mirror of
https://github.com/ddworken/hishtory.git
synced 2024-11-22 16:24:00 +01:00
Add basic validation using the published version of hishtory too
This commit is contained in:
parent
3ce76d154a
commit
fa7d6be54d
@ -47,10 +47,11 @@ def validate_macos_signature(filename: str) -> None:
|
||||
assert "Authority=Apple Root CA" in out
|
||||
assert "TeamIdentifier=QUXLNCT7FA" in out
|
||||
|
||||
def validate_hishtory_status(filename: str) -> None:
|
||||
def validate_hishtory_status(filename: str, deep_validation: bool) -> None:
|
||||
assert os.path.exists(filename)
|
||||
subprocess.check_output(['chmod', "+x", filename])
|
||||
status = subprocess.check_output([filename, "status", "-v"]).decode('utf-8')
|
||||
if deep_validation:
|
||||
git_hash = os.environ['GITHUB_SHA']
|
||||
assert git_hash, git_hash
|
||||
assert f"Commit Hash: {git_hash}" in status, status
|
||||
@ -58,7 +59,8 @@ def validate_hishtory_status(filename: str) -> None:
|
||||
with open('VERSION') as f:
|
||||
version = "v0." + f.read().strip()
|
||||
assert f"hiSHtory: {version}" in status, status
|
||||
|
||||
else:
|
||||
assert "hiSHtory: " in status, status
|
||||
|
||||
def main() -> None:
|
||||
print("Starting validation of MacOS signatures")
|
||||
@ -68,9 +70,9 @@ def main() -> None:
|
||||
print("Starting validation of SLSA attestations")
|
||||
validate_slsa("./hishtory")
|
||||
validate_slsa(os.path.expanduser("~/.hishtory/hishtory"))
|
||||
# TODO: Run validation using hishtory built at HEAD too
|
||||
print("Validating other metadata")
|
||||
validate_hishtory_status("./hishtory-darwin-amd64")
|
||||
validate_hishtory_status("./hishtory-darwin-amd64", True)
|
||||
validate_hishtory_status("~/.hishtory/hishtory", False)
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
Loading…
Reference in New Issue
Block a user