From 318bd9035604030f1e6941cf388231d2f1c71827 Mon Sep 17 00:00:00 2001
From: Meredith Lancaster <malancas@github.com>
Date: Wed, 30 Oct 2024 16:21:15 -0600
Subject: [PATCH] update extensions tests

Signed-off-by: Meredith Lancaster <malancas@github.com>
---
 pkg/cmd/attestation/verification/extensions_test.go | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/pkg/cmd/attestation/verification/extensions_test.go b/pkg/cmd/attestation/verification/extensions_test.go
index 734ee1943..e01c14a6f 100644
--- a/pkg/cmd/attestation/verification/extensions_test.go
+++ b/pkg/cmd/attestation/verification/extensions_test.go
@@ -42,14 +42,14 @@ func TestVerifyCertExtensions(t *testing.T) {
 		expectedCriteria := c
 		expectedCriteria.Extensions.SourceRepositoryOwnerURI = "https://github.com/wrong"
 		err := VerifyCertExtensions(results, expectedCriteria)
-		require.ErrorContains(t, err, "expected SourceRepositoryOwnerURI to be https://github.com/owner, got https://github.com/wrong")
+		require.ErrorContains(t, err, "expected SourceRepositoryOwnerURI to be https://github.com/wrong, got https://github.com/owner")
 	})
 
 	t.Run("with wrong SourceRepositoryURI", func(t *testing.T) {
 		expectedCriteria := c
 		expectedCriteria.Extensions.SourceRepositoryURI = "https://github.com/foo/wrong"
 		err := VerifyCertExtensions(results, expectedCriteria)
-		require.ErrorContains(t, err, "expected SourceRepositoryURI to be https://github.com/owner/wrong, got https://github.com/wrong/bar")
+		require.ErrorContains(t, err, "expected SourceRepositoryURI to be https://github.com/foo/wrong, got https://github.com/foo/bar")
 	})
 
 	t.Run("with wrong OIDCIssuer", func(t *testing.T) {
@@ -60,9 +60,9 @@ func TestVerifyCertExtensions(t *testing.T) {
 	})
 
 	t.Run("with partial OIDCIssuer match", func(t *testing.T) {
-		expectedCriteria := c
-		expectedCriteria.OIDCIssuer = "https://token.actions.githubusercontent.com"
-		err := VerifyCertExtensions(results, expectedCriteria)
+		expectedResults := results
+		expectedResults[0].VerificationResult.Signature.Certificate.Extensions.Issuer = "https://token.actions.githubusercontent.com/foo-bar"
+		err := VerifyCertExtensions(expectedResults, c)
 		require.ErrorContains(t, err, "expected Issuer to be https://token.actions.githubusercontent.com, got https://token.actions.githubusercontent.com/foo-bar -- if you have a custom OIDC issuer")
 	})
 }