-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP: add tests that operate at the API level #1097
base: master
Are you sure you want to change the base?
Conversation
We need this to easily allow dev and fake-prod scriptworkers to opt into testing against Autograph stage. Rather than duplicating all of the formats, we add some simple fallback to the non-stage_ version when selecting signing function. (Note that we must pass through the original format to allow `get_autograph_config` to find the correct server configuration deeper down the stack.)
These variants don't necessarily use the same certs as the autograph prod versions, but they are similar enough that they allow us to verify that Autograph works from a functional point of view.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall this stack looks great to me!
return True | ||
if fmt.startswith("autograph_xpi"): | ||
if fmt.startswith(("autograph_xpi", "stage_autograph_xpi")): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Huh, how did I not know that startswith
could take a tuple?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Neither did I until a few days ago 😆
augh, sorry, I just realized this has a whole bunch of stuff from #1085. I'm going to rebase. |
This is inspired by recent frustrations of surprise behaviour by signingscript, and feeling like the current test-every-tiny-little-function-independently tests wouldn't allow for any sort of confident refactoring. These new tests that I'm adding use the same entry point that
scriptworker
calls into:async_main
, and they mock out as little as they possible can. Currently, this is calls to Autograph, andverify_mar_signature
, but there will probably be other things mocked out (eg: anything that depends on a signature from a real certificate will need to be mocked).Running just these new tests alone already achieves 35% coverage overall, and 27% coverage of
sign.py
:This number will obviously go up as I add tests for other signing types.