Merge changes from test-fix branch in

kosli-dev · Aug 21, 2024 · 000b826 · 000b826
2 parents a65c8d8 + 18423a2
commit 000b826
Show file tree

Hide file tree

Showing 26 changed files with 246 additions and 246 deletions.
diff --git a/bin/never_alone_report_commit_and_pr_to_kosli.sh b/bin/never_alone_report_commit_and_pr_to_kosli.sh
@@ -79,8 +79,10 @@ function get_commit_and_pull_request
     local commit_sha=$1; shift
     local result_file=$1; shift
 
-    pr_data=$(gh pr list --search "${commit_sha}" --state merged --json author,reviews,mergeCommit,mergedAt,reviewDecision,url)
-    commit_data=$(gh search commits --hash "${commit_sha}" --json author)
+    pr_data=$(gh pr list --search "${commit_sha}" --state merged --json author,reviews,mergeCommit,mergedAt,reviewDecision,url) \
+        || die "Failed to get pull request with: gh pr list --search"
+    commit_data=$(gh search commits --hash "${commit_sha}" --json author) \
+        || die "Failed to get commit with: gh search commits"
 
     combined_data=$(jq -n --arg commitsha "$commit_sha" --argjson commit "$commit_data" --argjson pr "$pr_data" \
       '{commit_sha: $commitsha, commit: $commit[0], pull_request: $pr[0]}')
@@ -118,11 +120,7 @@ function get_commit_and_pull_request
     combined_data=$(echo "${combined_data}" | jq ". += {\"compliant\": $compliant}")
     echo "${combined_data}" > ${result_file}
 
-    if [ "${compliant}" == "true" ]; then
-        return 0
-    else
-        return 1
-    fi
+    echo ${compliant}
 }
 
 function get_commit_and_pr_data_and_report_to_kosli
@@ -131,13 +129,14 @@ function get_commit_and_pr_data_and_report_to_kosli
     local proposed_commit=$1; shift
     local commit_pull_request_flow=$1; shift
     local trail_name=$1; shift
+    local commits compliant
 
-    commits=($(gh api repos/:owner/:repo/compare/${base_commit}...${proposed_commit} -q '.commits[].sha'))
+    commits=($(gh api repos/:owner/:repo/compare/${base_commit}...${proposed_commit} -q '.commits[].sha')) \
+        || die "Failed to get list of commits between '${base_commit}' and '${proposed_commit}' with: gh api"
     for commit_sha in "${commits[@]}"; do
-        short_commit_sha=${commit_sha:0:7}
+        local short_commit_sha=${commit_sha:0:7}
         local file_name="commit_pr_${short_commit_sha}.json"
-        local compliant="true"
-        get_commit_and_pull_request ${commit_sha} ${file_name} || compliant="false"
+        compliant=$(get_commit_and_pull_request ${commit_sha} ${file_name})
         kosli attest generic \
             --name=commit_${short_commit_sha} \
             --compliant=${compliant} \

diff --git a/charts/k8s-reporter/Chart.yaml b/charts/k8s-reporter/Chart.yaml
@@ -15,10 +15,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.5.0
+version: 1.5.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "2.10.11"
+appVersion: "2.10.13"
diff --git a/charts/k8s-reporter/templates/cronjob.yaml b/charts/k8s-reporter/templates/cronjob.yaml
@@ -43,7 +43,8 @@ spec:
             - --dry-run 
             {{ end }}
             {{ if .Values.reporterConfig.httpProxy }}
-            - --http-proxy {{ .Values.reporterConfig.httpProxy }}
+            - --http-proxy 
+            - {{ .Values.reporterConfig.httpProxy }}
             {{ end }}
 
             resources:

diff --git a/charts/k8s-reporter/values.yaml b/charts/k8s-reporter/values.yaml
@@ -8,7 +8,7 @@ image:
   # -- the kosli reporter image pull policy
   pullPolicy: IfNotPresent
   # -- the kosli reporter image tag, overrides the image tag whose default is the chart appVersion.
-  tag: "v2.10.11"
+  tag: "v2.10.13"
 
 # -- overrides the name used for the created k8s resources. If `fullnameOverride` is provided, it has higher precedence than this one
 nameOverride: ""

diff --git a/cmd/kosli/attestArtifact_test.go b/cmd/kosli/attestArtifact_test.go
@@ -41,72 +41,72 @@ func (suite *AttestArtifactCommandTestSuite) TestAttestArtifactCmd() {
 		{
 			wantError: true,
 			name:      "fails when missing a required flag",
-			cmd:       fmt.Sprintf("attest artifact foo --artifact-type file --name bar --commit HEAD --build-url example.com  %s", suite.defaultKosliArguments),
+			cmd:       fmt.Sprintf("attest artifact foo --artifact-type file --name bar --commit HEAD --build-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden:    "Error: required flag(s) \"commit-url\" not set\n",
 		},
 		{
 			wantError: true,
 			name:      "fails when --fingerprint is invalid sha256 digest",
-			cmd:       fmt.Sprintf("attest artifact foo --fingerprint xxxx --name bar --commit HEAD --build-url example.com --commit-url example.com  %s", suite.defaultKosliArguments),
+			cmd:       fmt.Sprintf("attest artifact foo --fingerprint xxxx --name bar --commit HEAD --build-url http://www.example.com --commit-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden:    "Error: xxxx is not a valid SHA256 fingerprint. It should match the pattern ^([a-f0-9]{64})$\nUsage: kosli attest artifact {IMAGE-NAME | FILE-PATH | DIR-PATH} [flags]\n",
 		},
 		{
 			name:   "works when --name does not match artifact name in the template (extra artifact)",
-			cmd:    fmt.Sprintf("attest artifact testdata/file1 --artifact-type file --name bar --commit HEAD --build-url example.com --commit-url example.com  %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest artifact testdata/file1 --artifact-type file --name bar --commit HEAD --build-url http://www.example.com --commit-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden: "artifact file1 was attested with fingerprint: 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9\n",
 		},
 		{
 			name:   "can attest a file artifact",
-			cmd:    fmt.Sprintf("attest artifact testdata/file1 --artifact-type file --name cli --commit HEAD --build-url example.com --commit-url example.com  %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest artifact testdata/file1 --artifact-type file --name cli --commit HEAD --build-url http://www.example.com --commit-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden: "artifact file1 was attested with fingerprint: 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9\n",
 		},
 		{
 			name:   "can attest an artifact with --fingerprint",
-			cmd:    fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url example.com --commit-url example.com  %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url http://www.example.com --commit-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden: "artifact testdata/file1 was attested with fingerprint: 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9\n",
 		},
 		{
 			name:   "can attest an artifact with external urls",
-			cmd:    fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url example.com --commit-url example.com --external-url jira=https://jira.kosli.com  %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url http://www.example.com --commit-url http://www.example.com --external-url jira=https://jira.kosli.com  %s", suite.defaultKosliArguments),
 			golden: "artifact testdata/file1 was attested with fingerprint: 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9\n",
 		},
 		{
 			name:   "can attest an artifact with external urls and fingerprints",
-			cmd:    fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url example.com --commit-url example.com --external-url file=https://kosli.com/file --external-fingerprint file=7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9  %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url http://www.example.com --commit-url http://www.example.com --external-url file=https://kosli.com/file --external-fingerprint file=7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9  %s", suite.defaultKosliArguments),
 			golden: "artifact testdata/file1 was attested with fingerprint: 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9\n",
 		},
 		{
 			wantError: true,
 			name:      "fails when --external-fingerprint has more items than external urls",
-			cmd:       fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url example.com --commit-url example.com --external-fingerprint file=7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9  %s", suite.defaultKosliArguments),
+			cmd:       fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url http://www.example.com --commit-url http://www.example.com --external-fingerprint file=7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9  %s", suite.defaultKosliArguments),
 			golden:    "Error: --external-fingerprints have labels that don't have a URL in --external-url\n",
 		},
 		{
 			wantError: true,
 			name:      "fails (from server) when --external-fingerprint has invalid fingerprint",
-			cmd:       fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url example.com --commit-url example.com --external-url file=https://example.com --external-fingerprint file=7509e5bda0  %s", suite.defaultKosliArguments),
+			cmd:       fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url http://www.example.com --commit-url http://www.example.com --external-url file=https://http://www.example.com --external-fingerprint file=7509e5bda0  %s", suite.defaultKosliArguments),
 			golden:    "Error: Input payload validation failed: map[external_urls.file.fingerprint:'7509e5bda0' does not match '^[a-f0-9]{64}$']\n",
 		},
 		{
 			name:   "can attest with annotations against a trail",
-			cmd:    fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url example.com --commit-url example.com --annotate foo=bar --annotate baz=\"data with spaces\" %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url http://www.example.com --commit-url http://www.example.com --annotate foo=bar --annotate baz=\"data with spaces\" %s", suite.defaultKosliArguments),
 			golden: "artifact testdata/file1 was attested with fingerprint: 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9\n",
 		},
 		{
 			wantError: true,
 			name:      "fails when annotation is not valid",
-			cmd:       fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url example.com --commit-url example.com --annotate foo.baz=bar %s", suite.defaultKosliArguments),
+			cmd:       fmt.Sprintf("attest artifact testdata/file1 --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name cli --commit HEAD --build-url http://www.example.com --commit-url http://www.example.com --annotate foo.baz=bar %s", suite.defaultKosliArguments),
 			golden:    "Error: --annotate flag should be in the format key=value. Invalid key: 'foo.baz'. Key can only contain [A-Za-z0-9_].\n",
 		},
 		{
 			name:   "can attest a file artifact with redacted commit info",
-			cmd:    fmt.Sprintf("attest artifact testdata/file1 --artifact-type file --redact-commit-info author,branch --name cli --commit HEAD --build-url example.com --commit-url example.com  %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest artifact testdata/file1 --artifact-type file --redact-commit-info author,branch --name cli --commit HEAD --build-url http://www.example.com --commit-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden: "artifact file1 was attested with fingerprint: 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9\n",
 		},
 		{
 			wantError: true,
 			name:      "fails when attesting an artifact with invalid redacted commit info",
-			cmd:       fmt.Sprintf("attest artifact testdata/file1 --artifact-type file --redact-commit-info author,bar --name cli --commit HEAD --build-url example.com --commit-url example.com  %s", suite.defaultKosliArguments),
+			cmd:       fmt.Sprintf("attest artifact testdata/file1 --artifact-type file --redact-commit-info author,bar --name cli --commit HEAD --build-url http://www.example.com --commit-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden:    "Error: bar is not an allowed value for --redact-commit-info\n",
 		},
 	}

diff --git a/cmd/kosli/attestGeneric_test.go b/cmd/kosli/attestGeneric_test.go
@@ -80,25 +80,25 @@ func (suite *AttestGenericCommandTestSuite) TestAttestGenericCmd() {
 		{
 			wantError: true,
 			name:      "fails when both --fingerprint and --artifact-type",
-			cmd:       fmt.Sprintf("attest generic testdata/file1 --fingerprint xxxx --artifact-type file --name bar --commit HEAD --origin-url example.com  %s", suite.defaultKosliArguments),
+			cmd:       fmt.Sprintf("attest generic testdata/file1 --fingerprint xxxx --artifact-type file --name bar --commit HEAD --origin-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden:    "Error: only one of --fingerprint, --artifact-type is allowed\n",
 		},
 		{
 			wantError: true,
 			name:      "fails when --fingerprint is not valid",
-			cmd:       fmt.Sprintf("attest generic --name foo --fingerprint xxxx --commit HEAD --origin-url example.com %s", suite.defaultKosliArguments),
+			cmd:       fmt.Sprintf("attest generic --name foo --fingerprint xxxx --commit HEAD --origin-url http://www.example.com %s", suite.defaultKosliArguments),
 			golden:    "Error: xxxx is not a valid SHA256 fingerprint. It should match the pattern ^([a-f0-9]{64})$\nUsage: kosli attest generic [IMAGE-NAME | FILE-PATH | DIR-PATH] [flags]\n",
 		},
 		{
 			wantError: true,
 			name:      "attesting against an artifact that does not exist fails",
-			cmd:       fmt.Sprintf("attest generic --fingerprint 1234e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name foo --commit HEAD --origin-url example.com  %s", suite.defaultKosliArguments),
+			cmd:       fmt.Sprintf("attest generic --fingerprint 1234e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name foo --commit HEAD --origin-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden:    "Error: Artifact with fingerprint 1234e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 does not exist in trail \"test-123\" of flow \"attest-generic\" belonging to organization \"docs-cmd-test-user\"\n",
 		},
 		{
 			wantError: true,
 			name:      "fails when --name is passed as empty string",
-			cmd:       fmt.Sprintf("attest generic --name \"\" --commit HEAD --origin-url example.com  %s", suite.defaultKosliArguments),
+			cmd:       fmt.Sprintf("attest generic --name \"\" --commit HEAD --origin-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden:    "Error: flag '--name' is required, but empty string was provided\n",
 		},
 		{
@@ -108,32 +108,32 @@ func (suite *AttestGenericCommandTestSuite) TestAttestGenericCmd() {
 		},
 		{
 			name:   "can attest generic against an artifact using artifact name and --artifact-type",
-			cmd:    fmt.Sprintf("attest generic testdata/file1 --artifact-type file --name foo --commit HEAD --origin-url example.com  %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest generic testdata/file1 --artifact-type file --name foo --commit HEAD --origin-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden: "generic attestation 'foo' is reported to trail: test-123\n",
 		},
 		{
 			name:   "can attest generic against an artifact using artifact name and --artifact-type when --name does not exist in the trail template",
-			cmd:    fmt.Sprintf("attest generic testdata/file1 --artifact-type file --name bar --commit HEAD --origin-url example.com  %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest generic testdata/file1 --artifact-type file --name bar --commit HEAD --origin-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden: "generic attestation 'bar' is reported to trail: test-123\n",
 		},
 		{
 			name:   "can attest generic against an artifact using --fingerprint and no artifact-name",
-			cmd:    fmt.Sprintf("attest generic --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name foo --commit HEAD --origin-url example.com  %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest generic --fingerprint 7509e5bda0c762d2bac7f90d758b5b2263fa01ccbc542ab5e3df163be08e6ca9 --name foo --commit HEAD --origin-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden: "generic attestation 'foo' is reported to trail: test-123\n",
 		},
 		{
 			name:   "can attest generic against a trail",
-			cmd:    fmt.Sprintf("attest generic --name bar --commit HEAD --origin-url example.com  %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest generic --name bar --commit HEAD --origin-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden: "generic attestation 'bar' is reported to trail: test-123\n",
 		},
 		{
 			name:   "can attest generic against a trail when name is not found in the trail template",
-			cmd:    fmt.Sprintf("attest generic --name additional --commit HEAD --origin-url example.com  %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest generic --name additional --commit HEAD --origin-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden: "generic attestation 'additional' is reported to trail: test-123\n",
 		},
 		{
 			name:   "can attest generic against an artifact it is created using dot syntax in --name",
-			cmd:    fmt.Sprintf("attest generic --name cli.foo --commit HEAD --origin-url example.com  %s", suite.defaultKosliArguments),
+			cmd:    fmt.Sprintf("attest generic --name cli.foo --commit HEAD --origin-url http://www.example.com  %s", suite.defaultKosliArguments),
 			golden: "generic attestation 'foo' is reported to trail: test-123\n",
 		},
 		{

diff --git a/cmd/kosli/attestJira_test.go b/cmd/kosli/attestJira_test.go
@@ -87,13 +87,13 @@ func (suite *AttestJiraCommandTestSuite) TestAttestJiraCmd() {
 		{
 			wantError: true,
 			name:      "fails when both --fingerprint and --artifact-type",
-			cmd:       fmt.Sprintf("attest jira testdata/file1 --fingerprint xxxx --artifact-type file --name bar --commit HEAD --origin-url example.com %s", suite.defaultKosliArguments),
+			cmd:       fmt.Sprintf("attest jira testdata/file1 --fingerprint xxxx --artifact-type file --name bar --commit HEAD --origin-url http://www.example.com %s", suite.defaultKosliArguments),
 			golden:    "Error: only one of --fingerprint, --artifact-type is allowed\n",
 		},
 		{
 			wantError: true,
 			name:      "fails when --fingerprint is not valid",
-			cmd:       fmt.Sprintf("attest jira --name foo --fingerprint xxxx --commit HEAD --origin-url example.com --jira-username [email protected] %s", suite.defaultKosliArguments),
+			cmd:       fmt.Sprintf("attest jira --name foo --fingerprint xxxx --commit HEAD --origin-url http://www..com --jira-username [email protected] %s", suite.defaultKosliArguments),
 			golden:    "Error: xxxx is not a valid SHA256 fingerprint. It should match the pattern ^([a-f0-9]{64})$\nUsage: kosli attest jira [IMAGE-NAME | FILE-PATH | DIR-PATH] [flags]\n",
 		},
 		{