[BRE-541] Handling steps where no comment is added to uses (#44)

Author: pixman20

src/bitwarden_workflow_linter/models/step.py

@@ -39,10 +39,13 @@ def init(cls: Self, idx: int, job: str, data: CommentedMap) -> Self:
         new_step.key = idx
         new_step.job = job
 
-        if "uses" in data.ca.items and data.ca.items["uses"][2]:
-            new_step.uses_comment = data.ca.items["uses"][2].value.replace("\n", "")
+        if new_step.uses:
+            if "uses" in data.ca.items and data.ca.items["uses"][2]:
+                new_step.uses_comment = data.ca.items["uses"][2].value.replace("\n", "")
+                new_step.uses_version = new_step.uses_comment.split(" ")[-1]
             if "@" in new_step.uses:
                 new_step.uses_path, new_step.uses_ref = new_step.uses.split("@")
-                new_step.uses_version = new_step.uses_comment.split(" ")[-1]
+            else:
+                new_step.uses_path = new_step.uses
 
         return new_step

tests/rules/test_step_approved.py

@@ -70,6 +70,11 @@ def fixture_incorrect_workflow():
       - name: Checkout Branch
         uses: joseph-flinn/action-DNE@main
 
+      - name: Checkout Branch with Ref
+        uses: notbitwarden/subfolder/action-DNE@main
+        with:
+            ref: main
+
 """
     return WorkflowBuilder.build(workflow=yaml.load(workflow), from_file=False)
 
@@ -98,6 +103,10 @@ def test_rule_on_incorrect_workflow(rule, incorrect_workflow):
     assert result is False
     assert "New Action detected" in message
 
+    result, message = rule.fn(incorrect_workflow.jobs["job-key"].steps[1])
+    assert result is False
+    assert "New Action detected" in message
+
 
 def test_fail_compatibility(rule, correct_workflow):
     finding = rule.execute(correct_workflow)

tests/test_step.py

@@ -36,6 +36,45 @@ def fixture_uses_step():
     return Step.init(0, "default", step_yaml)
 
 
+@pytest.fixture(name="uses_step_no_comments")
+def fixture_uses_step_no_comments():
+    step_str = """\
+name: Download Artifacts
+uses: bitwarden/download-artifacts@main
+with:
+    workflow: upload-test-artifacts.yml
+    artifacts: artifact
+    path: artifact
+    branch: main
+
+"""
+    yaml = YAML()
+    step_yaml = yaml.load(step_str)
+    return Step.init(0, "default", step_yaml)
+
+
+@pytest.fixture(name="uses_step_no_ref")
+def fixture_uses_step_no_ref():
+    step_str = """\
+name: Run Local Workflow
+uses: ./.github/workflows/_local.yml
+"""
+    yaml = YAML()
+    step_yaml = yaml.load(step_str)
+    return Step.init(0, "default", step_yaml)
+
+
+@pytest.fixture(name="uses_step_no_ref_with_comments")
+def fixture_uses_step_no_ref_with_comments():
+    step_str = """\
+name: Run Local Workflow
+uses: ./.github/workflows/_local.yml # A comment
+"""
+    yaml = YAML()
+    step_yaml = yaml.load(step_str)
+    return Step.init(0, "default", step_yaml)
+
+
 def test_step_default(default_step):
     assert default_step.key == 0
     assert default_step.job == "default"
@@ -74,5 +113,32 @@ def test_step_keyword_field(uses_step):
 def test_step_comment(uses_step):
     assert uses_step.key == 0
     assert uses_step.job == "default"
-    assert uses_step.uses_comment is not None
+    assert uses_step.uses_ref == "main"
+    assert uses_step.uses_version == "v1.0.0"
     assert uses_step.uses_comment == "# v1.0.0"
+
+
+def test_step_no_comments(uses_step_no_comments):
+    assert uses_step_no_comments.key == 0
+    assert uses_step_no_comments.job == "default"
+    assert uses_step_no_comments.uses_ref == "main"
+    assert uses_step_no_comments.uses_version is None
+    assert uses_step_no_comments.uses_comment is None
+
+
+def test_step_no_ref(uses_step_no_ref):
+    assert uses_step_no_ref.key == 0
+    assert uses_step_no_ref.job == "default"
+    assert uses_step_no_ref.uses_ref is None
+    assert uses_step_no_ref.uses_version is None
+    assert uses_step_no_ref.uses_comment is None
+
+
+def test_step_no_ref_with_comments(uses_step_no_ref_with_comments):
+    assert uses_step_no_ref_with_comments.key == 0
+    assert uses_step_no_ref_with_comments.job == "default"
+    assert uses_step_no_ref_with_comments.uses_ref is None
+    assert (
+        uses_step_no_ref_with_comments.uses_version == "comment"
+    )  # We are not currently validating the version matches a specific format
+    assert uses_step_no_ref_with_comments.uses_comment == "# A comment"