Skip to content

Commit

Permalink
Merge branch 'main' into probes/code-review
Browse files Browse the repository at this point in the history
Signed-off-by: jitsengupta17 <145664639+jitsengupta17@users.noreply.github.com>
  • Loading branch information
jitsengupta17 committed Jan 19, 2024
2 parents 6ecc06b + 2ef20f1 commit 4be18d6
Show file tree
Hide file tree
Showing 145 changed files with 5,427 additions and 1,550 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/depsreview.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,4 @@ jobs:
- name: 'Checkout Repository'
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: 'Dependency Review'
uses: actions/dependency-review-action@7bbfa034e752445ea40215fff1c3bf9597993d3f # v3.1.3
uses: actions/dependency-review-action@01bc87099ba56df1e897b6874784491ea6309bc4 # v3.1.4
2 changes: 1 addition & 1 deletion .github/workflows/docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ jobs:
fetch-depth: 2 # needed to diff changed files
- id: files
name: Get changed files
uses: tj-actions/changed-files@25ef3926d147cd02fc7e931c1ef50772bbb0d25d #v40.1.1
uses: tj-actions/changed-files@94549999469dbfa032becf298d95c87a14c34394 #v40.2.2
with:
files_ignore: '**.md'
- id: docs_only_check
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/stale.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,12 +31,12 @@ jobs:
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

- uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v3.0.18
- uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v3.0.18
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
stale-issue-message: 'This issue is stale because it has been open for 60 days with no activity.'
stale-pr-message: 'This pull request is stale because it has been open for 10 days with no activity'
exempt-issue-labels: 'priority,bug,good first issue'
exempt-issue-labels: 'priority,bug,good first issue,backlog,help wanted'
exempt-issue-milestones: 'Structured results'
exempt-pr-labels: 'awaiting-approval,work-in-progress'
days-before-pr-stale: '10'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/verify.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,6 @@ jobs:

- name: Verifier action
id: verifier
uses: kubernetes-sigs/kubebuilder-release-tools@3c3411345eedc489d1022288aa844691e92a9c29 # v0.4.2
uses: kubernetes-sigs/kubebuilder-release-tools@012269a88fa4c034a0acf1ba84c26b195c0dbab4 # v0.4.3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
4 changes: 3 additions & 1 deletion .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@ issues:
- funlen
- goconst
- gocyclo
- goerr113
- lll
- wrapcheck
skip-files:
- cron/data/request.pb.go # autogenerated
linters:
Expand Down Expand Up @@ -72,7 +75,6 @@ linters:
- wrapcheck
disable:
- exhaustruct # initializing every struct makes tests longer without much benefit (spencerschrock)
- paralleltest # need to investigate rate limit issues before re-enabling? (#2527)
- testpackage # tests don't need their own package (spencerschrock)
presets:
- bugs
Expand Down
62 changes: 30 additions & 32 deletions attestor/command/cli_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,43 +20,41 @@ import (
)

func Test_addSignFlags(t *testing.T) {
t.Parallel()
type args struct {
cmd *cobra.Command
}
testName := "Test addSignFlags"
testArgs := args{
cmd: &cobra.Command{},
}

t.Run(testName, func(t *testing.T) {
addSignFlags(testArgs.cmd)
// persistent flags of Image being set has to be tested in the integration test
if testArgs.cmd.PersistentFlags().Lookup("image") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'image'")
}
if testArgs.cmd.PersistentFlags().Lookup("attestation-project") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'attestation-project'")
}
if testArgs.cmd.PersistentFlags().Lookup("overwrite") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'overwrite'")
}
if testArgs.cmd.PersistentFlags().Lookup("kms-key-name") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'kms-key-name'")
}
if testArgs.cmd.PersistentFlags().Lookup("kms-digest-alg") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'kms-digest-alg'")
}
if testArgs.cmd.PersistentFlags().Lookup("pgp-private-key") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'pgp-private-key'")
}
if testArgs.cmd.PersistentFlags().Lookup("pgp-passphrase") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'pgp-passphrase'")
}
if testArgs.cmd.PersistentFlags().Lookup("pkix-private-key") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'pkix-private-key'")
}
if testArgs.cmd.PersistentFlags().Lookup("pkix-alg") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'pkix-alg'")
}
})
addSignFlags(testArgs.cmd)
// persistent flags of Image being set has to be tested in the integration test
if testArgs.cmd.PersistentFlags().Lookup("image") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'image'")
}
if testArgs.cmd.PersistentFlags().Lookup("attestation-project") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'attestation-project'")
}
if testArgs.cmd.PersistentFlags().Lookup("overwrite") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'overwrite'")
}
if testArgs.cmd.PersistentFlags().Lookup("kms-key-name") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'kms-key-name'")
}
if testArgs.cmd.PersistentFlags().Lookup("kms-digest-alg") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'kms-digest-alg'")
}
if testArgs.cmd.PersistentFlags().Lookup("pgp-private-key") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'pgp-private-key'")
}
if testArgs.cmd.PersistentFlags().Lookup("pgp-passphrase") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'pgp-passphrase'")
}
if testArgs.cmd.PersistentFlags().Lookup("pkix-private-key") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'pkix-private-key'")
}
if testArgs.cmd.PersistentFlags().Lookup("pkix-alg") == nil {
t.Errorf("addSignFlags() did not add persistent flag 'pkix-alg'")
}
}
14 changes: 11 additions & 3 deletions checker/check_result_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,14 @@ func TestCreateProportionalScore(t *testing.T) {
},
want: 5,
},
{
name: "2 and 5",
args: args{
success: 2,
total: 5,
},
want: 4,
},
}
for _, tt := range tests {
tt := tt
Expand Down Expand Up @@ -545,7 +553,7 @@ func TestCreateProportionalScoreResult(t *testing.T) {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
if got := CreateProportionalScoreResult(tt.args.name, tt.args.reason, tt.args.b, tt.args.t); !cmp.Equal(got, tt.want) { //nolint:lll
if got := CreateProportionalScoreResult(tt.args.name, tt.args.reason, tt.args.b, tt.args.t); !cmp.Equal(got, tt.want) {
t.Errorf("CreateProportionalScoreResult() = %v, want %v", got, cmp.Diff(got, tt.want))
}
})
Expand Down Expand Up @@ -714,14 +722,14 @@ func TestCreateRuntimeErrorResult(t *testing.T) {
name: "empty",
args: args{
name: "",
e: errors.New("runtime error"), //nolint:goerr113
e: errors.New("runtime error"),
},
want: CheckResult{
Name: "",
Reason: "runtime error",
Score: -1,
Version: 2,
Error: errors.New("runtime error"), //nolint:goerr113
Error: errors.New("runtime error"),
},
},
}
Expand Down
2 changes: 1 addition & 1 deletion checker/client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ func TestGetClients(t *testing.T) {
t.Setenv("GH_HOST", "github.corp.com")
t.Setenv("GH_TOKEN", "PAT")
}
got, repoClient, ossFuzzClient, ciiClient, vulnsClient, err := GetClients(tt.args.ctx, tt.args.repoURI, tt.args.localURI, tt.args.logger) //nolint:lll
got, repoClient, ossFuzzClient, ciiClient, vulnsClient, err := GetClients(tt.args.ctx, tt.args.repoURI, tt.args.localURI, tt.args.logger)
if (err != nil) != tt.wantErr {
t.Fatalf("GetClients() error = %v, wantErr %v", err, tt.wantErr)
}
Expand Down
6 changes: 6 additions & 0 deletions checker/detail_logger_impl_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import (
)

func Test_logger_Info(t *testing.T) {
t.Parallel()
l := &logger{
logs: []CheckDetail{},
}
Expand All @@ -28,6 +29,7 @@ func Test_logger_Info(t *testing.T) {
}

func Test_logger_Warn(t *testing.T) {
t.Parallel()
l := &logger{
logs: []CheckDetail{},
}
Expand All @@ -38,6 +40,7 @@ func Test_logger_Warn(t *testing.T) {
}

func Test_logger_Flush(t *testing.T) {
t.Parallel()
l := &logger{
logs: []CheckDetail{},
}
Expand All @@ -52,6 +55,7 @@ func Test_logger_Flush(t *testing.T) {
}

func Test_logger_Logs(t *testing.T) {
t.Parallel()
l := &logger{
logs: []CheckDetail{},
}
Expand All @@ -62,6 +66,7 @@ func Test_logger_Logs(t *testing.T) {
}

func Test_logger_Debug(t *testing.T) {
t.Parallel()
l := &logger{
logs: []CheckDetail{},
}
Expand All @@ -72,6 +77,7 @@ func Test_logger_Debug(t *testing.T) {
}

func TestNewLogger(t *testing.T) {
t.Parallel()
l := NewLogger()
if l == nil {
t.Errorf("expected non-nil logger, got nil")
Expand Down
2 changes: 2 additions & 0 deletions checker/raw_result.go
Original file line number Diff line number Diff line change
Expand Up @@ -257,6 +257,8 @@ const (
CodeQLWorkflow SASTWorkflowType = "CodeQL"
// SonarWorkflow represents a workflow that runs Sonar.
SonarWorkflow SASTWorkflowType = "Sonar"
// SnykWorkflow represents a workflow that runs Snyk.
SnykWorkflow SASTWorkflowType = "Snyk"
)

// SASTWorkflow represents a SAST workflow.
Expand Down
1 change: 1 addition & 0 deletions checker/raw_result_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (
)

func TestFile_Location(t *testing.T) {
t.Parallel()
file := File{
Type: finding.FileTypeSource,
Path: "bar.go",
Expand Down
19 changes: 13 additions & 6 deletions checks/binary_artifact.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ import (
"github.com/ossf/scorecard/v4/checks/evaluation"
"github.com/ossf/scorecard/v4/checks/raw"
sce "github.com/ossf/scorecard/v4/errors"
"github.com/ossf/scorecard/v4/probes"
"github.com/ossf/scorecard/v4/probes/zrunner"
)

// CheckBinaryArtifacts is the exported name for Binary-Artifacts check.
Expand All @@ -38,17 +40,22 @@ func init() {

// BinaryArtifacts will check the repository contains binary artifacts.
func BinaryArtifacts(c *checker.CheckRequest) checker.CheckResult {
rawData, err := raw.BinaryArtifacts(c.RepoClient)
rawData, err := raw.BinaryArtifacts(c)
if err != nil {
e := sce.WithMessage(sce.ErrScorecardInternal, err.Error())
return checker.CreateRuntimeErrorResult(CheckBinaryArtifacts, e)
}

// Return raw results.
if c.RawResults != nil {
c.RawResults.BinaryArtifactResults = rawData
// Set the raw results.
pRawResults := getRawResults(c)
pRawResults.BinaryArtifactResults = rawData

// Evaluate the probes.
findings, err := zrunner.Run(pRawResults, probes.BinaryArtifacts)
if err != nil {
e := sce.WithMessage(sce.ErrScorecardInternal, err.Error())
return checker.CreateRuntimeErrorResult(CheckBinaryArtifacts, e)
}

// Return the score evaluation.
return evaluation.BinaryArtifacts(CheckBinaryArtifacts, c.Dlogger, &rawData)
return evaluation.BinaryArtifacts(CheckBinaryArtifacts, findings, c.Dlogger)
}
Loading

0 comments on commit 4be18d6

Please sign in to comment.