attesto-go/connectorkit/manifest_test.go

package connectorkit

import (
	"encoding/json"
	"os"
	"path/filepath"
	"testing"
)

func TestValidateFirstPartyManifests(t *testing.T) {
	for _, rel := range []string{
		"../../../connectors/github/attesto.connector.json",
		"../../../connectors/gitlab/attesto.connector.json",
		"../../../connectors/s3/attesto.connector.json",
	} {
		path := filepath.Clean(rel)
		raw, err := os.ReadFile(path)
		if err != nil {
			t.Fatalf("read manifest %s: %v", rel, err)
		}
		var manifest Manifest
		if err := json.Unmarshal(raw, &manifest); err != nil {
			t.Fatalf("parse manifest %s: %v", rel, err)
		}
		result := ValidateManifest(manifest)
		if !result.OK || result.EvidenceScore != 95 || result.Tier != "platinum" {
			t.Fatalf("unexpected validation result for %s: %+v", rel, result)
		}
	}
}

func TestValidateV2ManifestRequiresRuntimeMetadata(t *testing.T) {
	raw, err := os.ReadFile(filepath.Clean("../../../connectors/github/attesto.connector.json"))
	if err != nil {
		t.Fatal(err)
	}
	var manifest Manifest
	if err := json.Unmarshal(raw, &manifest); err != nil {
		t.Fatal(err)
	}
	if manifest.SchemaVersion != "attesto.connector.v2" {
		t.Fatalf("unexpected schema version: %s", manifest.SchemaVersion)
	}
	manifest.Runtime = nil

	result := ValidateManifest(manifest)

	if result.OK {
		t.Fatalf("expected invalid manifest without runtime metadata")
	}
	var found bool
	for _, finding := range result.Findings {
		if finding.Code == "runtime.incomplete" {
			found = true
		}
	}
	if !found {
		t.Fatalf("missing runtime finding: %+v", result.Findings)
	}
}