ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-09-17 11:57:12 +03:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Replace checker.Webhook with clients.Webhook (#1948)

Browse Source 
Co-authored-by: Azeem Shaikh <azeems@google.com>
This commit is contained in:
Azeem Shaikh 2022-05-23 19:47:12 -07:00 committed by GitHub
parent 9a2a4f16bd
commit 4b655b45ce
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 35 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
checker/raw_result.go
View File

@ -107,15 +107,7 @@ type DependencyUpdateToolData struct {
// WebhooksData contains the raw results // WebhooksData contains the raw results
// for the Webhook check. // for the Webhook check.
type WebhooksData struct { type WebhooksData struct {
Webhook []WebhookData Webhooks []clients.Webhook
}
// WebhookData contains the raw results
// for webhook check.
type WebhookData struct {
Path string
ID int64
UsesAuthSecret bool
} }
// BranchProtectionsData contains the raw results // BranchProtectionsData contains the raw results

12
checks/evaluation/webhooks.go
View File

@ -30,12 +30,12 @@ func Webhooks(name string, dl checker.DetailLogger,
return checker.CreateRuntimeErrorResult(name, e) return checker.CreateRuntimeErrorResult(name, e)
} }
if len(r.Webhook) < 1 { if len(r.Webhooks) < 1 {
return checker.CreateMaxScoreResult(name, "no webhooks defined") return checker.CreateMaxScoreResult(name, "no webhooks defined")
} }
hasNoSecretCount := 0 hasNoSecretCount := 0
for _, hook := range r.Webhook { for _, hook := range r.Webhooks {
if !hook.UsesAuthSecret { if !hook.UsesAuthSecret {
dl.Warn(&checker.LogMessage{ dl.Warn(&checker.LogMessage{
Path: hook.Path, Path: hook.Path,
@ -47,14 +47,14 @@ func Webhooks(name string, dl checker.DetailLogger,
} }
if hasNoSecretCount == 0 { if hasNoSecretCount == 0 {
return checker.CreateMaxScoreResult(name, fmt.Sprintf("all %d hook(s) have a secret configured", len(r.Webhook))) return checker.CreateMaxScoreResult(name, fmt.Sprintf("all %d hook(s) have a secret configured", len(r.Webhooks)))
} }
if len(r.Webhook) == hasNoSecretCount { if len(r.Webhooks) == hasNoSecretCount {
return checker.CreateMinScoreResult(name, fmt.Sprintf("%d hook(s) do not have a secret configured", len(r.Webhook))) return checker.CreateMinScoreResult(name, fmt.Sprintf("%d hook(s) do not have a secret configured", len(r.Webhooks)))
} }
return checker.CreateProportionalScoreResult(name, return checker.CreateProportionalScoreResult(name,
fmt.Sprintf("%d/%d hook(s) with no secrets configured detected", fmt.Sprintf("%d/%d hook(s) with no secrets configured detected",
hasNoSecretCount, len(r.Webhook)), hasNoSecretCount, len(r.Webhook)) hasNoSecretCount, len(r.Webhooks)), hasNoSecretCount, len(r.Webhooks))
} }

7
checks/evaluation/webhooks_test.go
View File

@ -18,6 +18,7 @@ import (
"testing" "testing"
"github.com/ossf/scorecard/v4/checker" "github.com/ossf/scorecard/v4/checker"
"github.com/ossf/scorecard/v4/clients"
scut "github.com/ossf/scorecard/v4/utests" scut "github.com/ossf/scorecard/v4/utests"
) )
@ -61,7 +62,7 @@ func TestWebhooks(t *testing.T) {
name: "1 webhook with secret", name: "1 webhook with secret",
dl: &scut.TestDetailLogger{}, dl: &scut.TestDetailLogger{},
r: &checker.WebhooksData{ r: &checker.WebhooksData{
Webhook: []checker.WebhookData{ Webhooks: []clients.Webhook{
{ {
Path: "https://github.com/owner/repo/settings/hooks/1234", Path: "https://github.com/owner/repo/settings/hooks/1234",
ID: 1234, ID: 1234,
@ -80,7 +81,7 @@ func TestWebhooks(t *testing.T) {
name: "1 webhook with no secret", name: "1 webhook with no secret",
dl: &scut.TestDetailLogger{}, dl: &scut.TestDetailLogger{},
r: &checker.WebhooksData{ r: &checker.WebhooksData{
Webhook: []checker.WebhookData{ Webhooks: []clients.Webhook{
{ {
Path: "https://github.com/owner/repo/settings/hooks/1234", Path: "https://github.com/owner/repo/settings/hooks/1234",
ID: 1234, ID: 1234,
@ -99,7 +100,7 @@ func TestWebhooks(t *testing.T) {
name: "many webhooks with no secret and with secret", name: "many webhooks with no secret and with secret",
dl: &scut.TestDetailLogger{}, dl: &scut.TestDetailLogger{},
r: &checker.WebhooksData{ r: &checker.WebhooksData{
Webhook: []checker.WebhookData{ Webhooks: []clients.Webhook{
{ {
Path: "https://github.com/owner/repo/settings/hooks/1234", Path: "https://github.com/owner/repo/settings/hooks/1234",
ID: 1234, ID: 1234,

22
checks/raw/webhook.go
View File

@ -15,8 +15,6 @@
package raw package raw
import ( import (
"fmt"
"github.com/ossf/scorecard/v4/checker" "github.com/ossf/scorecard/v4/checker"
sce "github.com/ossf/scorecard/v4/errors" sce "github.com/ossf/scorecard/v4/errors"
) )
@ -28,21 +26,7 @@ func WebHook(c *checker.CheckRequest) (checker.WebhooksData, error) {
return checker.WebhooksData{}, return checker.WebhooksData{},
sce.WithMessage(sce.ErrScorecardInternal, "Client.Repositories.ListWebhooks") sce.WithMessage(sce.ErrScorecardInternal, "Client.Repositories.ListWebhooks")
} }
return checker.WebhooksData{
if len(hooksResp) < 1 { Webhooks: hooksResp,
return checker.WebhooksData{}, nil }, nil
}
hooks := []checker.WebhookData{}
for _, hook := range hooksResp {
v := checker.WebhookData{
ID: hook.ID,
UsesAuthSecret: hook.UsesAuthSecret,
Path: fmt.Sprintf("https://%s/settings/hooks/%d", c.RepoClient.URI(), hook.ID),
// Note: add fields if needed.
}
hooks = append(hooks, v)
}
return checker.WebhooksData{Webhook: hooks}, nil
} }

14
checks/raw/webhooks_test.go
View File

@ -37,12 +37,12 @@ func TestWebhooks(t *testing.T) {
wantErr bool wantErr bool
expectedUsesAuthSecret int expectedUsesAuthSecret int
expected scut.TestReturn expected scut.TestReturn
webhookResponse []*clients.Webhook webhookResponse []clients.Webhook
}{ }{
{ {
name: "No Webhooks", name: "No Webhooks",
wantErr: false, wantErr: false,
webhookResponse: []*clients.Webhook{}, webhookResponse: []clients.Webhook{},
}, },
{ {
name: "Error getting webhook", name: "Error getting webhook",
@ -53,7 +53,7 @@ func TestWebhooks(t *testing.T) {
name: "Webhook with no secret", name: "Webhook with no secret",
wantErr: false, wantErr: false,
expectedUsesAuthSecret: 0, expectedUsesAuthSecret: 0,
webhookResponse: []*clients.Webhook{ webhookResponse: []clients.Webhook{
{ {
UsesAuthSecret: false, UsesAuthSecret: false,
}, },
@ -63,7 +63,7 @@ func TestWebhooks(t *testing.T) {
name: "Webhook with secrets", name: "Webhook with secrets",
wantErr: false, wantErr: false,
expectedUsesAuthSecret: 2, expectedUsesAuthSecret: 2,
webhookResponse: []*clients.Webhook{ webhookResponse: []clients.Webhook{
{ {
UsesAuthSecret: true, UsesAuthSecret: true,
}, },
@ -76,7 +76,7 @@ func TestWebhooks(t *testing.T) {
name: "Webhook with secrets and some without defined secrets", name: "Webhook with secrets and some without defined secrets",
wantErr: false, wantErr: false,
expectedUsesAuthSecret: 1, expectedUsesAuthSecret: 1,
webhookResponse: []*clients.Webhook{ webhookResponse: []clients.Webhook{
{ {
UsesAuthSecret: true, UsesAuthSecret: true,
}, },
@ -99,7 +99,7 @@ func TestWebhooks(t *testing.T) {
mockRepo.EXPECT().URI().Return(tt.uri).AnyTimes() mockRepo.EXPECT().URI().Return(tt.uri).AnyTimes()
mockRepo.EXPECT().ListWebhooks().DoAndReturn(func() ([]*clients.Webhook, error) { mockRepo.EXPECT().ListWebhooks().DoAndReturn(func() ([]clients.Webhook, error) {
if tt.err != nil { if tt.err != nil {
return nil, tt.err return nil, tt.err
} }
@ -119,7 +119,7 @@ func TestWebhooks(t *testing.T) {
} }
if !tt.wantErr { if !tt.wantErr {
gotHasSecret := 0 gotHasSecret := 0
for _, gotHook := range got.Webhook { for _, gotHook := range got.Webhooks {
if gotHook.UsesAuthSecret { if gotHook.UsesAuthSecret {
gotHasSecret++ gotHasSecret++
} }

12
checks/webhook_test.go
View File

@ -34,7 +34,7 @@ func TestWebhooks(t *testing.T) {
uri string uri string
err error err error
name string name string
webhooks []*clients.Webhook webhooks []clients.Webhook
}{ }{
{ {
name: "No Webhooks", name: "No Webhooks",
@ -43,7 +43,7 @@ func TestWebhooks(t *testing.T) {
Score: 10, Score: 10,
}, },
err: nil, err: nil,
webhooks: []*clients.Webhook{}, webhooks: []clients.Webhook{},
}, },
{ {
name: "With Webhooks and secret set", name: "With Webhooks and secret set",
@ -52,7 +52,7 @@ func TestWebhooks(t *testing.T) {
Score: 10, Score: 10,
}, },
err: nil, err: nil,
webhooks: []*clients.Webhook{ webhooks: []clients.Webhook{
{ {
ID: 12345, ID: 12345,
UsesAuthSecret: true, UsesAuthSecret: true,
@ -66,7 +66,7 @@ func TestWebhooks(t *testing.T) {
Score: 0, Score: 0,
}, },
err: nil, err: nil,
webhooks: []*clients.Webhook{ webhooks: []clients.Webhook{
{ {
ID: 12345, ID: 12345,
UsesAuthSecret: false, UsesAuthSecret: false,
@ -80,7 +80,7 @@ func TestWebhooks(t *testing.T) {
Score: 5, Score: 5,
}, },
err: nil, err: nil,
webhooks: []*clients.Webhook{ webhooks: []clients.Webhook{
{ {
ID: 12345, ID: 12345,
UsesAuthSecret: false, UsesAuthSecret: false,
@ -102,7 +102,7 @@ func TestWebhooks(t *testing.T) {
ctrl := gomock.NewController(t) ctrl := gomock.NewController(t)
mockRepo := mockrepo.NewMockRepoClient(ctrl) mockRepo := mockrepo.NewMockRepoClient(ctrl)
mockRepo.EXPECT().ListWebhooks().DoAndReturn(func() ([]*clients.Webhook, error) { mockRepo.EXPECT().ListWebhooks().DoAndReturn(func() ([]clients.Webhook, error) {
if tt.err != nil { if tt.err != nil {
return nil, tt.err return nil, tt.err
} }

2
clients/githubrepo/client.go
View File

@ -155,7 +155,7 @@ func (client *Client) ListBranches() ([]*clients.BranchRef, error) {
} }
// ListWebhooks implements RepoClient.ListWebhooks. // ListWebhooks implements RepoClient.ListWebhooks.
func (client *Client) ListWebhooks() ([]*clients.Webhook, error) { func (client *Client) ListWebhooks() ([]clients.Webhook, error) {
return client.webhook.listWebhooks() return client.webhook.listWebhooks()
} }

6
clients/githubrepo/webhook.go
View File

@ -31,7 +31,7 @@ type webhookHandler struct {
ctx context.Context ctx context.Context
errSetup error errSetup error
repourl *repoURL repourl *repoURL
webhook []*clients.Webhook webhook []clients.Webhook
} }
func (handler *webhookHandler) init(ctx context.Context, repourl *repoURL) { func (handler *webhookHandler) init(ctx context.Context, repourl *repoURL) {
@ -55,7 +55,7 @@ func (handler *webhookHandler) setup() error {
} }
for _, hook := range hooks { for _, hook := range hooks {
repoHook := &clients.Webhook{ repoHook := clients.Webhook{
ID: hook.GetID(), ID: hook.GetID(),
UsesAuthSecret: getAuthSecret(hook.Config), UsesAuthSecret: getAuthSecret(hook.Config),
} }
@ -76,7 +76,7 @@ func getAuthSecret(config map[string]interface{}) bool {
return false return false
} }
func (handler *webhookHandler) listWebhooks() ([]*clients.Webhook, error) { func (handler *webhookHandler) listWebhooks() ([]clients.Webhook, error) {
if err := handler.setup(); err != nil { if err := handler.setup(); err != nil {
return nil, fmt.Errorf("error during webhookHandler.setup: %w", err) return nil, fmt.Errorf("error during webhookHandler.setup: %w", err)
} }

2
clients/localdir/client.go
View File

@ -202,7 +202,7 @@ func (client *localDirClient) ListStatuses(ref string) ([]clients.Status, error)
} }
// ListWebhooks implements RepoClient.ListWebhooks. // ListWebhooks implements RepoClient.ListWebhooks.
func (client *localDirClient) ListWebhooks() ([]*clients.Webhook, error) { func (client *localDirClient) ListWebhooks() ([]clients.Webhook, error) {
return nil, fmt.Errorf("ListWebhooks: %w", clients.ErrUnsupportedFeature) return nil, fmt.Errorf("ListWebhooks: %w", clients.ErrUnsupportedFeature)
} }

4
clients/mockclients/repo_client.go
View File

@ -258,10 +258,10 @@ func (mr *MockRepoClientMockRecorder) ListSuccessfulWorkflowRuns(filename interf
} }
// ListWebhooks mocks base method. // ListWebhooks mocks base method.
func (m *MockRepoClient) ListWebhooks() ([]*clients.Webhook, error) { func (m *MockRepoClient) ListWebhooks() ([]clients.Webhook, error) {
m.ctrl.T.Helper() m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "ListWebhooks") ret := m.ctrl.Call(m, "ListWebhooks")
ret0, _ := ret[0].([]*clients.Webhook) ret0, _ := ret[0].([]clients.Webhook)
ret1, _ := ret[1].(error) ret1, _ := ret[1].(error)
return ret0, ret1 return ret0, ret1
} }

2
clients/repo_client.go
View File

@ -41,7 +41,7 @@ type RepoClient interface {
ListSuccessfulWorkflowRuns(filename string) ([]WorkflowRun, error) ListSuccessfulWorkflowRuns(filename string) ([]WorkflowRun, error)
ListCheckRunsForRef(ref string) ([]CheckRun, error) ListCheckRunsForRef(ref string) ([]CheckRun, error)
ListStatuses(ref string) ([]Status, error) ListStatuses(ref string) ([]Status, error)
ListWebhooks() ([]*Webhook, error) ListWebhooks() ([]Webhook, error)
Search(request SearchRequest) (SearchResponse, error) Search(request SearchRequest) (SearchResponse, error)
Close() error Close() error
} }