(tooling-trusted-releases) branch sbp updated: Add tests relating to classifications in attestable data

Mon, 16 Mar 2026 09:51:49 -0700 

This is an automated email from the ASF dual-hosted git repository.

sbp pushed a commit to branch sbp
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git


The following commit(s) were added to refs/heads/sbp by this push:
     new 75e226b1 Add tests relating to classifications in attestable data
75e226b1 is described below

commit 75e226b16fa24237ab736a1361392c9cc406e661
Author: Sean B. Palmer <[email protected]>
AuthorDate: Mon Mar 16 16:50:26 2026 +0000

    Add tests relating to classifications in attestable data
---
 tests/unit/test_attestable.py | 84 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 84 insertions(+)

diff --git a/tests/unit/test_attestable.py b/tests/unit/test_attestable.py
index 24bd4a6a..0d8619c8 100644
--- a/tests/unit/test_attestable.py
+++ b/tests/unit/test_attestable.py
@@ -15,10 +15,51 @@
 # specific language governing permissions and limitations
 # under the License.
 
+import pathlib
+
 import atr.attestable as attestable
 import atr.models.attestable as models
 
 
+def test_attestable_v2_round_trip():
+    original = models.AttestableV2(
+        hashes={"h1": models.HashEntry(size=100, uploaders=[("alice", 
"00001")])},
+        paths={
+            "a.tar.gz": models.PathEntryV2(content_hash="h1", 
classification="source"),
+            "a.tar.gz.sha512": models.PathEntryV2(content_hash="h2", 
classification="metadata"),
+        },
+        policy={"min_hours": 72},
+    )
+
+    loaded = 
models.AttestableV2.model_validate_json(original.model_dump_json())
+
+    assert loaded == original
+    assert loaded.version == 2
+    assert loaded.paths["a.tar.gz"].content_hash == "h1"
+    assert loaded.paths["a.tar.gz"].classification == "source"
+    assert loaded.paths["a.tar.gz.sha512"].content_hash == "h2"
+    assert loaded.paths["a.tar.gz.sha512"].classification == "metadata"
+
+
+def test_generate_files_data_returns_attestable_v2():
+    data = attestable._generate_files_data(
+        path_to_hash={"apache-widget-1.0-src.tar.gz": "h1", 
"apache-widget-1.0-src.tar.gz.sha512": "h2"},
+        path_to_size={"apache-widget-1.0-src.tar.gz": 100, 
"apache-widget-1.0-src.tar.gz.sha512": 64},
+        revision_number="00001",
+        release_policy=None,
+        uploader_uid="alice",
+        previous=None,
+        base_path=pathlib.Path("/test"),
+    )
+
+    assert isinstance(data, models.AttestableV2)
+    assert data.version == 2
+    assert data.paths["apache-widget-1.0-src.tar.gz"].content_hash == "h1"
+    assert data.paths["apache-widget-1.0-src.tar.gz"].classification == 
"source"
+    assert data.paths["apache-widget-1.0-src.tar.gz.sha512"].content_hash == 
"h2"
+    assert data.paths["apache-widget-1.0-src.tar.gz.sha512"].classification == 
"metadata"
+
+
 def test_hash_entry_basenames_round_trip():
     entry = models.HashEntry(
         size=123,
@@ -64,8 +105,51 @@ def 
test_hash_metadata_basenames_are_cumulative_and_unique():
         release_policy=None,
         uploader_uid="bob",
         previous=previous,
+        base_path=pathlib.Path("/test"),
     )
 
     assert data.hashes["h1"].basenames == ["apache-widget-1.0-src.tar.gz", 
"apache-widget-1.0.zip"]
     assert data.hashes["h1"].uploaders == [("alice", "00001"), ("bob", 
"00002")]
     assert data.hashes["h2"].basenames == ["readme.txt"]
+
+
+def test_parse_attestable_v1():
+    data = {"version": 1, "paths": {"a.tar.gz": "h1"}, "hashes": {}, "policy": 
{}}
+
+    result = attestable._parse_attestable(data)
+
+    assert isinstance(result, models.AttestableV1)
+    assert result.version == 1
+    assert result.paths == {"a.tar.gz": "h1"}
+
+
+def test_parse_attestable_v2():
+    data = {
+        "version": 2,
+        "paths": {
+            "a.tar.gz": {"content_hash": "h1", "classification": "source"},
+        },
+        "hashes": {},
+        "policy": {},
+    }
+
+    result = attestable._parse_attestable(data)
+
+    assert isinstance(result, models.AttestableV2)
+    assert result.version == 2
+    assert result.paths["a.tar.gz"].content_hash == "h1"
+    assert result.paths["a.tar.gz"].classification == "source"
+
+
+def test_path_hashes_support_v1_and_v2():
+    v1 = models.AttestableV1(paths={"a.tar.gz": "h1"}, hashes={}, policy={})
+    v2 = models.AttestableV2(
+        paths={"a.tar.gz": models.PathEntryV2(content_hash="h1", 
classification="source")},
+        hashes={},
+        policy={},
+    )
+
+    assert attestable.path_hashes(v1) == {"a.tar.gz": "h1"}
+    assert attestable.path_hashes(v2) == {"a.tar.gz": "h1"}
+    assert attestable.path_hash(v2, "a.tar.gz") == "h1"
+    assert attestable.path_classification(v2, "a.tar.gz") == "source"


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to