Skip to content

Commit

Permalink
🐛 scanning gitlab private repositories (#3596)
Browse files Browse the repository at this point in the history
* fix: Run for gitlab private repos

Signed-off-by: Gabriela Gutierrez <[email protected]>

* test: gitlab repo is accessible

Signed-off-by: Gabriela Gutierrez <[email protected]>

* fix: linter error

Signed-off-by: Gabriela Gutierrez <[email protected]>

---------

Signed-off-by: Gabriela Gutierrez <[email protected]>
Co-authored-by: Raghav Kaul <[email protected]>
  • Loading branch information
gabibguti and raghavkaul authored Oct 23, 2023
1 parent 2d93196 commit ca5c404
Show file tree
Hide file tree
Showing 2 changed files with 72 additions and 2 deletions.
3 changes: 1 addition & 2 deletions clients/gitlabrepo/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,8 +62,7 @@ var errRepoAccess = errors.New("repo inaccessible")

// Raise an error if repository access level is private or disabled.
func checkRepoInaccessible(repo *gitlab.Project) error {
if (repo.RepositoryAccessLevel == gitlab.PrivateAccessControl) ||
(repo.RepositoryAccessLevel == gitlab.DisabledAccessControl) {
if repo.RepositoryAccessLevel == gitlab.DisabledAccessControl {
return fmt.Errorf("%w: %s access level %s",
errRepoAccess, repo.PathWithNamespace, string(repo.RepositoryAccessLevel),
)
Expand Down
71 changes: 71 additions & 0 deletions clients/gitlabrepo/client_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
// Copyright 2023 OpenSSF Scorecard Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package gitlabrepo

import (
"errors"
"testing"

"github.com/xanzy/go-gitlab"
)

func TestCheckRepoInaccessible(t *testing.T) {
t.Parallel()

tests := []struct {
want error
repo *gitlab.Project
name string
}{
{
name: "if repo is enabled then it is accessible",
repo: &gitlab.Project{
RepositoryAccessLevel: gitlab.EnabledAccessControl,
},
},
{
name: "repo should not have public access in this case, but if it does it is accessible",
repo: &gitlab.Project{
RepositoryAccessLevel: gitlab.PublicAccessControl,
},
},
{
name: "if repo is disabled then is inaccessible",
repo: &gitlab.Project{
RepositoryAccessLevel: gitlab.DisabledAccessControl,
},
want: errRepoAccess,
},
{
name: "if repo is private then it is accessible",
repo: &gitlab.Project{
RepositoryAccessLevel: gitlab.PrivateAccessControl,
},
},
}

for _, tt := range tests {
tt := tt

t.Run(tt.name, func(t *testing.T) {
t.Parallel()

got := checkRepoInaccessible(tt.repo)
if !errors.Is(got, tt.want) {
t.Errorf("checkRepoInaccessible() got %v, want %v", got, tt.want)
}
})
}
}

0 comments on commit ca5c404

Please sign in to comment.