TestApplyRejectsMissingManifestEntry: a manifest that exists but doesn't list our asset (a bad release) must make Apply abort, not skip verification and install an unverified binary.
(t *testing.T)
| 219 | // list our asset (a bad release) must make Apply abort, not skip verification |
| 220 | // and install an unverified binary. |
| 221 | func TestApplyRejectsMissingManifestEntry(t *testing.T) { |
| 222 | asset := platformAsset(t) |
| 223 | body := []byte("would-be binary\n") |
| 224 | // declare a hash for a DIFFERENT asset name so fetchHash returns "" |
| 225 | other := "codehamr-not-our-asset" |
| 226 | r := newFakeRelease(t, asset, body, hashOf(body)) |
| 227 | r.manifest = fmt.Sprintf("%s %s\n", hashOf(body), other) // no entry for `asset` |
| 228 | withReleaseURLs(t, r.srv.URL) |
| 229 | |
| 230 | tmpDir := t.TempDir() |
| 231 | exec := filepath.Join(tmpDir, "codehamr") |
| 232 | if err := os.WriteFile(exec, []byte("o\n"), 0o755); err != nil { |
| 233 | t.Fatal(err) |
| 234 | } |
| 235 | |
| 236 | err := Apply(context.Background(), exec) |
| 237 | if err == nil { |
| 238 | t.Fatal("Apply must abort when no manifest entry exists for the asset") |
| 239 | } |
| 240 | if !strings.Contains(err.Error(), "checksum") { |
| 241 | t.Fatalf("error should mention the missing checksum, got: %v", err) |
| 242 | } |
| 243 | } |
| 244 | |
| 245 | // TestApplyCleansTempOnFailure: a failed download (server returns 500) |
| 246 | // must not leave a half-written temp file in the install directory. |
nothing calls this directly
no test coverage detected