update

Signed-off-by: laurentsimon <[email protected]>

cli/slsa-verifier/main_regression_test.go

@@ -1510,34 +1510,107 @@ func Test_runVerifyNpmPackage(t *testing.T) {
 		pkgName    *string
 		err        error
 	}{
-		// TODO: add new run with long runner ID.
+		// npm CLI with tag.
 		{
 			name:       "valid npm CLI builder",
-			artifact:   "provenance-npm-test-cli.tgz",
+			artifact:   "supreme-googles-cli-v02-prega.tgz",
+			source:     "trishankatdatadog/supreme-goggles",
+			pkgVersion: PointerTo("1.0.5"),
+			pkgName:    PointerTo("@trishankatdatadog/supreme-goggles"),
+			builderID:  PointerTo("https://github.com/actions/runner/github-hosted"),
+		},
+		{
+			name:       "valid npm CLI builder short runner name",
+			artifact:   "supreme-googles-cli-v02-prega.tgz",
+			source:     "trishankatdatadog/supreme-goggles",
+			pkgVersion: PointerTo("1.0.5"),
+			pkgName:    PointerTo("@trishankatdatadog/supreme-goggles"),
+			builderID:  PointerTo("https://github.com/actions/runner"),
+		},
+		{
+			name:       "valid npm CLI builder no builder",
+			artifact:   "supreme-googles-cli-v02-prega.tgz",
+			source:     "trishankatdatadog/supreme-goggles",
+			pkgVersion: PointerTo("1.0.5"),
+			pkgName:    PointerTo("@trishankatdatadog/supreme-goggles"),
+			err:        serrors.ErrorInvalidBuilderID,
+		},
+		{
+			name:       "valid npm CLI builder mismatch builder",
+			artifact:   "supreme-googles-cli-v02-prega.tgz",
+			source:     "trishankatdatadog/supreme-goggles",
+			pkgVersion: PointerTo("1.0.5"),
+			pkgName:    PointerTo("@trishankatdatadog/supreme-goggles"),
+			builderID:  PointerTo("https://github.com/actions/runner2"),
+			err:        serrors.ErrorNotSupported,
+		},
+		{
+			name:       "valid npm CLI builder no package name",
+			artifact:   "supreme-googles-cli-v02-prega.tgz",
+			source:     "trishankatdatadog/supreme-goggles",
+			pkgVersion: PointerTo("1.0.5"),
+			builderID:  PointerTo("https://github.com/actions/runner/github-hosted"),
+		},
+		{
+			name:      "valid npm CLI builder no package version",
+			artifact:  "supreme-googles-cli-v02-prega.tgz",
+			source:    "trishankatdatadog/supreme-goggles",
+			pkgName:   PointerTo("@trishankatdatadog/supreme-goggles"),
+			builderID: PointerTo("https://github.com/actions/runner/github-hosted"),
+		},
+		{
+			name:       "valid npm CLI builder mismatch source",
+			artifact:   "supreme-googles-cli-v02-prega.tgz",
+			source:     "trishankatdatadog/supreme-goggleS",
+			pkgVersion: PointerTo("1.0.5"),
+			pkgName:    PointerTo("@trishankatdatadog/supreme-goggles"),
+			builderID:  PointerTo("https://github.com/actions/runner/github-hosted"),
+			err:        serrors.ErrorMismatchSource,
+		},
+		{
+			name:       "valid npm CLI builder mismatch package version",
+			artifact:   "supreme-googles-cli-v02-prega.tgz",
+			source:     "trishankatdatadog/supreme-goggles",
+			pkgVersion: PointerTo("1.0.4"),
+			builderID:  PointerTo("https://github.com/actions/runner/github-hosted"),
+			err:        serrors.ErrorMismatchPackageVersion,
+		},
+		{
+			name:      "valid npm CLI builder mismatch package name",
+			artifact:  "supreme-googles-cli-v02-prega.tgz",
+			source:    "trishankatdatadog/supreme-goggles",
+			pkgName:   PointerTo("@trishankatdatadog/supreme-goggleS"),
+			builderID: PointerTo("https://github.com/actions/runner/github-hosted"),
+			err:       serrors.ErrorMismatchPackageName,
+		},
+		// npm CLI with main branch.
+		{
+			name:       "valid npm CLI builder",
+			artifact:   "provenance-npm-test-cli-v02-prega.tgz",
 			source:     "github.com/laurentsimon/provenance-npm-test",
 			pkgVersion: PointerTo("1.0.3"),
 			pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
 			builderID:  PointerTo("https://github.com/actions/runner/github-hosted"),
 		},
 		{
 			name:       "valid npm CLI builder short runner name",
-			artifact:   "provenance-npm-test-cli.tgz",
+			artifact:   "provenance-npm-test-cli-v02-prega.tgz",
 			source:     "github.com/laurentsimon/provenance-npm-test",
 			pkgVersion: PointerTo("1.0.3"),
 			pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
 			builderID:  PointerTo("https://github.com/actions/runner"),
 		},
 		{
 			name:       "valid npm CLI builder no builder",
-			artifact:   "provenance-npm-test-cli.tgz",
+			artifact:   "provenance-npm-test-cli-v02-prega.tgz",
 			source:     "github.com/laurentsimon/provenance-npm-test",
 			pkgVersion: PointerTo("1.0.3"),
 			pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
 			err:        serrors.ErrorInvalidBuilderID,
 		},
 		{
 			name:       "valid npm CLI builder mismatch builder",
-			artifact:   "provenance-npm-test-cli.tgz",
+			artifact:   "provenance-npm-test-cli-v02-prega.tgz",
 			source:     "github.com/laurentsimon/provenance-npm-test",
 			pkgVersion: PointerTo("1.0.3"),
 			pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
@@ -1546,107 +1619,108 @@ func Test_runVerifyNpmPackage(t *testing.T) {
 		},
 		{
 			name:       "valid npm CLI builder no package name",
-			artifact:   "provenance-npm-test-cli.tgz",
+			artifact:   "provenance-npm-test-cli-v02-prega.tgz",
 			pkgVersion: PointerTo("1.0.3"),
 			source:     "github.com/laurentsimon/provenance-npm-test",
 			builderID:  PointerTo("https://github.com/actions/runner/github-hosted"),
 		},
 		{
 			name:      "valid npm CLI builder no package version",
-			artifact:  "provenance-npm-test-cli.tgz",
+			artifact:  "provenance-npm-test-cli-v02-prega.tgz",
 			source:    "github.com/laurentsimon/provenance-npm-test",
 			pkgName:   PointerTo("@laurentsimon/provenance-npm-test"),
 			builderID: PointerTo("https://github.com/actions/runner/github-hosted"),
 		},
 		{
 			name:      "valid npm CLI builder mismatch source",
-			artifact:  "provenance-npm-test-cli.tgz",
+			artifact:  "provenance-npm-test-cli-v02-prega.tgz",
 			source:    "github.com/laurentsimon/provenance-npm-test2",
 			builderID: PointerTo("https://github.com/actions/runner/github-hosted"),
 			err:       serrors.ErrorMismatchSource,
 		},
 		{
 			name:       "valid npm CLI builder mismatch package version",
-			artifact:   "provenance-npm-test-cli.tgz",
+			artifact:   "provenance-npm-test-cli-v02-prega.tgz",
 			source:     "github.com/laurentsimon/provenance-npm-test",
 			pkgVersion: PointerTo("1.0.4"),
 			builderID:  PointerTo("https://github.com/actions/runner/github-hosted"),
 			err:        serrors.ErrorMismatchPackageVersion,
 		},
 		{
 			name:      "valid npm CLI builder mismatch package name",
-			artifact:  "provenance-npm-test-cli.tgz",
+			artifact:  "provenance-npm-test-cli-v02-prega.tgz",
 			source:    "github.com/laurentsimon/provenance-npm-test",
 			pkgName:   PointerTo("@laurentsimon/provenance-npm-test2"),
 			builderID: PointerTo("https://github.com/actions/runner/github-hosted"),
 			err:       serrors.ErrorMismatchPackageName,
 		},
-		// {
-		// 	name:       "valid npm OSSF builder",
-		// 	artifact:   "provenance-npm-test-ossf.tgz",
-		// 	source:     "github.com/laurentsimon/provenance-npm-test",
-		// 	pkgVersion: PointerTo("1.0.5"),
-		// 	pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
-		// 	builderID:  PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml"),
-		// },
-		// {
-		// 	name:       "valid npm OSSF builder no builder",
-		// 	artifact:   "provenance-npm-test-ossf.tgz",
-		// 	source:     "github.com/laurentsimon/provenance-npm-test",
-		// 	pkgVersion: PointerTo("1.0.5"),
-		// 	pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
-		// 	err:        serrors.ErrorInvalidBuilderID,
-		// },
-		// {
-		// 	name:       "valid npm OSSF builder mismatch builder",
-		// 	artifact:   "provenance-npm-test-ossf.tgz",
-		// 	source:     "github.com/laurentsimon/provenance-npm-test",
-		// 	pkgVersion: PointerTo("1.0.5"),
-		// 	pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
-		// 	builderID:  PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa.yml"),
-		// 	err:        serrors.ErrorMismatchBuilderID,
-		// },
-		// {
-		// 	name:       "valid npm OSSF builder no package name",
-		// 	artifact:   "provenance-npm-test-ossf.tgz",
-		// 	source:     "github.com/laurentsimon/provenance-npm-test",
-		// 	pkgVersion: PointerTo("1.0.5"),
-		// 	builderID:  PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml"),
-		// },
-		// {
-		// 	name:      "valid npm OSSF builder no package version",
-		// 	artifact:  "provenance-npm-test-ossf.tgz",
-		// 	source:    "github.com/laurentsimon/provenance-npm-test",
-		// 	pkgName:   PointerTo("@laurentsimon/provenance-npm-test"),
-		// 	builderID: PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml"),
-		// },
-		// {
-		// 	name:       "valid npm OSSF builder mismatch package name",
-		// 	artifact:   "provenance-npm-test-ossf.tgz",
-		// 	source:     "github.com/laurentsimon/provenance-npm-test",
-		// 	pkgVersion: PointerTo("1.0.5"),
-		// 	pkgName:    PointerTo("@laurentsimon/provenance-npm-test2"),
-		// 	builderID:  PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml"),
-		// 	err:        serrors.ErrorMismatchPackageName,
-		// },
-		// {
-		// 	name:       "valid npm OSSF builder mismatch package version",
-		// 	artifact:   "provenance-npm-test-ossf.tgz",
-		// 	source:     "github.com/laurentsimon/provenance-npm-test",
-		// 	pkgVersion: PointerTo("1.0.6"),
-		// 	pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
-		// 	builderID:  PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml"),
-		// 	err:        serrors.ErrorMismatchPackageVersion,
-		// },
-		// {
-		// 	name:       "valid npm OSSF builder mismatch mismatch source",
-		// 	artifact:   "provenance-npm-test-ossf.tgz",
-		// 	source:     "github.com/laurentsimon/provenance-npm-test2",
-		// 	pkgVersion: PointerTo("1.0.5"),
-		// 	pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
-		// 	builderID:  PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml"),
-		// 	err:        serrors.ErrorMismatchSource,
-		// },
+		// OSSF builder.
+		{
+			name:       "valid npm OSSF builder",
+			artifact:   "provenance-npm-test-ossf.tgz",
+			source:     "github.com/laurentsimon/provenance-npm-test",
+			pkgVersion: PointerTo("1.0.5"),
+			pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
+			builderID:  PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml"),
+		},
+		{
+			name:       "valid npm OSSF builder no builder",
+			artifact:   "provenance-npm-test-ossf.tgz",
+			source:     "github.com/laurentsimon/provenance-npm-test",
+			pkgVersion: PointerTo("1.0.5"),
+			pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
+			err:        serrors.ErrorInvalidBuilderID,
+		},
+		{
+			name:       "valid npm OSSF builder mismatch builder",
+			artifact:   "provenance-npm-test-ossf.tgz",
+			source:     "github.com/laurentsimon/provenance-npm-test",
+			pkgVersion: PointerTo("1.0.5"),
+			pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
+			builderID:  PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa.yml"),
+			err:        serrors.ErrorMismatchBuilderID,
+		},
+		{
+			name:       "valid npm OSSF builder no package name",
+			artifact:   "provenance-npm-test-ossf.tgz",
+			source:     "github.com/laurentsimon/provenance-npm-test",
+			pkgVersion: PointerTo("1.0.5"),
+			builderID:  PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml"),
+		},
+		{
+			name:      "valid npm OSSF builder no package version",
+			artifact:  "provenance-npm-test-ossf.tgz",
+			source:    "github.com/laurentsimon/provenance-npm-test",
+			pkgName:   PointerTo("@laurentsimon/provenance-npm-test"),
+			builderID: PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml"),
+		},
+		{
+			name:       "valid npm OSSF builder mismatch package name",
+			artifact:   "provenance-npm-test-ossf.tgz",
+			source:     "github.com/laurentsimon/provenance-npm-test",
+			pkgVersion: PointerTo("1.0.5"),
+			pkgName:    PointerTo("@laurentsimon/provenance-npm-test2"),
+			builderID:  PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml"),
+			err:        serrors.ErrorMismatchPackageName,
+		},
+		{
+			name:       "valid npm OSSF builder mismatch package version",
+			artifact:   "provenance-npm-test-ossf.tgz",
+			source:     "github.com/laurentsimon/provenance-npm-test",
+			pkgVersion: PointerTo("1.0.6"),
+			pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
+			builderID:  PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml"),
+			err:        serrors.ErrorMismatchPackageVersion,
+		},
+		{
+			name:       "valid npm OSSF builder mismatch mismatch source",
+			artifact:   "provenance-npm-test-ossf.tgz",
+			source:     "github.com/laurentsimon/provenance-npm-test2",
+			pkgVersion: PointerTo("1.0.5"),
+			pkgName:    PointerTo("@laurentsimon/provenance-npm-test"),
+			builderID:  PointerTo("https://github.com/slsa-framework/slsa-github-generator/.github/workflows/builder_nodejs_slsa3.yml"),
+			err:        serrors.ErrorMismatchSource,
+		},
 	}
 	for _, tt := range tests {
 		tt := tt // Re-initializing variable so it is not changed while executing the closure below