Andrew's git - gitweb.git/blob - t/t5534-push-signed.sh

   1#!/bin/sh
   2
   3test_description='signed push'
   4
   5. ./test-lib.sh
   6. "$TEST_DIRECTORY"/lib-gpg.sh
   7
   8prepare_dst () {
   9        rm -fr dst &&
  10        test_create_repo dst &&
  11
  12        git push dst master:noop master:ff master:noff
  13}
  14
  15test_expect_success setup '
  16        # master, ff and noff branches pointing at the same commit
  17        test_tick &&
  18        git commit --allow-empty -m initial &&
  19
  20        git checkout -b noop &&
  21        git checkout -b ff &&
  22        git checkout -b noff &&
  23
  24        # noop stays the same, ff advances, noff rewrites
  25        test_tick &&
  26        git commit --allow-empty --amend -m rewritten &&
  27        git checkout ff &&
  28
  29        test_tick &&
  30        git commit --allow-empty -m second
  31'
  32
  33test_expect_success 'unsigned push does not send push certificate' '
  34        prepare_dst &&
  35        mkdir -p dst/.git/hooks &&
  36        write_script dst/.git/hooks/post-receive <<-\EOF &&
  37        # discard the update list
  38        cat >/dev/null
  39        # record the push certificate
  40        if test -n "${GIT_PUSH_CERT-}"
  41        then
  42                git cat-file blob $GIT_PUSH_CERT >../push-cert
  43        fi
  44        EOF
  45
  46        git push dst noop ff +noff &&
  47        ! test -f dst/push-cert
  48'
  49
  50test_expect_success 'talking with a receiver without push certificate support' '
  51        prepare_dst &&
  52        mkdir -p dst/.git/hooks &&
  53        git -C dst config receive.acceptpushcert no &&
  54        write_script dst/.git/hooks/post-receive <<-\EOF &&
  55        # discard the update list
  56        cat >/dev/null
  57        # record the push certificate
  58        if test -n "${GIT_PUSH_CERT-}"
  59        then
  60                git cat-file blob $GIT_PUSH_CERT >../push-cert
  61        fi
  62        EOF
  63
  64        git push dst noop ff +noff &&
  65        ! test -f dst/push-cert
  66'
  67
  68test_expect_success 'push --signed fails with a receiver without push certificate support' '
  69        prepare_dst &&
  70        mkdir -p dst/.git/hooks &&
  71        git -C dst config receive.acceptpushcert no &&
  72        test_must_fail git push --signed dst noop ff +noff 2>err &&
  73        test_i18ngrep "the receiving end does not support" err
  74'
  75
  76test_expect_success GPG 'no certificate for a signed push with no update' '
  77        prepare_dst &&
  78        mkdir -p dst/.git/hooks &&
  79        write_script dst/.git/hooks/post-receive <<-\EOF &&
  80        if test -n "${GIT_PUSH_CERT-}"
  81        then
  82                git cat-file blob $GIT_PUSH_CERT >../push-cert
  83        fi
  84        EOF
  85        git push dst noop &&
  86        ! test -f dst/push-cert
  87'
  88
  89test_expect_success GPG 'signed push sends push certificate' '
  90        prepare_dst &&
  91        mkdir -p dst/.git/hooks &&
  92        write_script dst/.git/hooks/post-receive <<-\EOF &&
  93        # discard the update list
  94        cat >/dev/null
  95        # record the push certificate
  96        if test -n "${GIT_PUSH_CERT-}"
  97        then
  98                git cat-file blob $GIT_PUSH_CERT >../push-cert
  99        fi &&
 100
 101        cat >../push-cert-status <<E_O_F
 102        SIGNER=${GIT_PUSH_CERT_SIGNER-nobody}
 103        KEY=${GIT_PUSH_CERT_KEY-nokey}
 104        STATUS=${GIT_PUSH_CERT_STATUS-nostatus}
 105        E_O_F
 106
 107        EOF
 108
 109        cat >expect <<-\EOF &&
 110        SIGNER=C O Mitter <committer@example.com>
 111        KEY=13B6F51ECDDE430D
 112        STATUS=G
 113        EOF
 114
 115        git push --signed dst noop ff +noff &&
 116        grep "$(git rev-parse noop ff) refs/heads/ff" dst/push-cert &&
 117        grep "$(git rev-parse noop noff) refs/heads/noff" dst/push-cert &&
 118        test_cmp expect dst/push-cert-status
 119'
 120
 121test_done