add e2e test for impersonations and visibility

Signed-off-by: Florian Wagner <h2floh@github.com>
This commit is contained in:
Florian Wagner
2022-11-04 04:44:35 +00:00
parent ef922b8e3b
commit 51dff542d6
2 changed files with 66 additions and 7 deletions

View File

@@ -123,6 +123,16 @@ function test_push() {
push "pushing to authenticated user's account"
assert_dest_sha "monalisa/new-repo" "heads/main" "e9009d51dd6da2c363d1d14779c53dd27fcb0c52" "updating monalisa/new-repo"
# Push to GHAE with impersonation
setup_cache "org-already-exists/ghae-repo:heads/main:e9009d51dd6da2c363d1d14779c53dd27fcb0c52"
setup_dest "org-already-exists/ghae-repo:heads/main:a5984bb887dd2fcdc2892cd906d6f004844d1142"
push_impersonation "ghae-admin" "pushing to GHAE repo"
# Push to GHES with impersonation
setup_cache "org-already-exists/ghes-repo:heads/main:e9009d51dd6da2c363d1d14779c53dd27fcb0c52"
setup_dest "org-already-exists/ghes-repo:heads/main:a5984bb887dd2fcdc2892cd906d6f004844d1142"
push_impersonation "ghes-admin" "pushing to GHES repo"
echo "all push tests passed successfully"
}
@@ -313,6 +323,17 @@ function push2args() {
fail $3
}
function push_impersonation() {
bin/actions-sync push \
--cache-dir "test/tmp/cache" \
--disable-push-git-auth \
--destination-token "token" \
--destination-url "http://localhost:$DEST_API_PORT" \
--actions-admin-user $1 \
&> $OUTPUT ||
fail "$2"
}
function sync() {
bin/actions-sync sync \
--cache-dir "test/tmp/cache" \

View File

@@ -8,14 +8,18 @@ import (
"io/ioutil"
"net/http"
"path"
"strings"
"github.com/google/go-github/v43/github"
"github.com/gorilla/mux"
)
var authenticatedLogin string = "monalisa"
var existingOrg string = "org-already-exists"
var existingRepo string = "repo-already-exists"
const existingOrg string = "org-already-exists"
const existingRepo string = "repo-already-exists"
const ghaeRepo string = "ghae-repo"
const xOAuthScopesHeader = "X-OAuth-Scopes"
func main() {
var port, gitDaemonURL string
@@ -28,9 +32,14 @@ func main() {
r.HandleFunc("/api/v3", func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("x-github-enterprise-version", "GitHub AE")
w.Header().Set(xOAuthScopesHeader, "site_admin")
})
r.HandleFunc("/api/v3/user", func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
if strings.Contains(token, "ghaetoken") {
w.Header().Set("x-github-enterprise-version", "GitHub AE")
}
currentUser := github.User{Login: &authenticatedLogin}
b, _ := json.Marshal(currentUser)
_, err := w.Write(b)
@@ -39,8 +48,7 @@ func main() {
}
})
r.HandleFunc("/api/v3/admin/users/actions-admin/authorizations", func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("x-github-enterprise-version", "GitHub AE")
r.HandleFunc("/api/v3/admin/users/ghes-admin/authorizations", func(w http.ResponseWriter, r *http.Request) {
token := "token"
auth := github.Authorization{Token: &token}
b, _ := json.Marshal(auth)
@@ -50,6 +58,17 @@ func main() {
}
}).Methods("POST")
r.HandleFunc("/api/v3/admin/users/ghae-admin/authorizations", func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("x-github-enterprise-version", "GitHub AE")
token := "ghaetoken"
auth := github.Authorization{Token: &token}
b, _ := json.Marshal(auth)
_, err := w.Write(b)
if err != nil {
panic(err)
}
}).Methods("POST")
r.HandleFunc("/api/v3/admin/organizations", func(w http.ResponseWriter, r *http.Request) {
b, err := ioutil.ReadAll(r.Body)
if err != nil {
@@ -114,16 +133,35 @@ func main() {
panic(err)
}
var repoReq struct {
Name string `json:"name,omitempty"`
Name string `json:"name,omitempty"`
Visibility string `json:"visibility,omitempty"`
}
err = json.Unmarshal(b, &repoReq)
if err != nil {
panic(err)
}
if repoReq.Name == "repo-already-exists" {
var errString string = ""
// check visibility requirements
if repoReq.Name == ghaeRepo {
if repoReq.Visibility != "internal" {
errString = fmt.Sprintf("Provided repo visibility %s for GHAE must be internal", repoReq.Visibility)
}
} else {
if repoReq.Visibility != "public" {
errString = fmt.Sprintf("Provided repo visibility %s for GHES must be public", repoReq.Visibility)
}
}
// check if we are testing existing Repo
if repoReq.Name == existingRepo {
errString = fmt.Sprintf("Repo %s already exists", html.EscapeString(repoReq.Name))
}
// if there is an error throw it back
if errString != "" {
w.WriteHeader(http.StatusUnprocessableEntity)
_, err := w.Write([]byte(fmt.Sprintf("Repo %s already exists", html.EscapeString(repoReq.Name))))
_, err := w.Write([]byte(errString))
if err != nil {
panic(err)
}