From 958dd6e02f9ed42bd043e3f5712ed71ac29fff88 Mon Sep 17 00:00:00 2001
From: Spencer Schrock <sschrock@google.com>
Date: Tue, 9 Jul 2024 12:52:15 -0700
Subject: [PATCH 1/3] add config e2e test

Signed-off-by: Spencer Schrock <sschrock@google.com>
---
 e2e/config_test.go | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 e2e/config_test.go

diff --git a/e2e/config_test.go b/e2e/config_test.go
new file mode 100644
index 00000000000..2b64a15a001
--- /dev/null
+++ b/e2e/config_test.go
@@ -0,0 +1,40 @@
+// Copyright 2024 OpenSSF Scorecard Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package e2e
+
+import (
+	"context"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+
+	"github.com/ossf/scorecard/v5/checks"
+	"github.com/ossf/scorecard/v5/clients/githubrepo"
+	"github.com/ossf/scorecard/v5/pkg"
+)
+
+var _ = Describe("E2E TEST: config parsing", func() {
+	Context("E2E TEST:Valid config parsing", func() {
+		It("Should return an annotation from the config", func() {
+			repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-config-e2e")
+			Expect(err).Should(BeNil())
+			results, err := pkg.Run(context.Background(), repo,
+				pkg.WithChecks([]string{checks.CheckCodeReview}),
+			)
+			Expect(err).Should(BeNil())
+			Expect(len(results.Config.Annotations)).Should(BeNumerically(">=", 1))
+		})
+	})
+})

From 5532f80cf9398ad3fb21cf735a9933b67e00ab34 Mon Sep 17 00:00:00 2001
From: Spencer Schrock <sschrock@google.com>
Date: Tue, 9 Jul 2024 12:57:08 -0700
Subject: [PATCH 2/3] update readme syntax

The old syntax was changed so the README was out of date.
This was exposed when setting up the e2e repo.

Signed-off-by: Spencer Schrock <sschrock@google.com>
---
 config/README.md | 27 ++++++++++++---------------
 1 file changed, 12 insertions(+), 15 deletions(-)

diff --git a/config/README.md b/config/README.md
index 6da7b5294c2..e4ef0987174 100644
--- a/config/README.md
+++ b/config/README.md
@@ -10,40 +10,37 @@ To annotate your repository, create a `scorecard.yml` file in the root of your r
 The file structure is as follows:
 
 ```yml
-exemptions:
+annotations:
   - checks:
       - binary-artifacts
-    annotations:
-      - annotation: test-data # the binary files are only used for testing
+    reasons:
+      - reason: test-data # the binary files are only used for testing
   - checks:
       - dangerous-workflow
-    annotations:
-      - annotation: remediated # the workflow is dangerous but only run under maintainers verification and approval
-      -
+    reasons:
+      - reason: remediated # the workflow is dangerous but only run under maintainers verification and approval
 ```
 
 You can annotate multiple checks at a time:
 
 ```yml
-exemptions:
+annotations:
   - checks:
       - binary-artifacts
       - pinned-dependencies
-    annotations:
-      - annotation: test-data # the binary files and files with unpinned dependencies are only used for testing
- 
+    reasons:
+      - reason: test-data # the binary files and files with unpinned dependencies are only used for testing
 ```
 
 And also provide multiple annotations for checks:
 
 ```yml
-exemptions:
+annotations:
   - checks:
       - binary-artifacts
-    annotations:
-      - annotation: test-data # test.exe is only used for testing 
-      - annotation: remediated # dependency.exe is needed and it's used but the binary signature is verified
-  
+    reasons:
+      - reason: test-data # test.exe is only used for testing 
+      - reason: remediated # dependency.exe is needed and it's used but the binary signature is verified
 ```
 
 The available checks are the Scorecard checks in lower case e.g. Binary-Artifacts is `binary-artifacts`.

From af909ff688e3036fcef0b068c8e7d6fb2139f503 Mon Sep 17 00:00:00 2001
From: Spencer Schrock <sschrock@google.com>
Date: Wed, 10 Jul 2024 11:27:57 -0700
Subject: [PATCH 3/3] fix rename

Signed-off-by: Spencer Schrock <sschrock@google.com>
---
 e2e/config_test.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/e2e/config_test.go b/e2e/config_test.go
index 2b64a15a001..2720dc63540 100644
--- a/e2e/config_test.go
+++ b/e2e/config_test.go
@@ -22,7 +22,7 @@ import (
 
 	"github.com/ossf/scorecard/v5/checks"
 	"github.com/ossf/scorecard/v5/clients/githubrepo"
-	"github.com/ossf/scorecard/v5/pkg"
+	"github.com/ossf/scorecard/v5/pkg/scorecard"
 )
 
 var _ = Describe("E2E TEST: config parsing", func() {
@@ -30,8 +30,8 @@ var _ = Describe("E2E TEST: config parsing", func() {
 		It("Should return an annotation from the config", func() {
 			repo, err := githubrepo.MakeGithubRepo("ossf-tests/scorecard-config-e2e")
 			Expect(err).Should(BeNil())
-			results, err := pkg.Run(context.Background(), repo,
-				pkg.WithChecks([]string{checks.CheckCodeReview}),
+			results, err := scorecard.Run(context.Background(), repo,
+				scorecard.WithChecks([]string{checks.CheckCodeReview}),
 			)
 			Expect(err).Should(BeNil())
 			Expect(len(results.Config.Annotations)).Should(BeNumerically(">=", 1))