diff --git a/.github/workflows/security-guard.lock.yml b/.github/workflows/security-guard.lock.yml index c23d0d28..13bbe5a4 100644 --- a/.github/workflows/security-guard.lock.yml +++ b/.github/workflows/security-guard.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"ee2be25a67315f48a2f15f1ccd6fe3c3425671da017e07692a3041a615cb19d2","compiler_version":"v0.71.1","strict":true,"agent_id":"claude"} +# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"506f1dc3802396fcef56bdef6f26e6a67ca80566de41c3c9a61b15fbf49e50da","compiler_version":"v0.71.1","strict":true,"agent_id":"claude"} # gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"github/gh-aw-actions/setup","sha":"239aec45b78c8799417efdd5bc6d8cc036629ec1","version":"v0.71.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.28","digest":"sha256:a8834e285807654bf680154faa710d43fe4365a0868142f5c20e48c85e137a7a","pinned_image":"ghcr.io/github/gh-aw-firewall/agent:0.25.28@sha256:a8834e285807654bf680154faa710d43fe4365a0868142f5c20e48c85e137a7a"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.28","digest":"sha256:93290f2393752252911bd7c39a047f776c0b53063575e7bde4e304962a9a61cb","pinned_image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.28@sha256:93290f2393752252911bd7c39a047f776c0b53063575e7bde4e304962a9a61cb"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.28","digest":"sha256:fdf310e4678ce58d248c466b89399e9680a3003038fd19322c388559016aaac7","pinned_image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.28@sha256:fdf310e4678ce58d248c466b89399e9680a3003038fd19322c388559016aaac7"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.28","digest":"sha256:844c18280f82cd1b06345eb2f4e91966b34185bfc51c9f237c3e022e848fb474","pinned_image":"ghcr.io/github/gh-aw-firewall/squid:0.25.28@sha256:844c18280f82cd1b06345eb2f4e91966b34185bfc51c9f237c3e022e848fb474"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.0","digest":"sha256:9c2228324fb1f26f39dc9471612e530ae3efc3156dac05efb2e8d212878d454d","pinned_image":"ghcr.io/github/gh-aw-mcpg:v0.3.0@sha256:9c2228324fb1f26f39dc9471612e530ae3efc3156dac05efb2e8d212878d454d"},{"image":"ghcr.io/github/github-mcp-server:v1.0.2","digest":"sha256:26db03408086a99cf1916348dcc4f9614206658f9082a8060dc7c81ad787f4ba","pinned_image":"ghcr.io/github/github-mcp-server:v1.0.2@sha256:26db03408086a99cf1916348dcc4f9614206658f9082a8060dc7c81ad787f4ba"},{"image":"node:lts-alpine","digest":"sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f","pinned_image":"node:lts-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f"}]} # ___ _ _ # / _ \ | | (_) @@ -190,14 +190,14 @@ jobs: run: | bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh" { - cat << 'GH_AW_PROMPT_c6276b5026597d17_EOF' + cat << 'GH_AW_PROMPT_d06ddc1cb4382785_EOF' - GH_AW_PROMPT_c6276b5026597d17_EOF + GH_AW_PROMPT_d06ddc1cb4382785_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_c6276b5026597d17_EOF' + cat << 'GH_AW_PROMPT_d06ddc1cb4382785_EOF' Tools: add_comment, missing_tool, missing_data, noop @@ -229,12 +229,12 @@ jobs: {{/if}} - GH_AW_PROMPT_c6276b5026597d17_EOF + GH_AW_PROMPT_d06ddc1cb4382785_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md" - cat << 'GH_AW_PROMPT_c6276b5026597d17_EOF' + cat << 'GH_AW_PROMPT_d06ddc1cb4382785_EOF' {{#runtime-import .github/workflows/security-guard.md}} - GH_AW_PROMPT_c6276b5026597d17_EOF + GH_AW_PROMPT_d06ddc1cb4382785_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9 @@ -467,9 +467,9 @@ jobs: mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs" mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_1b90da25075e7770_EOF' + cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_8641ce7f8138ceee_EOF' {"add_comment":{"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}} - GH_AW_SAFE_OUTPUTS_CONFIG_1b90da25075e7770_EOF + GH_AW_SAFE_OUTPUTS_CONFIG_8641ce7f8138ceee_EOF - name: Write Safe Outputs Tools env: GH_AW_TOOLS_META_JSON: | @@ -653,7 +653,7 @@ jobs: export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.0' GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_55a561e13200ba3d_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_d7e95145fde4fab6_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { "safeoutputs": { @@ -678,7 +678,7 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_55a561e13200ba3d_EOF + GH_AW_MCP_CONFIG_d7e95145fde4fab6_EOF - name: Clean git credentials continue-on-error: true run: bash "${RUNNER_TEMP}/gh-aw/actions/clean_git_credentials.sh" @@ -768,7 +768,7 @@ jobs: (umask 177 && touch /tmp/gh-aw/agent-stdio.log) # shellcheck disable=SC1003 sudo -E awf --container-workdir "${GITHUB_WORKSPACE}" --mount "${RUNNER_TEMP}/gh-aw:${RUNNER_TEMP}/gh-aw:ro" --mount "${RUNNER_TEMP}/gh-aw:/host${RUNNER_TEMP}/gh-aw:ro" --tty --env-all --exclude-env ANTHROPIC_API_KEY --exclude-env GH_TOKEN --exclude-env GITHUB_MCP_SERVER_TOKEN --exclude-env MCP_GATEWAY_API_KEY --allow-domains '*.githubusercontent.com,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,cdn.playwright.dev,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,docs.github.com,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,pypi.org,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,sentry.io,statsig.anthropic.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com' --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --audit-dir /tmp/gh-aw/sandbox/firewall/audit --session-state-dir /tmp/gh-aw/sandbox/agent/session-state --enable-host-access --allow-host-ports 80,443,8080 --image-tag 0.25.28,squid=sha256:844c18280f82cd1b06345eb2f4e91966b34185bfc51c9f237c3e022e848fb474,agent=sha256:a8834e285807654bf680154faa710d43fe4365a0868142f5c20e48c85e137a7a,api-proxy=sha256:93290f2393752252911bd7c39a047f776c0b53063575e7bde4e304962a9a61cb,cli-proxy=sha256:fdf310e4678ce58d248c466b89399e9680a3003038fd19322c388559016aaac7 --skip-pull --enable-api-proxy --difc-proxy-host host.docker.internal:18443 --difc-proxy-ca-cert /tmp/gh-aw/difc-proxy-tls/ca.crt \ - -- /bin/bash -c 'export PATH="$(find /opt/hostedtoolcache -maxdepth 4 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && claude --print --no-chrome --max-turns 6 --mcp-config "${{ runner.temp }}/gh-aw/mcp-config/mcp-servers.json" --allowed-tools Bash,BashOutput,Edit,ExitPlanMode,Glob,Grep,KillBash,LS,MultiEdit,NotebookEdit,NotebookRead,Read,Task,TodoWrite,Write,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_job_logs,mcp__github__get_label,mcp__github__get_latest_release,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_review_comments,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_release_by_tag,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__issue_read,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issue_types,mcp__github__list_issues,mcp__github__list_label,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_releases,mcp__github__list_secret_scanning_alerts,mcp__github__list_starred_repositories,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__pull_request_read,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users,mcp__safeoutputs --debug-file /tmp/gh-aw/agent-stdio.log --verbose --permission-mode bypassPermissions --output-format stream-json "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"${GH_AW_MODEL_AGENT_CLAUDE:+ --model "$GH_AW_MODEL_AGENT_CLAUDE"}' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log + -- /bin/bash -c 'export PATH="$(find /opt/hostedtoolcache -maxdepth 4 -type d -name bin 2>/dev/null | tr '\''\n'\'' '\'':'\'')$PATH"; [ -n "$GOROOT" ] && export PATH="$GOROOT/bin:$PATH" || true && claude --print --no-chrome --max-turns 10 --mcp-config "${{ runner.temp }}/gh-aw/mcp-config/mcp-servers.json" --allowed-tools Bash,BashOutput,Edit,ExitPlanMode,Glob,Grep,KillBash,LS,MultiEdit,NotebookEdit,NotebookRead,Read,Task,TodoWrite,Write,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_job_logs,mcp__github__get_label,mcp__github__get_latest_release,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_review_comments,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_release_by_tag,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__issue_read,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issue_types,mcp__github__list_issues,mcp__github__list_label,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_releases,mcp__github__list_secret_scanning_alerts,mcp__github__list_starred_repositories,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__pull_request_read,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users,mcp__safeoutputs --debug-file /tmp/gh-aw/agent-stdio.log --verbose --permission-mode bypassPermissions --output-format stream-json "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"${GH_AW_MODEL_AGENT_CLAUDE:+ --model "$GH_AW_MODEL_AGENT_CLAUDE"}' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log env: ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} BASH_DEFAULT_TIMEOUT_MS: 60000 @@ -776,7 +776,7 @@ jobs: DISABLE_BUG_COMMAND: 1 DISABLE_ERROR_REPORTING: 1 DISABLE_TELEMETRY: 1 - GH_AW_MAX_TURNS: 6 + GH_AW_MAX_TURNS: 10 GH_AW_MCP_CONFIG: ${{ runner.temp }}/gh-aw/mcp-config/mcp-servers.json GH_AW_MODEL_AGENT_CLAUDE: ${{ vars.GH_AW_MODEL_AGENT_CLAUDE || '' }} GH_AW_PHASE: agent diff --git a/.github/workflows/security-guard.md b/.github/workflows/security-guard.md index a98a6905..a0d65645 100644 --- a/.github/workflows/security-guard.md +++ b/.github/workflows/security-guard.md @@ -11,7 +11,7 @@ permissions: issues: read engine: id: claude - max-turns: 6 + max-turns: 10 tools: github: mode: gh-proxy diff --git a/src/docker-manager.test.ts b/src/docker-manager.test.ts index 35ec10dd..b4465330 100644 --- a/src/docker-manager.test.ts +++ b/src/docker-manager.test.ts @@ -874,13 +874,16 @@ describe('docker-manager', () => { expect(volumes).toContain(`${homeDir}/.claude:/host${homeDir}/.claude:rw`); expect(volumes).toContain(`${homeDir}/.anthropic:/host${homeDir}/.anthropic:rw`); expect(volumes).toContain(`${homeDir}/.gemini:/host${homeDir}/.gemini:rw`); - // ~/.copilot is mounted from host, with session-state and logs overlaid from AWF workDir - expect(volumes).toContain(`${homeDir}/.copilot:/host${homeDir}/.copilot:rw`); + // ~/.copilot is only mounted if it already exists on the host + if (fs.existsSync(path.join(homeDir, '.copilot'))) { + expect(volumes).toContain(`${homeDir}/.copilot:/host${homeDir}/.copilot:rw`); + } + // session-state and logs are always overlaid from AWF workDir expect(volumes).toContain(`/tmp/awf-test/agent-session-state:/host${homeDir}/.copilot/session-state:rw`); expect(volumes).toContain(`/tmp/awf-test/agent-logs:/host${homeDir}/.copilot/logs:rw`); }); - it('should create missing .copilot directory and mount it when using non-standard HOME path', () => { + it('should skip .copilot bind mount when directory does not exist at non-standard HOME path', () => { const fakeHome = fs.mkdtempSync(path.join(os.tmpdir(), 'awf-home-')); const originalHome = process.env.HOME; const originalSudoUser = process.env.SUDO_USER; @@ -894,8 +897,13 @@ describe('docker-manager', () => { const result = generateDockerCompose(mockConfig, mockNetworkConfig); const volumes = result.services.agent.volumes as string[]; - expect(fs.existsSync(copilotDir)).toBe(true); - expect(volumes).toContain(`${fakeHome}/.copilot:/host${fakeHome}/.copilot:rw`); + // Directory should NOT be auto-created (changed in #2114) + expect(fs.existsSync(copilotDir)).toBe(false); + // The blanket .copilot mount should be absent + expect(volumes).not.toContain(`${fakeHome}/.copilot:/host${fakeHome}/.copilot:rw`); + // But session-state and logs overlays are always present + expect(volumes).toContainEqual(expect.stringContaining(`${fakeHome}/.copilot/session-state:rw`)); + expect(volumes).toContainEqual(expect.stringContaining(`${fakeHome}/.copilot/logs:rw`)); } finally { if (originalHome !== undefined) { process.env.HOME = originalHome; diff --git a/src/image-tag.test.ts b/src/image-tag.test.ts new file mode 100644 index 00000000..b37aef71 --- /dev/null +++ b/src/image-tag.test.ts @@ -0,0 +1,152 @@ +import { parseImageTag, buildRuntimeImageRef, IMAGE_DIGEST_KEYS } from './image-tag'; + +const VALID_DIGEST = 'sha256:' + 'a'.repeat(64); + +describe('parseImageTag', () => { + describe('when given valid input', () => { + it('should parse legacy tag format', () => { + const result = parseImageTag('0.25.18'); + expect(result.tag).toBe('0.25.18'); + expect(result.digests).toEqual({}); + }); + + it('should parse tag with single digest', () => { + const result = parseImageTag(`0.25.18,squid=${VALID_DIGEST}`); + expect(result.tag).toBe('0.25.18'); + expect(result.digests.squid).toBe(VALID_DIGEST); + }); + + it('should parse tag with multiple digests', () => { + const agentDigest = 'sha256:' + 'b'.repeat(64); + const result = parseImageTag(`0.25.18,squid=${VALID_DIGEST},agent=${agentDigest}`); + expect(result.tag).toBe('0.25.18'); + expect(result.digests.squid).toBe(VALID_DIGEST); + expect(result.digests.agent).toBe(agentDigest); + }); + + it('should handle all supported digest keys', () => { + const expectedDigests = Object.fromEntries( + IMAGE_DIGEST_KEYS.map((key, i) => [key, `sha256:${'a'.repeat(63)}${i}`]) + ) as Record<(typeof IMAGE_DIGEST_KEYS)[number], string>; + const entries = IMAGE_DIGEST_KEYS.map((key) => `${key}=${expectedDigests[key]}`).join(','); + const result = parseImageTag(`latest,${entries}`); + expect(result.tag).toBe('latest'); + for (const key of IMAGE_DIGEST_KEYS) { + expect(result.digests[key]).toBe(expectedDigests[key]); + } + }); + + it('should trim whitespace around tag and entries', () => { + const result = parseImageTag(` v1.0 , squid = ${VALID_DIGEST} `); + expect(result.tag).toBe('v1.0'); + expect(result.digests.squid).toBe(VALID_DIGEST); + }); + + it('should skip empty digest entries (trailing comma)', () => { + const result = parseImageTag(`0.25.18,squid=${VALID_DIGEST},`); + expect(result.tag).toBe('0.25.18'); + expect(result.digests.squid).toBe(VALID_DIGEST); + }); + }); + + describe('when given invalid input', () => { + it('should throw when tag is empty string', () => { + expect(() => parseImageTag('')).toThrow('tag cannot be empty'); + }); + + it('should throw when tag is whitespace only', () => { + expect(() => parseImageTag(' ')).toThrow('tag cannot be empty'); + }); + + it('should throw when tag portion is empty after split (leading comma)', () => { + expect(() => parseImageTag(`,squid=${VALID_DIGEST}`)).toThrow('tag cannot be empty'); + }); + + it('should throw for digest entry without equals sign', () => { + expect(() => parseImageTag('v1.0,squid')).toThrow('Expected format'); + }); + + it('should throw for digest entry with equals at position 0 (empty key)', () => { + expect(() => parseImageTag(`v1.0,=${VALID_DIGEST}`)).toThrow('Expected format'); + }); + + it('should throw for digest entry with equals at last position (empty value)', () => { + expect(() => parseImageTag('v1.0,squid=')).toThrow('Expected format'); + }); + + it('should throw for unrecognized digest key', () => { + expect(() => parseImageTag(`v1.0,unknown=${VALID_DIGEST}`)).toThrow( + 'Invalid --image-tag digest key "unknown"' + ); + }); + + it('should throw for digest that is not sha256 format', () => { + expect(() => parseImageTag('v1.0,squid=md5:abc')).toThrow( + 'Expected lowercase sha256:<64-hex>' + ); + }); + + it('should throw for sha256 digest with wrong length', () => { + expect(() => parseImageTag('v1.0,squid=sha256:abc123')).toThrow( + 'Expected lowercase sha256:<64-hex>' + ); + }); + + it('should throw for sha256 digest with uppercase hex', () => { + expect(() => parseImageTag(`v1.0,squid=sha256:${'A'.repeat(64)}`)).toThrow( + 'Expected lowercase sha256:<64-hex>' + ); + }); + + it('should throw for sha256 digest with non-hex characters', () => { + expect(() => parseImageTag(`v1.0,squid=sha256:${'g'.repeat(64)}`)).toThrow( + 'Expected lowercase sha256:<64-hex>' + ); + }); + }); +}); + +describe('buildRuntimeImageRef', () => { + describe('when given valid input', () => { + it('should build ref without digest when none provided', () => { + const parsed = parseImageTag('0.25.18'); + const ref = buildRuntimeImageRef('ghcr.io/github/gh-aw-firewall', 'squid', parsed); + expect(ref).toBe('ghcr.io/github/gh-aw-firewall/squid:0.25.18'); + }); + + it('should build ref with digest when provided', () => { + const parsed = parseImageTag(`0.25.18,squid=${VALID_DIGEST}`); + const ref = buildRuntimeImageRef('ghcr.io/github/gh-aw-firewall', 'squid', parsed); + expect(ref).toBe(`ghcr.io/github/gh-aw-firewall/squid:0.25.18@${VALID_DIGEST}`); + }); + + it('should build ref for agent image', () => { + const agentDigest = 'sha256:' + 'c'.repeat(64); + const parsed = parseImageTag(`latest,agent=${agentDigest}`); + const ref = buildRuntimeImageRef('registry.example.com/myorg', 'agent', parsed); + expect(ref).toBe(`registry.example.com/myorg/agent:latest@${agentDigest}`); + }); + + it('should build ref without digest when image has no matching digest', () => { + const parsed = parseImageTag(`0.25.18,squid=${VALID_DIGEST}`); + const ref = buildRuntimeImageRef('ghcr.io/github/gh-aw-firewall', 'agent', parsed); + expect(ref).toBe('ghcr.io/github/gh-aw-firewall/agent:0.25.18'); + }); + }); + + describe('when given invalid image name', () => { + it('should throw for unknown image name', () => { + const parsed = parseImageTag('0.25.18'); + expect(() => + buildRuntimeImageRef('ghcr.io/github/gh-aw-firewall', 'unknown-image', parsed) + ).toThrow('Invalid runtime image name "unknown-image"'); + }); + + it('should mention supported names in error', () => { + const parsed = parseImageTag('0.25.18'); + expect(() => + buildRuntimeImageRef('ghcr.io/github/gh-aw-firewall', 'bad', parsed) + ).toThrow(IMAGE_DIGEST_KEYS.join(', ')); + }); + }); +});