extern/hishtory
1
0
Fork 0
mirror of https://github.com/ddworken/hishtory.git synced 2024-12-01 20:53:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update slsa integration to use the shared library for parsing version strings

Browse Source
This commit is contained in:
David Dworken 2023-11-09 20:51:47 -08:00
parent e11c4554fe
commit 165cdd9187
No known key found for this signature in database
2 changed files with 28 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
client/lib/slsa.go
View File

@ -8,9 +8,9 @@ import (
"fmt" "fmt"
"io" "io"
"os" "os"
"strconv"
"strings" "strings"
"github.com/ddworken/hishtory/shared"
"github.com/slsa-framework/slsa-verifier/options" "github.com/slsa-framework/slsa-verifier/options"
"github.com/slsa-framework/slsa-verifier/verifiers" "github.com/slsa-framework/slsa-verifier/verifiers"
) )
@ -30,16 +30,15 @@ func verify(ctx context.Context, provenance []byte, artifactHash, source, branch
} }
func checkForDowngrade(currentVersionS, newVersionS string) error { func checkForDowngrade(currentVersionS, newVersionS string) error {
currentVersion, err := strconv.Atoi(strings.TrimPrefix(currentVersionS, "v0.")) currentVersion, err := shared.ParseVersionString(currentVersionS)
if err != nil { if err != nil {
return fmt.Errorf("failed to parse current version %#v", currentVersionS) return fmt.Errorf("failed to parse current version string: %w", err)
} }
newVersion, err := strconv.Atoi(strings.TrimPrefix(newVersionS, "v0.")) newVersion, err := shared.ParseVersionString(newVersionS)
if err != nil { if err != nil {
return fmt.Errorf("failed to parse updated version %#v", newVersionS) return fmt.Errorf("failed to parse new version string: %w", err)
} }
// TODO: migrate this to the version parser struct if currentVersion.GreaterThan(newVersion) {
if currentVersion > newVersion {
return fmt.Errorf("failed to update because the new version (%#v) is a downgrade compared to the current version (%#v)", newVersionS, currentVersionS) return fmt.Errorf("failed to update because the new version (%#v) is a downgrade compared to the current version (%#v)", newVersionS, currentVersionS)
} }
return nil return nil

22
client/lib/slsa_test.go Normal file
View File

@ -0,0 +1,22 @@
package lib
import (
"testing"
"github.com/stretchr/testify/require"
)
func TestCheckForDowngrade(t *testing.T) {
require.NoError(t, checkForDowngrade("v0.100", "v0.100"))
require.NoError(t, checkForDowngrade("v0.100", "v0.101"))
require.NoError(t, checkForDowngrade("v0.100", "v0.200"))
require.NoError(t, checkForDowngrade("v0.100", "v1.0"))
require.NoError(t, checkForDowngrade("v0.1", "v1.0"))
require.NoError(t, checkForDowngrade("v1.0", "v1.1"))
require.Equal(t, "failed to update because the new version (\"v0.99\") is a downgrade compared to the current version (\"v0.100\")",
checkForDowngrade("v0.100", "v0.99").Error())
require.Equal(t, "failed to update because the new version (\"v0.10\") is a downgrade compared to the current version (\"v0.100\")",
checkForDowngrade("v0.100", "v0.10").Error())
require.Equal(t, "failed to update because the new version (\"v0.100\") is a downgrade compared to the current version (\"v1.0\")",
checkForDowngrade("v1.0", "v0.100").Error())
}