Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Included tests for GitHub attestations #61

Merged
merged 5 commits into from
Jan 22, 2024
Merged

Included tests for GitHub attestations #61

merged 5 commits into from
Jan 22, 2024

Conversation

naveensrinivasan
Copy link
Contributor

  • Included tests for GitHub attestations and some simple clean up.

mikhailswift
mikhailswift reviewed Oct 26, 2023
View reviewed changes
Copy link
Member

@mikhailswift mikhailswift left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks pretty good at first glance, I'll pull it (and the other PRs you've been kind enough to contribute) a bit later this afternoon and test them out.

attestation/github/github.go Outdated Show resolved Hide resolved
attestation/github/github.go Outdated Show resolved Hide resolved
attestation/github/github.go Outdated Show resolved Hide resolved
@naveensrinivasan naveensrinivasan force-pushed the naveen/attest/github branch 2 times, most recently from 9016661 to ed815b8 Compare October 26, 2023 20:56
@naveensrinivasan @jkjell
Included tests for GitHub attestations
24ca48f 
- Included tests for GitHub attestations and some simple clean up.

Signed-off-by: naveensrinivasan <[email protected]>
@naveensrinivasan @jkjell
Fixed review comments
03a833d 
Signed-off-by: naveensrinivasan <[email protected]>
ChaosInTheCRD
ChaosInTheCRD reviewed Jan 17, 2024
View reviewed changes
attestation/github/github_test.go
assert.NotNil(t, subjects)
assert.Equal(t, 2, len(subjects))

expectedSubjects := []string{"pipelineurl:" + attestor.PipelineUrl, "projecturl:" + attestor.ProjectUrl}
Copy link
Collaborator

@ChaosInTheCRD ChaosInTheCRD Jan 17, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe there is something that I am overlooking here, but will attestor.PipelineUrl and attestor.ProjectUrl both return empty strings? of course that would technically be fine, but I wanted to ensure that this would be the case. Maybe we could populate these fields in the attestor instantiation above?

@ChaosInTheCRD
Copy link
Collaborator

ChaosInTheCRD commented Jan 17, 2024
edited
Loading

After reviewing these tests look fine to me, and once again seem worthy additions to the codebase. Happy to approve once my question has been answered 😄

ChaosInTheCRD
ChaosInTheCRD reviewed Jan 22, 2024
View reviewed changes
attestation/github/github_test.go
attestor := &Attestor{
aud: "projecturl",
jwksURL: tokenServer.URL,
tokenURL: os.Getenv("ACTIONS_ID_TOKEN_REQUEST_URL"),
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
tokenURL: os.Getenv("ACTIONS_ID_TOKEN_REQUEST_URL"),
tokenURL: os.Getenv("ACTIONS_ID_TOKEN_REQUEST_URL"),
PipelineUrl: "https://github.com/in-toto/go-witness/actions/runs/234872349827",
ProjectUrl: "https://github.com/in-toto/go-witness",

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Something like this aligns to the suggestion in comment below. Not sure if this is unnecessary / not optimal.

@ChaosInTheCRD
Copy link
Collaborator

Tests seem to be running fine. Unless others (@kairoaraujo, @jkjell, @mikhailswift) have feedback, I am happy to merge approve and merge. Just the last comment and suggestion outstanding but I don't think it's a big deal.

@ChaosInTheCRD
Copy link
Collaborator

I'm going to go ahead and merge this - pretty happy with what it's doing.

@ChaosInTheCRD ChaosInTheCRD merged commit 07128d2 into in-toto:main Jan 22, 2024
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ChaosInTheCRD ChaosInTheCRD ChaosInTheCRD approved these changes

@mikhailswift mikhailswift Awaiting requested review from mikhailswift

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@naveensrinivasan @ChaosInTheCRD @mikhailswift