Skip to content
Permalink
Browse files
test: use codeql compatible token / passwords (#11297)
  • Loading branch information
viceice committed Sep 9, 2021
1 parent 43bda14 commit 11aa3baf2e54da405b73f0d0cf801277f3d65263
Showing with 533 additions and 527 deletions.
  1. +2 −0 .github/codeql/codeql-config.yml
  2. +2 −0 .github/workflows/codeql-analysis.yml
  3. +3 −3 lib/config/__snapshots__/secrets.spec.ts.snap
  4. +6 −6 lib/config/migration.spec.ts
  5. +4 −4 lib/config/secrets.spec.ts
  6. +1 −1 lib/datasource/clojure/index.spec.ts
  7. +5 −5 lib/datasource/docker/index.spec.ts
  8. +2 −2 lib/datasource/hex/__snapshots__/index.spec.ts.snap
  9. +4 −4 lib/datasource/hex/index.spec.ts
  10. +9 −9 lib/datasource/maven/__snapshots__/index.spec.ts.snap
  11. +1 −1 lib/datasource/maven/index.spec.ts
  12. +1 −1 lib/datasource/npm/__snapshots__/get.spec.ts.snap
  13. +2 −2 lib/datasource/npm/__snapshots__/index.spec.ts.snap
  14. +2 −2 lib/datasource/npm/get.spec.ts
  15. +4 −4 lib/datasource/npm/index.spec.ts
  16. +2 −2 lib/datasource/pypi/index.spec.ts
  17. +1 −1 lib/logger/__snapshots__/err-serializer.spec.ts.snap
  18. +4 −4 lib/logger/__snapshots__/index.spec.ts.snap
  19. +1 −1 lib/logger/err-serializer.spec.ts
  20. +2 −2 lib/logger/index.spec.ts
  21. +1 −1 lib/manager/git-submodules/extract.spec.ts
  22. +1 −1 lib/manager/mix/__snapshots__/artifacts.spec.ts.snap
  23. +2 −2 lib/manager/mix/artifacts.spec.ts
  24. +1 −1 lib/manager/npm/post-update/rules.spec.ts
  25. +9 −9 lib/platform/azure/__snapshots__/azure-got-wrapper.spec.ts.snap
  26. +1 −1 lib/platform/azure/__snapshots__/util.spec.ts.snap
  27. +2 −2 lib/platform/azure/azure-got-wrapper.spec.ts
  28. +1 −1 lib/platform/azure/util.spec.ts
  29. +234 −234 lib/platform/github/__snapshots__/index.spec.ts.snap
  30. +9 −9 lib/platform/github/index.spec.ts
  31. +172 −172 lib/platform/gitlab/__snapshots__/index.spec.ts.snap
  32. +1 −1 lib/platform/gitlab/index.spec.ts
  33. +12 −15 lib/util/http/auth.spec.ts
  34. +3 −3 lib/util/http/github.spec.ts
  35. +5 −0 lib/util/http/gitlab.spec.ts
  36. +3 −3 lib/util/merge-confidence/index.spec.ts
  37. +1 −1 lib/util/sanitize.spec.ts
  38. +2 −2 lib/util/template/index.spec.ts
  39. +1 −1 lib/workers/branch/commit.spec.ts
  40. +4 −4 lib/workers/branch/index.spec.ts
  41. +1 −1 lib/workers/global/autodiscover.spec.ts
  42. +1 −1 lib/workers/global/config/parse/cli.ts
  43. +2 −2 lib/workers/global/config/parse/index.spec.ts
  44. +1 −1 lib/workers/repository/onboarding/branch/index.spec.ts
  45. +5 −5 lib/workers/repository/process/extract-update.spec.ts
@@ -0,0 +1,2 @@
paths-ignore:
- /__fixtures__/**
@@ -23,6 +23,8 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@4854dd23d5f2aada3f026670784d5109e7702ea9 # renovate: tag=v1.0.14
with:
config-file: ./.github/codeql/codeql-config.yml

# Override language selection by uncommenting this and choosing your languages
# with:
@@ -5,7 +5,7 @@ Object {
"hostRules": Array [
Object {
"hostType": "npm",
"token": "abc123==",
"token": "123test==",
},
],
}
@@ -22,13 +22,13 @@ Object {
exports[`config/secrets applySecretsToConfig(config) replaces secrets in a subobject 1`] = `
Object {
"npm": Object {
"npmToken": "abc123==",
"npmToken": "123test==",
},
}
`;

exports[`config/secrets applySecretsToConfig(config) replaces secrets in the top level 1`] = `
Object {
"npmToken": "abc123==",
"npmToken": "123test==",
}
`;
@@ -687,9 +687,9 @@ describe('config/migration', () => {
it('it migrates hostRules fields', () => {
const config: RenovateConfig = {
hostRules: [
{ baseUrl: 'https://some.domain.com', token: 'abc123' },
{ domainName: 'domain.com', token: 'abc123' },
{ hostName: 'some.domain.com', token: 'abc123' },
{ baseUrl: 'https://some.domain.com', token: '123test' },
{ domainName: 'domain.com', token: '123test' },
{ hostName: 'some.domain.com', token: '123test' },
],
} as any;
const { isMigrated, migratedConfig } = configMigration.migrateConfig(
@@ -699,9 +699,9 @@ describe('config/migration', () => {
expect(isMigrated).toBe(true);
expect(migratedConfig).toEqual({
hostRules: [
{ matchHost: 'https://some.domain.com', token: 'abc123' },
{ matchHost: 'domain.com', token: 'abc123' },
{ matchHost: 'some.domain.com', token: 'abc123' },
{ matchHost: 'https://some.domain.com', token: '123test' },
{ matchHost: 'domain.com', token: '123test' },
{ matchHost: 'some.domain.com', token: '123test' },
],
});
});
@@ -48,7 +48,7 @@ describe('config/secrets', () => {
const config = {
prTitle: '{{ secrets.ARTIFACTORY_TOKEN }}',
secrets: {
ARTIFACTORY_TOKEN: 'abc123==',
ARTIFACTORY_TOKEN: '123test==',
},
};
expect(() => applySecretsToConfig(config)).toThrow(CONFIG_VALIDATION);
@@ -61,7 +61,7 @@ describe('config/secrets', () => {
});
it('replaces secrets in the top level', () => {
const config = {
secrets: { ARTIFACTORY_TOKEN: 'abc123==' },
secrets: { ARTIFACTORY_TOKEN: '123test==' },
npmToken: '{{ secrets.ARTIFACTORY_TOKEN }}',
};
const res = applySecretsToConfig(config);
@@ -70,7 +70,7 @@ describe('config/secrets', () => {
});
it('replaces secrets in a subobject', () => {
const config = {
secrets: { ARTIFACTORY_TOKEN: 'abc123==' },
secrets: { ARTIFACTORY_TOKEN: '123test==' },
npm: { npmToken: '{{ secrets.ARTIFACTORY_TOKEN }}' },
};
const res = applySecretsToConfig(config);
@@ -79,7 +79,7 @@ describe('config/secrets', () => {
});
it('replaces secrets in a array of objects', () => {
const config = {
secrets: { ARTIFACTORY_TOKEN: 'abc123==' },
secrets: { ARTIFACTORY_TOKEN: '123test==' },
hostRules: [
{ hostType: 'npm', token: '{{ secrets.ARTIFACTORY_TOKEN }}' },
],
@@ -83,7 +83,7 @@ describe('datasource/clojure/index', () => {
hostRules.add({
hostType: ClojureDatasource.id,
matchHost: 'custom.registry.renovatebot.com',
token: 'abc123',
token: '123test',
});
jest.resetAllMocks();
});
@@ -243,7 +243,7 @@ describe('datasource/docker/index', () => {
.reply(200, '', { 'docker-content-digest': 'some-digest' });

mockEcrAuthResolve({
authorizationData: [{ authorizationToken: 'abcdef' }],
authorizationData: [{ authorizationToken: 'test_token' }],
});

await getDigest(
@@ -276,7 +276,7 @@ describe('datasource/docker/index', () => {
.reply(200, '', { 'docker-content-digest': 'some-digest' });

mockEcrAuthResolve({
authorizationData: [{ authorizationToken: 'abc' }],
authorizationData: [{ authorizationToken: 'test' }],
});

const res = await getDigest(
@@ -353,7 +353,7 @@ describe('datasource/docker/index', () => {
.get(
'/token?service=registry.docker.io&scope=repository:library/some-other-dep:pull'
)
.reply(200, { access_token: 'some-token' });
.reply(200, { access_token: 'test' });
const res = await getDigest(
{ datasource: 'docker', depName: 'some-other-dep' },
'8.0.0-alpine'
@@ -528,7 +528,7 @@ describe('datasource/docker/index', () => {
.get(
'/token?service=registry.docker.io&scope=repository:library/node:pull'
)
.reply(200, { token: 'some-token ' });
.reply(200, { token: 'test' });
const res = await getPkgReleases({
datasource: id,
depName: 'node',
@@ -556,7 +556,7 @@ describe('datasource/docker/index', () => {
.get(
'/token?service=registry.docker.io&scope=repository:library/node:pull'
)
.reply(200, { token: 'some-token ' });
.reply(200, { token: 'test' });
const res = await getPkgReleases({
datasource: id,
depName: 'docker.io/node',
@@ -127,7 +127,7 @@ Array [
"headers": Object {
"accept": "application/json",
"accept-encoding": "gzip, deflate, br",
"authorization": "valid_token",
"authorization": "abc",
"host": "hex.pm",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -322,7 +322,7 @@ Array [
"headers": Object {
"accept": "application/json",
"accept-encoding": "gzip, deflate, br",
"authorization": "this_simple_token",
"authorization": "abc",
"host": "hex.pm",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -89,15 +89,15 @@ describe('datasource/hex/index', () => {
httpMock
.scope(baseUrl, {
reqheaders: {
authorization: 'this_simple_token',
authorization: 'abc',
},
})
.get('/packages/certifi')
.reply(401);

hostRules.find.mockReturnValueOnce({
authType: 'Token-Only',
token: 'this_simple_token',
token: 'abc',
});

const res = await getPkgReleases({
@@ -143,15 +143,15 @@ describe('datasource/hex/index', () => {
httpMock
.scope(baseUrl, {
reqheaders: {
authorization: 'valid_token',
authorization: 'abc',
},
})
.get('/repos/renovate_test/packages/private_package')
.reply(200, privatePackageResponse);

hostRules.find.mockReturnValueOnce({
authType: 'Token-Only',
token: 'valid_token',
token: 'abc',
});

const result = await getPkgReleases({
@@ -59,7 +59,7 @@ Array [
Object {
"headers": Object {
"accept-encoding": "gzip, deflate, br",
"authorization": "Bearer abc123",
"authorization": "Bearer 123test",
"host": "custom.registry.renovatebot.com",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -69,7 +69,7 @@ Array [
Object {
"headers": Object {
"accept-encoding": "gzip, deflate, br",
"authorization": "Bearer abc123",
"authorization": "Bearer 123test",
"host": "custom.registry.renovatebot.com",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -79,7 +79,7 @@ Array [
Object {
"headers": Object {
"accept-encoding": "gzip, deflate, br",
"authorization": "Bearer abc123",
"authorization": "Bearer 123test",
"host": "custom.registry.renovatebot.com",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -934,7 +934,7 @@ Array [
Object {
"headers": Object {
"accept-encoding": "gzip, deflate, br",
"authorization": "Bearer abc123",
"authorization": "Bearer 123test",
"host": "custom.registry.renovatebot.com",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -944,7 +944,7 @@ Array [
Object {
"headers": Object {
"accept-encoding": "gzip, deflate, br",
"authorization": "Bearer abc123",
"authorization": "Bearer 123test",
"host": "custom.registry.renovatebot.com",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -954,7 +954,7 @@ Array [
Object {
"headers": Object {
"accept-encoding": "gzip, deflate, br",
"authorization": "Bearer abc123",
"authorization": "Bearer 123test",
"host": "custom.registry.renovatebot.com",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -964,7 +964,7 @@ Array [
Object {
"headers": Object {
"accept-encoding": "gzip, deflate, br",
"authorization": "Bearer abc123",
"authorization": "Bearer 123test",
"host": "custom.registry.renovatebot.com",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -974,7 +974,7 @@ Array [
Object {
"headers": Object {
"accept-encoding": "gzip, deflate, br",
"authorization": "Bearer abc123",
"authorization": "Bearer 123test",
"host": "custom.registry.renovatebot.com",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -984,7 +984,7 @@ Array [
Object {
"headers": Object {
"accept-encoding": "gzip, deflate, br",
"authorization": "Bearer abc123",
"authorization": "Bearer 123test",
"host": "custom.registry.renovatebot.com",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -79,7 +79,7 @@ describe('datasource/maven/index', () => {
hostRules.add({
hostType: datasource,
matchHost: 'custom.registry.renovatebot.com',
token: 'abc123',
token: '123test',
});
jest.resetAllMocks();
});
@@ -475,7 +475,7 @@ Array [
"headers": Object {
"accept": "application/json",
"accept-encoding": "gzip, deflate, br",
"authorization": "Basic XXX",
"authorization": "Basic abc",
"host": "registry.npmjs.org",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -586,7 +586,7 @@ Array [
"headers": Object {
"accept": "application/json",
"accept-encoding": "gzip, deflate, br",
"authorization": "Bearer abcde",
"authorization": "Bearer abc",
"host": "npm.mycustomregistry.com",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -625,7 +625,7 @@ Array [
"headers": Object {
"accept": "application/json",
"accept-encoding": "gzip, deflate, br",
"authorization": "Bearer abcde",
"authorization": "Bearer abc",
"host": "npm.mycustomregistry.com",
"user-agent": "RenovateBot/0.0.0-semantic-release (https://github.com/renovatebot/renovate)",
},
@@ -152,14 +152,14 @@ describe('datasource/npm/get', () => {
const npmrc = ``;
hostRules.add({
matchHost: 'https://registry.npmjs.org',
token: 'XXX',
token: 'abc',
authType: 'Basic',
});

httpMock
.scope('https://registry.npmjs.org', {
reqheaders: {
authorization: 'Basic XXX',
authorization: 'Basic abc',
},
})
.get('/renovate')
@@ -270,11 +270,11 @@ describe('datasource/npm/index', () => {
hostRules.add({
hostType: 'npm',
matchHost: 'npm.mycustomregistry.com',
token: 'abcde',
token: 'abc',
});
httpMock
.scope('https://npm.mycustomregistry.com', {
reqheaders: { authorization: 'Bearer abcde' },
reqheaders: { authorization: 'Bearer abc' },
})
.get('/foobar')
.reply(200, npmResponse);
@@ -289,13 +289,13 @@ describe('datasource/npm/index', () => {
hostType: 'npm',
matchHost:
'https://npm.mycustomregistry.com/_packaging/mycustomregistry/npm/registry/',
token: 'abcde',
token: 'abc',
});
httpMock
.scope(
'https://npm.mycustomregistry.com/_packaging/mycustomregistry/npm/registry',
{
reqheaders: { authorization: 'Bearer abcde' },
reqheaders: { authorization: 'Bearer abc' },
}
)
.get('/foobar')
@@ -81,7 +81,7 @@ describe('datasource/pypi/index', () => {
});

it('sets private if authorization privided', async () => {
hostRules.add({ matchHost: 'customprivate.pypi.net', token: 'abc123' });
hostRules.add({ matchHost: 'customprivate.pypi.net', token: '123test' });
httpMock
.scope('https://customprivate.pypi.net/foo')
.get('/azure-cli-monitor/json')
@@ -258,7 +258,7 @@ describe('datasource/pypi/index', () => {
it('sets private simple if authorization provided', async () => {
hostRules.add({
matchHost: 'some.private.registry.org',
token: 'abc123',
token: '123test',
});
httpMock
.scope('https://some.private.registry.org/+simple/')
@@ -7,7 +7,7 @@ Object {
"message": "some message",
"options": Object {
"headers": Object {
"authorization": "Bearer abc",
"authorization": "Bearer testtoken",
},
},
"response": Object {

0 comments on commit 11aa3ba

Please sign in to comment.