MCPcopy Index your code
hub / github.com/cli/cli / TestValidateSignerWorkflow

Function TestValidateSignerWorkflow

pkg/cmd/attestation/verify/policy_test.go:263–319  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

261}
262
263func TestValidateSignerWorkflow(t *testing.T) {
264 type testcase struct {
265 name string
266 providedSignerWorkflow string
267 expectedWorkflowRegex string
268 host string
269 expectErr bool
270 errContains string
271 }
272
273 testcases := []testcase{
274 {
275 name: "workflow with no host specified",
276 providedSignerWorkflow: "github/artifact-attestations-workflows/.github/workflows/attest.yml",
277 expectErr: true,
278 errContains: "unknown signer workflow host",
279 },
280 {
281 name: "workflow with default host",
282 providedSignerWorkflow: "github/artifact-attestations-workflows/.github/workflows/attest.yml",
283 expectedWorkflowRegex: "^https://github.com/github/artifact-attestations-workflows/.github/workflows/attest.yml",
284 host: "github.com",
285 },
286 {
287 name: "workflow with workflow URL included",
288 providedSignerWorkflow: "github.com/github/artifact-attestations-workflows/.github/workflows/attest.yml",
289 expectedWorkflowRegex: "^https://github.com/github/artifact-attestations-workflows/.github/workflows/attest.yml",
290 host: "github.com",
291 },
292 {
293 name: "workflow with GH_HOST set",
294 providedSignerWorkflow: "github/artifact-attestations-workflows/.github/workflows/attest.yml",
295 expectedWorkflowRegex: "^https://myhost.github.com/github/artifact-attestations-workflows/.github/workflows/attest.yml",
296 host: "myhost.github.com",
297 },
298 {
299 name: "workflow with authenticated host",
300 providedSignerWorkflow: "github/artifact-attestations-workflows/.github/workflows/attest.yml",
301 expectedWorkflowRegex: "^https://authedhost.github.com/github/artifact-attestations-workflows/.github/workflows/attest.yml",
302 host: "authedhost.github.com",
303 },
304 }
305
306 for _, tc := range testcases {
307 // All host resolution is done verify.go:RunE
308 workflowRegex, err := validateSignerWorkflow(tc.host, tc.providedSignerWorkflow)
309 require.Equal(t, tc.expectedWorkflowRegex, workflowRegex)
310
311 if tc.expectErr {
312 require.Error(t, err)
313 require.ErrorContains(t, err, tc.errContains)
314 } else {
315 require.NoError(t, err)
316 require.Equal(t, tc.expectedWorkflowRegex, workflowRegex)
317 }
318 }
319}

Callers

nothing calls this directly

Calls 3

validateSignerWorkflowFunction · 0.85
EqualMethod · 0.80
ErrorMethod · 0.45

Tested by

no test coverage detected