mirror of
https://github.com/ostreedev/ostree.git
synced 2024-12-23 21:35:26 +03:00
tests: Use temporary gpg homedir
libtest always makes a copy of the gpghome directory to the test directory, so there's no need to operate on the installed copy. This allows test-remote-gpg-import to pass as an unprivileged user since it otherwise couldn't create the temp files gpgme creates.
This commit is contained in:
parent
2e0521804d
commit
e228e0f142
@ -43,13 +43,13 @@ echo first > firstfile
|
|||||||
mkdir baz
|
mkdir baz
|
||||||
echo moo > baz/cow
|
echo moo > baz/cow
|
||||||
echo alien > baz/saucer
|
echo alien > baz/saucer
|
||||||
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s "A remote commit" -m "Some Commit body" --gpg-sign=$keyid --gpg-homedir=${SRCDIR}/gpghome
|
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s "A remote commit" -m "Some Commit body" --gpg-sign=$keyid --gpg-homedir=${test_tmpdir}/gpghome
|
||||||
mkdir baz/deeper
|
mkdir baz/deeper
|
||||||
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s "Add deeper" --gpg-sign=$keyid --gpg-homedir=${SRCDIR}/gpghome
|
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s "Add deeper" --gpg-sign=$keyid --gpg-homedir=${test_tmpdir}/gpghome
|
||||||
echo hi > baz/deeper/ohyeah
|
echo hi > baz/deeper/ohyeah
|
||||||
mkdir baz/another/
|
mkdir baz/another/
|
||||||
echo x > baz/another/y
|
echo x > baz/another/y
|
||||||
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s "The rest" --gpg-sign=$keyid --gpg-homedir=${SRCDIR}/gpghome
|
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s "The rest" --gpg-sign=$keyid --gpg-homedir=${test_tmpdir}/gpghome
|
||||||
cd ..
|
cd ..
|
||||||
|
|
||||||
cd ${test_tmpdir}
|
cd ${test_tmpdir}
|
||||||
@ -121,7 +121,7 @@ ${CMD_PREFIX} ostree --repo=repo pull origin main
|
|||||||
if ${CMD_PREFIX} ostree --repo=repo show main | grep -o 'Found [[:digit:]] signature'; then
|
if ${CMD_PREFIX} ostree --repo=repo show main | grep -o 'Found [[:digit:]] signature'; then
|
||||||
assert_not_reached
|
assert_not_reached
|
||||||
fi
|
fi
|
||||||
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo gpg-sign --gpg-homedir=${SRCDIR}/gpghome main $keyid
|
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo gpg-sign --gpg-homedir=${test_tmpdir}/gpghome main $keyid
|
||||||
${CMD_PREFIX} ostree --repo=repo pull origin main
|
${CMD_PREFIX} ostree --repo=repo pull origin main
|
||||||
${CMD_PREFIX} ostree --repo=repo show main | grep -o 'Found [[:digit:]] signature' > show
|
${CMD_PREFIX} ostree --repo=repo show main | grep -o 'Found [[:digit:]] signature' > show
|
||||||
assert_file_has_content show 'Found 1 signature'
|
assert_file_has_content show 'Found 1 signature'
|
||||||
|
@ -41,7 +41,7 @@ ${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo
|
|||||||
assert_not_has_file repo/R1.trustedkeys.gpg
|
assert_not_has_file repo/R1.trustedkeys.gpg
|
||||||
|
|
||||||
# Import one valid key ID
|
# Import one valid key ID
|
||||||
${OSTREE} remote gpg-import --keyring ${SRCDIR}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_1} | grep -o 'Imported [[:digit:]] GPG key' > result
|
${OSTREE} remote gpg-import --keyring ${test_tmpdir}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_1} | grep -o 'Imported [[:digit:]] GPG key' > result
|
||||||
assert_file_has_content result 'Imported 1 GPG key'
|
assert_file_has_content result 'Imported 1 GPG key'
|
||||||
|
|
||||||
assert_has_file repo/R1.trustedkeys.gpg
|
assert_has_file repo/R1.trustedkeys.gpg
|
||||||
@ -57,15 +57,15 @@ assert_not_has_file repo/R1.trustedkeys.gpg
|
|||||||
${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo
|
${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo
|
||||||
|
|
||||||
# Import one valid key ID
|
# Import one valid key ID
|
||||||
${OSTREE} remote gpg-import --keyring ${SRCDIR}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_1} | grep -o 'Imported [[:digit:]] GPG key' > result
|
${OSTREE} remote gpg-import --keyring ${test_tmpdir}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_1} | grep -o 'Imported [[:digit:]] GPG key' > result
|
||||||
assert_file_has_content result 'Imported 1 GPG key'
|
assert_file_has_content result 'Imported 1 GPG key'
|
||||||
|
|
||||||
# Import multiple valid key IDs
|
# Import multiple valid key IDs
|
||||||
${OSTREE} remote gpg-import --keyring ${SRCDIR}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_2} ${TEST_GPG_KEYID_3} | grep -o 'Imported [[:digit:]] GPG key' > result
|
${OSTREE} remote gpg-import --keyring ${test_tmpdir}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_2} ${TEST_GPG_KEYID_3} | grep -o 'Imported [[:digit:]] GPG key' > result
|
||||||
assert_file_has_content result 'Imported 2 GPG key'
|
assert_file_has_content result 'Imported 2 GPG key'
|
||||||
|
|
||||||
# Import key IDs we already have, make sure they're caught
|
# Import key IDs we already have, make sure they're caught
|
||||||
${OSTREE} remote gpg-import --keyring ${SRCDIR}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_1} ${TEST_GPG_KEYID_3} | grep -o 'Imported [[:digit:]] GPG key' > result
|
${OSTREE} remote gpg-import --keyring ${test_tmpdir}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_1} ${TEST_GPG_KEYID_3} | grep -o 'Imported [[:digit:]] GPG key' > result
|
||||||
assert_file_has_content result 'Imported 0 GPG key'
|
assert_file_has_content result 'Imported 0 GPG key'
|
||||||
|
|
||||||
${OSTREE} remote delete R1
|
${OSTREE} remote delete R1
|
||||||
@ -73,7 +73,7 @@ ${OSTREE} remote delete R1
|
|||||||
${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo
|
${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo
|
||||||
|
|
||||||
# Import all keys from keyring
|
# Import all keys from keyring
|
||||||
${OSTREE} remote gpg-import --keyring ${SRCDIR}/gpghome/trusted/pubring.gpg R1 | grep -o 'Imported [[:digit:]] GPG key' > result
|
${OSTREE} remote gpg-import --keyring ${test_tmpdir}/gpghome/trusted/pubring.gpg R1 | grep -o 'Imported [[:digit:]] GPG key' > result
|
||||||
assert_file_has_content result 'Imported 3 GPG key'
|
assert_file_has_content result 'Imported 3 GPG key'
|
||||||
|
|
||||||
${OSTREE} remote delete R1
|
${OSTREE} remote delete R1
|
||||||
@ -85,7 +85,7 @@ ${OSTREE} remote delete R1
|
|||||||
${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo
|
${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo
|
||||||
|
|
||||||
# Import ASCII-armored keys thru stdin
|
# Import ASCII-armored keys thru stdin
|
||||||
cat ${SRCDIR}/gpghome/key{1,2,3}.asc | ${OSTREE} remote gpg-import --stdin R1 | grep -o 'Imported [[:digit:]] GPG key' > result
|
cat ${test_tmpdir}/gpghome/key{1,2,3}.asc | ${OSTREE} remote gpg-import --stdin R1 | grep -o 'Imported [[:digit:]] GPG key' > result
|
||||||
assert_file_has_content result 'Imported 3 GPG key'
|
assert_file_has_content result 'Imported 3 GPG key'
|
||||||
|
|
||||||
${OSTREE} remote delete R1
|
${OSTREE} remote delete R1
|
||||||
@ -96,13 +96,13 @@ ${OSTREE} remote delete R1
|
|||||||
# This also tests "remote add" with --gpg-import.
|
# This also tests "remote add" with --gpg-import.
|
||||||
#------------------------------------------------------------
|
#------------------------------------------------------------
|
||||||
|
|
||||||
${OSTREE} remote add --gpg-import ${SRCDIR}/gpghome/key1.asc R1 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result
|
${OSTREE} remote add --gpg-import ${test_tmpdir}/gpghome/key1.asc R1 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result
|
||||||
assert_file_has_content result 'Imported 1 GPG key'
|
assert_file_has_content result 'Imported 1 GPG key'
|
||||||
|
|
||||||
${OSTREE} remote add --gpg-import ${SRCDIR}/gpghome/key2.asc R2 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result
|
${OSTREE} remote add --gpg-import ${test_tmpdir}/gpghome/key2.asc R2 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result
|
||||||
assert_file_has_content result 'Imported 1 GPG key'
|
assert_file_has_content result 'Imported 1 GPG key'
|
||||||
|
|
||||||
${OSTREE} remote add --gpg-import ${SRCDIR}/gpghome/key3.asc R3 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result
|
${OSTREE} remote add --gpg-import ${test_tmpdir}/gpghome/key3.asc R3 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result
|
||||||
assert_file_has_content result 'Imported 1 GPG key'
|
assert_file_has_content result 'Imported 1 GPG key'
|
||||||
|
|
||||||
# Checkout the "remote" repo so we can add more commits
|
# Checkout the "remote" repo so we can add more commits
|
||||||
@ -110,7 +110,7 @@ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo checkout main workdir
|
|||||||
|
|
||||||
# Sign a new commit with key1 and try pulling from each remote
|
# Sign a new commit with key1 and try pulling from each remote
|
||||||
echo shadow > workdir/blinky
|
echo shadow > workdir/blinky
|
||||||
${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Add blinky" --gpg-sign ${TEST_GPG_KEYID_1} --gpg-homedir ${SRCDIR}/gpghome workdir
|
${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Add blinky" --gpg-sign ${TEST_GPG_KEYID_1} --gpg-homedir ${test_tmpdir}/gpghome workdir
|
||||||
if ${OSTREE} pull R2:main >/dev/null 2>&1; then
|
if ${OSTREE} pull R2:main >/dev/null 2>&1; then
|
||||||
assert_not_reached "(key1/R2) GPG verification unexpectedly succeeded"
|
assert_not_reached "(key1/R2) GPG verification unexpectedly succeeded"
|
||||||
fi
|
fi
|
||||||
@ -121,7 +121,7 @@ ${OSTREE} pull R1:main >/dev/null
|
|||||||
|
|
||||||
# Sign a new commit with key2 and try pulling from each remote
|
# Sign a new commit with key2 and try pulling from each remote
|
||||||
echo speedy > workdir/pinky
|
echo speedy > workdir/pinky
|
||||||
${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Add pinky" --gpg-sign ${TEST_GPG_KEYID_2} --gpg-homedir ${SRCDIR}/gpghome workdir
|
${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Add pinky" --gpg-sign ${TEST_GPG_KEYID_2} --gpg-homedir ${test_tmpdir}/gpghome workdir
|
||||||
if ${OSTREE} pull R1:main >/dev/null 2>&1; then
|
if ${OSTREE} pull R1:main >/dev/null 2>&1; then
|
||||||
assert_not_reached "(key2/R1) GPG verification unexpectedly succeeded"
|
assert_not_reached "(key2/R1) GPG verification unexpectedly succeeded"
|
||||||
fi
|
fi
|
||||||
@ -132,7 +132,7 @@ ${OSTREE} pull R2:main >/dev/null
|
|||||||
|
|
||||||
# Sign a new commit with key3 and try pulling from each remote
|
# Sign a new commit with key3 and try pulling from each remote
|
||||||
echo bashful > workdir/inky
|
echo bashful > workdir/inky
|
||||||
${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Add inky" --gpg-sign ${TEST_GPG_KEYID_3} --gpg-homedir ${SRCDIR}/gpghome workdir
|
${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Add inky" --gpg-sign ${TEST_GPG_KEYID_3} --gpg-homedir ${test_tmpdir}/gpghome workdir
|
||||||
if ${OSTREE} pull R1:main >/dev/null 2>&1; then
|
if ${OSTREE} pull R1:main >/dev/null 2>&1; then
|
||||||
assert_not_reached "(key3/R1) GPG verification unexpectedly succeeded"
|
assert_not_reached "(key3/R1) GPG verification unexpectedly succeeded"
|
||||||
fi
|
fi
|
||||||
|
Loading…
Reference in New Issue
Block a user