shaba/ostree
1
0
Fork 0
mirror of https://github.com/ostreedev/ostree.git synced 2024-12-22 17:35:55 +03:00
Code Issues Projects Releases Wiki Activity

tests: Use temporary gpg homedir

Browse Source 
libtest always makes a copy of the gpghome directory to the test
directory, so there's no need to operate on the installed copy. This
allows test-remote-gpg-import to pass as an unprivileged user since it
otherwise couldn't create the temp files gpgme creates.
This commit is contained in:
Dan Nicholson 2015-06-03 12:54:36 -07:00 committed by Colin Walters
parent 2e0521804d
commit e228e0f142
2 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
tests/test-commit-sign.sh
View File

@ -43,13 +43,13 @@ echo first > firstfile
mkdir baz mkdir baz
echo moo > baz/cow echo moo > baz/cow
echo alien > baz/saucer echo alien > baz/saucer
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s "A remote commit" -m "Some Commit body" --gpg-sign=$keyid --gpg-homedir=${SRCDIR}/gpghome ${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s "A remote commit" -m "Some Commit body" --gpg-sign=$keyid --gpg-homedir=${test_tmpdir}/gpghome
mkdir baz/deeper mkdir baz/deeper
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s "Add deeper" --gpg-sign=$keyid --gpg-homedir=${SRCDIR}/gpghome ${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s "Add deeper" --gpg-sign=$keyid --gpg-homedir=${test_tmpdir}/gpghome
echo hi > baz/deeper/ohyeah echo hi > baz/deeper/ohyeah
mkdir baz/another/ mkdir baz/another/
echo x > baz/another/y echo x > baz/another/y
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s "The rest" --gpg-sign=$keyid --gpg-homedir=${SRCDIR}/gpghome ${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s "The rest" --gpg-sign=$keyid --gpg-homedir=${test_tmpdir}/gpghome
cd .. cd ..
cd ${test_tmpdir} cd ${test_tmpdir}
@ -121,7 +121,7 @@ ${CMD_PREFIX} ostree --repo=repo pull origin main
if ${CMD_PREFIX} ostree --repo=repo show main | grep -o 'Found [[:digit:]] signature'; then if ${CMD_PREFIX} ostree --repo=repo show main | grep -o 'Found [[:digit:]] signature'; then
assert_not_reached assert_not_reached
fi fi
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo gpg-sign --gpg-homedir=${SRCDIR}/gpghome main $keyid ${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo gpg-sign --gpg-homedir=${test_tmpdir}/gpghome main $keyid
${CMD_PREFIX} ostree --repo=repo pull origin main ${CMD_PREFIX} ostree --repo=repo pull origin main
${CMD_PREFIX} ostree --repo=repo show main | grep -o 'Found [[:digit:]] signature' > show ${CMD_PREFIX} ostree --repo=repo show main | grep -o 'Found [[:digit:]] signature' > show
assert_file_has_content show 'Found 1 signature' assert_file_has_content show 'Found 1 signature'

24
tests/test-remote-gpg-import.sh
View File

@ -41,7 +41,7 @@ ${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo
assert_not_has_file repo/R1.trustedkeys.gpg assert_not_has_file repo/R1.trustedkeys.gpg
# Import one valid key ID # Import one valid key ID
${OSTREE} remote gpg-import --keyring ${SRCDIR}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_1} | grep -o 'Imported [[:digit:]] GPG key' > result ${OSTREE} remote gpg-import --keyring ${test_tmpdir}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_1} | grep -o 'Imported [[:digit:]] GPG key' > result
assert_file_has_content result 'Imported 1 GPG key' assert_file_has_content result 'Imported 1 GPG key'
assert_has_file repo/R1.trustedkeys.gpg assert_has_file repo/R1.trustedkeys.gpg
@ -57,15 +57,15 @@ assert_not_has_file repo/R1.trustedkeys.gpg
${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo ${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo
# Import one valid key ID # Import one valid key ID
${OSTREE} remote gpg-import --keyring ${SRCDIR}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_1} | grep -o 'Imported [[:digit:]] GPG key' > result ${OSTREE} remote gpg-import --keyring ${test_tmpdir}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_1} | grep -o 'Imported [[:digit:]] GPG key' > result
assert_file_has_content result 'Imported 1 GPG key' assert_file_has_content result 'Imported 1 GPG key'
# Import multiple valid key IDs # Import multiple valid key IDs
${OSTREE} remote gpg-import --keyring ${SRCDIR}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_2} ${TEST_GPG_KEYID_3} | grep -o 'Imported [[:digit:]] GPG key' > result ${OSTREE} remote gpg-import --keyring ${test_tmpdir}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_2} ${TEST_GPG_KEYID_3} | grep -o 'Imported [[:digit:]] GPG key' > result
assert_file_has_content result 'Imported 2 GPG key' assert_file_has_content result 'Imported 2 GPG key'
# Import key IDs we already have, make sure they're caught # Import key IDs we already have, make sure they're caught
${OSTREE} remote gpg-import --keyring ${SRCDIR}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_1} ${TEST_GPG_KEYID_3} | grep -o 'Imported [[:digit:]] GPG key' > result ${OSTREE} remote gpg-import --keyring ${test_tmpdir}/gpghome/trusted/pubring.gpg R1 ${TEST_GPG_KEYID_1} ${TEST_GPG_KEYID_3} | grep -o 'Imported [[:digit:]] GPG key' > result
assert_file_has_content result 'Imported 0 GPG key' assert_file_has_content result 'Imported 0 GPG key'
${OSTREE} remote delete R1 ${OSTREE} remote delete R1
@ -73,7 +73,7 @@ ${OSTREE} remote delete R1
${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo ${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo
# Import all keys from keyring # Import all keys from keyring
${OSTREE} remote gpg-import --keyring ${SRCDIR}/gpghome/trusted/pubring.gpg R1 | grep -o 'Imported [[:digit:]] GPG key' > result ${OSTREE} remote gpg-import --keyring ${test_tmpdir}/gpghome/trusted/pubring.gpg R1 | grep -o 'Imported [[:digit:]] GPG key' > result
assert_file_has_content result 'Imported 3 GPG key' assert_file_has_content result 'Imported 3 GPG key'
${OSTREE} remote delete R1 ${OSTREE} remote delete R1
@ -85,7 +85,7 @@ ${OSTREE} remote delete R1
${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo ${OSTREE} remote add R1 $(cat httpd-address)/ostree/gnomerepo
# Import ASCII-armored keys thru stdin # Import ASCII-armored keys thru stdin
cat ${SRCDIR}/gpghome/key{1,2,3}.asc | ${OSTREE} remote gpg-import --stdin R1 | grep -o 'Imported [[:digit:]] GPG key' > result cat ${test_tmpdir}/gpghome/key{1,2,3}.asc | ${OSTREE} remote gpg-import --stdin R1 | grep -o 'Imported [[:digit:]] GPG key' > result
assert_file_has_content result 'Imported 3 GPG key' assert_file_has_content result 'Imported 3 GPG key'
${OSTREE} remote delete R1 ${OSTREE} remote delete R1
@ -96,13 +96,13 @@ ${OSTREE} remote delete R1
# This also tests "remote add" with --gpg-import. # This also tests "remote add" with --gpg-import.
#------------------------------------------------------------ #------------------------------------------------------------
${OSTREE} remote add --gpg-import ${SRCDIR}/gpghome/key1.asc R1 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result ${OSTREE} remote add --gpg-import ${test_tmpdir}/gpghome/key1.asc R1 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result
assert_file_has_content result 'Imported 1 GPG key' assert_file_has_content result 'Imported 1 GPG key'
${OSTREE} remote add --gpg-import ${SRCDIR}/gpghome/key2.asc R2 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result ${OSTREE} remote add --gpg-import ${test_tmpdir}/gpghome/key2.asc R2 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result
assert_file_has_content result 'Imported 1 GPG key' assert_file_has_content result 'Imported 1 GPG key'
${OSTREE} remote add --gpg-import ${SRCDIR}/gpghome/key3.asc R3 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result ${OSTREE} remote add --gpg-import ${test_tmpdir}/gpghome/key3.asc R3 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result
assert_file_has_content result 'Imported 1 GPG key' assert_file_has_content result 'Imported 1 GPG key'
# Checkout the "remote" repo so we can add more commits # Checkout the "remote" repo so we can add more commits
@ -110,7 +110,7 @@ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo checkout main workdir
# Sign a new commit with key1 and try pulling from each remote # Sign a new commit with key1 and try pulling from each remote
echo shadow > workdir/blinky echo shadow > workdir/blinky
${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Add blinky" --gpg-sign ${TEST_GPG_KEYID_1} --gpg-homedir ${SRCDIR}/gpghome workdir ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Add blinky" --gpg-sign ${TEST_GPG_KEYID_1} --gpg-homedir ${test_tmpdir}/gpghome workdir
if ${OSTREE} pull R2:main >/dev/null 2>&1; then if ${OSTREE} pull R2:main >/dev/null 2>&1; then
assert_not_reached "(key1/R2) GPG verification unexpectedly succeeded" assert_not_reached "(key1/R2) GPG verification unexpectedly succeeded"
fi fi
@ -121,7 +121,7 @@ ${OSTREE} pull R1:main >/dev/null
# Sign a new commit with key2 and try pulling from each remote # Sign a new commit with key2 and try pulling from each remote
echo speedy > workdir/pinky echo speedy > workdir/pinky
${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Add pinky" --gpg-sign ${TEST_GPG_KEYID_2} --gpg-homedir ${SRCDIR}/gpghome workdir ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Add pinky" --gpg-sign ${TEST_GPG_KEYID_2} --gpg-homedir ${test_tmpdir}/gpghome workdir
if ${OSTREE} pull R1:main >/dev/null 2>&1; then if ${OSTREE} pull R1:main >/dev/null 2>&1; then
assert_not_reached "(key2/R1) GPG verification unexpectedly succeeded" assert_not_reached "(key2/R1) GPG verification unexpectedly succeeded"
fi fi
@ -132,7 +132,7 @@ ${OSTREE} pull R2:main >/dev/null
# Sign a new commit with key3 and try pulling from each remote # Sign a new commit with key3 and try pulling from each remote
echo bashful > workdir/inky echo bashful > workdir/inky
${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Add inky" --gpg-sign ${TEST_GPG_KEYID_3} --gpg-homedir ${SRCDIR}/gpghome workdir ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Add inky" --gpg-sign ${TEST_GPG_KEYID_3} --gpg-homedir ${test_tmpdir}/gpghome workdir
if ${OSTREE} pull R1:main >/dev/null 2>&1; then if ${OSTREE} pull R1:main >/dev/null 2>&1; then
assert_not_reached "(key3/R1) GPG verification unexpectedly succeeded" assert_not_reached "(key3/R1) GPG verification unexpectedly succeeded"
fi fi