verify 2nd artifact without swapping order (#9532)

* verify 2nd artifact without swapping order possible solution to https://github.com/cli/cli/issues/9521#issuecomment-2310686619? * copy the mentioned test file and adds some extra lines * rm unnecessary import * Update pkg/cmd/attestation/verification/attestation_test.go Co-authored-by: Meredith Lancaster <malancas@users.noreply.github.com> * gofmt --------- Co-authored-by: Meredith Lancaster <malancas@users.noreply.github.com>
2024-09-04 20:27:56 +05:30 · 2024-09-04 20:27:56 +05:30 · 9a0a7d427e
commit 9a0a7d427e
parent 2bd3c22903
2 changed files with 32 additions and 20 deletions
--- a/pkg/cmd/attestation/verification/attestation.go
+++ b/pkg/cmd/attestation/verification/attestation.go
@ -1,7 +1,6 @@
 package verification

 import (
-	"bufio"
 	"bytes"
 	"encoding/json"
 	"errors"
@ -76,33 +75,23 @@ func loadBundleFromJSONFile(path string) ([]*api.Attestation, error) {
 }

 func loadBundlesFromJSONLinesFile(path string) ([]*api.Attestation, error) {
-	file, err := os.Open(path)
+	fileContent, err := os.ReadFile(path)
 	if err != nil {
-		return nil, fmt.Errorf("could not open file: %v", err)
+		return nil, fmt.Errorf("could not read file: %v", err)
 	}
-	defer file.Close()

 	attestations := []*api.Attestation{}

-	reader := bufio.NewReader(file)
+	decoder := json.NewDecoder(bytes.NewReader(fileContent))

-	var line []byte
-	line, err = reader.ReadBytes('\n')
-	for err == nil {
-		if len(bytes.TrimSpace(line)) == 0 {
-			line, err = reader.ReadBytes('\n')
-			continue
-		}
+	for decoder.More() {
 		var bundle bundle.ProtobufBundle
 		bundle.Bundle = new(protobundle.Bundle)
-		err = bundle.UnmarshalJSON(line)
-		if err != nil {
+		if err := decoder.Decode(&bundle); err != nil {
 			return nil, fmt.Errorf("failed to unmarshal bundle from JSON: %v", err)
 		}
 		a := api.Attestation{Bundle: &bundle}
 		attestations = append(attestations, &a)
-
-		line, err = reader.ReadBytes('\n')
 	}

 	return attestations, nil
--- a/pkg/cmd/attestation/verification/attestation_test.go
+++ b/pkg/cmd/attestation/verification/attestation_test.go
@ -1,6 +1,8 @@
 package verification

 import (
+	"os"
+	"path/filepath"
 	"testing"

 	protobundle "github.com/sigstore/protobuf-specs/gen/pb-go/bundle/v1"
@ -12,11 +14,32 @@ import (
 )

 func TestLoadBundlesFromJSONLinesFile(t *testing.T) {
-	path := "../test/data/sigstore-js-2.1.0_with_2_bundles.jsonl"
-	attestations, err := loadBundlesFromJSONLinesFile(path)
+	t.Run("with original file", func(t *testing.T) {
+		path := "../test/data/sigstore-js-2.1.0_with_2_bundles.jsonl"
+		attestations, err := loadBundlesFromJSONLinesFile(path)
+		require.NoError(t, err)
+		require.Len(t, attestations, 2)
+	})

-	require.NoError(t, err)
-	require.Len(t, attestations, 2)
+	t.Run("with extra lines", func(t *testing.T) {
+		// Create a temporary file with extra lines
+		tempDir := t.TempDir()
+		tempFile := filepath.Join(tempDir, "test_with_extra_lines.jsonl")
+
+		originalContent, err := os.ReadFile("../test/data/sigstore-js-2.1.0_with_2_bundles.jsonl")
+		require.NoError(t, err)
+
+		extraLines := []byte("\n\n")
+		newContent := append(originalContent, extraLines...)
+
+		err = os.WriteFile(tempFile, newContent, 0644)
+		require.NoError(t, err)
+
+		// Test the function with the new file
+		attestations, err := loadBundlesFromJSONLinesFile(tempFile)
+		require.NoError(t, err)
+		require.Len(t, attestations, 2, "Should still load 2 valid attestations")
+	})
 }

 func TestLoadBundleFromJSONFile(t *testing.T) {