From 75169ff3f01142eb002c2e1430628c0fec435c94 Mon Sep 17 00:00:00 2001 From: Balijepalli Vamshi Krishna Date: Thu, 30 Oct 2025 22:00:13 +0530 Subject: [PATCH] log to validate pat --- remediation/workflow/pin/pinactions.go | 2 ++ remediation/workflow/secureworkflow_test.go | 1 - 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/remediation/workflow/pin/pinactions.go b/remediation/workflow/pin/pinactions.go index 7f0dcff9..ebba8a30 100644 --- a/remediation/workflow/pin/pinactions.go +++ b/remediation/workflow/pin/pinactions.go @@ -3,6 +3,7 @@ package pin import ( "context" "fmt" + "log" "os" "path/filepath" "regexp" @@ -67,6 +68,7 @@ func PinAction(action, inputYaml string, exemptedActions []string, pinToImmutabl PAT := os.Getenv("SECURE_REPO_PAT") if PAT == "" { PAT = os.Getenv("PAT") + log.Println("SECURE_REPO_PAT is not set, using PAT") } ctx := context.Background() diff --git a/remediation/workflow/secureworkflow_test.go b/remediation/workflow/secureworkflow_test.go index e6db62b4..763ee32a 100644 --- a/remediation/workflow/secureworkflow_test.go +++ b/remediation/workflow/secureworkflow_test.go @@ -217,7 +217,6 @@ func TestSecureWorkflow(t *testing.T) { }{ {fileName: "replaceactions.yml", wantPinnedActions: true, wantAddedHardenRunner: true, wantAddedPermissions: false, wantAddedMaintainedActions: true}, {fileName: "allscenarios.yml", wantPinnedActions: true, wantAddedHardenRunner: true, wantAddedPermissions: true}, - // {fileName: "missingaction.yml", wantPinnedActions: true, wantAddedHardenRunner: true, wantAddedPermissions: false}, {fileName: "nohardenrunner.yml", wantPinnedActions: true, wantAddedHardenRunner: false, wantAddedPermissions: true}, {fileName: "noperms.yml", wantPinnedActions: true, wantAddedHardenRunner: true, wantAddedPermissions: false}, {fileName: "nopin.yml", wantPinnedActions: false, wantAddedHardenRunner: true, wantAddedPermissions: true},