workflow

package
v1.18.0-rc.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 5, 2026 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ActivityCompletionAttestations 

func ActivityCompletionAttestations(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) []*protos.ActivityCompletionAttestation

ActivityCompletionAttestations returns every ActivityCompletionAttestation present on Task{Completed,Failed} events stored in the given workflow instance's history.

func AssertSignerCertificateStripped 

func AssertSignerCertificateStripped(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string)

AssertSignerCertificateStripped verifies that no completion events in the given workflow instance's history still carry a signerCertificate companion field. The companion is wire-only - it must always be cleared before persisting the event so the cert lives only once in ext-sigcert.

func CertificateCount 

func CertificateCount(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) int

CertificateCount returns the number of signing certificate entries stored for the given workflow instance.

func ChildCompletionAttestations 

func ChildCompletionAttestations(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) []*protos.ChildCompletionAttestation

ChildCompletionAttestations returns every ChildCompletionAttestation present on ChildWorkflowInstance{Completed,Failed} events stored in the given workflow instance's history.

func CountHistoryEventsOfType 

func CountHistoryEventsOfType[T any](t *testing.T, ctx context.Context, client *client.TaskHubGrpcClient, id api.InstanceID) int

func ExtSigCertCount 

func ExtSigCertCount(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) int

ExtSigCertCount returns the number of external (foreign) signing certificate entries (ext-sigcert-NNNNNN keys) stored for the given workflow instance. Foreign certs are absorbed on inbox ingestion of completion events that carry attestations from child workflows and activities.

func GetLastHistoryEventOfType 

func GetLastHistoryEventOfType[T any](t *testing.T, ctx context.Context, client *client.TaskHubGrpcClient, id api.InstanceID) *protos.HistoryEvent

func HistoryCount 

func HistoryCount(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) int

HistoryCount returns the number of history entries stored for the given workflow instance.

func MutateMetadata 

func MutateMetadata(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string, mutate func(*backend.BackendWorkflowStateMetadata))

MutateMetadata loads the persisted BackendWorkflowStateMetadata for the given workflow instance, applies the mutation, and writes it back. Used by negative tests that simulate state store tampering.

func ReadExtSigCerts 

func ReadExtSigCerts(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) []*protos.ExternalSigningCertificate

ReadExtSigCerts reads and unmarshals all ExternalSigningCertificate entries for the given workflow instance.

func ReadHistoryEvents 

func ReadHistoryEvents(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) []*protos.HistoryEvent

ReadHistoryEvents reads and unmarshals all stored history events for the given workflow instance, preserving state-store order.

func SignatureCount 

func SignatureCount(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) int

SignatureCount returns the number of signature entries stored for the given workflow instance. Use this in tests to verify signing happened or did not happen, instead of calling CountStateKeys directly with a raw key prefix string (which is error-prone).

func VerifyCertAppID 

func VerifyCertAppID(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID, expectedAppID string)

VerifyCertAppID checks that all signing certificates for a workflow instance contain a SPIFFE ID matching the expected app ID in the "default" namespace, and that each certificate has a 2-deep chain (leaf + issuer intermediate).

func VerifySignatureChain 

func VerifySignatureChain(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string, trustAnchors []byte)

VerifySignatureChain verifies the full history signature chain for a workflow instance, including cryptographic signatures and certificate chain-of-trust against the given trust anchors.

func WaitForRuntimeStatus 

func WaitForRuntimeStatus(t *testing.T, ctx context.Context, client *client.TaskHubGrpcClient, id api.InstanceID, status protos.OrchestrationStatus)

func WaitForWorkflowStartedEvent 

func WaitForWorkflowStartedEvent(t *testing.T, ctx context.Context, client *client.TaskHubGrpcClient, id api.InstanceID)

Types

type SigningData 

type SigningData struct {
	// RawSignatures are the raw serialized bytes of each HistorySignature
	// as stored. Required for digest computation in chain verification.
	RawSignatures [][]byte
	// Signatures are the parsed HistorySignature protos.
	Signatures []*protos.HistorySignature
	// Certs are the signing certificates.
	Certs []*protos.SigningCertificate
	// RawEvents are the raw serialized bytes of each history event as stored.
	RawEvents [][]byte
}

SigningData holds signatures, certificates, and raw history events for a workflow instance, loaded from the state store for verification.

func UnmarshalSigningData 

func UnmarshalSigningData(t *testing.T, ctx context.Context, db *sqlite.SQLite, instanceID string) SigningData

UnmarshalSigningData reads and unmarshals signatures, certificates, and raw history events from the SQLite state store for the given workflow instance.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.