✨ Unit test for all_checks

Addresses https://github.com/ossf/scorecard/issues/435

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>

checks/all_checks.go

@@ -15,11 +15,20 @@
 // Package checks defines all Scorecard checks.
 package checks
 
-import "github.com/ossf/scorecard/v4/checker"
+import (
+	"github.com/ossf/scorecard/v4/checker"
+)
 
 // AllChecks is the list of all security checks that will be run.
 var AllChecks = checker.CheckNameToFnMap{}
 
-func registerCheck(name string, fn checker.CheckFn) {
+func registerCheck(name string, fn checker.CheckFn) error {
+	if name == "" {
+		return errInternalNameCannotBeEmpty
+	}
+	if fn == nil {
+		return errInternalCheckFuncCannotBeNil
+	}
 	AllChecks[name] = fn
+	return nil
 }

checks/all_checks_test.go

@@ -0,0 +1,70 @@
+// Copyright 2020 Security Scorecard Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package checks defines all Scorecard checks.
+package checks
+
+import (
+	"testing"
+
+	"github.com/ossf/scorecard/v4/checker"
+)
+
+func Test_registerCheck(t *testing.T) {
+	t.Parallel()
+	//nolint
+	type args struct {
+		name string
+		fn   checker.CheckFn
+	}
+	//nolint
+	tests := []struct {
+		name    string
+		args    args
+		wanterr bool
+	}{
+		{
+			name: "registerCheck",
+			args: args{
+				name: "test",
+				fn:   func(x *checker.CheckRequest) checker.CheckResult { return checker.CheckResult{} },
+			},
+			wanterr: false,
+		},
+		{
+			name: "empty func",
+			args: args{
+				name: "test",
+			},
+			wanterr: true,
+		},
+		{
+			name: "empty name",
+			args: args{
+				name: "",
+				fn:   func(x *checker.CheckRequest) checker.CheckResult { return checker.CheckResult{} },
+			},
+			wanterr: true,
+		},
+	}
+	for _, tt := range tests {
+		tt := tt
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+			if err := registerCheck(tt.args.name, tt.args.fn); (err != nil) != tt.wanterr {
+				t.Errorf("registerCheck() error = %v, wantErr %v", err, tt.wanterr)
+			}
+		})
+	}
+}

checks/binary_artifact.go

@@ -26,7 +26,10 @@ const CheckBinaryArtifacts string = "Binary-Artifacts"
 
 //nolint
 func init() {
-	registerCheck(CheckBinaryArtifacts, BinaryArtifacts)
+	if err := registerCheck(CheckBinaryArtifacts, BinaryArtifacts); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 // BinaryArtifacts  will check the repository contains binary artifacts.

checks/branch_protection.go

@@ -28,7 +28,10 @@ const (
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckBranchProtection, BranchProtection)
+	if err := registerCheck(CheckBranchProtection, BranchProtection); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 // BranchProtection runs the Branch-Protection check.

checks/ci_tests.go

@@ -31,7 +31,10 @@ const (
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckCITests, CITests)
+	if err := registerCheck(CheckCITests, CITests); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 // CITests runs CI-Tests check.

checks/cii_best_practices.go

@@ -32,7 +32,10 @@ const (
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckCIIBestPractices, CIIBestPractices)
+	if err := registerCheck(CheckCIIBestPractices, CIIBestPractices); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 // CIIBestPractices runs CII-Best-Practices check.

checks/code_review.go

@@ -27,7 +27,10 @@ const CheckCodeReview = "Code-Review"
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckCodeReview, DoesCodeReview)
+	if err := registerCheck(CheckCodeReview, DoesCodeReview); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 // DoesCodeReview attempts to determine whether a project requires review before code gets merged.

checks/contributors.go

@@ -31,7 +31,10 @@ const (
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckContributors, Contributors)
+	if err := registerCheck(CheckContributors, Contributors); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 // Contributors run Contributors check.

checks/dangerous_workflow.go

@@ -59,7 +59,10 @@ func containsUntrustedContextPattern(variable string) bool {
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckDangerousWorkflow, DangerousWorkflow)
+	if err := registerCheck(CheckDangerousWorkflow, DangerousWorkflow); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 // Holds stateful data to pass thru callbacks.

checks/dependency_update_tool.go

@@ -26,7 +26,10 @@ const CheckDependencyUpdateTool = "Dependency-Update-Tool"
 
 //nolint
 func init() {
-	registerCheck(CheckDependencyUpdateTool, DependencyUpdateTool)
+	if err := registerCheck(CheckDependencyUpdateTool, DependencyUpdateTool); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 // DependencyUpdateTool checks if the repository uses a dependency update tool.

checks/errors.go

@@ -20,12 +20,14 @@ import (
 
 //nolint
 var (
-	errInternalInvalidDockerFile  = errors.New("invalid Dockerfile")
+	errInternalInvalidDockerFile    = errors.New("invalid Dockerfile")
-	errInternalInvalidYamlFile    = errors.New("invalid yaml file")
+	errInternalInvalidYamlFile      = errors.New("invalid yaml file")
-	errInternalFilenameMatch      = errors.New("filename match error")
+	errInternalFilenameMatch        = errors.New("filename match error")
-	errInternalEmptyFile          = errors.New("empty file")
+	errInternalEmptyFile            = errors.New("empty file")
-	errInvalidGitHubWorkflow      = errors.New("invalid GitHub workflow")
+	errInvalidGitHubWorkflow        = errors.New("invalid GitHub workflow")
-	errInternalNoReviews          = errors.New("no reviews found")
+	errInternalNoReviews            = errors.New("no reviews found")
-	errInternalNoCommits          = errors.New("no commits found")
+	errInternalNoCommits            = errors.New("no commits found")
-	errInternalInvalidPermissions = errors.New("invalid permissions")
+	errInternalInvalidPermissions   = errors.New("invalid permissions")
+	errInternalNameCannotBeEmpty    = errors.New("name cannot be empty")
+	errInternalCheckFuncCannotBeNil = errors.New("checkFunc cannot be nil")
 )

checks/fuzzing.go

@@ -28,7 +28,10 @@ const CheckFuzzing = "Fuzzing"
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckFuzzing, Fuzzing)
+	if err := registerCheck(CheckFuzzing, Fuzzing); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 func checkCFLite(c *checker.CheckRequest) (bool, error) {

checks/license.go

@@ -35,7 +35,10 @@ const CheckLicense = "License"
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckLicense, LicenseCheck)
+	if err := registerCheck(CheckLicense, LicenseCheck); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 const (

checks/maintained.go

@@ -32,7 +32,10 @@ const (
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckMaintained, IsMaintained)
+	if err := registerCheck(CheckMaintained, IsMaintained); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 // IsMaintained runs Maintained check.

checks/packaging.go

@@ -31,7 +31,10 @@ const CheckPackaging = "Packaging"
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckPackaging, Packaging)
+	if err := registerCheck(CheckPackaging, Packaging); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 func isGithubWorkflowFile(filename string) (bool, error) {

checks/permissions.go

@@ -53,7 +53,10 @@ var permissionsOfInterest = []permission{
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckTokenPermissions, TokenPermissions)
+	if err := registerCheck(CheckTokenPermissions, TokenPermissions); err != nil {
+		// This should never happen.
+		panic(err)
+	}
 }
 
 // Holds stateful data to pass thru callbacks.

checks/pinned_dependencies.go

@@ -39,7 +39,10 @@ type worklowPinningResult struct {
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckPinnedDependencies, PinnedDependencies)
+	if err := registerCheck(CheckPinnedDependencies, PinnedDependencies); err != nil {
+		// This should never happen.
+		panic(err)
+	}
 }
 
 // PinnedDependencies will check the repository if it contains frozen dependecies.

checks/sast.go

@@ -31,7 +31,10 @@ var allowedConclusions = map[string]bool{"success": true, "neutral": true}
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckSAST, SAST)
+	if err := registerCheck(CheckSAST, SAST); err != nil {
+		// This should never happen.
+		panic(err)
+	}
 }
 
 // SAST runs SAST check.

checks/security_policy.go

@@ -26,7 +26,10 @@ const CheckSecurityPolicy = "Security-Policy"
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckSecurityPolicy, SecurityPolicy)
+	if err := registerCheck(CheckSecurityPolicy, SecurityPolicy); err != nil {
+		// This should never happen.
+		panic(err)
+	}
 }
 
 // SecurityPolicy runs Security-Policy check.

checks/signed_releases.go

@@ -32,7 +32,10 @@ var artifactExtensions = []string{".asc", ".minisig", ".sig", ".sign"}
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckSignedReleases, SignedReleases)
+	if err := registerCheck(CheckSignedReleases, SignedReleases); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 // SignedReleases runs Signed-Releases check.

checks/vulnerabilities.go

@@ -30,7 +30,10 @@ const (
 
 //nolint:gochecknoinits
 func init() {
-	registerCheck(CheckVulnerabilities, HasUnfixedVulnerabilities)
+	if err := registerCheck(CheckVulnerabilities, HasUnfixedVulnerabilities); err != nil {
+		// this should never happen
+		panic(err)
+	}
 }
 
 func getVulnerabilities(resp *clients.VulnerabilitiesResponse) []string {