Fix issue where single trigger fails check (#46)

* Fix issue where single trigger fails check. * Fix unit test.
AdnaneKhan · Oct 1, 2024 · 3abcab4 · 3abcab4
1 parent c2f2ff6
commit 3abcab4
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 4 deletions.
diff --git a/gatox/workflow_parser/workflow_parser.py b/gatox/workflow_parser/workflow_parser.py
@@ -164,6 +164,9 @@ def get_vulnerable_triggers(self, alternate=False):
             for trigger in triggers:
                 if trigger in risky_triggers:
                     vulnerable_triggers.append(trigger)
+        elif isinstance(triggers, str):
+            if triggers in risky_triggers:
+                vulnerable_triggers.append(triggers)
         elif isinstance(triggers, dict):
             for trigger, trigger_conditions in triggers.items():
                 if trigger in risky_triggers:
@@ -256,6 +259,7 @@ def analyze_checkouts(self):
                             bump_confidence = False
                         elif if_check == "":
                             pass
+
                         step_details.append(
                             {
                                 "ref": step.metadata,
@@ -295,6 +299,7 @@ def check_pwn_request(self, bypass=False):
             dict: A dictionary containing the job names as keys and a
             list of potentially vulnerable tokens as values.
         """
+
         vulnerable_triggers = self.get_vulnerable_triggers()
         if not vulnerable_triggers and not bypass:
             return {}

diff --git a/unit_test/test_cli.py b/unit_test/test_cli.py
@@ -4,6 +4,7 @@
 
 from unittest import mock
 from gatox.cli import cli
+from unittest.mock import patch
 
 from gatox.util.arg_utils import read_file_and_validate_lines
 from gatox.util.arg_utils import is_valid_directory
@@ -17,15 +18,17 @@ def mock_settings_env_vars(request):
         yield
 
 
-def test_cli_no_gh_token(capfd):
+@patch("builtins.input", return_value="")
+def test_cli_no_gh_token(mock_input, capfd):
     """Test case where no GH Token is provided"""
     del os.environ["GH_TOKEN"]
 
-    with pytest.raises(OSError):
+    with pytest.raises(SystemExit):
         cli.cli(["enumerate", "-t", "test"])
 
-    out, err = capfd.readouterr()
-    assert "Please enter" in out
+    mock_input.assert_called_with(
+        "No 'GH_TOKEN' environment variable set! Please enter a GitHub" " PAT.\n"
+    )
 
 
 def test_cli_fine_grained_pat(capfd):