mirror of
https://github.com/git/git
synced 2024-11-05 18:59:29 +00:00
fb2afea366
The previous steps added test_when_finished to tests that run 'git pull' or 'git merge' with expectation of success, so that the test after them can start from a known state even when their 'git pull' invocation unexpectedly fails. However, tests that run 'git pull' or 'git merge' expecting it not to succeed forgot to protect later tests the same way---if they unexpectedly succeed, the test after them would start from an unexpected state. Reset and checkout the initial commit after all these tests, whether they expect their invocations to succeed or fail. Signed-off-by: Junio C Hamano <gitster@pobox.com>
81 lines
2.5 KiB
Bash
Executable file
81 lines
2.5 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
test_description='pull signature verification tests'
|
|
. ./test-lib.sh
|
|
. "$TEST_DIRECTORY/lib-gpg.sh"
|
|
|
|
test_expect_success GPG 'create repositories with signed commits' '
|
|
echo 1 >a && git add a &&
|
|
test_tick && git commit -m initial &&
|
|
git tag initial &&
|
|
|
|
git clone . signed &&
|
|
(
|
|
cd signed &&
|
|
echo 2 >b && git add b &&
|
|
test_tick && git commit -S -m "signed"
|
|
) &&
|
|
|
|
git clone . unsigned &&
|
|
(
|
|
cd unsigned &&
|
|
echo 3 >c && git add c &&
|
|
test_tick && git commit -m "unsigned"
|
|
) &&
|
|
|
|
git clone . bad &&
|
|
(
|
|
cd bad &&
|
|
echo 4 >d && git add d &&
|
|
test_tick && git commit -S -m "bad" &&
|
|
git cat-file commit HEAD >raw &&
|
|
sed -e "s/bad/forged bad/" raw >forged &&
|
|
git hash-object -w -t commit forged >forged.commit &&
|
|
git checkout $(cat forged.commit)
|
|
) &&
|
|
|
|
git clone . untrusted &&
|
|
(
|
|
cd untrusted &&
|
|
echo 5 >e && git add e &&
|
|
test_tick && git commit -SB7227189 -m "untrusted"
|
|
)
|
|
'
|
|
|
|
test_expect_success GPG 'pull unsigned commit with --verify-signatures' '
|
|
test_when_finished "git reset --hard && git checkout initial" &&
|
|
test_must_fail git pull --ff-only --verify-signatures unsigned 2>pullerror &&
|
|
test_i18ngrep "does not have a GPG signature" pullerror
|
|
'
|
|
|
|
test_expect_success GPG 'pull commit with bad signature with --verify-signatures' '
|
|
test_when_finished "git reset --hard && git checkout initial" &&
|
|
test_must_fail git pull --ff-only --verify-signatures bad 2>pullerror &&
|
|
test_i18ngrep "has a bad GPG signature" pullerror
|
|
'
|
|
|
|
test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures' '
|
|
test_when_finished "git reset --hard && git checkout initial" &&
|
|
test_must_fail git pull --ff-only --verify-signatures untrusted 2>pullerror &&
|
|
test_i18ngrep "has an untrusted GPG signature" pullerror
|
|
'
|
|
|
|
test_expect_success GPG 'pull signed commit with --verify-signatures' '
|
|
test_when_finished "git reset --hard && git checkout initial" &&
|
|
git pull --verify-signatures signed >pulloutput &&
|
|
test_i18ngrep "has a good GPG signature" pulloutput
|
|
'
|
|
|
|
test_expect_success GPG 'pull commit with bad signature without verification' '
|
|
test_when_finished "git reset --hard && git checkout initial" &&
|
|
git pull --ff-only bad 2>pullerror
|
|
'
|
|
|
|
test_expect_success GPG 'pull commit with bad signature with --no-verify-signatures' '
|
|
test_when_finished "git reset --hard && git checkout initial" &&
|
|
test_config merge.verifySignatures true &&
|
|
test_config pull.verifySignatures true &&
|
|
git pull --ff-only --no-verify-signatures bad 2>pullerror
|
|
'
|
|
|
|
test_done
|