mirror of
https://github.com/DeterminateSystems/flake-checker.git
synced 2024-10-05 18:27:42 +03:00
Fix broken CEL condition test
This commit is contained in:
Luc Perkins
parent
011426a6f9
commit
c6cb45273d
@ -16,11 +16,11 @@ pub(super) fn evaluate_condition(
|
||||
flake_lock: &FlakeLock,
|
||||
nixpkgs_keys: &[String],
|
||||
condition: &str,
|
||||
allowed_refs: Vec<String>,
|
||||
supported_refs: Vec<String>,
|
||||
) -> Result<Vec<Issue>, FlakeCheckerError> {
|
||||
let mut issues: Vec<Issue> = vec![];
|
||||
let mut ctx = Context::default();
|
||||
ctx.add_variable_from_value(KEY_SUPPORTED_REFS, allowed_refs.clone());
|
||||
ctx.add_variable_from_value(KEY_SUPPORTED_REFS, supported_refs);
|
||||
|
||||
let deps = nixpkgs_deps(flake_lock, nixpkgs_keys)?;
|
||||
|
||||
@ -68,7 +68,7 @@ fn add_cel_variables(
|
||||
ctx.add_variable_from_value(KEY_GIT_REF, value_or_empty_string(git_ref));
|
||||
ctx.add_variable_from_value(
|
||||
KEY_NUM_DAYS_OLD,
|
||||
value_or_zero(last_modified.map(|d| num_days_old(d))),
|
||||
value_or_zero(last_modified.map(num_days_old)),
|
||||
);
|
||||
ctx.add_variable_from_value(KEY_OWNER, value_or_empty_string(owner));
|
||||
}
|
||||
@ -80,19 +80,3 @@ fn value_or_empty_string(value: Option<String>) -> Value {
|
||||
fn value_or_zero(value: Option<i64>) -> Value {
|
||||
Value::from(value.unwrap_or(0))
|
||||
}
|
||||
|
||||
pub(super) fn vet_condition(condition: &str) -> Result<(), FlakeCheckerError> {
|
||||
let mut ctx = Context::default();
|
||||
ctx.add_variable_from_value(KEY_SUPPORTED_REFS, Value::List(Vec::<Value>::new().into()));
|
||||
ctx.add_variable_from_value(KEY_GIT_REF, Value::from("some-ref"));
|
||||
ctx.add_variable_from_value(KEY_NUM_DAYS_OLD, Value::from(27));
|
||||
ctx.add_variable_from_value(KEY_OWNER, Value::from("some-og"));
|
||||
|
||||
match Program::compile(condition)?.execute(&ctx) {
|
||||
Ok(value) if matches!(value, Value::Bool(_)) => Ok(()),
|
||||
Ok(value) => Err(FlakeCheckerError::NonBooleanCondition(
|
||||
value.type_of().to_string(),
|
||||
)),
|
||||
Err(e) => Err(FlakeCheckerError::CelExecution(e)),
|
||||
}
|
||||
}
|
||||
|
||||
82
src/flake.rs
82
src/flake.rs
@ -49,7 +49,7 @@ pub(super) fn nixpkgs_deps(
|
||||
}
|
||||
}
|
||||
Node::Indirect(indirect_node) => {
|
||||
if &indirect_node.original.id == key {
|
||||
if keys.contains(key) && &indirect_node.original.id == key {
|
||||
deps.insert(key.to_string(), node);
|
||||
}
|
||||
}
|
||||
@ -99,15 +99,13 @@ pub(crate) fn check_flake_lock(
|
||||
// Check if not explicitly supported
|
||||
if let Some(git_ref) = git_ref {
|
||||
// Check if not explicitly supported
|
||||
if config.check_supported {
|
||||
if !allowed_refs.contains(&git_ref) {
|
||||
issues.push(Issue {
|
||||
input: name.clone(),
|
||||
kind: IssueKind::Disallowed(Disallowed {
|
||||
reference: git_ref.to_string(),
|
||||
}),
|
||||
});
|
||||
}
|
||||
if config.check_supported && !allowed_refs.contains(&git_ref) {
|
||||
issues.push(Issue {
|
||||
input: name.clone(),
|
||||
kind: IssueKind::Disallowed(Disallowed {
|
||||
reference: git_ref.to_string(),
|
||||
}),
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -127,13 +125,11 @@ pub(crate) fn check_flake_lock(
|
||||
|
||||
if let Some(owner) = owner {
|
||||
// Check that the GitHub owner is NixOS
|
||||
if config.check_owner {
|
||||
if owner.to_lowercase() != "nixos" {
|
||||
issues.push(Issue {
|
||||
input: name.clone(),
|
||||
kind: IssueKind::NonUpstream(NonUpstream { owner }),
|
||||
});
|
||||
}
|
||||
if config.check_owner && owner.to_lowercase() != "nixos" {
|
||||
issues.push(Issue {
|
||||
input: name.clone(),
|
||||
kind: IssueKind::NonUpstream(NonUpstream { owner }),
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -158,30 +154,30 @@ mod test {
|
||||
};
|
||||
|
||||
#[test]
|
||||
fn test_cel_conditions() {
|
||||
let allowed_refs: Vec<String> =
|
||||
serde_json::from_str(include_str!("../allowed-refs.json")).unwrap();
|
||||
// (n, condition, expected)
|
||||
let cases: Vec<(usize, &str, bool)> = vec![(
|
||||
0,
|
||||
"has(gitRef) && has(numDaysOld) && has(owner) && has(supportedRefs) && supportedRefs.contains(gitRef) && owner == 'NixOS'",
|
||||
true,
|
||||
), (
|
||||
0,
|
||||
"has(gitRef) && has(numDaysOld) && has(owner) && has(supportedRefs) && supportedRefs.contains(gitRef) && owner != 'NixOS'",
|
||||
false,
|
||||
),
|
||||
(
|
||||
0,
|
||||
"has(gitRef) && has(numDaysOld) && has(owner) && has(supportedRefs) && supportedRefs.contains(gitRef) && owner != 'NixOS'",
|
||||
false,
|
||||
)];
|
||||
fn cel_conditions() {
|
||||
// (condition, expected)
|
||||
let cases: Vec<(&str, bool)> = vec![
|
||||
(include_str!("../tests/cel-condition.txt"), true),
|
||||
(
|
||||
|
||||
for (n, condition, expected) in cases {
|
||||
let path = PathBuf::from(format!("tests/flake.cel.clean.{n}.lock"));
|
||||
"has(gitRef) && has(numDaysOld) && has(owner) && has(supportedRefs) && supportedRefs.contains(gitRef) && owner != 'NixOS'",
|
||||
false,
|
||||
),
|
||||
(
|
||||
|
||||
"has(gitRef) && has(numDaysOld) && has(owner) && has(supportedRefs) && supportedRefs.contains(gitRef) && owner != 'NixOS'",
|
||||
false,
|
||||
),
|
||||
];
|
||||
|
||||
let supported_refs: Vec<String> =
|
||||
serde_json::from_str(include_str!("../allowed-refs.json")).unwrap();
|
||||
let path = PathBuf::from("tests/flake.cel.lock");
|
||||
|
||||
for (condition, expected) in cases {
|
||||
let flake_lock = FlakeLock::new(&path).unwrap();
|
||||
let config = FlakeCheckConfig {
|
||||
check_outdated: false,
|
||||
nixpkgs_keys: vec![String::from("nixpkgs")],
|
||||
..Default::default()
|
||||
};
|
||||
|
||||
@ -189,7 +185,7 @@ mod test {
|
||||
&flake_lock,
|
||||
&config.nixpkgs_keys,
|
||||
condition,
|
||||
allowed_refs.clone(),
|
||||
supported_refs.clone(),
|
||||
);
|
||||
|
||||
if expected {
|
||||
@ -202,7 +198,7 @@ mod test {
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_clean_flake_locks() {
|
||||
fn clean_flake_locks() {
|
||||
let allowed_refs: Vec<String> =
|
||||
serde_json::from_str(include_str!("../allowed-refs.json")).unwrap();
|
||||
for n in 0..=7 {
|
||||
@ -222,7 +218,7 @@ mod test {
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_dirty_flake_locks() {
|
||||
fn dirty_flake_locks() {
|
||||
let allowed_refs: Vec<String> =
|
||||
serde_json::from_str(include_str!("../allowed-refs.json")).unwrap();
|
||||
let cases: Vec<(&str, Vec<Issue>)> = vec![
|
||||
@ -276,7 +272,7 @@ mod test {
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_explicit_nixpkgs_keys() {
|
||||
fn explicit_nixpkgs_keys() {
|
||||
let allowed_refs: Vec<String> =
|
||||
serde_json::from_str(include_str!("../allowed-refs.json")).unwrap();
|
||||
let cases: Vec<(&str, Vec<String>, Vec<Issue>)> = vec![(
|
||||
@ -304,7 +300,7 @@ mod test {
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_missing_nixpkgs_keys() {
|
||||
fn missing_nixpkgs_keys() {
|
||||
let allowed_refs: Vec<String> =
|
||||
serde_json::from_str(include_str!("../allowed-refs.json")).unwrap();
|
||||
let cases: Vec<(&str, Vec<String>, String)> = vec![(
|
||||
|
||||
@ -7,7 +7,6 @@ mod issue;
|
||||
mod summary;
|
||||
mod telemetry;
|
||||
|
||||
use condition::vet_condition;
|
||||
use error::FlakeCheckerError;
|
||||
use flake::{check_flake_lock, FlakeCheckConfig};
|
||||
use summary::Summary;
|
||||
@ -180,7 +179,6 @@ fn main() -> Result<ExitCode, FlakeCheckerError> {
|
||||
};
|
||||
|
||||
let issues = if let Some(condition) = &condition {
|
||||
vet_condition(condition)?;
|
||||
evaluate_condition(&flake_lock, &nixpkgs_keys, condition, allowed_refs.clone())?
|
||||
} else {
|
||||
check_flake_lock(&flake_lock, &flake_check_config, allowed_refs.clone())?
|
||||
|
||||
6
tests/cel-condition.txt
Normal file
6
tests/cel-condition.txt
Normal file
@ -0,0 +1,6 @@
|
||||
supportedRefs == ['nixos-24.05', 'nixos-24.05-small', 'nixos-unstable', 'nixos-unstable-small', 'nixpkgs-24.05-darwin', 'nixpkgs-unstable']
|
||||
&& owner == 'NixOS'
|
||||
&& gitRef == 'nixos-unstable'
|
||||
&& supportedRefs.contains(gitRef)
|
||||
&& has(numDaysOld)
|
||||
&& numDaysOld > 0
|
||||
Loading…
Reference in New Issue
Block a user