-
Notifications
You must be signed in to change notification settings - Fork 2
chore(xtest): Add assertions about policy contents #328
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
chore(xtest): Add assertions about policy contents #328
Conversation
shfmt shellcheck Update test_policytypes.py chore(xtest): Add more assertions about nano policies chore(xtest): follouwp
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Summary of Changes
Hello @dmihalcik-virtru, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
This pull request enhances the test suite by introducing a more comprehensive and reusable assertion mechanism for verifying policy types and embedded attributes within encrypted containers, with a specific focus on "nano" container plaintext policies. This improves the robustness and clarity of policy-related tests.
Highlights
- New Type Definition: A
policy_type
literal ("plaintext"
,"encrypted"
) has been added totdfs.py
to formally define policy types used in the test suite, enhancing type clarity for policy-related operations. - Refactored Policy Assertions: A new helper function,
assert_expected_attrs
, was introduced intest_policytypes.py
. This function centralizes and standardizes the verification of policy attributes and policy types (plaintext/embedded vs. encrypted) across different container types, significantly reducing code duplication and improving test maintainability. - Enhanced Nano Plaintext Policy Coverage: Existing tests (
test_or_attributes_success
,test_and_attributes_success
,test_hierarchy_attributes_success
,test_container_policy_mode
) have been updated to utilize the newassert_expected_attrs
helper. This specifically extends coverage to ensure correct handling and verification of embedded plaintext policies within "nano" containers, validating their structure and contained attributes.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command>
or @gemini-code-assist <command>
. Below is a summary of the supported commands.
Feature | Command | Description |
---|---|---|
Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/
folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments or fill out our survey to provide feedback.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code Review
This pull request adds assertions to verify the contents of TDF policies, which is a valuable addition for ensuring correctness. The new assert_expected_attrs
helper function centralizes policy assertions, improving test maintainability. I've suggested some minor improvements to the helper function to improve its readability and error handling.
if not pt: | ||
if "nano" == tdfs.simple_container(c): | ||
pt = "encrypted" | ||
else: | ||
pt = "plaintext" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
match tdfs.simple_container(c): | ||
case "nano": | ||
envelope = nano.parse(f.read()) | ||
assert envelope.header.version.version == 12 | ||
assert ( | ||
envelope.header.policy.policy_type == nano.PolicyType.ENCRYPTED | ||
) | ||
assert not envelope.header.policy.embedded | ||
assert envelope.header.policy.encrypted | ||
case _: | ||
assert False, "Unsupported container & policy type pair" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@@ -281,14 +284,53 @@ def test_container_policy_mode( | |||
policy_mode="plaintext", | |||
target_mode=tdfs.select_target_version(encrypt_sdk, decrypt_sdk), | |||
) | |||
assert_expected_attrs(container, "plaintext", ct_file, fqns) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@@ -57,6 +57,8 @@ | |||
|
|||
container_version = Literal["4.2.2", "4.3.0"] | |||
|
|||
policy_type = Literal["plaintext", "encrypted"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No description provided.