@@ -8,7 +8,13 @@ single_test_case(branch, expected_results) if {
88 # regal ignore:line-length
99 mock_input := {" attestations" " statement" " predicate" " buildConfig" " tasks" " invocation" " environment" " annotations" " build.appstudio.redhat.com/target_branch"
1010
11- mock_rule_data := [" ^c10s$" " ^rhel-10.[0-9]+$" " ^rhel-[0-9]+-main$" " branch[0-9]+-rhel-[0-9]+.[0-9]+.[0-9]+$"
11+ mock_rule_data := [
12+ " ^c[0-9]+s$"
13+ " ^rhel-10\\ .[0-9]+$"
14+ " ^rhel-[0-9]+\\ .[0-9]\\ .0$"
15+ " ^rhel-[0-9]+-main$"
16+ " branch[0-9]+-rhel-[0-9]+.[0-9]+.[0-9]+$"
17+ ]
1218
1319 mock_tasks := mock_input.attestations[0 ].statement.predicate.buildConfig.tasks
1420
@@ -25,7 +31,7 @@ test_allow_with_main_branch if {
2531}
2632
2733test_allow_with_release_branch if {
28- single_test_case (" rhel-10.1"
34+ single_test_case (" rhel-10.1.0 "
2935}
3036
3137test_allow_with_c10s_branch if {
@@ -54,3 +60,210 @@ test_deny_with_unmatched_branch if {
5460 }}
5561 single_test_case (" release-1"
5662}
63+
64+ # Tests for ^c[0-9]+s$ regex pattern
65+ test_c_stream_single_digit if {
66+ single_test_case (" c1s"
67+ single_test_case (" c9s"
68+ }
69+
70+ test_c_stream_multi_digit if {
71+ single_test_case (" c10s"
72+ single_test_case (" c100s"
73+ single_test_case (" c999s"
74+ }
75+
76+ test_c_stream_no_digits_denied if {
77+ expected := {{
78+ " code" " git_branch.git_branch"
79+ " msg" " Build target is cs which is not a trusted target branch"
80+ }}
81+ single_test_case (" cs"
82+ }
83+
84+ test_c_stream_no_s_suffix_denied if {
85+ expected := {{
86+ " code" " git_branch.git_branch"
87+ " msg" " Build target is c10 which is not a trusted target branch"
88+ }}
89+ single_test_case (" c10"
90+ }
91+
92+ test_c_stream_double_s_denied if {
93+ expected := {{
94+ " code" " git_branch.git_branch"
95+ " msg" " Build target is c10ss which is not a trusted target branch"
96+ }}
97+ single_test_case (" c10ss"
98+ }
99+
100+ test_c_stream_with_prefix_denied if {
101+ expected := {{
102+ " code" " git_branch.git_branch"
103+ " msg" " Build target is xc10s which is not a trusted target branch"
104+ }}
105+ single_test_case (" xc10s"
106+ }
107+
108+ test_c_stream_with_suffix_denied if {
109+ expected := {{
110+ " code" " git_branch.git_branch"
111+ " msg" " Build target is c10s-beta which is not a trusted target branch"
112+ }}
113+ single_test_case (" c10s-beta"
114+ }
115+
116+ test_c_stream_uppercase_denied if {
117+ expected := {{
118+ " code" " git_branch.git_branch"
119+ " msg" " Build target is C10S which is not a trusted target branch"
120+ }}
121+ single_test_case (" C10S"
122+ }
123+
124+ test_rhel_version_multi_digit_major_no_patch if {
125+ single_test_case (" rhel-10.1"
126+ }
127+
128+ # Tests for ^rhel-[0-9]+\.[0-9](\.[0-9])?$ regex pattern - with patch version
129+ test_rhel_version_single_digit_major_minor_patch if {
130+ single_test_case (" rhel-8.0.0"
131+ single_test_case (" rhel-9.9.0"
132+ }
133+
134+ test_rhel_version_multi_digit_major_with_patch if {
135+ single_test_case (" rhel-10.1.0"
136+ single_test_case (" rhel-11.9.0"
137+ }
138+
139+ test_rhel_version_no_minor_denied if {
140+ expected := {{
141+ " code" " git_branch.git_branch"
142+ " msg" " Build target is rhel-9 which is not a trusted target branch"
143+ }}
144+ single_test_case (" rhel-9"
145+ }
146+
147+ test_rhel_version_multi_digit_minor_denied if {
148+ expected := {{
149+ " code" " git_branch.git_branch"
150+ " msg" " Build target is rhel-9.10 which is not a trusted target branch"
151+ }}
152+ single_test_case (" rhel-9.10"
153+ }
154+
155+ test_rhel_version_multi_digit_patch_denied if {
156+ expected := {{
157+ " code" " git_branch.git_branch"
158+ " msg" " Build target is rhel-9.5.10 which is not a trusted target branch"
159+ }}
160+ single_test_case (" rhel-9.5.10"
161+ }
162+
163+ test_rhel_version_extra_component_denied if {
164+ expected := {{
165+ " code" " git_branch.git_branch"
166+ " msg" " Build target is rhel-9.5.3.1 which is not a trusted target branch"
167+ }}
168+ single_test_case (" rhel-9.5.3.1"
169+ }
170+
171+ test_rhel_version_with_suffix_denied if {
172+ expected := {{
173+ " code" " git_branch.git_branch"
174+ " msg" " Build target is rhel-9.5-extra which is not a trusted target branch"
175+ }}
176+ single_test_case (" rhel-9.5-extra"
177+ }
178+
179+ test_rhel_version_with_patch_suffix_denied if {
180+ expected := {{
181+ " code" " git_branch.git_branch"
182+ " msg" " Build target is rhel-9.5.3-extra which is not a trusted target branch"
183+ }}
184+ single_test_case (" rhel-9.5.3-extra"
185+ }
186+
187+ test_rhel_version_with_prefix_denied if {
188+ expected := {{
189+ " code" " git_branch.git_branch"
190+ " msg" " Build target is feature-rhel-9.5 which is not a trusted target branch"
191+ }}
192+ single_test_case (" feature-rhel-9.5"
193+ }
194+
195+ # Tests for ^rhel-[0-9]+-main$ regex pattern
196+ test_rhel_main_single_digit_major if {
197+ single_test_case (" rhel-9-main"
198+ single_test_case (" rhel-8-main"
199+ }
200+
201+ test_rhel_main_multi_digit_major if {
202+ single_test_case (" rhel-10-main"
203+ single_test_case (" rhel-11-main"
204+ single_test_case (" rhel-99-main"
205+ }
206+
207+ test_rhel_main_no_major_denied if {
208+ expected := {{
209+ " code" " git_branch.git_branch"
210+ " msg" " Build target is rhel-main which is not a trusted target branch"
211+ }}
212+ single_test_case (" rhel-main"
213+ }
214+
215+ test_rhel_main_with_suffix_denied if {
216+ expected := {{
217+ " code" " git_branch.git_branch"
218+ " msg" " Build target is rhel-9-main-branch which is not a trusted target branch"
219+ }}
220+ single_test_case (" rhel-9-main-branch"
221+ }
222+
223+ test_rhel_main_with_prefix_denied if {
224+ expected := {{
225+ " code" " git_branch.git_branch"
226+ " msg" " Build target is feature-rhel-9-main which is not a trusted target branch"
227+ }}
228+ single_test_case (" feature-rhel-9-main"
229+ }
230+
231+ # Tests for branch[0-9]+-rhel-[0-9]+.[0-9]+.[0-9]+$ regex pattern
232+ test_hotfix_branch_single_digit_branch_number if {
233+ single_test_case (" kernel-5.14.0-570.42.1.el9_6-branch1-rhel-9.6.0"
234+ single_test_case (" kernel-5.14.0-570.42.1.el10_3-branch2-rhel-10.3.1"
235+ }
236+
237+ test_hotfix_branch_multi_digit_branch_number if {
238+ single_test_case (" kernel-5.14.0-570.42.1.el9_6-branch13-rhel-9.6.9"
239+ single_test_case (" kernel-5.14.0-570.42.1.el11_2-branch99-rhel-11.2.0"
240+ }
241+
242+ test_hotfix_branch_multi_digit_versions if {
243+ single_test_case (" package-1.2.3-branch1-rhel-10.10.10"
244+ single_test_case (" package-1.2.3-branch1-rhel-99.99.99"
245+ }
246+
247+ test_hotfix_branch_no_branch_number_denied if {
248+ expected := {{
249+ " code" " git_branch.git_branch"
250+ " msg" " Build target is kernel-5.14.0-570.42.1.el9_6-branch-rhel-9.6.0 which is not a trusted target branch"
251+ }}
252+ single_test_case (" kernel-5.14.0-570.42.1.el9_6-branch-rhel-9.6.0"
253+ }
254+
255+ test_hotfix_branch_missing_patch_version_denied if {
256+ expected := {{
257+ " code" " git_branch.git_branch"
258+ " msg" " Build target is kernel-5.14.0-570.42.1.el9_6-branch1-rhel-9.6 which is not a trusted target branch"
259+ }}
260+ single_test_case (" kernel-5.14.0-570.42.1.el9_6-branch1-rhel-9.6"
261+ }
262+
263+ test_hotfix_branch_with_extra_suffix_denied if {
264+ expected := {{
265+ " code" " git_branch.git_branch"
266+ " msg" " Build target is kernel-5.14.0-570.42.1.el9_6-branch1-rhel-9.6.0-extra which is not a trusted target branch"
267+ }}
268+ single_test_case (" kernel-5.14.0-570.42.1.el9_6-branch1-rhel-9.6.0-extra"
269+ }
0 commit comments