
+	ErrSignatureVerification = errors.New("signature verification failed")
+)
+
+var NotationPathLock = new(sync.Mutex) //nolint: gochecknoglobals
+
+func LoadNotationPath(tdir string) {
+	dir.UserConfigDir = filepath.Join(tdir, "notation")
+
+	// set user libexec
+	dir.UserLibexecDir = dir.UserConfigDir
+}
+
+func GenerateNotationCerts(tdir string, certName string) error {
+	// generate RSA private key
+	bits := 2048
+
+	key, err := rsa.GenerateKey(rand.Reader, bits)
+	if err != nil {
+		return err
+	}
+
+	keyBytes, err := x509.MarshalPKCS8PrivateKey(key)
+	if err != nil {
+		return err
+	}
+
+	keyPEM := pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: keyBytes})
+
+	rsaCertTuple := testhelper.GetRSASelfSignedCertTupleWithPK(key, "cert")
+
+	certBytes := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: rsaCertTuple.Cert.Raw})
+
+	// write private key
+	relativeKeyPath, relativeCertPath := dir.LocalKeyPath(certName)
+
+	configFS := dir.ConfigFS()
+
+	keyPath, err := configFS.SysPath(relativeKeyPath)
+	if err != nil {
+		return err
+	}
+
+	certPath, err := configFS.SysPath(relativeCertPath)
+	if err != nil {
+		return err
+	}
+
+	if err := tcommon.WriteFileWithPermission(keyPath, keyPEM, 0o600, false); err != nil { //nolint:gomnd
+		return fmt.Errorf("failed to write key file: %w", err)
+	}
+
+	// write self-signed certificate
+	if err := tcommon.WriteFileWithPermission(certPath, certBytes, 0o644, false); err != nil { //nolint:gomnd
+		return fmt.Errorf("failed to write certificate file: %w", err)
+	}
+
+	signingKeys, err := notconfig.LoadSigningKeys()
+	if err != nil {
+		return err
+	}
+
+	keySuite := notconfig.KeySuite{
+		Name: certName,
+		X509KeyPair: &notconfig.X509KeyPair{
+			KeyPath:         keyPath,
+			CertificatePath: certPath,
+		},
+	}
+
+	// addKeyToSigningKeys
+	if tcommon.Contains(signingKeys.Keys, keySuite.Name) {
+		return ErrAlreadyExists
+	}
+
+	signingKeys.Keys = append(signingKeys.Keys, keySuite)
+
+	// Add to the trust store
+	trustStorePath := path.Join(tdir, fmt.Sprintf("notation/truststore/x509/ca/%s", certName))
+
+	if _, err := os.Stat(filepath.Join(trustStorePath, filepath.Base(certPath))); err == nil {
+		return ErrAlreadyExists
+	}
+
+	if err := os.MkdirAll(trustStorePath, 0o755); err != nil { //nolint:gomnd
+		return fmt.Errorf("GenerateNotationCerts os.MkdirAll failed: %w", err)
+	}
+
+	trustCertPath := path.Join(trustStorePath, fmt.Sprintf("%s%s", certName, dir.LocalCertificateExtension))
+
+	err = tcommon.CopyFile(certPath, trustCertPath)
+	if err != nil {
+		return err
+	}
+
+	// Save to the SigningKeys.json
+	if err := signingKeys.Save(); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func SignWithNotation(keyName string, reference string, tdir string) error {
+	ctx := context.TODO()
+
+	// getSigner
+	var newSigner notation.Signer
+
+	mediaType := jws.MediaTypeEnvelope
+
+	// ResolveKey
+	signingKeys, err := LoadNotationSigningkeys(tdir)
+	if err != nil {
+		return err
+	}
+
+	idx := tcommon.Index(signingKeys.Keys, keyName)
+	if idx < 0 {
+		return ErrKeyNotFound
+	}
+
+	key := signingKeys.Keys[idx]
+
+	if key.X509KeyPair != nil {
+		newSigner, err = signer.NewFromFiles(key.X509KeyPair.KeyPath, key.X509KeyPair.CertificatePath)
+		if err != nil {
+			return err
+		}
+	}
+
+	// prepareSigningContent
+	// getRepositoryClient
+	authClient := &auth.Client{
+		Credential: func(ctx context.Context, reg string) (auth.Credential, error) {
+			return auth.EmptyCredential, nil
+		},
+		Cache:    auth.NewCache(),
+		ClientID: "notation",
+	}
+
+	authClient.SetUserAgent("notation/zot_tests")
+
+	plainHTTP := true
+
+	// Resolve referance
+	ref, err := registry.ParseReference(reference)
+	if err != nil {
+		return err
+	}
+
+	remoteRepo := &remote.Repository{
+		Client:    authClient,
+		Reference: ref,
+		PlainHTTP: plainHTTP,
+	}
+
+	repositoryOpts := notreg.RepositoryOptions{}
+
+	sigRepo := notreg.NewRepositoryWithOptions(remoteRepo, repositoryOpts)
+
+	sigOpts := notation.SignOptions{
+		SignerSignOptions: notation.SignerSignOptions{
+			SignatureMediaType: mediaType,
+			PluginConfig:       map[string]string{},
+		},
+		ArtifactReference: ref.String(),
+	}
+
+	_, err = notation.Sign(ctx, newSigner, sigRepo, sigOpts)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func VerifyWithNotation(reference string, tdir string) error {
+	// check if trustpolicy.json exists
+	trustpolicyPath := path.Join(tdir, "notation/trustpolicy.json")
+
+	if _, err := os.Stat(trustpolicyPath); errors.Is(err, os.ErrNotExist) {
+		trustPolicy := `
+			{
+				"version": "1.0",
+				"trustPolicies": [
+					{
+						"name": "good",
+						"registryScopes": [ "*" ],
+						"signatureVerification": {
+							"level" : "audit" 
+						},
+						"trustStores": ["ca:good"],
+						"trustedIdentities": [
+							"*"
+						]
+					}
+				]
+			}`
+
+		file, err := os.Create(trustpolicyPath)
+		if err != nil {
+			return err
+		}
+
+		defer file.Close()
+
+		_, err = file.WriteString(trustPolicy)
+		if err != nil {
+			return err
+		}
+	}
+
+	// start verifying signatures
+	ctx := context.TODO()
+
+	// getRepositoryClient
+	authClient := &auth.Client{
+		Credential: func(ctx context.Context, reg string) (auth.Credential, error) {
+			return auth.EmptyCredential, nil
+		},
+		Cache:    auth.NewCache(),
+		ClientID: "notation",
+	}
+
+	authClient.SetUserAgent("notation/zot_tests")
+
+	plainHTTP := true
+
+	// Resolve referance
+	ref, err := registry.ParseReference(reference)
+	if err != nil {
+		return err
+	}
+
+	remoteRepo := &remote.Repository{
+		Client:    authClient,
+		Reference: ref,
+		PlainHTTP: plainHTTP,
+	}
+
+	repositoryOpts := notreg.RepositoryOptions{}
+
+	repo := notreg.NewRepositoryWithOptions(remoteRepo, repositoryOpts)
+
+	manifestDesc, err := repo.Resolve(ctx, ref.Reference)
+	if err != nil {
+		return err
+	}
+
+	if err := ref.ValidateReferenceAsDigest(); err != nil {
+		ref.Reference = manifestDesc.Digest.String()
+	}
+
+	// getVerifier
+	newVerifier, err := verifier.NewFromConfig()
+	if err != nil {
+		return err
+	}
+
+	remoteRepo = &remote.Repository{
+		Client:    authClient,
+		Reference: ref,
+		PlainHTTP: plainHTTP,
+	}
+
+	repo = notreg.NewRepositoryWithOptions(remoteRepo, repositoryOpts)
+
+	configs := map[string]string{}
+
+	verifyOpts := notation.VerifyOptions{
+		ArtifactReference:    ref.String(),
+		PluginConfig:         configs,
+		MaxSignatureAttempts: math.MaxInt64,
+	}
+
+	_, outcomes, err := notation.Verify(ctx, newVerifier, repo, verifyOpts)
+	if err != nil || len(outcomes) == 0 {
+		return ErrSignatureVerification
+	}
+
+	return nil
+}
+
+func ListNotarySignatures(reference string, tdir string) ([]godigest.Digest, error) {
+	signatures := []godigest.Digest{}
+
+	ctx := context.TODO()
+
+	// getSignatureRepository
+	ref, err := registry.ParseReference(reference)
+	if err != nil {
+		return signatures, err
+	}
+
+	plainHTTP := true
+
+	// getRepositoryClient
+	authClient := &auth.Client{
+		Credential: func(ctx context.Context, registry string) (auth.Credential, error) {
+			return auth.EmptyCredential, nil
+		},
+		Cache:    auth.NewCache(),
+		ClientID: "notation",
+	}
+
+	authClient.SetUserAgent("notation/zot_tests")
+
+	remoteRepo := &remote.Repository{
+		Client:    authClient,
+		Reference: ref,
+		PlainHTTP: plainHTTP,
+	}
+
+	sigRepo := notreg.NewRepository(remoteRepo)
+
+	artifactDesc, err := sigRepo.Resolve(ctx, reference)
+	if err != nil {
+		return signatures, err
+	}
+
+	err = sigRepo.ListSignatures(ctx, artifactDesc, func(signatureManifests []ispec.Descriptor) error {
+		for _, sigManifestDesc := range signatureManifests {
+			signatures = append(signatures, sigManifestDesc.Digest)
+		}
+
+		return nil
+	})
+
+	return signatures, err
+}
+
+func LoadNotationSigningkeys(tdir string) (*notconfig.SigningKeys, error) {
+	var err error
+
+	var signingKeysInfo *notconfig.SigningKeys
+
+	filePath := path.Join(tdir, "notation/signingkeys.json")
+
+	file, err := os.Open(filePath)
+	if err != nil {
+		if errors.Is(err, fs.ErrNotExist) {
+			// create file
+			newSigningKeys := notconfig.NewSigningKeys()
+
+			newFile, err := os.Create(filePath)
+			if err != nil {
+				return newSigningKeys, err
+			}
+
+			defer newFile.Close()
+
+			encoder := json.NewEncoder(newFile)
+			encoder.SetIndent("", "    ")
+
+			err = encoder.Encode(newSigningKeys)
+
+			return newSigningKeys, err
+		}
+
+		return nil, err
+	}
+
+	defer file.Close()
+
+	err = json.NewDecoder(file).Decode(&signingKeysInfo)
+
+	return signingKeysInfo, err
+}
+
+func LoadNotationConfig(tdir string) (*notconfig.Config, error) {
+	var configInfo *notconfig.Config
+
+	filePath := path.Join(tdir, "notation/signingkeys.json")
+
+	file, err := os.Open(filePath)
+	if err != nil {
+		return configInfo, err
+	}
+
+	defer file.Close()
+
+	err = json.NewDecoder(file).Decode(&configInfo)
+	if err != nil {
+		return configInfo, err
+	}
+
+	// set default value
+	configInfo.SignatureFormat = strings.ToLower(configInfo.SignatureFormat)
+	if configInfo.SignatureFormat == "" {
+		configInfo.SignatureFormat = "jws"
+	}
+
+	return configInfo, nil
+}
+
+func SignImageUsingNotary(repoTag, port string) error {
+	cwd, err := os.Getwd()
+	if err != nil {
+		return err
+	}
+
+	defer func() { _ = os.Chdir(cwd) }()
+
+	tdir, err := os.MkdirTemp("", "notation")
+	if err != nil {
+		return err
+	}
+
+	defer os.RemoveAll(tdir)
+
+	_ = os.Chdir(tdir)
+
+	NotationPathLock.Lock()
+	defer NotationPathLock.Unlock()
+
+	LoadNotationPath(tdir)
+
+	// generate a keypair
+	err = GenerateNotationCerts(tdir, "notation-sign-test")
+	if err != nil {
+		return err
+	}
+
+	// sign the image
+	image := fmt.Sprintf("localhost:%s/%s", port, repoTag)
+
+	err = SignWithNotation("notation-sign-test", image, tdir)
+
+	return err
+}

pkg/test/signature/notation_test.go

@@ -0,0 +1,464 @@
+//go:build sync && scrub && metrics && search
+// +build sync,scrub,metrics,search
+
+package signature_test
+
+import (
+	"encoding/json"
+	"fmt"
+	"os"
+	"path"
+	"testing"
+
+	notconfig "github.com/notaryproject/notation-go/config"
+	. "github.com/smartystreets/goconvey/convey"
+
+	"zotregistry.io/zot/pkg/api"
+	"zotregistry.io/zot/pkg/api/config"
+	tcommon "zotregistry.io/zot/pkg/test/common"
+	. "zotregistry.io/zot/pkg/test/image-utils"
+	signature "zotregistry.io/zot/pkg/test/signature"
+)
+
+func TestLoadNotationSigningkeys(t *testing.T) {
+	Convey("notation directory doesn't exist", t, func() {
+		_, err := signature.LoadNotationSigningkeys(t.TempDir())
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("wrong content of signingkeys.json", t, func() {
+		tempDir := t.TempDir()
+		dir := path.Join(tempDir, "notation")
+		err := os.Mkdir(dir, 0o777)
+		So(err, ShouldBeNil)
+
+		filePath := path.Join(dir, "signingkeys.json")
+		err = os.WriteFile(filePath, []byte("some dummy file content"), 0o666) //nolint: gosec
+		So(err, ShouldBeNil)
+
+		_, err = signature.LoadNotationSigningkeys(tempDir)
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("not enough permissions to access signingkeys.json", t, func() {
+		tempDir := t.TempDir()
+		dir := path.Join(tempDir, "notation")
+		err := os.Mkdir(dir, 0o777)
+		So(err, ShouldBeNil)
+
+		filePath := path.Join(dir, "signingkeys.json")
+		err = os.WriteFile(filePath, []byte("some dummy file content"), 0o300) //nolint: gosec
+		So(err, ShouldBeNil)
+
+		_, err = signature.LoadNotationSigningkeys(tempDir)
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("signingkeys.json not exists so it is created successfully", t, func() {
+		tempDir := t.TempDir()
+		dir := path.Join(tempDir, "notation")
+		err := os.Mkdir(dir, 0o777)
+		So(err, ShouldBeNil)
+
+		_, err = signature.LoadNotationSigningkeys(tempDir)
+		So(err, ShouldBeNil)
+	})
+
+	Convey("signingkeys.json not exists - error trying to create it", t, func() {
+		tempDir := t.TempDir()
+		dir := path.Join(tempDir, "notation")
+		// create notation directory without write permissions
+		err := os.Mkdir(dir, 0o555)
+		So(err, ShouldBeNil)
+
+		_, err = signature.LoadNotationSigningkeys(tempDir)
+		So(err, ShouldNotBeNil)
+	})
+}
+
+func TestLoadNotationConfig(t *testing.T) {
+	Convey("directory doesn't exist", t, func() {
+		_, err := signature.LoadNotationConfig(t.TempDir())
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("wrong content of signingkeys.json", t, func() {
+		tempDir := t.TempDir()
+		dir := path.Join(tempDir, "notation")
+		err := os.Mkdir(dir, 0o777)
+		So(err, ShouldBeNil)
+
+		filePath := path.Join(dir, "signingkeys.json")
+		err = os.WriteFile(filePath, []byte("some dummy file content"), 0o666) //nolint: gosec
+		So(err, ShouldBeNil)
+
+		_, err = signature.LoadNotationConfig(tempDir)
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("check default value of signature format", t, func() {
+		tempDir := t.TempDir()
+		dir := path.Join(tempDir, "notation")
+		err := os.Mkdir(dir, 0o777)
+		So(err, ShouldBeNil)
+
+		filePath := path.Join(dir, "signingkeys.json")
+		err = os.WriteFile(filePath, []byte("{\"SignatureFormat\": \"\"}"), 0o666) //nolint: gosec
+		So(err, ShouldBeNil)
+
+		configInfo, err := signature.LoadNotationConfig(tempDir)
+		So(err, ShouldBeNil)
+		So(configInfo.SignatureFormat, ShouldEqual, "jws")
+	})
+}
+
+func TestSignWithNotation(t *testing.T) {
+	Convey("notation directory doesn't exist", t, func() {
+		err := signature.SignWithNotation("key", "reference", t.TempDir())
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("key not found", t, func() {
+		tempDir := t.TempDir()
+		dir := path.Join(tempDir, "notation")
+		err := os.Mkdir(dir, 0o777)
+		So(err, ShouldBeNil)
+
+		filePath := path.Join(dir, "signingkeys.json")
+		err = os.WriteFile(filePath, []byte("{}"), 0o666) //nolint: gosec
+		So(err, ShouldBeNil)
+
+		err = signature.SignWithNotation("key", "reference", tempDir)
+		So(err, ShouldEqual, signature.ErrKeyNotFound)
+	})
+
+	Convey("not enough permissions to access notation/localkeys dir", t, func() {
+		cwd, err := os.Getwd()
+		So(err, ShouldBeNil)
+		defer func() { _ = os.Chdir(cwd) }()
+		tdir := t.TempDir()
+		_ = os.Chdir(tdir)
+
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
+
+		signature.LoadNotationPath(tdir)
+
+		err = signature.GenerateNotationCerts(tdir, "key")
+		So(err, ShouldBeNil)
+
+		err = os.Chmod(path.Join(tdir, "notation", "localkeys"), 0o000)
+		So(err, ShouldBeNil)
+
+		err = signature.SignWithNotation("key", "reference", tdir)
+		So(err, ShouldNotBeNil)
+
+		err = os.Chmod(path.Join(tdir, "notation", "localkeys"), 0o755)
+		So(err, ShouldBeNil)
+	})
+
+	Convey("error parsing reference", t, func() {
+		cwd, err := os.Getwd()
+		So(err, ShouldBeNil)
+		defer func() { _ = os.Chdir(cwd) }()
+		tdir := t.TempDir()
+		_ = os.Chdir(tdir)
+
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
+
+		signature.LoadNotationPath(tdir)
+
+		err = signature.GenerateNotationCerts(tdir, "key")
+		So(err, ShouldBeNil)
+
+		err = signature.SignWithNotation("key", "invalidReference", tdir)
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("error signing", t, func() {
+		cwd, err := os.Getwd()
+		So(err, ShouldBeNil)
+		defer func() { _ = os.Chdir(cwd) }()
+		tdir := t.TempDir()
+		_ = os.Chdir(tdir)
+
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
+
+		signature.LoadNotationPath(tdir)
+
+		err = signature.GenerateNotationCerts(tdir, "key")
+		So(err, ShouldBeNil)
+
+		err = signature.SignWithNotation("key", "localhost:8080/invalidreference:1.0", tdir)
+		So(err, ShouldNotBeNil)
+	})
+}
+
+func TestVerifyWithNotation(t *testing.T) {
+	Convey("notation directory doesn't exist", t, func() {
+		err := signature.VerifyWithNotation("reference", t.TempDir())
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("error parsing reference", t, func() {
+		cwd, err := os.Getwd()
+		So(err, ShouldBeNil)
+		defer func() { _ = os.Chdir(cwd) }()
+		tdir := t.TempDir()
+		_ = os.Chdir(tdir)
+
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
+
+		signature.LoadNotationPath(tdir)
+
+		err = signature.GenerateNotationCerts(tdir, "key")
+		So(err, ShouldBeNil)
+
+		err = signature.VerifyWithNotation("invalidReference", tdir)
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("error trying to get manifest", t, func() {
+		cwd, err := os.Getwd()
+		So(err, ShouldBeNil)
+		defer func() { _ = os.Chdir(cwd) }()
+		tdir := t.TempDir()
+		_ = os.Chdir(tdir)
+
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
+
+		signature.LoadNotationPath(tdir)
+
+		err = signature.GenerateNotationCerts(tdir, "key")
+		So(err, ShouldBeNil)
+
+		err = signature.VerifyWithNotation("localhost:8080/invalidreference:1.0", tdir)
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("invalid content of trustpolicy.json", t, func() {
+		// start a new server
+		port := tcommon.GetFreePort()
+		baseURL := tcommon.GetBaseURL(port)
+		dir := t.TempDir()
+
+		conf := config.New()
+		conf.HTTP.Port = port
+		conf.Storage.RootDirectory = dir
+
+		ctlr := api.NewController(conf)
+		cm := tcommon.NewControllerManager(ctlr)
+		// this blocks
+		cm.StartAndWait(port)
+		defer cm.StopServer()
+
+		repoName := "signed-repo"
+		tag := "1.0"
+
+		image := CreateRandomImage()
+
+		err := UploadImage(image, baseURL, repoName, tag)
+		So(err, ShouldBeNil)
+
+		tempDir := t.TempDir()
+		notationDir := path.Join(tempDir, "notation")
+		err = os.Mkdir(notationDir, 0o777)
+		So(err, ShouldBeNil)
+
+		filePath := path.Join(notationDir, "trustpolicy.json")
+		err = os.WriteFile(filePath, []byte("some dummy file content"), 0o666) //nolint: gosec
+		So(err, ShouldBeNil)
+
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
+
+		signature.LoadNotationPath(tempDir)
+
+		err = signature.VerifyWithNotation(fmt.Sprintf("localhost:%s/%s:%s", port, repoName, tag), tempDir)
+		So(err, ShouldNotBeNil)
+	})
+}
+
+func TestListNotarySignatures(t *testing.T) {
+	Convey("error parsing reference", t, func() {
+		cwd, err := os.Getwd()
+		So(err, ShouldBeNil)
+		defer func() { _ = os.Chdir(cwd) }()
+		tdir := t.TempDir()
+		_ = os.Chdir(tdir)
+
+		_, err = signature.ListNotarySignatures("invalidReference", tdir)
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("error trying to get manifest", t, func() {
+		cwd, err := os.Getwd()
+		So(err, ShouldBeNil)
+		defer func() { _ = os.Chdir(cwd) }()
+		tdir := t.TempDir()
+		_ = os.Chdir(tdir)
+
+		_, err = signature.ListNotarySignatures("localhost:8080/invalidreference:1.0", tdir)
+		So(err, ShouldNotBeNil)
+	})
+}
+
+func TestGenerateNotationCerts(t *testing.T) {
+	Convey("write key file with permission", t, func() {
+		tempDir := t.TempDir()
+
+		notationDir := path.Join(tempDir, "notation")
+		err := os.Mkdir(notationDir, 0o777)
+		So(err, ShouldBeNil)
+
+		filePath := path.Join(notationDir, "localkeys")
+		err = os.WriteFile(filePath, []byte("{}"), 0o666) //nolint: gosec
+		So(err, ShouldBeNil)
+
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
+
+		signature.LoadNotationPath(tempDir)
+
+		err = signature.GenerateNotationCerts(t.TempDir(), "cert")
+		So(err, ShouldNotBeNil)
+	})
+
+	Convey("write cert file with permission", t, func() {
+		tempDir := t.TempDir()
+
+		notationDir := path.Join(tempDir, "notation", "localkeys")
+		err := os.MkdirAll(notationDir, 0o777)
+		So(err, ShouldBeNil)
+
+		filePath := path.Join(notationDir, "cert.crt")
+		err = os.WriteFile(filePath, []byte("{}"), 0o666) //nolint: gosec
+		So(err, ShouldBeNil)
+
+		err = os.Chmod(filePath, 0o000)
+		So(err, ShouldBeNil)
+
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
+
+		signature.LoadNotationPath(tempDir)
+
+		err = signature.GenerateNotationCerts(t.TempDir(), "cert")
+		So(err, ShouldNotBeNil)
+
+		err = os.Chmod(filePath, 0o755)
+		So(err, ShouldBeNil)
+	})
+
+	Convey("signingkeys.json file - not enough permission", t, func() {
+		tempDir := t.TempDir()
+
+		notationDir := path.Join(tempDir, "notation")
+		err := os.Mkdir(notationDir, 0o777)
+		So(err, ShouldBeNil)
+
+		filePath := path.Join(notationDir, "signingkeys.json")
+		_, err = os.Create(filePath) //nolint: gosec
+		So(err, ShouldBeNil)
+		err = os.Chmod(filePath, 0o000)
+		So(err, ShouldBeNil)
+
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
+
+		signature.LoadNotationPath(tempDir)
+
+		err = signature.GenerateNotationCerts(t.TempDir(), "cert")
+		So(err, ShouldNotBeNil)
+
+		err = os.Remove(filePath)
+		So(err, ShouldBeNil)
+		err = os.RemoveAll(path.Join(notationDir, "localkeys"))
+		So(err, ShouldBeNil)
+		signingKeysBuf, err := json.Marshal(notconfig.SigningKeys{})
+		So(err, ShouldBeNil)
+		err = os.WriteFile(filePath, signingKeysBuf, 0o555) //nolint:gosec // test code
+		So(err, ShouldBeNil)
+		err = signature.GenerateNotationCerts(t.TempDir(), "cert")
+		So(err, ShouldNotBeNil)
+	})
+	Convey("keysuite already exists in signingkeys.json", t, func() {
+		tempDir := t.TempDir()
+
+		notationDir := path.Join(tempDir, "notation")
+		err := os.Mkdir(notationDir, 0o777)
+		So(err, ShouldBeNil)
+
+		certName := "cert-test"
+		filePath := path.Join(notationDir, "signingkeys.json")
+		keyPath := path.Join(notationDir, "localkeys", certName+".key")
+		certPath := path.Join(notationDir, "localkeys", certName+".crt")
+		signingKeys := notconfig.SigningKeys{}
+		keySuite := notconfig.KeySuite{
+			Name: certName,
+			X509KeyPair: &notconfig.X509KeyPair{
+				KeyPath:         keyPath,
+				CertificatePath: certPath,
+			},
+		}
+		signingKeys.Keys = []notconfig.KeySuite{keySuite}
+		signingKeysBuf, err := json.Marshal(signingKeys)
+		So(err, ShouldBeNil)
+		err = os.WriteFile(filePath, signingKeysBuf, 0o600)
+		So(err, ShouldBeNil)
+
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
+
+		signature.LoadNotationPath(tempDir)
+
+		err = signature.GenerateNotationCerts(t.TempDir(), certName)
+		So(err, ShouldNotBeNil)
+	})
+	Convey("truststore files", t, func() {
+		tempDir := t.TempDir()
+
+		notationDir := path.Join(tempDir, "notation")
+		err := os.Mkdir(notationDir, 0o777)
+		So(err, ShouldBeNil)
+
+		certName := "cert-test"
+		trustStorePath := path.Join(notationDir, fmt.Sprintf("truststore/x509/ca/%s", certName))
+		err = os.MkdirAll(trustStorePath, 0o755)
+		So(err, ShouldBeNil)
+		err = os.Chmod(path.Join(notationDir, "truststore/x509"), 0o000)
+		So(err, ShouldBeNil)
+
+		signature.NotationPathLock.Lock()
+		defer signature.NotationPathLock.Unlock()
+
+		signature.LoadNotationPath(tempDir)
+
+		err = signature.GenerateNotationCerts(tempDir, certName)
+		So(err, ShouldNotBeNil)
+
+		err = os.RemoveAll(path.Join(notationDir, "localkeys"))
+		So(err, ShouldBeNil)
+		err = os.Chmod(path.Join(notationDir, "truststore/x509"), 0o755)
+		So(err, ShouldBeNil)
+		_, err = os.Create(path.Join(trustStorePath, "cert-test.crt"))
+		So(err, ShouldBeNil)
+
+		err = signature.GenerateNotationCerts(tempDir, certName)
+		So(err, ShouldNotBeNil)
+
+		err = os.RemoveAll(path.Join(notationDir, "localkeys"))
+		So(err, ShouldBeNil)
+		err = os.Remove(path.Join(trustStorePath, "cert-test.crt"))
+		So(err, ShouldBeNil)
+		err = os.Chmod(path.Join(notationDir, "truststore/x509/ca", certName), 0o555)
+		So(err, ShouldBeNil)
+
+		err = signature.GenerateNotationCerts(tempDir, certName)
+		So(err, ShouldNotBeNil)
+	})
+}

pkg/test/test_http_server.go

@@ -1,51 +0,0 @@
-package test
-
-import (
-	"errors"
-	"fmt"
-	"net/http"
-
-	"github.com/gorilla/mux"
-)
-
-type RouteHandler struct {
-	Route string
-	// HandlerFunc is the HTTP handler function that receives a writer for output and an HTTP request as input.
-	HandlerFunc http.HandlerFunc
-	// AllowedMethods specifies the HTTP methods allowed for the current route.
-	AllowedMethods []string
-}
-
-// Routes is a map that associates HTTP paths to their corresponding HTTP handlers.
-type HTTPRoutes []RouteHandler
-
-func StartTestHTTPServer(routes HTTPRoutes, port string) *http.Server {
-	baseURL := GetBaseURL(port)
-	mux := mux.NewRouter()
-
-	mux.HandleFunc("/test", func(w http.ResponseWriter, r *http.Request) {
-		_, err := w.Write([]byte("{}"))
-		if err != nil {
-			return
-		}
-	}).Methods(http.MethodGet)
-
-	for _, routeHandler := range routes {
-		mux.HandleFunc(routeHandler.Route, routeHandler.HandlerFunc).Methods(routeHandler.AllowedMethods...)
-	}
-
-	server := &http.Server{ //nolint:gosec
-		Addr:    fmt.Sprintf(":%s", port),
-		Handler: mux,
-	}
-
-	go func() {
-		if err := server.ListenAndServe(); !errors.Is(err, http.ErrServerClosed) {
-			return
-		}
-	}()
-
-	WaitTillServerReady(baseURL + "/test")
-
-	return server
-}