mirror of
https://github.com/ddworken/hishtory.git
synced 2024-11-25 01:33:28 +01:00
Add basic validation using the published version of hishtory too
This commit is contained in:
parent
fbe8e777a4
commit
401d4fc459
@ -47,18 +47,20 @@ def validate_macos_signature(filename: str) -> None:
|
||||
assert "Authority=Apple Root CA" in out
|
||||
assert "TeamIdentifier=QUXLNCT7FA" in out
|
||||
|
||||
def validate_hishtory_status(filename: str) -> None:
|
||||
def validate_hishtory_status(filename: str, deep_validation: bool) -> None:
|
||||
assert os.path.exists(filename)
|
||||
subprocess.check_output(['chmod', "+x", filename])
|
||||
status = subprocess.check_output([filename, "status", "-v"]).decode('utf-8')
|
||||
git_hash = os.environ['GITHUB_SHA']
|
||||
assert git_hash, git_hash
|
||||
assert f"Commit Hash: {git_hash}" in status, status
|
||||
assert os.path.exists('VERSION')
|
||||
with open('VERSION') as f:
|
||||
version = "v0." + f.read().strip()
|
||||
assert f"hiSHtory: {version}" in status, status
|
||||
|
||||
if deep_validation:
|
||||
git_hash = os.environ['GITHUB_SHA']
|
||||
assert git_hash, git_hash
|
||||
assert f"Commit Hash: {git_hash}" in status, status
|
||||
assert os.path.exists('VERSION')
|
||||
with open('VERSION') as f:
|
||||
version = "v0." + f.read().strip()
|
||||
assert f"hiSHtory: {version}" in status, status
|
||||
else:
|
||||
assert "hiSHtory: " in status, status
|
||||
|
||||
def main() -> None:
|
||||
print("Starting validation of MacOS signatures")
|
||||
@ -68,9 +70,9 @@ def main() -> None:
|
||||
print("Starting validation of SLSA attestations")
|
||||
validate_slsa("./hishtory")
|
||||
validate_slsa(os.path.expanduser("~/.hishtory/hishtory"))
|
||||
# TODO: Run validation using hishtory built at HEAD too
|
||||
print("Validating other metadata")
|
||||
validate_hishtory_status("./hishtory-darwin-amd64")
|
||||
validate_hishtory_status("./hishtory-darwin-amd64", True)
|
||||
validate_hishtory_status("~/.hishtory/hishtory", False)
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
Loading…
Reference in New Issue
Block a user