github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-05-21 07:50:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Run more start-proxy tests in parallel

Browse Source
This commit is contained in:
Michael B. Gale
2026-03-10 01:36:02 +00:00
parent e168f8e52a
commit 3d574205fc
1 changed files with 196 additions and 229 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/start-proxy.test.ts
+196 -229
View File
@@ -124,125 +124,110 @@ const mixedCredentials = [
{ type: "git_source", host: "github.com/github", token: "mno" },
];
test.serial(
"getCredentials prefers registriesCredentials over registrySecrets",
async (t) => {
const registryCredentials = Buffer.from(
JSON.stringify([
{ type: "npm_registry", host: "npm.pkg.github.com", token: "abc" },
]),
).toString("base64");
const registrySecrets = JSON.stringify([
{ type: "npm_registry", host: "registry.npmjs.org", token: "def" },
]);
test("getCredentials prefers registriesCredentials over registrySecrets", async (t) => {
const registryCredentials = Buffer.from(
JSON.stringify([
{ type: "npm_registry", host: "npm.pkg.github.com", token: "abc" },
]),
).toString("base64");
const registrySecrets = JSON.stringify([
{ type: "npm_registry", host: "registry.npmjs.org", token: "def" },
]);
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
registrySecrets,
registryCredentials,
undefined,
);
t.is(credentials.length, 1);
t.is(credentials[0].host, "npm.pkg.github.com");
},
);
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
registrySecrets,
registryCredentials,
undefined,
);
t.is(credentials.length, 1);
t.is(credentials[0].host, "npm.pkg.github.com");
});
test.serial(
"getCredentials throws an error when configurations are not an array",
async (t) => {
const registryCredentials = Buffer.from(
JSON.stringify({ type: "npm_registry", token: "abc" }),
).toString("base64");
test("getCredentials throws an error when configurations are not an array", async (t) => {
const registryCredentials = Buffer.from(
JSON.stringify({ type: "npm_registry", token: "abc" }),
).toString("base64");
t.throws(
() =>
startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
registryCredentials,
undefined,
),
{
message:
"Expected credentials data to be an array of configurations, but it is not.",
},
);
});
test("getCredentials throws error when credential is not an object", async (t) => {
const testCredentials = [["foo"], [null]].map(toEncodedJSON);
for (const testCredential of testCredentials) {
t.throws(
() =>
startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
registryCredentials,
testCredential,
undefined,
),
{
message:
"Expected credentials data to be an array of configurations, but it is not.",
message: "Invalid credentials - must be an object",
},
);
},
);
}
});
test.serial(
"getCredentials throws error when credential is not an object",
async (t) => {
const testCredentials = [["foo"], [null]].map(toEncodedJSON);
test("getCredentials throws error when credential is missing type", async (t) => {
const testCredentials = [[{ token: "abc", url: "https://localhost" }]].map(
toEncodedJSON,
);
for (const testCredential of testCredentials) {
t.throws(
() =>
startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
testCredential,
undefined,
),
{
message: "Invalid credentials - must be an object",
},
);
}
},
);
test.serial(
"getCredentials throws error when credential is missing type",
async (t) => {
const testCredentials = [[{ token: "abc", url: "https://localhost" }]].map(
toEncodedJSON,
for (const testCredential of testCredentials) {
t.throws(
() =>
startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
testCredential,
undefined,
),
{
message: "Invalid credentials - must have a type",
},
);
}
});
for (const testCredential of testCredentials) {
t.throws(
() =>
startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
testCredential,
undefined,
),
{
message: "Invalid credentials - must have a type",
},
);
}
},
);
test("getCredentials throws error when credential missing host and url", async (t) => {
const testCredentials = [
[{ type: "npm_registry", token: "abc" }],
[{ type: "npm_registry", token: "abc", host: null }],
[{ type: "npm_registry", token: "abc", url: null }],
].map(toEncodedJSON);
test.serial(
"getCredentials throws error when credential missing host and url",
async (t) => {
const testCredentials = [
[{ type: "npm_registry", token: "abc" }],
[{ type: "npm_registry", token: "abc", host: null }],
[{ type: "npm_registry", token: "abc", url: null }],
].map(toEncodedJSON);
for (const testCredential of testCredentials) {
t.throws(
() =>
startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
testCredential,
undefined,
),
{
message: "Invalid credentials - must specify host or url",
},
);
}
});
for (const testCredential of testCredentials) {
t.throws(
() =>
startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
testCredential,
undefined,
),
{
message: "Invalid credentials - must specify host or url",
},
);
}
},
);
test.serial("getCredentials filters by language when specified", async (t) => {
test("getCredentials filters by language when specified", async (t) => {
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
@@ -253,150 +238,132 @@ test.serial("getCredentials filters by language when specified", async (t) => {
t.is(credentials[0].type, "maven_repository");
});
test.serial(
"getCredentials returns all for a language when specified",
async (t) => {
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
toEncodedJSON(mixedCredentials),
KnownLanguage.go,
);
t.is(credentials.length, 2);
test("getCredentials returns all for a language when specified", async (t) => {
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
toEncodedJSON(mixedCredentials),
KnownLanguage.go,
);
t.is(credentials.length, 2);
const credentialsTypes = credentials.map((c) => c.type);
t.assert(credentialsTypes.includes("goproxy_server"));
t.assert(credentialsTypes.includes("git_source"));
},
);
const credentialsTypes = credentials.map((c) => c.type);
t.assert(credentialsTypes.includes("goproxy_server"));
t.assert(credentialsTypes.includes("git_source"));
});
test.serial(
"getCredentials returns all credentials when no language specified",
async (t) => {
const credentialsInput = toEncodedJSON(mixedCredentials);
test("getCredentials returns all credentials when no language specified", async (t) => {
const credentialsInput = toEncodedJSON(mixedCredentials);
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
credentialsInput,
undefined,
);
t.is(credentials.length, mixedCredentials.length);
},
);
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
credentialsInput,
undefined,
);
t.is(credentials.length, mixedCredentials.length);
});
test.serial(
"getCredentials throws an error when non-printable characters are used",
async (t) => {
const invalidCredentials = [
{ type: "nuget_feed", host: "1nuget.pkg.github.com", token: "abc\u0000" }, // Non-printable character in token
{ type: "nuget_feed", host: "2nuget.pkg.github.com\u0001" }, // Non-printable character in host
test("getCredentials throws an error when non-printable characters are used", async (t) => {
const invalidCredentials = [
{ type: "nuget_feed", host: "1nuget.pkg.github.com", token: "abc\u0000" }, // Non-printable character in token
{ type: "nuget_feed", host: "2nuget.pkg.github.com\u0001" }, // Non-printable character in host
{
type: "nuget_feed",
host: "3nuget.pkg.github.com",
password: "ghi\u0002",
}, // Non-printable character in password
{
type: "nuget_feed",
host: "4nuget.pkg.github.com",
password: "ghi\x00",
}, // Non-printable character in password
];
for (const invalidCredential of invalidCredentials) {
const credentialsInput = Buffer.from(
JSON.stringify([invalidCredential]),
).toString("base64");
t.throws(
() =>
startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
credentialsInput,
undefined,
),
{
type: "nuget_feed",
host: "3nuget.pkg.github.com",
password: "ghi\u0002",
}, // Non-printable character in password
{
type: "nuget_feed",
host: "4nuget.pkg.github.com",
password: "ghi\x00",
}, // Non-printable character in password
];
for (const invalidCredential of invalidCredentials) {
const credentialsInput = Buffer.from(
JSON.stringify([invalidCredential]),
).toString("base64");
t.throws(
() =>
startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
credentialsInput,
undefined,
),
{
message:
"Invalid credentials - fields must contain only printable characters",
},
);
}
},
);
test.serial(
"getCredentials logs a warning when a PAT is used without a username",
async (t) => {
const loggedMessages = [];
const logger = getRecordingLogger(loggedMessages);
const likelyWrongCredentials = toEncodedJSON([
{
type: "git_server",
host: "https://github.com/",
password: `ghp_${makeTestToken()}`,
message:
"Invalid credentials - fields must contain only printable characters",
},
]);
const results = startProxyExports.getCredentials(
logger,
undefined,
likelyWrongCredentials,
undefined,
);
}
});
// The configuration should be accepted, despite the likely problem.
t.assert(results);
t.is(results.length, 1);
t.is(results[0].type, "git_server");
t.is(results[0].host, "https://github.com/");
test("getCredentials logs a warning when a PAT is used without a username", async (t) => {
const loggedMessages = [];
const logger = getRecordingLogger(loggedMessages);
const likelyWrongCredentials = toEncodedJSON([
{
type: "git_server",
host: "https://github.com/",
password: `ghp_${makeTestToken()}`,
},
]);
if (startProxyExports.isUsernamePassword(results[0])) {
t.assert(results[0].password?.startsWith("ghp_"));
} else {
t.fail("Expected a `UsernamePassword`-based credential.");
}
const results = startProxyExports.getCredentials(
logger,
undefined,
likelyWrongCredentials,
undefined,
);
// A warning should have been logged.
checkExpectedLogMessages(t, loggedMessages, [
"using a GitHub Personal Access Token (PAT), but no username was provided",
]);
},
);
// The configuration should be accepted, despite the likely problem.
t.assert(results);
t.is(results.length, 1);
t.is(results[0].type, "git_server");
t.is(results[0].host, "https://github.com/");
test.serial(
"getCredentials returns all credentials for Actions when using LANGUAGE_TO_REGISTRY_TYPE",
async (t) => {
const credentialsInput = toEncodedJSON(mixedCredentials);
if (startProxyExports.isUsernamePassword(results[0])) {
t.assert(results[0].password?.startsWith("ghp_"));
} else {
t.fail("Expected a `UsernamePassword`-based credential.");
}
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
credentialsInput,
KnownLanguage.actions,
false,
);
t.is(credentials.length, mixedCredentials.length);
},
);
// A warning should have been logged.
checkExpectedLogMessages(t, loggedMessages, [
"using a GitHub Personal Access Token (PAT), but no username was provided",
]);
});
test.serial(
"getCredentials returns no credentials for Actions when using NEW_LANGUAGE_TO_REGISTRY_TYPE",
async (t) => {
const credentialsInput = toEncodedJSON(mixedCredentials);
test("getCredentials returns all credentials for Actions when using LANGUAGE_TO_REGISTRY_TYPE", async (t) => {
const credentialsInput = toEncodedJSON(mixedCredentials);
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
credentialsInput,
KnownLanguage.actions,
true,
);
t.deepEqual(credentials, []);
},
);
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
credentialsInput,
KnownLanguage.actions,
false,
);
t.is(credentials.length, mixedCredentials.length);
});
test.serial("parseLanguage", async (t) => {
test("getCredentials returns no credentials for Actions when using NEW_LANGUAGE_TO_REGISTRY_TYPE", async (t) => {
const credentialsInput = toEncodedJSON(mixedCredentials);
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
credentialsInput,
KnownLanguage.actions,
true,
);
t.deepEqual(credentials, []);
});
test("parseLanguage", async (t) => {
// Exact matches
t.deepEqual(parseLanguage("csharp"), KnownLanguage.csharp);
t.deepEqual(parseLanguage("cpp"), KnownLanguage.cpp);