From: Kevin Daudt <me@ikke.info>
To: Hans Jerry Illikainen <hji@dyntopia.com>
Cc: git@vger.kernel.org
Subject: Re: [PATCH 2/3] t: add tests for pull --verify-signatures
Date: Sat, 9 Dec 2017 13:06:14 +0100 [thread overview]
Message-ID: <20171209120614.GB6006@alpha.vpn.ikke.info> (raw)
In-Reply-To: <20171209090530.6747-2-hji@dyntopia.com>
On Sat, Dec 09, 2017 at 09:05:29AM +0000, Hans Jerry Illikainen wrote:
> Add tests for `pull --verify-signatures` with untrusted, bad and no
> signatures. Previously the only test for `--verify-signatures` was to
> make sure that `pull --rebase --verify-signatures` result in a warning
> (t5520-pull.sh).
Nice!
Same thing regarding the `git checkout initial` commands counts
here too.
>
> Signed-off-by: Hans Jerry Illikainen <hji@dyntopia.com>
> ---
> t/t5573-pull-verify-signatures.sh | 78 +++++++++++++++++++++++++++++++++++++++
> 1 file changed, 78 insertions(+)
> create mode 100755 t/t5573-pull-verify-signatures.sh
>
> diff --git a/t/t5573-pull-verify-signatures.sh b/t/t5573-pull-verify-signatures.sh
> new file mode 100755
> index 000000000..700247910
> --- /dev/null
> +++ b/t/t5573-pull-verify-signatures.sh
> @@ -0,0 +1,78 @@
> +#!/bin/sh
> +
> +test_description='pull signature verification tests'
> +. ./test-lib.sh
> +. "$TEST_DIRECTORY/lib-gpg.sh"
> +
> +test_expect_success GPG 'create repositories with signed commits' '
> + echo 1 >a && git add a &&
> + test_tick && git commit -m initial &&
> + git tag initial &&
> +
> + git clone . signed &&
> + (
> + cd signed &&
> + echo 2 >b && git add b &&
> + test_tick && git commit -S -m "signed"
> + ) &&
> +
> + git clone . unsigned &&
> + (
> + cd unsigned &&
> + echo 3 >c && git add c &&
> + test_tick && git commit -m "unsigned"
> + ) &&
> +
> + git clone . bad &&
> + (
> + cd bad &&
> + echo 4 >d && git add d &&
> + test_tick && git commit -S -m "bad" &&
> + git cat-file commit HEAD >raw &&
> + sed -e "s/bad/forged bad/" raw >forged &&
> + git hash-object -w -t commit forged >forged.commit &&
> + git checkout $(cat forged.commit)
> + ) &&
> +
> + git clone . untrusted &&
> + (
> + cd untrusted &&
> + echo 5 >e && git add e &&
> + test_tick && git commit -SB7227189 -m "untrusted"
> + )
> +'
> +
> +test_expect_success GPG 'pull unsigned commit with --verify-signatures' '
> + test_must_fail git pull --ff-only --verify-signatures unsigned 2>pullerror &&
> + test_i18ngrep "does not have a GPG signature" pullerror
> +'
> +
> +test_expect_success GPG 'pull commit with bad signature with --verify-signatures' '
> + test_must_fail git pull --ff-only --verify-signatures bad 2>pullerror &&
> + test_i18ngrep "has a bad GPG signature" pullerror
> +'
> +
> +test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures' '
> + test_must_fail git pull --ff-only --verify-signatures untrusted 2>pullerror &&
> + test_i18ngrep "has an untrusted GPG signature" pullerror
> +'
> +
> +test_expect_success GPG 'pull signed commit with --verify-signatures' '
> + git pull --verify-signatures signed >pulloutput &&
> + test_i18ngrep "has a good GPG signature" pulloutput &&
> + git checkout initial
> +'
> +
> +test_expect_success GPG 'pull commit with bad signature without verification' '
> + git pull --ff-only bad 2>pullerror &&
> + git checkout initial
> +'
> +
> +test_expect_success GPG 'pull commit with bad signature with --no-verify-signatures' '
> + test_config merge.verifySignatures true &&
> + test_config pull.verifySignatures true &&
> + git pull --ff-only --no-verify-signatures bad 2>pullerror &&
> + git checkout initial
> +'
> +
> +test_done
> --
> 2.11.0
>
next prev parent reply other threads:[~2017-12-09 12:06 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-09 9:05 [PATCH 1/3] merge: add config option for verifySignatures Hans Jerry Illikainen
2017-12-09 9:05 ` [PATCH 2/3] t: add tests for pull --verify-signatures Hans Jerry Illikainen
2017-12-09 12:06 ` Kevin Daudt [this message]
2017-12-09 9:05 ` [PATCH 3/3] pull: add config option for verifySignatures Hans Jerry Illikainen
2017-12-09 12:06 ` Kevin Daudt
2017-12-10 6:48 ` Hans Jerry Illikainen
2017-12-09 12:05 ` [PATCH 1/3] merge: " Kevin Daudt
2017-12-12 18:56 ` Junio C Hamano
2017-12-10 6:53 ` [PATCH v2 1/2] " Hans Jerry Illikainen
2017-12-10 6:53 ` [PATCH v2 2/2] t: add tests for pull --verify-signatures Hans Jerry Illikainen
2017-12-12 19:03 ` Junio C Hamano
2017-12-15 19:48 ` Re* " Junio C Hamano
2017-12-16 9:34 ` Hans Jerry Illikainen
2017-12-17 6:18 ` Junio C Hamano
2017-12-19 21:01 ` [PATCH v2 3/2] t5573, t7612: clean up after unexpected success of 'pull' and 'merge' Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171209120614.GB6006@alpha.vpn.ikke.info \
--to=me@ikke.info \
--cc=git@vger.kernel.org \
--cc=hji@dyntopia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).