Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[test] fix gcb e2e #363

Draft
wants to merge 6 commits into
base: main
Choose a base branch
from
Draft

[test] fix gcb e2e #363

wants to merge 6 commits into from

Conversation

ramonpetgrave64
Copy link
Collaborator

@ramonpetgrave64 ramonpetgrave64 commented Apr 19, 2024
edited

Followup to #350

Fixes the tests to correctly edit the payload file, so that this particular test fill fail as expected.

We may also want to do the same change on the next line, for non-gcb tests

Testing

executed the workflow against this PR's branch

https://github.com/slsa-framework/example-package/actions/runs/8756899306/job/24034397658#step:5:150

...
  **** Wrong payload *****
WARNING: Insecure SLSA_VERIFIER_TESTING is enabled.
FAILED: SLSA verification failed: invalid DSSE envelope payload: unexpected end of JSON input
...

@ramonpetgrave64
[test] fix gcb e2e
7caa2ea 
Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64
Update e2e-verify.common.sh
c524cb5 
Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64
fix editing the payload file
f2ef45c 
Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64
write to temp file first
2613fe9 
Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64
back to index 0
7e75e8f 
Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64
typo
441e656 
Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64
Copy link
Collaborator Author

@laurentsimon

laurentsimon
laurentsimon reviewed Apr 25, 2024
View reviewed changes
.github/workflows/scripts/e2e-verify.common.sh
@@ -193,7 +193,7 @@ e2e_set_payload() {
local this_builder
this_builder=$(e2e_this_builder)
if [[ "${this_builder}" == "gcb" ]]; then
jq -c ".provenance_summary.provenance[0].envelope.payload = \"$(echo "$2" | base64 -w0)\"" <"$1"
jq -c ".provenance_summary.provenance[0].envelope.payload = \"$(echo "$2" | base64 -w0)\"" <"$1" > tmp.json && mv tmp.json "$1"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why do we need to create a file? I think the function needs to print the change, and the caller saves it to file of they want?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok. something isn't happening correctly here for gcb, then

example-package/.github/workflows/scripts/e2e-verify.common.sh

Lines 540 to 546 in 441e656

echo " **** Wrong payload *****"
local bad_prov
bad_prov="$(mktemp -t slsa-e2e.XXXXXXXX)"
e2e_set_payload "$PROVENANCE" '{"foo": "bar"}' >"${bad_prov}"
read -ra badProvenanceArg <<<"$($argr "provenance") ${bad_prov}"
$verifierCmd "${artifactAndbuilderMinArgs[@]}" "${branchOpts[@]}" "${badProvenanceArg[@]}" "${packageArg[@]}" "${sourceArg[@]}" "github.com/$GITHUB_REPOSITORY"
e2e_assert_not_eq "$?" "0" "wrong payload"

Like $bad_prov should actually be $PROVENANCE

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@laurentsimon laurentsimon laurentsimon left review comments

@joshuagl joshuagl Awaiting requested review from joshuagl joshuagl will be requested when the pull request is marked ready for review joshuagl is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ramonpetgrave64 @laurentsimon