Add missing tests for assert approval (#581)

FayeSGW · web-flow · commit 83238cee394d · 2025-11-24T09:41:09.000+01:00
diff --git a/cmd/kosli/assertApproval.go b/cmd/kosli/assertApproval.go
@@ -57,6 +57,12 @@ func newAssertApprovalCmd(out io.Writer) *cobra.Command {
 			if err != nil {
 				return ErrorBeforePrintingUsage(cmd, err.Error())
 			}
+
+			err = MuXRequiredFlags(cmd, []string{"fingerprint", "artifact-type"}, true)
+			if err != nil {
+				return err
+			}
+
 			return ValidateRegistryFlags(cmd, o.fingerprintOptions)
 
 		},
diff --git a/cmd/kosli/assertApproval_test.go b/cmd/kosli/assertApproval_test.go
@@ -22,6 +22,7 @@ type AssertApprovalCommandTestSuite struct {
 
 type assertApprovalTestConfig struct {
 	createApproval bool
+	isRequest      bool
 }
 
 func (suite *AssertApprovalCommandTestSuite) SetupTest() {
@@ -49,60 +50,83 @@ func (suite *AssertApprovalCommandTestSuite) TestAssertApprovalCmd() {
 	tests := []cmdTestCase{
 		{
 			wantError: true,
-			name:      "missing --org fails",
+			name:      "1 missing --org fails",
 			cmd:       fmt.Sprintf(`assert approval --fingerprint 8e568bd886069f1290def0caabc1e97ce0e7b80c105e611258b57d76fcef234c  --flow %s --api-token secret`, suite.flowName),
 			golden:    "Error: --org is not set\nUsage: kosli assert approval [IMAGE-NAME | FILE-PATH | DIR-PATH] [flags]\n",
 		},
 		{
 			wantError: true,
-			name:      "asserting approval for a non existing artifact fails",
+			name:      "2 asserting approval for a non existing artifact fails",
 			cmd:       fmt.Sprintf(`assert approval --fingerprint 8e568bd886069f1290def0caabc1e97ce0e7b80c105e611258b57d76fcef234c  --flow %s %s`, suite.flowName, suite.defaultKosliArguments),
 			golden:    "Error: Artifact with fingerprint '8e568bd886069f1290def0caabc1e97ce0e7b80c105e611258b57d76fcef234c' does not exist in flow 'assert-approval' belonging to organization 'docs-cmd-test-user'\n",
 		},
 		{
 			wantError: true,
-			name:      "asserting an existing artifact that does not have an approval (using --fingerprint) works and exits with non-zero code",
+			name:      "3 asserting an existing artifact that does not have an approval (using --fingerprint) works and exits with non-zero code",
 			cmd:       fmt.Sprintf(`assert approval --fingerprint %s --flow %s %s`, suite.fingerprint, suite.flowName, suite.defaultKosliArguments),
 			golden:    "Error: artifact with fingerprint fcf33337634c2577a5d86fd7ecb0a25a7c1bb5d89c14fd236f546a5759252c02 has no approvals created\n",
 		},
 		{
 			wantError: true,
-			name:      "asserting approval of an existing artifact that does not have an approval (using --artifact-type) works and exits with non-zero code",
+			name:      "4 asserting approval of an existing artifact that does not have an approval (using --artifact-type) works and exits with non-zero code",
 			cmd:       fmt.Sprintf(`assert approval %s --artifact-type file --flow %s %s`, suite.artifactPath, suite.flowName, suite.defaultKosliArguments),
 			golden:    "Error: artifact with fingerprint fcf33337634c2577a5d86fd7ecb0a25a7c1bb5d89c14fd236f546a5759252c02 has no approvals created\n",
 		},
 		{
-			name:   "asserting approval of an existing artifact that has an approval (using --artifact-type) works and exits with zero code",
+			name:   "5 asserting approval of an existing artifact that has an approval (using --artifact-type) works and exits with zero code",
 			cmd:    fmt.Sprintf(`assert approval %s --artifact-type file --flow %s %s`, suite.artifactPath, suite.flowName, suite.defaultKosliArguments),
 			golden: "artifact with fingerprint fcf33337634c2577a5d86fd7ecb0a25a7c1bb5d89c14fd236f546a5759252c02 is approved (approval no. [1])\n",
 			additionalConfig: assertApprovalTestConfig{
 				createApproval: true,
+				isRequest:      false,
 			},
 		},
+		//The approval created in test 5 is valid for this test also
+		{
+			name:   "6 asserting approval of an existing artifact that has an approval (using --fingerprint) works and exits with zero code",
+			cmd:    fmt.Sprintf(`assert approval --fingerprint %s --flow %s %s`, suite.fingerprint, suite.flowName, suite.defaultKosliArguments),
+			golden: "artifact with fingerprint fcf33337634c2577a5d86fd7ecb0a25a7c1bb5d89c14fd236f546a5759252c02 is approved (approval no. [1])\n",
+		},
 		{
 			wantError: true,
-			name:      "not providing --fingerprint nor --artifact-type fails",
+			name:      "7 not providing --fingerprint nor --artifact-type fails",
 			cmd:       fmt.Sprintf(`assert approval --flow %s %s`, suite.flowName, suite.defaultKosliArguments),
 			golden:    "Error: docker image name or file/dir path is required when --fingerprint is not provided\nUsage: kosli assert approval [IMAGE-NAME | FILE-PATH | DIR-PATH] [flags]\n",
 		},
-		// TODO: this test case does not pass as the validation does not check for it
-		// {
-		// 	wantError: true,
-		// 	name:      "providing both --fingerprint and --artifact-type fails",
-		// 	cmd:       fmt.Sprintf(`assert approval --artifact-type file --fingerprint %s --flow %s %s`, suite.fingerprint, suite.flowName, suite.defaultKosliArguments),
-		// 	golden:    "COMPLIANT\n",
-		// },
 		{
 			wantError: true,
-			name:      "missing --flow fails",
+			name:      "8 providing both --fingerprint and --artifact-type fails",
+			cmd:       fmt.Sprintf(`assert approval --artifact-type file --fingerprint %s --flow %s %s`, suite.fingerprint, suite.flowName, suite.defaultKosliArguments),
+			golden:    "Error: only one of --fingerprint, --artifact-type is allowed\n",
+		},
+		{
+			wantError: true,
+			name:      "9 missing --flow fails",
 			cmd:       fmt.Sprintf(`assert approval --fingerprint %s  %s`, suite.fingerprint, suite.defaultKosliArguments),
 			golden:    "Error: required flag(s) \"flow\" not set\n",
 		},
+		{
+			wantError: true,
+			name:      "10 asserting approval of an unapproved existing artifact (using --artifact-type) works and exits with non-zero code",
+			cmd:       fmt.Sprintf(`assert approval %s --artifact-type file --flow %s %s`, suite.artifactPath, suite.flowName, suite.defaultKosliArguments),
+			golden:    "Error: artifact with fingerprint fcf33337634c2577a5d86fd7ecb0a25a7c1bb5d89c14fd236f546a5759252c02 is not approved\n",
+			additionalConfig: assertApprovalTestConfig{
+				createApproval: true,
+				isRequest:      true,
+			},
+		},
+		// The approval request created in test 9 is valid here too
+		{
+			wantError: true,
+			name:      "11 asserting approval of an unapproved existing artifact (using --fingerprint) works and exits with non-zero code",
+			cmd:       fmt.Sprintf(`assert approval --fingerprint %s --flow %s %s`, suite.fingerprint, suite.flowName, suite.defaultKosliArguments),
+			golden:    "Error: artifact with fingerprint fcf33337634c2577a5d86fd7ecb0a25a7c1bb5d89c14fd236f546a5759252c02 is not approved\n",
+		},
 	}
 
 	for _, t := range tests {
 		if t.additionalConfig != nil && t.additionalConfig.(assertApprovalTestConfig).createApproval {
-			CreateApproval(suite.flowName, suite.fingerprint, suite.Suite.T())
+			CreateApproval(suite.flowName, suite.fingerprint, t.additionalConfig.(assertApprovalTestConfig).isRequest, suite.Suite.T())
 		}
 		runTestCmd(suite.Suite.T(), []cmdTestCase{t})
 	}
diff --git a/cmd/kosli/getApproval_test.go b/cmd/kosli/getApproval_test.go
@@ -29,8 +29,8 @@ func (suite *GetApprovalCommandTestSuite) SetupTest() {
 
 	CreateFlow(suite.flowName, suite.Suite.T())
 	CreateArtifact(suite.flowName, suite.fingerprint, "approved-artifact", suite.Suite.T())
-	CreateApproval(suite.flowName, suite.fingerprint, suite.Suite.T())
-	CreateApproval(suite.flowName, suite.fingerprint, suite.Suite.T())
+	CreateApproval(suite.flowName, suite.fingerprint, false, suite.Suite.T())
+	CreateApproval(suite.flowName, suite.fingerprint, false, suite.Suite.T())
 }
 
 func (suite *GetApprovalCommandTestSuite) TestGetApprovalCmd() {
diff --git a/cmd/kosli/listApprovals_test.go b/cmd/kosli/listApprovals_test.go
@@ -41,7 +41,7 @@ func (suite *ListApprovalsCommandTestSuite) SetupTest() {
 	suite.fingerprint, err = GetSha256Digest(suite.artifactPath, fingerprintOptions, logger)
 	require.NoError(suite.Suite.T(), err)
 	CreateArtifact(suite.flowName2, suite.fingerprint, suite.artifactName, suite.Suite.T())
-	CreateApproval(suite.flowName2, suite.fingerprint, suite.Suite.T())
+	CreateApproval(suite.flowName2, suite.fingerprint, false, suite.Suite.T())
 }
 
 func (suite *ListApprovalsCommandTestSuite) TestListApprovalsCmd() {
diff --git a/cmd/kosli/testHelpers.go b/cmd/kosli/testHelpers.go
@@ -405,7 +405,8 @@ func CreateArtifactWithCommit(flowName, artifactFingerprint, artifactName string
 }
 
 // CreateApproval creates an approval for an artifact in a flow
-func CreateApproval(flowName, fingerprint string, t *testing.T) {
+// If isRequest is true, this creates an approval request
+func CreateApproval(flowName, fingerprint string, isRequest bool, t *testing.T) {
 	t.Helper()
 	o := &reportApprovalOptions{
 		payload: ApprovalPayload{
@@ -418,7 +419,7 @@ func CreateApproval(flowName, fingerprint string, t *testing.T) {
 		srcRepoRoot:     "../..",
 	}
 
-	err := o.run([]string{"filename"}, false)
+	err := o.run([]string{"filename"}, isRequest)
 	require.NoError(t, err, "approval should be created without error")
 }
 

Original file line number	Diff line number	Diff line change
`@@ -29,8 +29,8 @@ func (suite *GetApprovalCommandTestSuite) SetupTest() {`
`29`	`29`
`30`	`30`	`CreateFlow(suite.flowName, suite.Suite.T())`
`31`	`31`	`CreateArtifact(suite.flowName, suite.fingerprint, "approved-artifact", suite.Suite.T())`
`32`		`- CreateApproval(suite.flowName, suite.fingerprint, suite.Suite.T())`
`33`		`- CreateApproval(suite.flowName, suite.fingerprint, suite.Suite.T())`
	`32`	`+ CreateApproval(suite.flowName, suite.fingerprint, false, suite.Suite.T())`
	`33`	`+ CreateApproval(suite.flowName, suite.fingerprint, false, suite.Suite.T())`
`34`	`34`	`}`
`35`	`35`
`36`	`36`	`func (suite *GetApprovalCommandTestSuite) TestGetApprovalCmd() {`
Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,7 @@ func (suite *ListApprovalsCommandTestSuite) SetupTest() {`
`41`	`41`	`suite.fingerprint, err = GetSha256Digest(suite.artifactPath, fingerprintOptions, logger)`
`42`	`42`	`require.NoError(suite.Suite.T(), err)`
`43`	`43`	`CreateArtifact(suite.flowName2, suite.fingerprint, suite.artifactName, suite.Suite.T())`
`44`		`- CreateApproval(suite.flowName2, suite.fingerprint, suite.Suite.T())`
	`44`	`+ CreateApproval(suite.flowName2, suite.fingerprint, false, suite.Suite.T())`
`45`	`45`	`}`
`46`	`46`
`47`	`47`	`func (suite *ListApprovalsCommandTestSuite) TestListApprovalsCmd() {`
Original file line number	Diff line number	Diff line change
`@@ -405,7 +405,8 @@ func CreateArtifactWithCommit(flowName, artifactFingerprint, artifactName string`
`405`	`405`	`}`
`406`	`406`
`407`	`407`	`// CreateApproval creates an approval for an artifact in a flow`
`408`		`-func CreateApproval(flowName, fingerprint string, t *testing.T) {`
	`408`	`+// If isRequest is true, this creates an approval request`
	`409`	`+func CreateApproval(flowName, fingerprint string, isRequest bool, t *testing.T) {`
`409`	`410`	`t.Helper()`
`410`	`411`	`o := &reportApprovalOptions{`
`411`	`412`	`payload: ApprovalPayload{`
`@@ -418,7 +419,7 @@ func CreateApproval(flowName, fingerprint string, t *testing.T) {`
`418`	`419`	`srcRepoRoot: "../..",`
`419`	`420`	`}`
`420`	`421`
`421`		`- err := o.run([]string{"filename"}, false)`
	`422`	`+ err := o.run([]string{"filename"}, isRequest)`
`422`	`423`	`require.NoError(t, err, "approval should be created without error")`
`423`	`424`	`}`
`424`	`425`