feat: Add DigestUpsertRequest and LockEntity models
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
- Introduced DigestUpsertRequest for handling digest upsert requests with properties like ChannelId, Recipient, DigestKey, Events, and CollectUntil. - Created LockEntity to represent a lightweight distributed lock entry with properties such as Id, TenantId, Resource, Owner, ExpiresAt, and CreatedAt. feat: Implement ILockRepository interface and LockRepository class - Defined ILockRepository interface with methods for acquiring and releasing locks. - Implemented LockRepository class with methods to try acquiring a lock and releasing it, using SQL for upsert operations. feat: Add SurfaceManifestPointer record for manifest pointers - Introduced SurfaceManifestPointer to represent a minimal pointer to a Surface.FS manifest associated with an image digest. feat: Create PolicySimulationInputLock and related validation logic - Added PolicySimulationInputLock record to describe policy simulation inputs and expected digests. - Implemented validation logic for policy simulation inputs, including checks for digest drift and shadow mode requirements. test: Add unit tests for ReplayVerificationService and ReplayVerifier - Created ReplayVerificationServiceTests to validate the behavior of the ReplayVerificationService under various scenarios. - Developed ReplayVerifierTests to ensure the correctness of the ReplayVerifier logic. test: Implement PolicySimulationInputLockValidatorTests - Added tests for PolicySimulationInputLockValidator to verify the validation logic against expected inputs and conditions. chore: Add cosign key example and signing scripts - Included a placeholder cosign key example for development purposes. - Added a script for signing Signals artifacts using cosign with support for both v2 and v3. chore: Create script for uploading evidence to the evidence locker - Developed a script to upload evidence to the evidence locker, ensuring required environment variables are set.
This commit is contained in:
StellaOps Bot
@@ -71,6 +71,39 @@ public class SbomEndpointsTests : IClassFixture<WebApplicationFactory<Program>>
|
||||
payload.NextCursor.Should().Be("1");
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Console_sboms_filters_by_license_and_asset_tag()
|
||||
{
|
||||
var client = _factory.CreateClient();
|
||||
|
||||
var response = await client.GetAsync("/console/sboms?license=MIT&assetTag=owner&limit=5");
|
||||
response.EnsureSuccessStatusCode();
|
||||
|
||||
var payload = await response.Content.ReadFromJsonAsync<SbomCatalogResult>();
|
||||
payload.Should().NotBeNull();
|
||||
payload!.Items.Should().OnlyContain(i => i.License == "MIT" && i.AssetTags.ContainsKey("owner"));
|
||||
payload.NextCursor.Should().BeNull();
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Console_sboms_paginates_with_cursor_offset()
|
||||
{
|
||||
var client = _factory.CreateClient();
|
||||
|
||||
var first = await client.GetAsync("/console/sboms?artifact=sample&limit=1");
|
||||
first.EnsureSuccessStatusCode();
|
||||
var firstPage = await first.Content.ReadFromJsonAsync<SbomCatalogResult>();
|
||||
firstPage!.Items.Should().HaveCount(1);
|
||||
firstPage.NextCursor.Should().Be("1");
|
||||
|
||||
var second = await client.GetAsync("/console/sboms?artifact=sample&limit=2&cursor=1");
|
||||
second.EnsureSuccessStatusCode();
|
||||
var secondPage = await second.Content.ReadFromJsonAsync<SbomCatalogResult>();
|
||||
secondPage!.Items.Should().HaveCount(2);
|
||||
secondPage.Items.Should().OnlyContain(i => i.Artifact.Contains("sample"));
|
||||
secondPage.NextCursor.Should().BeNull();
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Components_lookup_requires_purl_and_paginates()
|
||||
{
|
||||
@@ -87,5 +120,13 @@ public class SbomEndpointsTests : IClassFixture<WebApplicationFactory<Program>>
|
||||
payload!.Neighbors.Should().HaveCount(1);
|
||||
payload.Neighbors[0].Purl.Should().Contain("express");
|
||||
payload.NextCursor.Should().Be("1");
|
||||
|
||||
var second = await client.GetAsync("/components/lookup?purl=pkg:npm/lodash@4.17.21&limit=2&cursor=1");
|
||||
second.EnsureSuccessStatusCode();
|
||||
var secondPage = await second.Content.ReadFromJsonAsync<ComponentLookupResult>();
|
||||
secondPage.Should().NotBeNull();
|
||||
secondPage!.Neighbors.Should().HaveCount(2);
|
||||
secondPage.Neighbors.Should().OnlyContain(n => n.Purl.StartsWith("pkg:npm/", StringComparison.OrdinalIgnoreCase));
|
||||
secondPage.NextCursor.Should().BeNull();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user