From: "SZEDER Gábor" <szeder.dev@gmail.com>
To: Todd Zullinger <tmz@pobox.com>
Cc: git@vger.kernel.org, Henning Schild <henning.schild@siemens.com>
Subject: Re: [PATCH 0/2] t/lib-gpg: a gpgsm fix, a minor improvement, and a question
Date: Sat, 9 Feb 2019 15:06:05 +0100 [thread overview]
Message-ID: <20190209140605.GE10587@szeder.dev> (raw)
In-Reply-To: <20190208031746.22683-1-tmz@pobox.com>
On Thu, Feb 07, 2019 at 10:17:44PM -0500, Todd Zullinger wrote:
> Looking through the build logs for the fedora git packages, I noticed it
> was missing the GPGSM prereq.
Just curious: how did you noticed the missing GPGSM prereq?
I'm asking because I use a patch for a good couple of months now that
collects the prereqs missed by test cases and prints them at the end
of 'make test'. Its output looks like this:
https://travis-ci.org/szeder/git/jobs/490944032#L2358
Since you seem to be interested in that sort of thing as well, perhaps
it would be worth to have something like this in git.git? It's just
that I have been too wary of potentially annoying other contributors
by adding (what might be perceived as) clutter to their 'make test'
output :)
> Lastly, the GPG test prereq was failing in two of the tests where it was
> used, t5573-pull-verify-signatures and t7612-merge-verify-signatures. I
> tracked this down to an annoying issue with gnugp-2¹, which recently
> became the default /bin/gpg in fedora².
>
> Using gnupg2 as /bin/gpg means using gpg-agent by default. When using a
> non-standard GNUPGHOME, gpg-agent defaults to putting its socket files
> in GNUPGHOME and fails if the path for any of them is longer than
> sun_path (108 chars on linux, 104 on OpenBSD and FreeBSD, and likely
> similar on other unices).
>
> When building in the typical fedora build tool (mock), the path to the
> git test dir is "/builddir/build/BUILD/git-2.20.1/t." That path then
> has "trash directory.$TEST_NAME$TEST_STRESS_JOB_SFX" appended and a
> "gpghome" directory within. For t5573 and t7612, the gpg-agent socket
> path for S.gpg-agent.browser exceeds the sun_path limit and gpg-agent
> fails to start. Sadly, this is handled poorly by gpg and makes the
> tests fail to set either the GPG or GPGSM prereqs.
>
> For the fedora packages, I decided to pass --root=/tmp/git-t.XXXX (via
> mktemp, of course) to the test suite which ensures a path short enough
> to keep gpg-agent happy.
>
> I don't know if there are other packagers or builders who run into this,
> so maybe it's not worth much effort to try and have the test suite cope
> better. It took me longer than I would have liked to track it down, so
> I thought I'd mention it in case anyone else has run into this or has
> thoughts on how to improve lib-gpg.sh while waiting for GnuPG to improve
> this area.
I stumbled upon this when Dscho inadvertently broke a test script on
setups without gpg last year; sorry for not speaking about it. I
noticed it in our Travis CI builds on macOS, because it (macOS itself
or Homebrew? I don't know) defaulted to gpg2 already back then, and to
make matters worse its sun_path is on the shorter end, and the path
to the build dir on Travis CI includes the GitHub user/repo as well.
> A GIT_TEST_GNUPGHOME_ROOT var to set the root path for the GNUPGHOME
> dirs in the tests is one thought I had, but didn't try to put it into
> patch form. Setting the --root test option is probably enough control
> for most cases.
A potential issue I see with GIT_TEST_GNUPGHOME_ROOT is that there are
several test scripts involving gpg, and if GIT_TEST_GNUPGHOME_ROOT is
set for the whole 'make test', then they might interfere with each
other when they happen to be run at the same time.
In the meantime I came up with a '--short-trash-dir' option to
test-lib, which turns 'trash directory.t7612-merge-verify-signatures'
into 'trash dir.t7612'. It works, but I don't really like it, and it
required various adjustments to the CI build scripts, notably to the
part in 'ci/print-test-failures.sh' that includes the trash dir of
failed test scripts in the build log.
next prev parent reply other threads:[~2019-02-09 14:06 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-08 3:17 [PATCH 0/2] t/lib-gpg: a gpgsm fix, a minor improvement, and a question Todd Zullinger
2019-02-08 3:17 ` [PATCH 1/2] t/lib-gpg: quote path to ${GNUPGHOME}/trustlist.txt Todd Zullinger
2019-02-08 20:11 ` SZEDER Gábor
2019-02-08 20:25 ` Todd Zullinger
2019-02-08 20:35 ` SZEDER Gábor
2019-02-08 3:17 ` [PATCH 2/2] t/lib-gpg: drop redundant killing of gpg-agent Todd Zullinger
2019-02-08 8:33 ` [PATCH 0/2] t/lib-gpg: a gpgsm fix, a minor improvement, and a question Henning Schild
2019-02-08 18:04 ` Junio C Hamano
2019-02-09 14:06 ` SZEDER Gábor [this message]
2019-02-09 23:05 ` Todd Zullinger
2019-02-11 19:51 ` SZEDER Gábor
2019-02-14 6:32 ` Todd Zullinger
2019-02-12 0:44 ` Jeff King
2019-02-12 2:38 ` Junio C Hamano
2019-02-12 2:45 ` SZEDER Gábor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190209140605.GE10587@szeder.dev \
--to=szeder.dev@gmail.com \
--cc=git@vger.kernel.org \
--cc=henning.schild@siemens.com \
--cc=tmz@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).