Skip to content

Commit e0cc4b2

Browse files
tromaitromai
committed
test: add integration tests
1 parent 0500c88 commit e0cc4b2

File tree

4 files changed

+261
-0
lines changed

4 files changed

+261
-0
lines changed

scripts/dev_scripts/integration_tests.sh

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -289,6 +289,18 @@ do
289289
check_or_update_expected_output $COMPARE_JSON_OUT $JSON_RESULT_DIR/$i $JSON_EXPECT_DIR/$i || log_fail
290290
done
291291

292+
echo -e "\n----------------------------------------------------------------------------------"
293+
echo "micronaut-projects/micronaut-test: Analyzing the repo path when automatic dependency resolution is skipped"
294+
echo "and all provenance checks are excluded."
295+
echo -e "----------------------------------------------------------------------------------\n"
296+
JSON_RESULT=$WORKSPACE/output/reports/github_com/micronaut-projects/micronaut-test/micronaut-test.json
297+
JSON_EXPECTED=$WORKSPACE/tests/e2e/expected_results/micronaut-test/micronaut-test_provenance_checks_excluded.json
298+
DEFAULTS_FILE=$WORKSPACE/tests/e2e/configurations/exclude_provenance_checks.ini
299+
300+
$RUN_MACARON -dp $DEFAULTS_FILE analyze -rp https://github.com/micronaut-projects/micronaut-test/ -d 7679d10b4073a3b842b6c56877c35fa8cd10acff --skip-deps || log_fail
301+
302+
check_or_update_expected_output $COMPARE_JSON_OUT $JSON_RESULT $JSON_EXPECTED || log_fail
303+
292304
# TODO: uncomment the test below after resolving https://github.com/oracle/macaron/issues/60.
293305
# echo -e "\n----------------------------------------------------------------------------------"
294306
# echo "micronaut-projects/micronaut-test: Check the resolved dependency output with config for cyclonedx gradle plugin (default)."
@@ -577,6 +589,17 @@ fi
577589
rm -rf "$SOURCE_REPO"
578590
rm -rf "$TARGET_REPO"
579591

592+
echo -e "\n----------------------------------------------------------------------------------"
593+
echo "Running the analysis with all checks excluded should returns an error code."
594+
echo -e "----------------------------------------------------------------------------------\n"
595+
$RUN_MACARON -dp tests/e2e/configurations/exclude_all_checks.ini analyze -rp https://github.com/apache/maven --skip-deps
596+
597+
if [ $? -eq 0 ];
598+
then
599+
echo -e "Expect non-zero status code but got $?."
600+
log_fail
601+
fi
602+
580603
echo -e "\n----------------------------------------------------------------------------------"
581604
echo "apache/maven: test analyzing without the environment variable GITHUB_TOKEN being set."
582605
echo -e "----------------------------------------------------------------------------------\n"

tests/e2e/configurations/exclude_all_checks.ini

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
# Copyright (c) 2024 - 2024, Oracle and/or its affiliates. All rights reserved.
2+
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
3+
4+
[analysis.checks]
5+
exclude = *
6+
include = *

tests/e2e/configurations/exclude_provenance_checks.ini

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
# Copyright (c) 2024 - 2024, Oracle and/or its affiliates. All rights reserved.
2+
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
3+
4+
[analysis.checks]
5+
exclude = mcn_provenance_available_1
6+
include = *

tests/e2e/expected_results/micronaut-test/micronaut-test_provenance_checks_excluded.json

Lines changed: 226 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,226 @@
1+
{
2+
"metadata": {
3+
"timestamps": "2024-02-11 15:51:21",
4+
"has_passing_check": true,
5+
"run_checks": [
6+
"mcn_infer_artifact_pipeline_1",
7+
"mcn_build_as_code_1",
8+
"mcn_version_control_system_1",
9+
"mcn_build_service_1",
10+
"mcn_build_script_1",
11+
"mcn_trusted_builder_level_three_1"
12+
],
13+
"check_tree": {
14+
"mcn_version_control_system_1": {
15+
"mcn_trusted_builder_level_three_1": {
16+
"mcn_build_as_code_1": {
17+
"mcn_infer_artifact_pipeline_1": {},
18+
"mcn_build_service_1": {
19+
"mcn_build_script_1": {}
20+
}
21+
}
22+
}
23+
},
24+
"mcn_provenance_available_1": {
25+
"mcn_provenance_witness_level_one_1": {},
26+
"mcn_provenance_level_three_1": {},
27+
"mcn_provenance_expectation_1": {}
28+
}
29+
}
30+
},
31+
"target": {
32+
"info": {
33+
"full_name": "pkg:github.com/micronaut-projects/micronaut-test@7679d10b4073a3b842b6c56877c35fa8cd10acff",
34+
"local_cloned_path": "git_repos/github_com/micronaut-projects/micronaut-test",
35+
"remote_path": "https://github.com/micronaut-projects/micronaut-test",
36+
"branch": null,
37+
"commit_hash": "7679d10b4073a3b842b6c56877c35fa8cd10acff",
38+
"commit_date": "2023-11-07T06:43:31+01:00"
39+
},
40+
"provenances": {
41+
"is_inferred": true,
42+
"content": {
43+
"github_actions": [
44+
{
45+
"_type": "https://in-toto.io/Statement/v0.1",
46+
"subject": [],
47+
"predicateType": "https://slsa.dev/provenance/v0.2",
48+
"predicate": {
49+
"builder": {
50+
"id": "https://github.com/micronaut-projects/micronaut-test/blob/7679d10b4073a3b842b6c56877c35fa8cd10acff/.github/workflows/gradle.yml"
51+
},
52+
"buildType": "Custom github_actions",
53+
"invocation": {
54+
"configSource": {
55+
"uri": "https://github.com/micronaut-projects/micronaut-test@refs/heads/None",
56+
"digest": {
57+
"sha1": "7679d10b4073a3b842b6c56877c35fa8cd10acff"
58+
},
59+
"entryPoint": "https://github.com/micronaut-projects/micronaut-test/blob/7679d10b4073a3b842b6c56877c35fa8cd10acff/.github/workflows/gradle.yml"
60+
},
61+
"parameters": {},
62+
"environment": {}
63+
},
64+
"buildConfig": {
65+
"jobID": "build",
66+
"stepID": "\ud83d\udce6 Publish to Sonatype Snapshots"
67+
},
68+
"metadata": {
69+
"buildInvocationId": "",
70+
"buildStartedOn": "<TIMESTAMP>",
71+
"buildFinishedOn": "<TIMESTAMP>",
72+
"completeness": {
73+
"parameters": "false",
74+
"environment": "false",
75+
"materials": "false"
76+
},
77+
"reproducible": "false"
78+
},
79+
"materials": [
80+
{
81+
"uri": "<URI>",
82+
"digest": {}
83+
}
84+
]
85+
}
86+
}
87+
],
88+
"Maven Central Registry": []
89+
}
90+
},
91+
"checks": {
92+
"summary": {
93+
"DISABLED": 0,
94+
"FAILED": 2,
95+
"PASSED": 4,
96+
"SKIPPED": 0,
97+
"UNKNOWN": 0
98+
},
99+
"results": [
100+
{
101+
"check_id": "mcn_build_as_code_1",
102+
"check_description": "The build definition and configuration executed by the build service is verifiably derived from text file definitions stored in a version control system.",
103+
"slsa_requirements": [
104+
"Build as code - SLSA Level 3"
105+
],
106+
"justification": [
107+
{
108+
"The target repository uses build tool gradle to deploy": "https://github.com/micronaut-projects/micronaut-test/blob/7679d10b4073a3b842b6c56877c35fa8cd10acff/.github/workflows/gradle.yml",
109+
"The build is triggered by": "https://github.com/micronaut-projects/micronaut-test/blob/7679d10b4073a3b842b6c56877c35fa8cd10acff/.github/workflows/gradle.yml"
110+
},
111+
"Deploy command: ['./gradlew', 'publishToSonatype', 'docs', '--no-daemon']",
112+
"However, could not find a passing workflow run."
113+
],
114+
"result_type": "PASSED"
115+
},
116+
{
117+
"check_id": "mcn_build_script_1",
118+
"check_description": "Check if the target repo has a valid build script.",
119+
"slsa_requirements": [
120+
"Scripted Build - SLSA Level 1"
121+
],
122+
"justification": [
123+
"Check mcn_build_script_1 is set to PASSED because mcn_build_service_1 PASSED."
124+
],
125+
"result_type": "PASSED"
126+
},
127+
{
128+
"check_id": "mcn_build_service_1",
129+
"check_description": "Check if the target repo has a valid build service.",
130+
"slsa_requirements": [
131+
"Build service - SLSA Level 2"
132+
],
133+
"justification": [
134+
"Check mcn_build_service_1 is set to PASSED because mcn_build_as_code_1 PASSED."
135+
],
136+
"result_type": "PASSED"
137+
},
138+
{
139+
"check_id": "mcn_version_control_system_1",
140+
"check_description": "Check whether the target repo uses a version control system.",
141+
"slsa_requirements": [
142+
"Version controlled - SLSA Level 2"
143+
],
144+
"justification": [
145+
{
146+
"This is a Git repository": "https://github.com/micronaut-projects/micronaut-test"
147+
}
148+
],
149+
"result_type": "PASSED"
150+
},
151+
{
152+
"check_id": "mcn_infer_artifact_pipeline_1",
153+
"check_description": "Detects potential pipelines from which an artifact is published.",
154+
"slsa_requirements": [
155+
"Build as code - SLSA Level 3"
156+
],
157+
"justification": [
158+
"Unable to find a publishing timestamp for the artifact."
159+
],
160+
"result_type": "FAILED"
161+
},
162+
{
163+
"check_id": "mcn_trusted_builder_level_three_1",
164+
"check_description": "Check whether the target uses a trusted SLSA level 3 builder.",
165+
"slsa_requirements": [
166+
"Hermetic - SLSA Level 4",
167+
"Isolated - SLSA Level 3",
168+
"Parameterless - SLSA Level 4",
169+
"Ephemeral environment - SLSA Level 3"
170+
],
171+
"justification": [
172+
"Could not find a trusted level 3 builder as a GitHub Actions workflow."
173+
],
174+
"result_type": "FAILED"
175+
}
176+
]
177+
}
178+
},
179+
"dependencies": {
180+
"analyzed_deps": 0,
181+
"unique_dep_repos": 0,
182+
"checks_summary": [
183+
{
184+
"check_id": "mcn_version_control_system_1",
185+
"num_deps_pass": 0
186+
},
187+
{
188+
"check_id": "mcn_provenance_witness_level_one_1",
189+
"num_deps_pass": 0
190+
},
191+
{
192+
"check_id": "mcn_build_as_code_1",
193+
"num_deps_pass": 0
194+
},
195+
{
196+
"check_id": "mcn_infer_artifact_pipeline_1",
197+
"num_deps_pass": 0
198+
},
199+
{
200+
"check_id": "mcn_trusted_builder_level_three_1",
201+
"num_deps_pass": 0
202+
},
203+
{
204+
"check_id": "mcn_provenance_level_three_1",
205+
"num_deps_pass": 0
206+
},
207+
{
208+
"check_id": "mcn_build_script_1",
209+
"num_deps_pass": 0
210+
},
211+
{
212+
"check_id": "mcn_provenance_expectation_1",
213+
"num_deps_pass": 0
214+
},
215+
{
216+
"check_id": "mcn_provenance_available_1",
217+
"num_deps_pass": 0
218+
},
219+
{
220+
"check_id": "mcn_build_service_1",
221+
"num_deps_pass": 0
222+
}
223+
],
224+
"dep_status": []
225+
}
226+
}

0 commit comments

Comments
 (0)