milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #349 from AikidoSec/bug/ci-build-pre-release

Browse source 
Stop downloadAgent test from depending on live artifacts
This commit is contained in:
Reinier Criel 2026-03-25 14:06:56 -07:00 committed by GitHub
commit cc0f08dc03
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 30 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

49
packages/safe-chain/src/installation/downloadAgent.spec.js
View file

@ -2,18 +2,18 @@ import { describe, it, after } from "node:test";
import assert from "node:assert"; import assert from "node:assert";
import { tmpdir } from "node:os"; import { tmpdir } from "node:os";
import { join } from "node:path"; import { join } from "node:path";
import { unlinkSync } from "node:fs"; import { unlinkSync, writeFileSync } from "node:fs";
import { createHash } from "node:crypto";
import { import {
DOWNLOAD_URLS, DOWNLOAD_URLS,
downloadFile,
verifyChecksum, verifyChecksum,
} from "./downloadAgent.js"; } from "./downloadAgent.js";
describe("downloadAgent checksums", { timeout: 120_000 }, () => { describe("downloadAgent", () => {
const downloadedFiles = []; const tempFiles = [];
after(() => { after(() => {
for (const file of downloadedFiles) { for (const file of tempFiles) {
try { try {
unlinkSync(file); unlinkSync(file);
} catch { } catch {
@ -24,22 +24,33 @@ describe("downloadAgent checksums", { timeout: 120_000 }, () => {
for (const [platform, architectures] of Object.entries(DOWNLOAD_URLS)) { for (const [platform, architectures] of Object.entries(DOWNLOAD_URLS)) {
for (const [arch, { url, checksum }] of Object.entries(architectures)) { for (const [arch, { url, checksum }] of Object.entries(architectures)) {
it(`${platform}/${arch} checksum matches`, async () => { it(`${platform}/${arch} has a valid download definition`, () => {
const destPath = join( assert.match(
tmpdir(), url,
`safe-chain-test-${platform}-${arch}-${Date.now()}` /^https:\/\/github\.com\/AikidoSec\/safechain-internals\/releases\/download\/v\d+\.\d+\.\d+\/.+/,
);
downloadedFiles.push(destPath);
await downloadFile(url, destPath);
const isValid = await verifyChecksum(destPath, checksum);
assert.strictEqual(
isValid,
true,
`Checksum mismatch for ${platform}/${arch} (${url})`
); );
assert.match(checksum, /^sha256:[a-f0-9]{64}$/);
}); });
} }
} }
it("verifies checksum for a local file", async () => {
const destPath = join(tmpdir(), `safe-chain-test-${Date.now()}`);
tempFiles.push(destPath);
writeFileSync(destPath, "safe-chain-test");
const expectedHash = createHash("sha256")
.update("safe-chain-test")
.digest("hex");
assert.equal(
await verifyChecksum(destPath, `sha256:${expectedHash}`),
true,
);
assert.equal(
await verifyChecksum(destPath, `sha256:${"0".repeat(64)}`),
false,
);
});
}); });