Skip to content

Commit

Permalink
🐛 Token permission check was failing on non-yaml files
Browse files Browse the repository at this point in the history
  • Loading branch information
Chris McGehee authored and naveensrinivasan committed Nov 4, 2021
1 parent 6562cc1 commit 2006be1
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 1 deletion.
3 changes: 3 additions & 0 deletions checks/permissions.go
Original file line number Diff line number Diff line change
Expand Up @@ -360,6 +360,9 @@ func testValidateGitHubActionTokenPermissions(pathfn string,
// Check file content.
func validateGitHubActionTokenPermissions(path string, content []byte,
dl checker.DetailLogger, data FileCbData) (bool, error) {
if !isWorkflowFile(path) {
return true, nil
}
// Verify the type of the data.
pdata, ok := data.(*permissionCbData)
if !ok {
Expand Down
15 changes: 14 additions & 1 deletion checks/permissions_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -230,6 +230,17 @@ func TestGithubTokenPermissions(t *testing.T) {
NumberOfDebug: 4,
},
},
{
name: "Non-yaml file",
filename: "./testdata/script.sh",
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore,
NumberOfWarn: 0,
NumberOfInfo: 0,
NumberOfDebug: 0,
},
},
}
for _, tt := range tests {
tt := tt // Re-initializing variable so it is not changed while executing the closure below
Expand All @@ -247,7 +258,9 @@ func TestGithubTokenPermissions(t *testing.T) {
}
dl := scut.TestDetailLogger{}
r := testValidateGitHubActionTokenPermissions(tt.filename, content, &dl)
scut.ValidateTestReturn(t, tt.name, &tt.expected, &r, &dl)
if !scut.ValidateTestReturn(t, tt.name, &tt.expected, &r, &dl) {
t.Fail()
}
})
}
}

0 comments on commit 2006be1

Please sign in to comment.