mirror of
https://github.com/ossf/scorecard.git
synced 2024-09-17 11:57:12 +03:00
Add validation for commit-based APIs (#1635)
Co-authored-by: Azeem Shaikh <azeems@google.com>
This commit is contained in:
parent
eb0730ae79
commit
f3332ce129
@ -22,6 +22,7 @@ import (
|
||||
"github.com/golang/mock/gomock"
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/localdir"
|
||||
"github.com/ossf/scorecard/v4/log"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
@ -72,7 +73,7 @@ func TestBinaryArtifacts(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
|
||||
client := localdir.CreateLocalDirClient(ctx, logger)
|
||||
if err := client.InitRepo(repo, "HEAD"); err != nil {
|
||||
if err := client.InitRepo(repo, clients.HeadSHA); err != nil {
|
||||
t.Errorf("InitRepo: %v", err)
|
||||
}
|
||||
|
||||
|
@ -22,6 +22,7 @@ import (
|
||||
"github.com/golang/mock/gomock"
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/localdir"
|
||||
"github.com/ossf/scorecard/v4/log"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
@ -154,7 +155,7 @@ func TestLicenseFileSubdirectory(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
|
||||
client := localdir.CreateLocalDirClient(ctx, logger)
|
||||
if err := client.InitRepo(repo, "HEAD"); err != nil {
|
||||
if err := client.InitRepo(repo, clients.HeadSHA); err != nil {
|
||||
t.Errorf("InitRepo: %v", err)
|
||||
}
|
||||
|
||||
|
@ -20,6 +20,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks/fileparser"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
sce "github.com/ossf/scorecard/v4/errors"
|
||||
"github.com/ossf/scorecard/v4/log"
|
||||
@ -80,7 +81,7 @@ func SecurityPolicy(c *checker.CheckRequest) (checker.SecurityPolicyData, error)
|
||||
Repo: c.Repo.Org(),
|
||||
}
|
||||
|
||||
err = dotGitHub.RepoClient.InitRepo(dotGitHub.Repo, "HEAD")
|
||||
err = dotGitHub.RepoClient.InitRepo(dotGitHub.Repo, clients.HeadSHA)
|
||||
switch {
|
||||
case err == nil:
|
||||
defer dotGitHub.RepoClient.Close()
|
||||
|
@ -31,7 +31,6 @@ var allowedConclusions = map[string]bool{"success": true, "neutral": true}
|
||||
|
||||
//nolint:gochecknoinits
|
||||
func init() {
|
||||
// TODO(#575): Check if we can support commit-based requests here.
|
||||
if err := registerCheck(CheckSAST, SAST, nil); err != nil {
|
||||
// This should never happen.
|
||||
panic(err)
|
||||
|
@ -17,6 +17,7 @@ package githubrepo
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"strings"
|
||||
"sync"
|
||||
|
||||
"github.com/google/go-github/v38/github"
|
||||
@ -113,31 +114,34 @@ type branchesHandler struct {
|
||||
once *sync.Once
|
||||
ctx context.Context
|
||||
errSetup error
|
||||
owner string
|
||||
repo string
|
||||
repourl *repoURL
|
||||
defaultBranchRef *clients.BranchRef
|
||||
branches []*clients.BranchRef
|
||||
}
|
||||
|
||||
func (handler *branchesHandler) init(ctx context.Context, owner, repo string) {
|
||||
func (handler *branchesHandler) init(ctx context.Context, repourl *repoURL) {
|
||||
handler.ctx = ctx
|
||||
handler.owner = owner
|
||||
handler.repo = repo
|
||||
handler.repourl = repourl
|
||||
handler.errSetup = nil
|
||||
handler.once = new(sync.Once)
|
||||
}
|
||||
|
||||
func (handler *branchesHandler) setup() error {
|
||||
handler.once.Do(func() {
|
||||
if !strings.EqualFold(handler.repourl.commitSHA, clients.HeadSHA) {
|
||||
handler.errSetup = fmt.Errorf("%w: branches only supported for HEAD queries", clients.ErrUnsupportedFeature)
|
||||
return
|
||||
}
|
||||
vars := map[string]interface{}{
|
||||
"owner": githubv4.String(handler.owner),
|
||||
"name": githubv4.String(handler.repo),
|
||||
"owner": githubv4.String(handler.repourl.owner),
|
||||
"name": githubv4.String(handler.repourl.repo),
|
||||
"refsToAnalyze": githubv4.Int(refsToAnalyze),
|
||||
"refPrefix": githubv4.String(refPrefix),
|
||||
}
|
||||
handler.data = new(branchesData)
|
||||
if err := handler.graphClient.Query(handler.ctx, handler.data, vars); err != nil {
|
||||
handler.errSetup = sce.WithMessage(sce.ErrScorecardInternal, fmt.Sprintf("githubv4.Query: %v", err))
|
||||
return
|
||||
}
|
||||
handler.defaultBranchRef = getBranchRefFrom(handler.data.Repository.DefaultBranchRef)
|
||||
handler.branches = getBranchRefsFrom(handler.data.Repository.Refs.Nodes, handler.defaultBranchRef)
|
||||
|
@ -17,6 +17,7 @@ package githubrepo
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/google/go-github/v38/github"
|
||||
|
||||
@ -27,19 +28,20 @@ import (
|
||||
type checkrunsHandler struct {
|
||||
client *github.Client
|
||||
ctx context.Context
|
||||
owner string
|
||||
repo string
|
||||
repourl *repoURL
|
||||
}
|
||||
|
||||
func (handler *checkrunsHandler) init(ctx context.Context, owner, repo string) {
|
||||
func (handler *checkrunsHandler) init(ctx context.Context, repourl *repoURL) {
|
||||
handler.ctx = ctx
|
||||
handler.owner = owner
|
||||
handler.repo = repo
|
||||
handler.repourl = repourl
|
||||
}
|
||||
|
||||
func (handler *checkrunsHandler) listCheckRunsForRef(ref string) ([]clients.CheckRun, error) {
|
||||
checkRuns, _, err := handler.client.Checks.ListCheckRunsForRef(handler.ctx, handler.owner, handler.repo, ref,
|
||||
&github.ListCheckRunsOptions{})
|
||||
if !strings.EqualFold(handler.repourl.commitSHA, clients.HeadSHA) {
|
||||
return nil, fmt.Errorf("%w: ListCheckRuns only supported for HEAD queries", clients.ErrUnsupportedFeature)
|
||||
}
|
||||
checkRuns, _, err := handler.client.Checks.ListCheckRunsForRef(
|
||||
handler.ctx, handler.repourl.owner, handler.repourl.repo, ref, &github.ListCheckRunsOptions{})
|
||||
if err != nil {
|
||||
return nil, sce.WithMessage(sce.ErrScorecardInternal, fmt.Sprintf("ListCheckRunsForRef: %v", err))
|
||||
}
|
||||
|
@ -34,8 +34,7 @@ var errInputRepoType = errors.New("input repo should be of type repoURL")
|
||||
|
||||
// Client is GitHub-specific implementation of RepoClient.
|
||||
type Client struct {
|
||||
owner string
|
||||
repoName string
|
||||
repourl *repoURL
|
||||
repo *github.Repository
|
||||
repoClient *github.Client
|
||||
graphClient *graphqlHandler
|
||||
@ -62,9 +61,14 @@ func (client *Client) InitRepo(inputRepo clients.Repo, commitSHA string) error {
|
||||
if err != nil {
|
||||
return sce.WithMessage(sce.ErrRepoUnreachable, err.Error())
|
||||
}
|
||||
|
||||
client.repo = repo
|
||||
client.owner = repo.Owner.GetLogin()
|
||||
client.repoName = repo.GetName()
|
||||
client.repourl = &repoURL{
|
||||
owner: repo.Owner.GetLogin(),
|
||||
repo: repo.GetName(),
|
||||
defaultBranch: repo.GetDefaultBranch(),
|
||||
commitSHA: commitSHA,
|
||||
}
|
||||
|
||||
// Init tarballHandler.
|
||||
if err := client.tarball.init(client.ctx, client.repo, commitSHA); err != nil {
|
||||
@ -72,36 +76,35 @@ func (client *Client) InitRepo(inputRepo clients.Repo, commitSHA string) error {
|
||||
}
|
||||
|
||||
// Setup GraphQL.
|
||||
client.graphClient.init(client.ctx, client.owner, client.repoName,
|
||||
client.repo.GetDefaultBranch(), commitSHA)
|
||||
client.graphClient.init(client.ctx, client.repourl)
|
||||
|
||||
// Setup contributorsHandler.
|
||||
client.contributors.init(client.ctx, client.owner, client.repoName)
|
||||
client.contributors.init(client.ctx, client.repourl)
|
||||
|
||||
// Setup branchesHandler.
|
||||
client.branches.init(client.ctx, client.owner, client.repoName)
|
||||
client.branches.init(client.ctx, client.repourl)
|
||||
|
||||
// Setup releasesHandler.
|
||||
client.releases.init(client.ctx, client.owner, client.repoName)
|
||||
client.releases.init(client.ctx, client.repourl)
|
||||
|
||||
// Setup workflowsHandler.
|
||||
client.workflows.init(client.ctx, client.owner, client.repoName)
|
||||
client.workflows.init(client.ctx, client.repourl)
|
||||
|
||||
// Setup checkrunsHandler.
|
||||
client.checkruns.init(client.ctx, client.owner, client.repoName)
|
||||
client.checkruns.init(client.ctx, client.repourl)
|
||||
|
||||
// Setup statusesHandler.
|
||||
client.statuses.init(client.ctx, client.owner, client.repoName)
|
||||
client.statuses.init(client.ctx, client.repourl)
|
||||
|
||||
// Setup searchHandler.
|
||||
client.search.init(client.ctx, client.owner, client.repoName)
|
||||
client.search.init(client.ctx, client.repourl)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// URI implements RepoClient.URI.
|
||||
func (client *Client) URI() string {
|
||||
return fmt.Sprintf("github.com/%s/%s", client.owner, client.repoName)
|
||||
return fmt.Sprintf("github.com/%s/%s", client.repourl.owner, client.repourl.repo)
|
||||
}
|
||||
|
||||
// ListFiles implements RepoClient.ListFiles.
|
||||
@ -224,7 +227,7 @@ func CreateOssFuzzRepoClient(ctx context.Context, logger *log.Logger) (clients.R
|
||||
}
|
||||
|
||||
ossFuzzRepoClient := CreateGithubRepoClient(ctx, logger)
|
||||
if err := ossFuzzRepoClient.InitRepo(ossFuzzRepo, "HEAD"); err != nil {
|
||||
if err := ossFuzzRepoClient.InitRepo(ossFuzzRepo, clients.HeadSHA); err != nil {
|
||||
return nil, fmt.Errorf("error during InitRepo: %w", err)
|
||||
}
|
||||
return ossFuzzRepoClient, nil
|
||||
|
@ -17,6 +17,7 @@ package githubrepo
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"strings"
|
||||
"sync"
|
||||
|
||||
"github.com/google/go-github/v38/github"
|
||||
@ -29,25 +30,28 @@ type contributorsHandler struct {
|
||||
once *sync.Once
|
||||
ctx context.Context
|
||||
errSetup error
|
||||
owner string
|
||||
repo string
|
||||
repourl *repoURL
|
||||
contributors []clients.Contributor
|
||||
}
|
||||
|
||||
func (handler *contributorsHandler) init(ctx context.Context, owner, repo string) {
|
||||
func (handler *contributorsHandler) init(ctx context.Context, repourl *repoURL) {
|
||||
handler.ctx = ctx
|
||||
handler.owner = owner
|
||||
handler.repo = repo
|
||||
handler.repourl = repourl
|
||||
handler.errSetup = nil
|
||||
handler.once = new(sync.Once)
|
||||
}
|
||||
|
||||
func (handler *contributorsHandler) setup() error {
|
||||
handler.once.Do(func() {
|
||||
if !strings.EqualFold(handler.repourl.commitSHA, clients.HeadSHA) {
|
||||
handler.errSetup = fmt.Errorf("%w: ListContributors only supported for HEAD queries", clients.ErrUnsupportedFeature)
|
||||
return
|
||||
}
|
||||
contribs, _, err := handler.ghClient.Repositories.ListContributors(
|
||||
handler.ctx, handler.owner, handler.repo, &github.ListContributorsOptions{})
|
||||
handler.ctx, handler.repourl.owner, handler.repourl.repo, &github.ListContributorsOptions{})
|
||||
if err != nil {
|
||||
handler.errSetup = fmt.Errorf("error during ListContributors: %w", err)
|
||||
return
|
||||
}
|
||||
|
||||
for _, contrib := range contribs {
|
||||
|
@ -119,21 +119,15 @@ type graphqlHandler struct {
|
||||
once *sync.Once
|
||||
ctx context.Context
|
||||
errSetup error
|
||||
owner string
|
||||
repo string
|
||||
defaultBranch string
|
||||
commitSHA string
|
||||
repourl *repoURL
|
||||
commits []clients.Commit
|
||||
issues []clients.Issue
|
||||
archived bool
|
||||
}
|
||||
|
||||
func (handler *graphqlHandler) init(ctx context.Context, owner, repo, defaultBranch, commitSHA string) {
|
||||
func (handler *graphqlHandler) init(ctx context.Context, repourl *repoURL) {
|
||||
handler.ctx = ctx
|
||||
handler.owner = owner
|
||||
handler.repo = repo
|
||||
handler.defaultBranch = defaultBranch
|
||||
handler.commitSHA = commitSHA
|
||||
handler.repourl = repourl
|
||||
handler.data = new(graphqlData)
|
||||
handler.errSetup = nil
|
||||
handler.once = new(sync.Once)
|
||||
@ -141,15 +135,15 @@ func (handler *graphqlHandler) init(ctx context.Context, owner, repo, defaultBra
|
||||
|
||||
func (handler *graphqlHandler) setup() error {
|
||||
handler.once.Do(func() {
|
||||
commitExpression := handler.commitSHA
|
||||
if strings.EqualFold(handler.commitSHA, "HEAD") {
|
||||
commitExpression := handler.repourl.commitSHA
|
||||
if strings.EqualFold(handler.repourl.commitSHA, clients.HeadSHA) {
|
||||
// TODO(#575): Confirm that this works as expected.
|
||||
commitExpression = fmt.Sprintf("heads/%s", handler.defaultBranch)
|
||||
commitExpression = fmt.Sprintf("heads/%s", handler.repourl.defaultBranch)
|
||||
}
|
||||
|
||||
vars := map[string]interface{}{
|
||||
"owner": githubv4.String(handler.owner),
|
||||
"name": githubv4.String(handler.repo),
|
||||
"owner": githubv4.String(handler.repourl.owner),
|
||||
"name": githubv4.String(handler.repourl.repo),
|
||||
"pullRequestsToAnalyze": githubv4.Int(pullRequestsToAnalyze),
|
||||
"issuesToAnalyze": githubv4.Int(issuesToAnalyze),
|
||||
"issueCommentsToAnalyze": githubv4.Int(issueCommentsToAnalyze),
|
||||
@ -163,7 +157,7 @@ func (handler *graphqlHandler) setup() error {
|
||||
return
|
||||
}
|
||||
handler.archived = bool(handler.data.Repository.IsArchived)
|
||||
handler.commits, handler.errSetup = commitsFrom(handler.data, handler.owner, handler.repo)
|
||||
handler.commits, handler.errSetup = commitsFrom(handler.data, handler.repourl.owner, handler.repourl.repo)
|
||||
if handler.errSetup != nil {
|
||||
return
|
||||
}
|
||||
@ -180,6 +174,9 @@ func (handler *graphqlHandler) getCommits() ([]clients.Commit, error) {
|
||||
}
|
||||
|
||||
func (handler *graphqlHandler) getIssues() ([]clients.Issue, error) {
|
||||
if !strings.EqualFold(handler.repourl.commitSHA, clients.HeadSHA) {
|
||||
return nil, fmt.Errorf("%w: ListIssues only supported for HEAD queries", clients.ErrUnsupportedFeature)
|
||||
}
|
||||
if err := handler.setup(); err != nil {
|
||||
return nil, fmt.Errorf("error during graphqlHandler.setup: %w", err)
|
||||
}
|
||||
@ -187,6 +184,9 @@ func (handler *graphqlHandler) getIssues() ([]clients.Issue, error) {
|
||||
}
|
||||
|
||||
func (handler *graphqlHandler) isArchived() (bool, error) {
|
||||
if !strings.EqualFold(handler.repourl.commitSHA, clients.HeadSHA) {
|
||||
return false, fmt.Errorf("%w: IsArchived only supported for HEAD queries", clients.ErrUnsupportedFeature)
|
||||
}
|
||||
if err := handler.setup(); err != nil {
|
||||
return false, fmt.Errorf("error during graphqlHandler.setup: %w", err)
|
||||
}
|
||||
|
@ -17,6 +17,7 @@ package githubrepo
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"strings"
|
||||
"sync"
|
||||
|
||||
"github.com/google/go-github/v38/github"
|
||||
@ -30,23 +31,25 @@ type releasesHandler struct {
|
||||
once *sync.Once
|
||||
ctx context.Context
|
||||
errSetup error
|
||||
owner string
|
||||
repo string
|
||||
repourl *repoURL
|
||||
releases []clients.Release
|
||||
}
|
||||
|
||||
func (handler *releasesHandler) init(ctx context.Context, owner, repo string) {
|
||||
func (handler *releasesHandler) init(ctx context.Context, repourl *repoURL) {
|
||||
handler.ctx = ctx
|
||||
handler.owner = owner
|
||||
handler.repo = repo
|
||||
handler.repourl = repourl
|
||||
handler.errSetup = nil
|
||||
handler.once = new(sync.Once)
|
||||
}
|
||||
|
||||
func (handler *releasesHandler) setup() error {
|
||||
handler.once.Do(func() {
|
||||
if !strings.EqualFold(handler.repourl.commitSHA, clients.HeadSHA) {
|
||||
handler.errSetup = fmt.Errorf("%w: ListReleases only supported for HEAD queries", clients.ErrUnsupportedFeature)
|
||||
return
|
||||
}
|
||||
releases, _, err := handler.client.Repositories.ListReleases(
|
||||
handler.ctx, handler.owner, handler.repo, &github.ListOptions{})
|
||||
handler.ctx, handler.repourl.owner, handler.repourl.repo, &github.ListOptions{})
|
||||
if err != nil {
|
||||
handler.errSetup = sce.WithMessage(sce.ErrScorecardInternal, fmt.Sprintf("githubv4.Query: %v", err))
|
||||
}
|
||||
|
@ -28,7 +28,7 @@ const (
|
||||
)
|
||||
|
||||
type repoURL struct {
|
||||
host, owner, repo string
|
||||
host, owner, repo, defaultBranch, commitSHA string
|
||||
metadata []string
|
||||
}
|
||||
|
||||
|
@ -30,17 +30,19 @@ var errEmptyQuery = errors.New("search query is empty")
|
||||
type searchHandler struct {
|
||||
ghClient *github.Client
|
||||
ctx context.Context
|
||||
owner string
|
||||
repo string
|
||||
repourl *repoURL
|
||||
}
|
||||
|
||||
func (handler *searchHandler) init(ctx context.Context, owner, repo string) {
|
||||
func (handler *searchHandler) init(ctx context.Context, repourl *repoURL) {
|
||||
handler.ctx = ctx
|
||||
handler.owner = owner
|
||||
handler.repo = repo
|
||||
handler.repourl = repourl
|
||||
}
|
||||
|
||||
func (handler *searchHandler) search(request clients.SearchRequest) (clients.SearchResponse, error) {
|
||||
if !strings.EqualFold(handler.repourl.commitSHA, clients.HeadSHA) {
|
||||
return clients.SearchResponse{}, fmt.Errorf(
|
||||
"%w: Search only supported for HEAD queries", clients.ErrUnsupportedFeature)
|
||||
}
|
||||
query, err := handler.buildQuery(request)
|
||||
if err != nil {
|
||||
return clients.SearchResponse{}, fmt.Errorf("handler.buildQuery: %w", err)
|
||||
@ -63,7 +65,9 @@ func (handler *searchHandler) buildQuery(request clients.SearchRequest) (string,
|
||||
// that should be replaced with a space.
|
||||
// See https://docs.github.com/en/search-github/searching-on-github/searching-code#considerations-for-code-search
|
||||
// for reference.
|
||||
fmt.Sprintf("%s repo:%s/%s", strings.ReplaceAll(request.Query, "/", " "), handler.owner, handler.repo)); err != nil {
|
||||
fmt.Sprintf("%s repo:%s/%s",
|
||||
strings.ReplaceAll(request.Query, "/", " "),
|
||||
handler.repourl.owner, handler.repourl.repo)); err != nil {
|
||||
return "", fmt.Errorf("WriteString: %w", err)
|
||||
}
|
||||
if request.Filename != "" {
|
||||
|
@ -27,15 +27,16 @@ func TestBuildQuery(t *testing.T) {
|
||||
searchReq clients.SearchRequest
|
||||
expectedErrType error
|
||||
name string
|
||||
owner string
|
||||
repo string
|
||||
repourl *repoURL
|
||||
expectedQuery string
|
||||
hasError bool
|
||||
}{
|
||||
{
|
||||
name: "Basic",
|
||||
repourl: &repoURL{
|
||||
owner: "testowner",
|
||||
repo: "testrepo",
|
||||
},
|
||||
searchReq: clients.SearchRequest{
|
||||
Query: "testquery",
|
||||
},
|
||||
@ -43,16 +44,20 @@ func TestBuildQuery(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "EmptyQuery",
|
||||
repourl: &repoURL{
|
||||
owner: "testowner",
|
||||
repo: "testrepo",
|
||||
},
|
||||
searchReq: clients.SearchRequest{},
|
||||
hasError: true,
|
||||
expectedErrType: errEmptyQuery,
|
||||
},
|
||||
{
|
||||
name: "WithFilename",
|
||||
repourl: &repoURL{
|
||||
owner: "testowner",
|
||||
repo: "testrepo",
|
||||
},
|
||||
searchReq: clients.SearchRequest{
|
||||
Query: "testquery",
|
||||
Filename: "filename1.txt",
|
||||
@ -61,8 +66,10 @@ func TestBuildQuery(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "WithPath",
|
||||
repourl: &repoURL{
|
||||
owner: "testowner",
|
||||
repo: "testrepo",
|
||||
},
|
||||
searchReq: clients.SearchRequest{
|
||||
Query: "testquery",
|
||||
Path: "dir1/file1.txt",
|
||||
@ -71,8 +78,10 @@ func TestBuildQuery(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "WithFilenameAndPath",
|
||||
repourl: &repoURL{
|
||||
owner: "testowner",
|
||||
repo: "testrepo",
|
||||
},
|
||||
searchReq: clients.SearchRequest{
|
||||
Query: "testquery",
|
||||
Filename: "filename1.txt",
|
||||
@ -82,8 +91,10 @@ func TestBuildQuery(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "WithFilenameAndPathWithSeparator",
|
||||
repourl: &repoURL{
|
||||
owner: "testowner",
|
||||
repo: "testrepo",
|
||||
},
|
||||
searchReq: clients.SearchRequest{
|
||||
Query: "testquery/query",
|
||||
Filename: "filename1.txt",
|
||||
@ -99,8 +110,7 @@ func TestBuildQuery(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
handler := searchHandler{
|
||||
owner: testcase.owner,
|
||||
repo: testcase.repo,
|
||||
repourl: testcase.repourl,
|
||||
}
|
||||
|
||||
query, err := handler.buildQuery(testcase.searchReq)
|
||||
|
@ -17,6 +17,7 @@ package githubrepo
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/google/go-github/v38/github"
|
||||
|
||||
@ -27,19 +28,20 @@ import (
|
||||
type statusesHandler struct {
|
||||
client *github.Client
|
||||
ctx context.Context
|
||||
owner string
|
||||
repo string
|
||||
repourl *repoURL
|
||||
}
|
||||
|
||||
func (handler *statusesHandler) init(ctx context.Context, owner, repo string) {
|
||||
func (handler *statusesHandler) init(ctx context.Context, repourl *repoURL) {
|
||||
handler.ctx = ctx
|
||||
handler.owner = owner
|
||||
handler.repo = repo
|
||||
handler.repourl = repourl
|
||||
}
|
||||
|
||||
func (handler *statusesHandler) listStatuses(ref string) ([]clients.Status, error) {
|
||||
statuses, _, err := handler.client.Repositories.ListStatuses(handler.ctx, handler.owner, handler.repo, ref,
|
||||
&github.ListOptions{})
|
||||
if !strings.EqualFold(handler.repourl.commitSHA, clients.HeadSHA) {
|
||||
return nil, fmt.Errorf("%w: ListStatuses only supported for HEAD queries", clients.ErrUnsupportedFeature)
|
||||
}
|
||||
statuses, _, err := handler.client.Repositories.ListStatuses(
|
||||
handler.ctx, handler.repourl.owner, handler.repourl.repo, ref, &github.ListOptions{})
|
||||
if err != nil {
|
||||
return nil, sce.WithMessage(sce.ErrScorecardInternal, fmt.Sprintf("ListStatuses: %v", err))
|
||||
}
|
||||
|
@ -29,6 +29,7 @@ import (
|
||||
|
||||
"github.com/google/go-github/v38/github"
|
||||
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
sce "github.com/ossf/scorecard/v4/errors"
|
||||
)
|
||||
|
||||
@ -96,7 +97,7 @@ func (handler *tarballHandler) init(ctx context.Context, repo *github.Repository
|
||||
func (handler *tarballHandler) getTarball(ctx context.Context, repo *github.Repository, commitSHA string) error {
|
||||
url := repo.GetArchiveURL()
|
||||
url = strings.Replace(url, "{archive_format}", "tarball/", 1)
|
||||
if strings.EqualFold(commitSHA, "HEAD") {
|
||||
if strings.EqualFold(commitSHA, clients.HeadSHA) {
|
||||
url = strings.Replace(url, "{/ref}", "", 1)
|
||||
} else {
|
||||
url = strings.Replace(url, "{/ref}", commitSHA, 1)
|
||||
|
@ -17,6 +17,7 @@ package githubrepo
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/google/go-github/v38/github"
|
||||
|
||||
@ -27,19 +28,21 @@ import (
|
||||
type workflowsHandler struct {
|
||||
client *github.Client
|
||||
ctx context.Context
|
||||
owner string
|
||||
repo string
|
||||
repourl *repoURL
|
||||
}
|
||||
|
||||
func (handler *workflowsHandler) init(ctx context.Context, owner, repo string) {
|
||||
func (handler *workflowsHandler) init(ctx context.Context, repourl *repoURL) {
|
||||
handler.ctx = ctx
|
||||
handler.owner = owner
|
||||
handler.repo = repo
|
||||
handler.repourl = repourl
|
||||
}
|
||||
|
||||
func (handler *workflowsHandler) listSuccessfulWorkflowRuns(filename string) ([]clients.WorkflowRun, error) {
|
||||
if !strings.EqualFold(handler.repourl.commitSHA, clients.HeadSHA) {
|
||||
return nil, fmt.Errorf(
|
||||
"%w: ListWorkflowRunsByFileName only supported for HEAD queries", clients.ErrUnsupportedFeature)
|
||||
}
|
||||
workflowRuns, _, err := handler.client.Actions.ListWorkflowRunsByFileName(
|
||||
handler.ctx, handler.owner, handler.repo, filename, &github.ListWorkflowRunsOptions{
|
||||
handler.ctx, handler.repourl.owner, handler.repourl.repo, filename, &github.ListWorkflowRunsOptions{
|
||||
Status: "success",
|
||||
})
|
||||
if err != nil {
|
||||
|
@ -24,6 +24,7 @@ import (
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/go-cmp/cmp/cmpopts"
|
||||
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/log"
|
||||
)
|
||||
|
||||
@ -75,7 +76,7 @@ func TestClient_CreationAndCaching(t *testing.T) {
|
||||
}
|
||||
|
||||
client := CreateLocalDirClient(ctx, logger)
|
||||
if err := client.InitRepo(repo, "HEAD"); err != nil {
|
||||
if err := client.InitRepo(repo, clients.HeadSHA); err != nil {
|
||||
t.Errorf("InitRepo: %v", err)
|
||||
}
|
||||
|
||||
|
@ -20,6 +20,9 @@ import "errors"
|
||||
// ErrUnsupportedFeature indicates an API that is not supported by the client.
|
||||
var ErrUnsupportedFeature = errors.New("unsupported feature")
|
||||
|
||||
// HeadSHA is default commitSHA value used to denote git HEAD.
|
||||
const HeadSHA = "HEAD"
|
||||
|
||||
// RepoClient interface is used by Scorecard checks to access a repo.
|
||||
type RepoClient interface {
|
||||
InitRepo(repo Repo, commitSHA string) error
|
||||
|
@ -63,7 +63,7 @@ var rootCmd = &cobra.Command{
|
||||
func init() {
|
||||
rootCmd.Flags().StringVar(&flagRepo, "repo", "", "repository to check")
|
||||
rootCmd.Flags().StringVar(&flagLocal, "local", "", "local folder to check")
|
||||
rootCmd.Flags().StringVar(&flagCommit, "commit", "HEAD", "commit to analyze")
|
||||
rootCmd.Flags().StringVar(&flagCommit, "commit", clients.HeadSHA, "commit to analyze")
|
||||
rootCmd.Flags().StringVar(
|
||||
&flagLogLevel,
|
||||
"verbosity",
|
||||
@ -148,7 +148,7 @@ func scorecardCmd(cmd *cobra.Command, args []string) {
|
||||
if flagLocal != "" {
|
||||
requiredRequestTypes = append(requiredRequestTypes, checker.FileBased)
|
||||
}
|
||||
if !strings.EqualFold(flagCommit, "HEAD") {
|
||||
if !strings.EqualFold(flagCommit, clients.HeadSHA) {
|
||||
requiredRequestTypes = append(requiredRequestTypes, checker.CommitBased)
|
||||
}
|
||||
enabledChecks, err := getEnabledChecks(policy, flagChecksToRun, requiredRequestTypes)
|
||||
@ -225,7 +225,7 @@ func validateCmdFlags() {
|
||||
if flagFormat == formatRaw {
|
||||
log.Panic("raw option not supported yet")
|
||||
}
|
||||
if flagCommit != "HEAD" {
|
||||
if flagCommit != clients.HeadSHA {
|
||||
log.Panic("--commit option not supported yet")
|
||||
}
|
||||
}
|
||||
|
@ -70,7 +70,8 @@ var serveCmd = &cobra.Command{
|
||||
}
|
||||
defer ossFuzzRepoClient.Close()
|
||||
ciiClient := clients.DefaultCIIBestPracticesClient()
|
||||
repoResult, err := pkg.RunScorecards(ctx, repo, "HEAD" /*commitSHA*/, false /*raw*/, checks.AllChecks, repoClient,
|
||||
repoResult, err := pkg.RunScorecards(
|
||||
ctx, repo, clients.HeadSHA /*commitSHA*/, false /*raw*/, checks.AllChecks, repoClient,
|
||||
ossFuzzRepoClient, ciiClient, vulnsClient)
|
||||
if err != nil {
|
||||
logger.Error(err, "running enabled scorecard checks on repo")
|
||||
|
@ -85,7 +85,7 @@ func processRequest(ctx context.Context,
|
||||
continue
|
||||
}
|
||||
repo.AppendMetadata(repo.Metadata()...)
|
||||
result, err := pkg.RunScorecards(ctx, repo, "HEAD" /*commitSHA*/, false /*raw*/, checksToRun,
|
||||
result, err := pkg.RunScorecards(ctx, repo, clients.HeadSHA /*commitSHA*/, false /*raw*/, checksToRun,
|
||||
repoClient, ossFuzzRepoClient, ciiClient, vulnsClient)
|
||||
if errors.Is(err, sce.ErrRepoUnreachable) {
|
||||
// Not accessible repo - continue.
|
||||
|
@ -22,6 +22,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -35,7 +36,7 @@ var _ = Describe("E2E TEST:"+checks.CheckBinaryArtifacts, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf/scorecard")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
|
||||
req := checker.CheckRequest{
|
||||
@ -61,7 +62,7 @@ var _ = Describe("E2E TEST:"+checks.CheckBinaryArtifacts, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-binary-artifacts-e2e")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
|
||||
req := checker.CheckRequest{
|
||||
@ -123,7 +124,7 @@ var _ = Describe("E2E TEST:"+checks.CheckBinaryArtifacts, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-binary-artifacts-e2e-4-binaries")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
|
||||
req := checker.CheckRequest{
|
||||
|
@ -22,6 +22,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -33,7 +34,7 @@ var _ = Describe("E2E TEST:"+checks.CheckBranchProtection, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-branch-protection-e2e")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
req := checker.CheckRequest{
|
||||
Ctx: context.Background(),
|
||||
@ -63,7 +64,7 @@ var _ = Describe("E2E TEST:"+checks.CheckBranchProtection, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-branch-protection-e2e-none")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
req := checker.CheckRequest{
|
||||
Ctx: context.Background(),
|
||||
@ -93,7 +94,7 @@ var _ = Describe("E2E TEST:"+checks.CheckBranchProtection, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-branch-protection-e2e-patch-1")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
req := checker.CheckRequest{
|
||||
Ctx: context.Background(),
|
||||
|
@ -22,6 +22,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -33,7 +34,7 @@ var _ = Describe("E2E TEST:"+checks.CheckCITests, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/airflow")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
req := checker.CheckRequest{
|
||||
Ctx: context.Background(),
|
||||
|
@ -22,6 +22,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -35,7 +36,7 @@ var _ = Describe("E2E TEST:CodeReview", func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/airflow")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
|
||||
req := checker.CheckRequest{
|
||||
|
@ -22,6 +22,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -33,7 +34,7 @@ var _ = Describe("E2E TEST:"+checks.CheckContributors, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf/scorecard")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
req := checker.CheckRequest{
|
||||
Ctx: context.Background(),
|
||||
|
@ -21,6 +21,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -32,7 +33,7 @@ var _ = Describe("E2E TEST:"+checks.CheckTokenPermissions, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-dangerous-workflow-e2e")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
req := checker.CheckRequest{
|
||||
Ctx: context.Background(),
|
||||
|
@ -22,6 +22,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -35,7 +36,7 @@ var _ = Describe("E2E TEST:"+checks.CheckDependencyUpdateTool, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf/scorecard")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
|
||||
req := checker.CheckRequest{
|
||||
@ -66,7 +67,7 @@ var _ = Describe("E2E TEST:"+checks.CheckDependencyUpdateTool, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("netlify/netlify-cms")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
|
||||
req := checker.CheckRequest{
|
||||
|
@ -22,6 +22,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -33,7 +34,7 @@ var _ = Describe("E2E TEST:"+checks.CheckFuzzing, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("tensorflow/tensorflow")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
ossFuzzRepoClient, err := githubrepo.CreateOssFuzzRepoClient(context.Background(), logger)
|
||||
Expect(err).Should(BeNil())
|
||||
@ -61,7 +62,7 @@ var _ = Describe("E2E TEST:"+checks.CheckFuzzing, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-fuzzing-cflite")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
ossFuzzRepoClient, err := githubrepo.CreateOssFuzzRepoClient(context.Background(), logger)
|
||||
Expect(err).Should(BeNil())
|
||||
@ -89,7 +90,7 @@ var _ = Describe("E2E TEST:"+checks.CheckFuzzing, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-packaging-e2e")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
ossFuzzRepoClient, err := githubrepo.CreateOssFuzzRepoClient(context.Background(), logger)
|
||||
Expect(err).Should(BeNil())
|
||||
|
@ -21,6 +21,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -32,7 +33,7 @@ var _ = Describe("E2E TEST:"+checks.CheckLicense, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-license-e2e")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
req := checker.CheckRequest{
|
||||
Ctx: context.Background(),
|
||||
|
@ -22,6 +22,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -33,7 +34,7 @@ var _ = Describe("E2E TEST:"+checks.CheckMaintained, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("apache/airflow")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
req := checker.CheckRequest{
|
||||
Ctx: context.Background(),
|
||||
|
@ -22,6 +22,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -33,7 +34,7 @@ var _ = Describe("E2E TEST:"+checks.CheckPackaging, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-packaging-e2e")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
req := checker.CheckRequest{
|
||||
Ctx: context.Background(),
|
||||
|
@ -21,6 +21,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -32,7 +33,7 @@ var _ = Describe("E2E TEST:"+checks.CheckTokenPermissions, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-token-permissions-e2e")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
req := checker.CheckRequest{
|
||||
Ctx: context.Background(),
|
||||
|
@ -21,6 +21,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -34,7 +35,7 @@ var _ = Describe("E2E TEST:"+checks.CheckPinnedDependencies, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-pinned-dependencies-e2e")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
|
||||
req := checker.CheckRequest{
|
||||
|
@ -22,6 +22,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -33,7 +34,7 @@ var _ = Describe("E2E TEST:"+checks.CheckSAST, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/airflow")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
req := checker.CheckRequest{
|
||||
Ctx: context.Background(),
|
||||
|
@ -21,6 +21,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -32,7 +33,7 @@ var _ = Describe("E2E TEST:SecurityPolicy", func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("tensorflow/tensorflow")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
|
||||
req := checker.CheckRequest{
|
||||
@ -62,7 +63,7 @@ var _ = Describe("E2E TEST:SecurityPolicy", func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("randombit/botan")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
|
||||
req := checker.CheckRequest{
|
||||
|
@ -22,6 +22,7 @@ import (
|
||||
|
||||
"github.com/ossf/scorecard/v4/checker"
|
||||
"github.com/ossf/scorecard/v4/checks"
|
||||
"github.com/ossf/scorecard/v4/clients"
|
||||
"github.com/ossf/scorecard/v4/clients/githubrepo"
|
||||
scut "github.com/ossf/scorecard/v4/utests"
|
||||
)
|
||||
@ -33,7 +34,7 @@ var _ = Describe("E2E TEST:"+checks.CheckSignedReleases, func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-signed-releases-e2e")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
req := checker.CheckRequest{
|
||||
Ctx: context.Background(),
|
||||
|
@ -33,7 +33,7 @@ var _ = Describe("E2E TEST:Vulnerabilities", func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf/scorecard")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
|
||||
dl := scut.TestDetailLogger{}
|
||||
@ -66,7 +66,7 @@ var _ = Describe("E2E TEST:Vulnerabilities", func() {
|
||||
repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-check-vulnerabilities-open62541")
|
||||
Expect(err).Should(BeNil())
|
||||
repoClient := githubrepo.CreateGithubRepoClient(context.Background(), logger)
|
||||
err = repoClient.InitRepo(repo, "HEAD")
|
||||
err = repoClient.InitRepo(repo, clients.HeadSHA)
|
||||
Expect(err).Should(BeNil())
|
||||
|
||||
dl := scut.TestDetailLogger{}
|
||||
|
Loading…
Reference in New Issue
Block a user