Skip to content

Commit

Permalink
remove dep on make-fetch-happen
Browse files Browse the repository at this point in the history
Signed-off-by: Brian DeHamer <bdehamer@github.com>
  • Loading branch information
bdehamer committed Apr 10, 2024
1 parent 9ddf153 commit d101fa7
Show file tree
Hide file tree
Showing 6 changed files with 46 additions and 202 deletions.
1 change: 1 addition & 0 deletions packages/attest/RELEASES.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
- Generate attestations using the v0.3 Sigstore bundle format.
- Bump @sigstore/bundle from 2.2.0 to 2.3.0.
- Bump @sigstore/sign from 2.2.3 to 2.3.0.
- Remove dependency on make-fetch-happen

### 1.1.0

Expand Down
22 changes: 17 additions & 5 deletions packages/attest/__tests__/provenance.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ import * as github from '@actions/github'
import {mockFulcio, mockRekor, mockTSA} from '@sigstore/mock'
import * as jose from 'jose'
import nock from 'nock'
import {MockAgent, setGlobalDispatcher} from 'undici'
import {SIGSTORE_GITHUB, SIGSTORE_PUBLIC_GOOD} from '../src/endpoints'
import {attestProvenance, buildSLSAProvenancePredicate} from '../src/provenance'

Expand All @@ -12,6 +13,10 @@ describe('provenance functions', () => {
const jwksPath = '/.well-known/jwks.json'
const tokenPath = '/token'

// MockAgent for mocking @actions/github
const mockAgent = new MockAgent()
setGlobalDispatcher(mockAgent)

const claims = {
iss: issuer,
aud: 'nobody',
Expand Down Expand Up @@ -97,9 +102,12 @@ describe('provenance functions', () => {
await mockFulcio({baseURL: fulcioURL, strict: false})
await mockTSA({baseURL: tsaServerURL})

// Mock GH attestations API
nock('https://api.github.com')
.post(/^\/repos\/.*\/.*\/attestations$/)
mockAgent
.get('https://api.github.com')
.intercept({
path: /^\/repos\/.*\/.*\/attestations$/,
method: 'post'
})
.reply(201, {id: attestationID})
})

Expand Down Expand Up @@ -159,8 +167,12 @@ describe('provenance functions', () => {
await mockRekor({baseURL: rekorURL})

// Mock GH attestations API
nock('https://api.github.com')
.post(/^\/repos\/.*\/.*\/attestations$/)
mockAgent
.get('https://api.github.com')
.intercept({
path: /^\/repos\/.*\/.*\/attestations$/,
method: 'post'
})
.reply(201, {id: attestationID})
})

Expand Down
27 changes: 20 additions & 7 deletions packages/attest/__tests__/store.test.ts
Original file line number Diff line number Diff line change
@@ -1,11 +1,14 @@
import nock from 'nock'
import {MockAgent, setGlobalDispatcher} from 'undici'
import {writeAttestation} from '../src/store'

describe('writeAttestation', () => {
const originalEnv = process.env
const attestation = {foo: 'bar '}
const token = 'token'

Check failure

Code scanning / CodeQL

Hard-coded credentials Critical test

The hard-coded value "token" is used as
authorization header
.
The hard-coded value "token" is used as
authorization header
.

const mockAgent = new MockAgent()
setGlobalDispatcher(mockAgent)

beforeEach(() => {
process.env = {
...originalEnv,
Expand All @@ -19,9 +22,14 @@ describe('writeAttestation', () => {

describe('when the api call is successful', () => {
beforeEach(() => {
nock('https://api.github.com')
.matchHeader('authorization', `token ${token}`)
.post('/repos/foo/bar/attestations', {bundle: attestation})
mockAgent
.get('https://api.github.com')
.intercept({
path: '/repos/foo/bar/attestations',
method: 'POST',
headers: {authorization: `token ${token}`},
body: JSON.stringify({bundle: attestation})
})
.reply(201, {id: '123'})
})

Expand All @@ -32,9 +40,14 @@ describe('writeAttestation', () => {

describe('when the api call fails', () => {
beforeEach(() => {
nock('https://api.github.com')
.matchHeader('authorization', `token ${token}`)
.post('/repos/foo/bar/attestations', {bundle: attestation})
mockAgent
.get('https://api.github.com')
.intercept({
path: '/repos/foo/bar/attestations',
method: 'POST',
headers: {authorization: `token ${token}`},
body: JSON.stringify({bundle: attestation})
})
.reply(500, 'oops')
})

Expand Down
Loading

0 comments on commit d101fa7

Please sign in to comment.