mirror of
https://github.com/ultravioletrs/cocos.git
synced 2026-06-23 04:10:25 +00:00
Sammy Kerata Oina
4e8057f481
CI / ci (push) Has been cancelled
* Implement IMAMeasurements method in agentSDK and add corresponding unit tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add unit tests for NewIMAMeasurements command in CLI Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add error assertion for command execution in NewIMAMeasurements test Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Fix nil pointer dereference in Close method and update NewCreateVMCmd logic for manager client initialization Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor file permission settings to use octal notation and improve cleanup handling in NewCreateVMCmd test Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add comprehensive unit tests for state machine functionality Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add mock implementation for Algorithm interface and corresponding test cases Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor file permission settings to use octal notation in TestStopComputationIntegration Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Remove redundant reset test cases from TestStateMachine_Reset Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Fix race condition in action call verification in TestStateMachine_HandleEvent Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Enhance state machine with reset functionality and improve thread safety in event handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Improve error handling in state machine start function during tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Remove concurrent reset and send event test from state machine tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Remove error logging for Start function in transition tests Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add mock implementations for AgentService_IMAMeasurementsClient and Service Shutdown method; enhance progress tests for IMA measurements handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add comprehensive tests for FileStorage functionality including loading, saving, and concurrent access Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Enhance tests by adding dataset and algorithm hashes in handleRunReqChunks; improve error handling in TestFileStorage_ErrorHandling cleanup Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Enhance TestManagerClient_Process by adding new test cases for Agent state and Disconnect requests; update setupMocks to include grpcClient Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Fix graceful shutdown in gRPC server by adding nil checks for health and server instances Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Enhance TestAttestation by adding mock expectations for VTpmAttestation and Attestation methods; update service call to include platform parameter Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Enhance gRPC Server by adding synchronization for start/stop methods; prevent multiple starts and ensure graceful shutdown Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add unit tests for gRPC server methods including VM creation, removal, and info retrieval Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add tests for SEVSNP and TDX host capabilities; remove unused vsock code Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add a newline for better readability in vm_test.go Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add integration tests for gRPC client in cvm_test.go Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Remove unused vsock dependencies and add comprehensive unit tests for GCP attestation functions Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Skip GCP tests if credentials are not set Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add tests for error handling in attestation configuration and GCP commands Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Improve error handling in Azure VM test response writing Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Skip tests in GCP functions if credentials are not set Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add comprehensive unit tests for Azure attestation provider and verifier Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add unit tests for TPM functionality and improve error handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add comprehensive tests for attestation functionality and improve error handling Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add validation for teeNonce in TeeAttestation and implement comprehensive tests for provider methods Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor error messages in TDX attestation tests for clarity Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Fix error message in TeeAttestation test for valid nonce case Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add MeasurementProvider mock and update mockery configuration Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add logging for product in parseUints and rename test functions for clarity Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor TestSevsnpverify to reset configuration and improve error logging Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com>
214 lines
4.4 KiB
Go
214 lines
4.4 KiB
Go
// Copyright (c) Ultraviolet
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package attestation
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestCCPlatform(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
sevSnpGuestExists bool
|
|
sevSnpGuestvTPMExists bool
|
|
tdxGuestExists bool
|
|
isAzure bool
|
|
expected PlatformType
|
|
}{
|
|
{
|
|
name: "No CC platform detected",
|
|
sevSnpGuestExists: false,
|
|
sevSnpGuestvTPMExists: false,
|
|
tdxGuestExists: false,
|
|
isAzure: false,
|
|
expected: NoCC,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
result := CCPlatform()
|
|
assert.Equal(t, tt.expected, result)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestSevSnpGuestDeviceExists(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
openDeviceErr error
|
|
expected bool
|
|
}{
|
|
{
|
|
name: "device does not exist or fails to open",
|
|
openDeviceErr: fmt.Errorf("device not found"),
|
|
expected: false,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
result := SevSnpGuestDeviceExists()
|
|
assert.Equal(t, tt.expected, result)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestSevSnpGuestvTPMExists(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
vTPMExists bool
|
|
sevSnpExists bool
|
|
expected bool
|
|
}{
|
|
{
|
|
name: "vTPM exists but SEV-SNP does not",
|
|
vTPMExists: true,
|
|
sevSnpExists: false,
|
|
expected: false,
|
|
},
|
|
{
|
|
name: "SEV-SNP exists but vTPM does not",
|
|
vTPMExists: false,
|
|
sevSnpExists: true,
|
|
expected: false,
|
|
},
|
|
{
|
|
name: "neither exists",
|
|
vTPMExists: false,
|
|
sevSnpExists: false,
|
|
expected: false,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
result := SevSnpGuestvTPMExists()
|
|
assert.Equal(t, tt.expected, result)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestVTPMExists(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
openTPMErr error
|
|
expected bool
|
|
}{
|
|
{
|
|
name: "TPM fails to open",
|
|
openTPMErr: fmt.Errorf("TPM not found"),
|
|
expected: false,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
result := vTPMExists()
|
|
assert.Equal(t, tt.expected, result)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestIsAzureVM(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
vTPMExists bool
|
|
statusCode int
|
|
responseBody string
|
|
httpError error
|
|
expected bool
|
|
}{
|
|
{
|
|
name: "Azure VM with empty response body",
|
|
vTPMExists: true,
|
|
statusCode: http.StatusOK,
|
|
responseBody: "",
|
|
httpError: nil,
|
|
expected: false,
|
|
},
|
|
{
|
|
name: "Azure VM with non-200 status code",
|
|
vTPMExists: true,
|
|
statusCode: http.StatusNotFound,
|
|
responseBody: "",
|
|
httpError: nil,
|
|
expected: false,
|
|
},
|
|
{
|
|
name: "HTTP request error",
|
|
vTPMExists: true,
|
|
statusCode: 0,
|
|
responseBody: "",
|
|
httpError: fmt.Errorf("connection failed"),
|
|
expected: false,
|
|
},
|
|
{
|
|
name: "vTPM does not exist",
|
|
vTPMExists: false,
|
|
statusCode: http.StatusOK,
|
|
responseBody: `{"compute":{"name":"test-vm"}}`,
|
|
httpError: nil,
|
|
expected: false,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
assert.Equal(t, "GET", r.Method)
|
|
assert.Equal(t, "true", r.Header.Get("Metadata"))
|
|
expectedURL := fmt.Sprintf("/?api-version=%s", azureApiVersion)
|
|
assert.Equal(t, expectedURL, r.URL.String())
|
|
|
|
if tt.httpError != nil {
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
w.WriteHeader(tt.statusCode)
|
|
if tt.responseBody != "" {
|
|
if _, err := w.Write([]byte(tt.responseBody)); err != nil {
|
|
t.Fatalf("Failed to write response body: %v", err)
|
|
}
|
|
}
|
|
}))
|
|
defer server.Close()
|
|
|
|
if tt.httpError != nil {
|
|
server.Close()
|
|
}
|
|
|
|
result := isAzureVM()
|
|
assert.Equal(t, tt.expected, result)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestTDXGuestDeviceExists(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
openDeviceErr error
|
|
expected bool
|
|
}{
|
|
{
|
|
name: "TDX device does not exist or fails to open",
|
|
openDeviceErr: fmt.Errorf("device not found"),
|
|
expected: false,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
result := TDXGuestDeviceExists()
|
|
assert.Equal(t, tt.expected, result)
|
|
})
|
|
}
|
|
}
|