mirror of
https://github.com/ossf/scorecard.git
synced 2024-09-19 04:57:14 +03:00
Add e2e tests for remaining checks.
This commit is contained in:
parent
bcaa2e77f9
commit
c00aa4b606
@ -24,10 +24,10 @@ import (
|
|||||||
var lookbackDays int = 90
|
var lookbackDays int = 90
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
registerCheck("Active", PeriodicCommits)
|
registerCheck("Active", IsActive)
|
||||||
}
|
}
|
||||||
|
|
||||||
func PeriodicCommits(c checker.Checker) checker.CheckResult {
|
func IsActive(c checker.Checker) checker.CheckResult {
|
||||||
commits, _, err := c.Client.Repositories.ListCommits(c.Ctx, c.Owner, c.Repo, &github.CommitsListOptions{})
|
commits, _, err := c.Client.Repositories.ListCommits(c.Ctx, c.Owner, c.Repo, &github.CommitsListOptions{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return checker.RetryResult(err)
|
return checker.RetryResult(err)
|
||||||
|
@ -23,14 +23,14 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
registerCheck("CII-Best-Practices", CiiBestPractices)
|
registerCheck("CII-Best-Practices", CIIBestPractices)
|
||||||
}
|
}
|
||||||
|
|
||||||
type response struct {
|
type response struct {
|
||||||
BadgeLevel string `json:"badge_level"`
|
BadgeLevel string `json:"badge_level"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func CiiBestPractices(c checker.Checker) checker.CheckResult {
|
func CIIBestPractices(c checker.Checker) checker.CheckResult {
|
||||||
repoUrl := fmt.Sprintf("https://github.com/%s/%s", c.Owner, c.Repo)
|
repoUrl := fmt.Sprintf("https://github.com/%s/%s", c.Owner, c.Repo)
|
||||||
url := fmt.Sprintf("https://bestpractices.coreinfrastructure.org/projects.json?url=%s", repoUrl)
|
url := fmt.Sprintf("https://bestpractices.coreinfrastructure.org/projects.json?url=%s", repoUrl)
|
||||||
resp, err := c.HttpClient.Get(url)
|
resp, err := c.HttpClient.Get(url)
|
||||||
|
@ -22,7 +22,14 @@ import (
|
|||||||
var sastTools map[string]bool = map[string]bool{"github-code-scanning": true, "sonarcloud": true}
|
var sastTools map[string]bool = map[string]bool{"github-code-scanning": true, "sonarcloud": true}
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
registerCheck("SAST", checker.MultiCheck(CodeQLInCheckDefinitions, SASTToolInCheckRuns))
|
registerCheck("SAST", SAST)
|
||||||
|
}
|
||||||
|
|
||||||
|
func SAST(c checker.Checker) checker.CheckResult {
|
||||||
|
return checker.MultiCheck(
|
||||||
|
CodeQLInCheckDefinitions,
|
||||||
|
SASTToolInCheckRuns,
|
||||||
|
)(c)
|
||||||
}
|
}
|
||||||
|
|
||||||
func SASTToolInCheckRuns(c checker.Checker) checker.CheckResult {
|
func SASTToolInCheckRuns(c checker.Checker) checker.CheckResult {
|
||||||
|
30
e2e/active_test.go
Normal file
30
e2e/active_test.go
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
package e2e
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
. "github.com/onsi/ginkgo"
|
||||||
|
. "github.com/onsi/gomega"
|
||||||
|
"github.com/ossf/scorecard/checker"
|
||||||
|
"github.com/ossf/scorecard/checks"
|
||||||
|
)
|
||||||
|
|
||||||
|
var _ = Describe("E2E TEST:Active", func() {
|
||||||
|
Context("E2E TEST:Validating active status", func() {
|
||||||
|
It("Should return valid active status", func() {
|
||||||
|
l := log{}
|
||||||
|
checker := checker.Checker{
|
||||||
|
Ctx: context.Background(),
|
||||||
|
Client: ghClient,
|
||||||
|
HttpClient: client,
|
||||||
|
Owner: "apache",
|
||||||
|
Repo: "airflow",
|
||||||
|
GraphClient: graphClient,
|
||||||
|
Logf: l.Logf,
|
||||||
|
}
|
||||||
|
result := checks.IsActive(checker)
|
||||||
|
Expect(result.Error).Should(BeNil())
|
||||||
|
Expect(result.Pass).Should(BeTrue())
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
30
e2e/ci_tests_test.go
Normal file
30
e2e/ci_tests_test.go
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
package e2e
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
. "github.com/onsi/ginkgo"
|
||||||
|
. "github.com/onsi/gomega"
|
||||||
|
"github.com/ossf/scorecard/checker"
|
||||||
|
"github.com/ossf/scorecard/checks"
|
||||||
|
)
|
||||||
|
|
||||||
|
var _ = Describe("E2E TEST:CITests", func() {
|
||||||
|
Context("E2E TEST:Validating use of CI tests", func() {
|
||||||
|
It("Should return use of CI tests", func() {
|
||||||
|
l := log{}
|
||||||
|
checker := checker.Checker{
|
||||||
|
Ctx: context.Background(),
|
||||||
|
Client: ghClient,
|
||||||
|
HttpClient: client,
|
||||||
|
Owner: "apache",
|
||||||
|
Repo: "airflow",
|
||||||
|
GraphClient: graphClient,
|
||||||
|
Logf: l.Logf,
|
||||||
|
}
|
||||||
|
result := checks.CITests(checker)
|
||||||
|
Expect(result.Error).Should(BeNil())
|
||||||
|
Expect(result.Pass).Should(BeTrue())
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
30
e2e/cii_best_practices_test.go
Normal file
30
e2e/cii_best_practices_test.go
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
package e2e
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
. "github.com/onsi/ginkgo"
|
||||||
|
. "github.com/onsi/gomega"
|
||||||
|
"github.com/ossf/scorecard/checker"
|
||||||
|
"github.com/ossf/scorecard/checks"
|
||||||
|
)
|
||||||
|
|
||||||
|
var _ = Describe("E2E TEST:CIIBestPractices", func() {
|
||||||
|
Context("E2E TEST:Validating use of CII Best Practices", func() {
|
||||||
|
It("Should return use of CII Best Practices", func() {
|
||||||
|
l := log{}
|
||||||
|
checker := checker.Checker{
|
||||||
|
Ctx: context.Background(),
|
||||||
|
Client: ghClient,
|
||||||
|
HttpClient: client,
|
||||||
|
Owner: "tensorflow",
|
||||||
|
Repo: "tensorflow",
|
||||||
|
GraphClient: graphClient,
|
||||||
|
Logf: l.Logf,
|
||||||
|
}
|
||||||
|
result := checks.CIIBestPractices(checker)
|
||||||
|
Expect(result.Error).Should(BeNil())
|
||||||
|
Expect(result.Pass).Should(BeTrue())
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
30
e2e/code_review_test.go
Normal file
30
e2e/code_review_test.go
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
package e2e
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
. "github.com/onsi/ginkgo"
|
||||||
|
. "github.com/onsi/gomega"
|
||||||
|
"github.com/ossf/scorecard/checker"
|
||||||
|
"github.com/ossf/scorecard/checks"
|
||||||
|
)
|
||||||
|
|
||||||
|
var _ = Describe("E2E TEST:CodeReview", func() {
|
||||||
|
Context("E2E TEST:Validating use of code reviews", func() {
|
||||||
|
It("Should return use of code reviews", func() {
|
||||||
|
l := log{}
|
||||||
|
checker := checker.Checker{
|
||||||
|
Ctx: context.Background(),
|
||||||
|
Client: ghClient,
|
||||||
|
HttpClient: client,
|
||||||
|
Owner: "apache",
|
||||||
|
Repo: "airflow",
|
||||||
|
GraphClient: graphClient,
|
||||||
|
Logf: l.Logf,
|
||||||
|
}
|
||||||
|
result := checks.DoesCodeReview(checker)
|
||||||
|
Expect(result.Error).Should(BeNil())
|
||||||
|
Expect(result.Pass).Should(BeTrue())
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
30
e2e/contributors_test.go
Normal file
30
e2e/contributors_test.go
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
package e2e
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
. "github.com/onsi/ginkgo"
|
||||||
|
. "github.com/onsi/gomega"
|
||||||
|
"github.com/ossf/scorecard/checker"
|
||||||
|
"github.com/ossf/scorecard/checks"
|
||||||
|
)
|
||||||
|
|
||||||
|
var _ = Describe("E2E TEST:CodeReview", func() {
|
||||||
|
Context("E2E TEST:Validating project contributors", func() {
|
||||||
|
It("Should return valid project contributors", func() {
|
||||||
|
l := log{}
|
||||||
|
checker := checker.Checker{
|
||||||
|
Ctx: context.Background(),
|
||||||
|
Client: ghClient,
|
||||||
|
HttpClient: client,
|
||||||
|
Owner: "apache",
|
||||||
|
Repo: "airflow",
|
||||||
|
GraphClient: graphClient,
|
||||||
|
Logf: l.Logf,
|
||||||
|
}
|
||||||
|
result := checks.Contributors(checker)
|
||||||
|
Expect(result.Error).Should(BeNil())
|
||||||
|
Expect(result.Pass).Should(BeTrue())
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
30
e2e/frozen_deps_test.go
Normal file
30
e2e/frozen_deps_test.go
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
package e2e
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
. "github.com/onsi/ginkgo"
|
||||||
|
. "github.com/onsi/gomega"
|
||||||
|
"github.com/ossf/scorecard/checker"
|
||||||
|
"github.com/ossf/scorecard/checks"
|
||||||
|
)
|
||||||
|
|
||||||
|
var _ = Describe("E2E TEST:FrozenDeps", func() {
|
||||||
|
Context("E2E TEST:Validating deps are frozen", func() {
|
||||||
|
It("Should return deps are frozen", func() {
|
||||||
|
l := log{}
|
||||||
|
checker := checker.Checker{
|
||||||
|
Ctx: context.Background(),
|
||||||
|
Client: ghClient,
|
||||||
|
HttpClient: client,
|
||||||
|
Owner: "tensorflow",
|
||||||
|
Repo: "tensorflow",
|
||||||
|
GraphClient: graphClient,
|
||||||
|
Logf: l.Logf,
|
||||||
|
}
|
||||||
|
result := checks.FrozenDeps(checker)
|
||||||
|
Expect(result.Error).Should(BeNil())
|
||||||
|
Expect(result.Pass).Should(BeTrue())
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
30
e2e/fuzzing_test.go
Normal file
30
e2e/fuzzing_test.go
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
package e2e
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
. "github.com/onsi/ginkgo"
|
||||||
|
. "github.com/onsi/gomega"
|
||||||
|
"github.com/ossf/scorecard/checker"
|
||||||
|
"github.com/ossf/scorecard/checks"
|
||||||
|
)
|
||||||
|
|
||||||
|
var _ = Describe("E2E TEST:Fuzzing", func() {
|
||||||
|
Context("E2E TEST:Validating use of fuzzing tools", func() {
|
||||||
|
It("Should return use of fuzzing tools", func() {
|
||||||
|
l := log{}
|
||||||
|
checker := checker.Checker{
|
||||||
|
Ctx: context.Background(),
|
||||||
|
Client: ghClient,
|
||||||
|
HttpClient: client,
|
||||||
|
Owner: "tensorflow",
|
||||||
|
Repo: "tensorflow",
|
||||||
|
GraphClient: graphClient,
|
||||||
|
Logf: l.Logf,
|
||||||
|
}
|
||||||
|
result := checks.Fuzzing(checker)
|
||||||
|
Expect(result.Error).Should(BeNil())
|
||||||
|
Expect(result.Pass).Should(BeTrue())
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
@ -10,8 +10,8 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("E2E TEST:Packaging", func() {
|
var _ = Describe("E2E TEST:Packaging", func() {
|
||||||
Context("E2E TEST:Validating packaging", func() {
|
Context("E2E TEST:Validating use of packaging in CI/CD", func() {
|
||||||
It("Should return valid packaging workflow", func() {
|
It("Should return use of packaging in CI/CD", func() {
|
||||||
l := log{}
|
l := log{}
|
||||||
checker := checker.Checker{
|
checker := checker.Checker{
|
||||||
Ctx: context.Background(),
|
Ctx: context.Background(),
|
||||||
|
30
e2e/pull_requests_test.go
Normal file
30
e2e/pull_requests_test.go
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
package e2e
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
. "github.com/onsi/ginkgo"
|
||||||
|
. "github.com/onsi/gomega"
|
||||||
|
"github.com/ossf/scorecard/checker"
|
||||||
|
"github.com/ossf/scorecard/checks"
|
||||||
|
)
|
||||||
|
|
||||||
|
var _ = Describe("E2E TEST:PullRequests", func() {
|
||||||
|
Context("E2E TEST:Validating use of pull requests", func() {
|
||||||
|
It("Should return use of pull requests", func() {
|
||||||
|
l := log{}
|
||||||
|
checker := checker.Checker{
|
||||||
|
Ctx: context.Background(),
|
||||||
|
Client: ghClient,
|
||||||
|
HttpClient: client,
|
||||||
|
Owner: "apache",
|
||||||
|
Repo: "airflow",
|
||||||
|
GraphClient: graphClient,
|
||||||
|
Logf: l.Logf,
|
||||||
|
}
|
||||||
|
result := checks.PullRequests(checker)
|
||||||
|
Expect(result.Error).Should(BeNil())
|
||||||
|
Expect(result.Pass).Should(BeTrue())
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
30
e2e/sast_test.go
Normal file
30
e2e/sast_test.go
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
package e2e
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
. "github.com/onsi/ginkgo"
|
||||||
|
. "github.com/onsi/gomega"
|
||||||
|
"github.com/ossf/scorecard/checker"
|
||||||
|
"github.com/ossf/scorecard/checks"
|
||||||
|
)
|
||||||
|
|
||||||
|
var _ = Describe("E2E TEST:SAST", func() {
|
||||||
|
Context("E2E TEST:Validating use of SAST tools", func() {
|
||||||
|
It("Should return use of SAST tools", func() {
|
||||||
|
l := log{}
|
||||||
|
checker := checker.Checker{
|
||||||
|
Ctx: context.Background(),
|
||||||
|
Client: ghClient,
|
||||||
|
HttpClient: client,
|
||||||
|
Owner: "apache",
|
||||||
|
Repo: "airflow",
|
||||||
|
GraphClient: graphClient,
|
||||||
|
Logf: l.Logf,
|
||||||
|
}
|
||||||
|
result := checks.SAST(checker)
|
||||||
|
Expect(result.Error).Should(BeNil())
|
||||||
|
Expect(result.Pass).Should(BeTrue())
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
30
e2e/security_policy_test.go
Normal file
30
e2e/security_policy_test.go
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
package e2e
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
. "github.com/onsi/ginkgo"
|
||||||
|
. "github.com/onsi/gomega"
|
||||||
|
"github.com/ossf/scorecard/checker"
|
||||||
|
"github.com/ossf/scorecard/checks"
|
||||||
|
)
|
||||||
|
|
||||||
|
var _ = Describe("E2E TEST:SecurityPolicy", func() {
|
||||||
|
Context("E2E TEST:Validating security policy", func() {
|
||||||
|
It("Should return valid security policy", func() {
|
||||||
|
l := log{}
|
||||||
|
checker := checker.Checker{
|
||||||
|
Ctx: context.Background(),
|
||||||
|
Client: ghClient,
|
||||||
|
HttpClient: client,
|
||||||
|
Owner: "tensorflow",
|
||||||
|
Repo: "tensorflow",
|
||||||
|
GraphClient: graphClient,
|
||||||
|
Logf: l.Logf,
|
||||||
|
}
|
||||||
|
result := checks.SecurityPolicy(checker)
|
||||||
|
Expect(result.Error).Should(BeNil())
|
||||||
|
Expect(result.Pass).Should(BeTrue())
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
Loading…
Reference in New Issue
Block a user