Tracks and reports tampered Wrappers (#23)

src/main.rs

@@ -22,10 +22,18 @@ fn main() {
 }
 
 fn ensure_no_issues(outcomes: Vec<ValidationOutcome>) {
-    let issues = outcomes.iter().any(|check| !check.has_valid_wrapper_checksum);
+    let issues: Vec<&ValidationOutcome> = outcomes
+        .iter()
+        .filter(|check| !check.has_valid_wrapper_checksum)
+        .collect();
 
-    if issues {
+    if !issues.is_empty() {
         eprintln!("A Gradle wrapper with invalid checksum was found!");
+
+        for invalid in issues {
+            println!("{}", &invalid.local_project.file_system_path);
+        }
+
         exit(37)
     }
 
@@ -37,51 +45,62 @@ mod tests {
     use assert_cmd::Command;
     use predicates::str::contains;
 
-    static TOOL: &str = "gwv";
+    fn gwv() -> Command {
+        Command::cargo_bin("gwv").unwrap()
+    }
 
-    #[test]
-    fn should_validate_test_wrappers() {
-        let mut cmd = Command::cargo_bin(TOOL).unwrap();
+    fn project_dir() -> String {
+        let root_dir = std::env::current_dir().unwrap();
+        String::from(root_dir.to_str().unwrap())
+    }
 
-        let project_dir = std::env::current_dir().unwrap();
-        let test_data = format!("{}/test_data", &project_dir.to_string_lossy());
+    #[test]
+    fn should_report_all_wrappers_with_valid_checksums() {
+        let valid_wrappers = format!("{}/test_data/valid", project_dir());
+        let arguments = ["-p", &valid_wrappers];
 
-        let arguments = ["-p", &test_data];
-        let assert = cmd.args(arguments).assert();
+        let assert = gwv().args(arguments).assert();
 
         assert
             .success()
             .stdout(contains("All Gradle wrappers have valid checksums"));
     }
 
     #[test]
-    fn should_report_custom_errors() {
-        let mut cmd = Command::cargo_bin(TOOL).unwrap();
-
-        let project_dir = std::env::current_dir().unwrap();
-        let no_wrappers = format!("{}/scripts", &project_dir.to_string_lossy());
-
+    fn should_report_no_wrappers_found() {
+        let no_wrappers = format!("{}/scripts", project_dir());
         let arguments = ["-p", &no_wrappers];
-        let assert = cmd.args(arguments).assert();
+
+        let assert = gwv().args(arguments).assert();
 
         assert.failure().stderr(contains("No wrappers found"));
     }
 
+    #[test]
+    fn should_report_tampered_wrapper_found() {
+        let invalid_wrapper = format!("{}/test_data/invalid", project_dir());
+        let arguments = ["-p", &invalid_wrapper];
+
+        let assert = gwv().args(arguments).assert();
+
+        assert
+            .failure()
+            .stderr(contains("A Gradle wrapper with invalid checksum was found"));
+    }
+
     #[test]
     fn should_show_help() {
-        let mut cmd = Command::cargo_bin(TOOL).unwrap();
-        let description = "A validator for gradle/wrapper jar binaries, intended to be used in CI pipelines";
+        let assert = gwv().arg("--help").assert();
 
-        let assert = cmd.arg("--help").assert();
-        assert.success().stdout(contains(description));
+        let intro = "A validator for gradle/wrapper jar binaries, intended to be used in CI pipelines";
+        assert.success().stdout(contains(intro));
     }
 
     #[test]
     fn should_fail_without_arguments() {
-        let mut cmd = Command::cargo_bin(TOOL).unwrap();
-        let instruction = "required arguments were not provided";
+        let no_arguments = "required arguments were not provided";
 
-        let assert = cmd.assert();
-        assert.failure().stderr(contains(instruction));
+        let assert = gwv().assert();
+        assert.failure().stderr(contains(no_arguments));
     }
 }

src/validator.rs

@@ -46,23 +46,24 @@ mod tests {
     use crate::validator::gradle_releases::fetch;
     use crate::validator::{local_projects, validate};
 
-    static FAKE_PATH_NAME: &str = "/usr/dev/my-projects";
-
     #[test]
     fn should_validate_local_project_when_checksum_matches() {
         let project_dir = std::env::current_dir().unwrap();
-        let test_data = format!("{}/test_data/gradle8", &project_dir.to_string_lossy());
+        let valid_wrapper = format!("{}/test_data/valid/gradle8", &project_dir.to_string_lossy());
         let locator = local_projects::locate;
 
-        let validations = validate(&test_data, locator, fetch).unwrap();
+        let validations = validate(&valid_wrapper, locator, fetch).unwrap();
         let actual = validations.first().unwrap();
         assert!(actual.has_valid_wrapper_checksum)
     }
 
     #[test]
     fn should_validate_local_project_when_checksum_does_not_match() {
-        let locator = local_projects::fakes::locate_tampered_project;
-        let validations = validate(FAKE_PATH_NAME, locator, fetch).unwrap();
+        let project_dir = std::env::current_dir().unwrap();
+        let valid_wrapper = format!("{}/test_data/invalid/tampered", &project_dir.to_string_lossy());
+        let locator = local_projects::locate;
+
+        let validations = validate(&valid_wrapper, locator, fetch).unwrap();
         let actual = validations.first().unwrap();
         assert!(!actual.has_valid_wrapper_checksum)
     }

src/validator/local_projects.rs

@@ -30,16 +30,6 @@ fn parse_wrapper_info(entry: DirEntry) -> Result<LocalGradleWrapper> {
     Ok(wrapper)
 }
 
-#[cfg(test)]
-pub mod fakes {
-    use crate::validator::models::{LocalGradleWrapper, Result};
-
-    pub fn locate_tampered_project(path_name: &str) -> Result<Vec<LocalGradleWrapper>> {
-        let fake = LocalGradleWrapper::new(path_name, "84900f11f4a86050a8f83342ade7b6bc9b0d2bdd-tampered");
-        Ok(vec![fake])
-    }
-}
-
 #[cfg(test)]
 mod tests {
     use crate::validator::local_projects::locate;
@@ -48,7 +38,7 @@ mod tests {
     #[test]
     fn should_locate_gradle_wrappers() {
         let project_dir = std::env::current_dir().unwrap();
-        let test_data_dir = format!("{}/test_data", &project_dir.to_string_lossy());
+        let test_data_dir = format!("{}/test_data/valid", &project_dir.to_string_lossy());
 
         let found_wrappers = locate(&test_data_dir).unwrap();
 

test_data/valid/gradle8/gradle/wrapper/gradle-wrapper.properties

@@ -0,0 +1,7 @@
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip
+networkTimeout=10000
+validateDistributionUrl=true
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists