@@ -22,6 +22,10 @@ test_from_org_invalid if {
2222 not policies.fromOrg (fixtures.octo_org, [" unkown" , " octoorga" , " ctoorg" , " aoctoorg" ])
2323}
2424
25+ test_from_org_non_provenance if {
26+ not policies.fromOrg (fixtures.non_provenance, [" octoorg" ])
27+ }
28+
2529# From repo should pass if at least one repo is valid
2630test_from_repo_pass if {
2731 policies.fromRepo (fixtures.octo_org, [" unkown/unkown" , " octoorg/octorepo" ])
@@ -41,6 +45,10 @@ test_from_repo_invalid if {
4145 not policies.fromRepo (fixtures.octo_org, [" unkown/unkown" , " ctoorg/octorepo" , " aoctoorg/octorepo" , " octoorga/octorepo" , " octoorg/aoctorepo" , " octoorg/octorep" , " octoorg/octorepoa" ])
4246}
4347
48+ test_from_repo_non_provenance if {
49+ not policies.fromRepo (fixtures.non_provenance, [" octoorg/octorepo" ])
50+ }
51+
4452# Same repo and signer
4553test_with_signer_pass if {
4654 policies.fromOrgAndSignerRepo (fixtures.octo_org, [" unknown" , " octoorg" ], [" unkown/octorepo" , " octoorg/octorepo" ])
@@ -53,27 +61,31 @@ test_with_signer_pass if {
5361
5462# Empty input
5563test_with_signer_empty if {
56- not policies.fromOrgAndSignerRepo (fixtures.octo_org , [], [])
64+ not policies.fromOrgAndSignerRepo (fixtures.reusable , [], [])
5765}
5866
5967test_with_signer_empty if {
60- not policies.fromOrgAndSignerRepo (fixtures.octo_org , [" " ], [])
68+ not policies.fromOrgAndSignerRepo (fixtures.reusable , [" " ], [])
6169}
6270
6371test_with_signer_empty if {
64- not policies.fromOrgAndSignerRepo (fixtures.octo_org , [], [" " ])
72+ not policies.fromOrgAndSignerRepo (fixtures.reusable , [], [" " ])
6573}
6674
6775test_with_signer_empty if {
68- not policies.fromOrgAndSignerRepo (fixtures.octo_org , [" " ], [" " ])
76+ not policies.fromOrgAndSignerRepo (fixtures.reusable , [" " ], [" " ])
6977}
7078
7179# Verify that no prefix weakness exists for the orgs
72- test_from_repo_invalid if {
73- not policies.fromOrgAndSignerRepo (fixtures.octo_org , [" unkown" , " ctoorg" , " octoor" , " aoctoorg" , " octoorga" ], [" octoorg/octorepo" ])
80+ test_with_signer_invalid if {
81+ not policies.fromOrgAndSignerRepo (fixtures.reusable , [" unkown" , " ctoorg" , " octoor" , " aoctoorg" , " octoorga" ], [" octoorg/octorepo" ])
7482}
7583
7684# Verify that no prefix weakness exists for the signer repos
77- test_from_repo_invalid if {
78- not policies.fromOrgAndSignerRepo (fixtures.octo_org, [" octoorg" ], [" ctoorg/octorepo" , " octoorg/octorep" , " octoor/octorepo" , " octoorg/ctorepo" ])
85+ test_with_signer_invalid if {
86+ not policies.fromOrgAndSignerRepo (fixtures.reusable, [" octoorg" ], [" ctoorg/octorepo" , " octoorg/octorep" , " octoor/octorepo" , " octoorg/ctorepo" ])
87+ }
88+
89+ test_with_signer_non_provenance if {
90+ not policies.fromOrgAndSignerRepo (fixtures.non_provenance, [" octoorg" ], [" buildorg/build-scripts" ])
7991}
0 commit comments