Skip to content

Commit

Permalink
Fix a bug in the GitHub release source
Browse files Browse the repository at this point in the history
GetGithubReleaseWithTag will now return ErrNotFound if the repository
owner from the GitHubRepository value in the Kilnfile release entry does
not match the configured Org.
  • Loading branch information
davewalter authored and rizwanreza committed Nov 21, 2024
1 parent c611bfd commit 4d18b22
Show file tree
Hide file tree
Showing 3 changed files with 53 additions and 3 deletions.
1 change: 0 additions & 1 deletion internal/commands/update_release.go
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,6 @@ func (u UpdateRelease) Execute(args []string) error {
newSHA1 = remoteRelease.SHA1
newSourceID = remoteRelease.RemoteSource
newRemotePath = remoteRelease.RemotePath

} else {
remoteRelease, err = releaseSource.GetMatchedRelease(cargo.BOSHReleaseTarballSpecification{
Name: u.Options.Name,
Expand Down
5 changes: 5 additions & 0 deletions internal/component/github_release_source.go
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,11 @@ func (grs *GithubReleaseSource) GetGithubReleaseWithTag(ctx context.Context, s c
return nil, ErrNotFound
}

if repoOwner != grs.Org {
grs.Logger.Printf("GitHubRepository owner %q does not match configured Org %q, skipping...", repoOwner, grs.Org)
return nil, ErrNotFound
}

release, response, err := grs.GetReleaseByTag(ctx, repoOwner, repoName, "v"+s.Version)
if err == nil {
err = checkStatus(http.StatusOK, response.StatusCode)
Expand Down
50 changes: 48 additions & 2 deletions internal/component/github_release_source_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -318,8 +318,54 @@ func TestGithubReleaseSource_GetMatchedRelease(t *testing.T) {
})
}

func TestGetGithubReleaseWithTag(t *testing.T) {
t.Run("when get release with tag api request fails", func(t *testing.T) {
func TestGithubReleaseSource_GetGithubReleaseWithTag(t *testing.T) {
t.Run("when RepositoryOwnerAndNameFromPath fails", func(t *testing.T) {
damnIt := NewWithT(t)

ctx := context.TODO()

grsMock := &component.GithubReleaseSource{
Logger: log.New(GinkgoWriter, "[test] ", log.Default().Flags()),
ReleaseSourceConfig: cargo.ReleaseSourceConfig{
Type: component.ReleaseSourceTypeGithub,
Org: "cloudfoundry",
GithubToken: "fake-token",
},
}
s := cargo.BOSHReleaseTarballSpecification{
Name: "routing",
Version: "0.226.0",
GitHubRepository: "invalid-uri",
}

_, err := grsMock.GetGithubReleaseWithTag(ctx, s)
damnIt.Expect(err).To(MatchError(component.ErrNotFound))
})

t.Run("when the GitHubRepository owner does not match the configured Org", func(t *testing.T) {
damnIt := NewWithT(t)

ctx := context.TODO()

grsMock := &component.GithubReleaseSource{
Logger: log.New(GinkgoWriter, "[test] ", log.Default().Flags()),
ReleaseSourceConfig: cargo.ReleaseSourceConfig{
Type: component.ReleaseSourceTypeGithub,
Org: "cloudnotfoundry",
GithubToken: "fake-token",
},
}
s := cargo.BOSHReleaseTarballSpecification{
Name: "routing",
Version: "0.226.0",
GitHubRepository: "https://github.com/cloudfoundry/routing-release",
}

_, err := grsMock.GetGithubReleaseWithTag(ctx, s)
damnIt.Expect(err).To(MatchError(component.ErrNotFound))
})

t.Run("when GetReleaseByTag fails", func(t *testing.T) {
damnIt := NewWithT(t)

releaseGetter := new(fakes.ReleaseByTagGetter)
Expand Down

0 comments on commit 4d18b22

Please sign in to comment.