Skip to content

Commit

Permalink
move tests
Browse files Browse the repository at this point in the history
  • Loading branch information
laurentsimon committed Feb 2, 2022
1 parent c38966d commit 69f0a83
Show file tree
Hide file tree
Showing 78 changed files with 70 additions and 50 deletions.
67 changes: 36 additions & 31 deletions checks/permissions_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ func TestGithubTokenPermissions(t *testing.T) {
}{
{
name: "run workflow codeql write test",
filenames: []string{"./testdata/github-workflow-permissions-run-codeql-write.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-run-codeql-write.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore,
Expand All @@ -66,7 +66,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "run workflow no codeql write test",
filenames: []string{"./testdata/github-workflow-permissions-run-no-codeql-write.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-run-no-codeql-write.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore - 1,
Expand All @@ -77,7 +77,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "run workflow write test",
filenames: []string{"./testdata/github-workflow-permissions-run-writes-2.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-run-writes-2.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MinResultScore,
Expand All @@ -88,7 +88,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "run package workflow write test",
filenames: []string{"./testdata/github-workflow-permissions-run-package-workflow-write.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-run-package-workflow-write.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore,
Expand All @@ -99,7 +99,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "run package write test",
filenames: []string{"./testdata/github-workflow-permissions-run-package-write.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-run-package-write.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MinResultScore,
Expand All @@ -110,7 +110,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "run writes test",
filenames: []string{"./testdata/github-workflow-permissions-run-writes.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-run-writes.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore,
Expand All @@ -121,7 +121,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "write all test",
filenames: []string{"./testdata/github-workflow-permissions-writeall.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-writeall.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MinResultScore,
Expand All @@ -132,7 +132,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "read all test",
filenames: []string{"./testdata/github-workflow-permissions-readall.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-readall.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore,
Expand All @@ -143,7 +143,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "no permission test",
filenames: []string{"./testdata/github-workflow-permissions-absent.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-absent.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MinResultScore,
Expand All @@ -154,7 +154,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "writes test",
filenames: []string{"./testdata/github-workflow-permissions-writes.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-writes.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore,
Expand All @@ -165,7 +165,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "reads test",
filenames: []string{"./testdata/github-workflow-permissions-reads.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-reads.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore,
Expand All @@ -176,7 +176,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "nones test",
filenames: []string{"./testdata/github-workflow-permissions-nones.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-nones.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore,
Expand All @@ -187,7 +187,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "none test",
filenames: []string{"./testdata/github-workflow-permissions-none.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-none.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore,
Expand All @@ -198,7 +198,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "status/checks write",
filenames: []string{"./testdata/github-workflow-permissions-status-checks.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-status-checks.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore - 1,
Expand All @@ -209,7 +209,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "sec-events/deployments write",
filenames: []string{"./testdata/github-workflow-permissions-secevent-deployments.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-secevent-deployments.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore - 2,
Expand All @@ -220,7 +220,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "contents write",
filenames: []string{"./testdata/github-workflow-permissions-contents.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-contents.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MinResultScore,
Expand All @@ -231,7 +231,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "actions write",
filenames: []string{"./testdata/github-workflow-permissions-actions.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-actions.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MinResultScore,
Expand All @@ -242,7 +242,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "packages write",
filenames: []string{"./testdata/github-workflow-permissions-packages.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-packages.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MinResultScore,
Expand All @@ -253,7 +253,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "Non-yaml file",
filenames: []string{"./testdata/script.sh"},
filenames: []string{"script.sh"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore,
Expand All @@ -264,7 +264,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "release workflow write",
filenames: []string{"./testdata/github-workflow-permissions-release-writes.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-release-writes.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore,
Expand All @@ -275,7 +275,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "package workflow write",
filenames: []string{"./testdata/github-workflow-permissions-packages-writes.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-packages-writes.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore,
Expand All @@ -286,7 +286,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "workflow jobs only",
filenames: []string{"./testdata/github-workflow-permissions-jobs-only.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-jobs-only.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: 9,
Expand All @@ -297,7 +297,7 @@ func TestGithubTokenPermissions(t *testing.T) {
},
{
name: "security-events write, codeql comment",
filenames: []string{"./testdata/github-workflow-permissions-run-write-codeql-comment.yaml"},
filenames: []string{".github/workflows/github-workflow-permissions-run-write-codeql-comment.yaml"},
expected: scut.TestReturn{
Error: nil,
Score: checker.MaxResultScore - 1,
Expand All @@ -309,8 +309,8 @@ func TestGithubTokenPermissions(t *testing.T) {
{
name: "two files mix run-level and top-level",
filenames: []string{
"./testdata/github-workflow-permissions-top-level-only.yaml",
"./testdata/github-workflow-permissions-run-level-only.yaml",
".github/workflows/github-workflow-permissions-top-level-only.yaml",
".github/workflows/github-workflow-permissions-run-level-only.yaml",
},
expected: scut.TestReturn{
Error: nil,
Expand All @@ -323,8 +323,8 @@ func TestGithubTokenPermissions(t *testing.T) {
{
name: "two files mix run-level and absent",
filenames: []string{
"./testdata/github-workflow-permissions-run-level-only.yaml",
"./testdata/github-workflow-permissions-absent.yaml",
".github/workflows/github-workflow-permissions-run-level-only.yaml",
".github/workflows/github-workflow-permissions-absent.yaml",
},
expected: scut.TestReturn{
Error: nil,
Expand All @@ -337,8 +337,8 @@ func TestGithubTokenPermissions(t *testing.T) {
{
name: "two files mix top-level and absent",
filenames: []string{
"./testdata/github-workflow-permissions-top-level-only.yaml",
"./testdata/github-workflow-permissions-absent.yaml",
".github/workflows/github-workflow-permissions-top-level-only.yaml",
".github/workflows/github-workflow-permissions-absent.yaml",
},
expected: scut.TestReturn{
Error: nil,
Expand All @@ -349,6 +349,11 @@ func TestGithubTokenPermissions(t *testing.T) {
},
},
}

if err := os.Chdir("./testdata/"); err != nil {
panic(fmt.Errorf("os.Chdir: %w", err))
}

for _, tt := range tests {
tt := tt // Re-initializing variable so it is not changed while executing the closure below
t.Run(tt.name, func(t *testing.T) {
Expand Down Expand Up @@ -386,7 +391,7 @@ func TestGithubTokenPermissionsLineNumber(t *testing.T) {
}{
{
name: "Job level write permission",
filename: "./testdata/github-workflow-permissions-run-no-codeql-write.yaml",
filename: ".github/workflows/github-workflow-permissions-run-no-codeql-write.yaml",
expected: []struct {
lineNumber uint
}{
Expand All @@ -397,7 +402,7 @@ func TestGithubTokenPermissionsLineNumber(t *testing.T) {
},
{
name: "Workflow level write permission",
filename: "./testdata/github-workflow-permissions-writeall.yaml",
filename: ".github/workflows/github-workflow-permissions-writeall.yaml",
expected: []struct {
lineNumber uint
}{
Expand Down
Loading

0 comments on commit 69f0a83

Please sign in to comment.