workflow

package
v1.18.0-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 29, 2026 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CertificateCount 

func CertificateCount(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) int

CertificateCount returns the number of signing certificate entries stored for the given workflow instance.

func CountHistoryEventsOfType 

func CountHistoryEventsOfType[T any](t *testing.T, ctx context.Context, client *client.TaskHubGrpcClient, id api.InstanceID) int

func GetLastHistoryEventOfType 

func GetLastHistoryEventOfType[T any](t *testing.T, ctx context.Context, client *client.TaskHubGrpcClient, id api.InstanceID) *protos.HistoryEvent

func HistoryCount 

func HistoryCount(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) int

HistoryCount returns the number of history entries stored for the given workflow instance.

func MutateMetadata 

func MutateMetadata(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string, mutate func(*backend.BackendWorkflowStateMetadata))

MutateMetadata loads the persisted BackendWorkflowStateMetadata for the given workflow instance, applies the mutation, and writes it back. Used by negative tests that simulate state store tampering.

func SignatureCount 

func SignatureCount(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) int

SignatureCount returns the number of signature entries stored for the given workflow instance. Use this in tests to verify signing happened or did not happen, instead of calling CountStateKeys directly with a raw key prefix string (which is error-prone).

func VerifyCertAppID 

func VerifyCertAppID(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID, expectedAppID string)

VerifyCertAppID checks that all signing certificates for a workflow instance contain a SPIFFE ID matching the expected app ID in the "default" namespace, and that each certificate has a 2-deep chain (leaf + issuer intermediate).

func VerifySignatureChain 

func VerifySignatureChain(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string, trustAnchors []byte)

VerifySignatureChain verifies the full history signature chain for a workflow instance, including cryptographic signatures and certificate chain-of-trust against the given trust anchors.

func WaitForRuntimeStatus 

func WaitForRuntimeStatus(t *testing.T, ctx context.Context, client *client.TaskHubGrpcClient, id api.InstanceID, status protos.OrchestrationStatus)

func WaitForWorkflowStartedEvent 

func WaitForWorkflowStartedEvent(t *testing.T, ctx context.Context, client *client.TaskHubGrpcClient, id api.InstanceID)

Types

type SigningData 

type SigningData struct {
	// RawSignatures are the raw serialized bytes of each HistorySignature
	// as stored. Required for digest computation in chain verification.
	RawSignatures [][]byte
	// Signatures are the parsed HistorySignature protos.
	Signatures []*protos.HistorySignature
	// Certs are the signing certificates.
	Certs []*protos.SigningCertificate
	// RawEvents are the raw serialized bytes of each history event as stored.
	RawEvents [][]byte
}

SigningData holds signatures, certificates, and raw history events for a workflow instance, loaded from the state store for verification.

func UnmarshalSigningData 

func UnmarshalSigningData(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) SigningData

UnmarshalSigningData reads and unmarshals signatures, certificates, and raw history events from the SQLite state store for the given workflow instance.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.