blob: fa3b53044b7d4d9ab10bbedd58787f808e310298 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
#!/bin/bash
set -e
. tests/lib
t-drs
t-git-none
p=pari-extra
t-worktree drs
cd $p
reporefs () {
(set -e
if test -d $tmp/git/$p.git; then
cd $tmp/git/$p.git
git show-ref
fi)
}
mustfail () {
local wantmsg="$1"; shift
reporefs >$tmp/show-refs.pre-push
set +e
git push origin "$@" 2>&1 |tee $tmp/mustfail.txt
ps="${PIPESTATUS[*]}"
set -e
case $ps in
"0 0") fail "push unexpectedly succeeded (instead of: $wantmsg)" ;;
*" 0") ;;
*) fail "tee failed" ;;
esac
if ! fgrep "$wantmsg" $tmp/mustfail.txt >/dev/null; then
fail "error message not found"
fi
reporefs >$tmp/show-refs.post-push
diff $tmp/show-refs.{pre,post}-push
}
mustsucceed () {
reporefs >$tmp/show-refs.pre-push
git push origin "$@"
reporefs >$tmp/show-refs.post-push
if diff $tmp/show-refs.{pre,post}-push >$tmp/show-refs.diff; then
fail "no refs updated"
fi
}
prep () {
local suite=$1
local csuite=$2
cp $tmp/masters/* $tmp/.
tag_signer='-u Senatus'
tag_message="$p release $version for $suite ($csuite) [dgit]"
tag_name=debian/$version
push_spec1="HEAD:refs/dgit/$csuite"
push_spec2="refs/tags/$tag_name"
push_spec="$push_spec1 $push_spec2"
}
mktag () {
git tag -f $tag_signer -m "$tag_message" $tag_name "$@"
}
mkdir $tmp/masters
cp $tmp/d[dm].* $tmp/masters
version=3-2_dummy1
prep unstable sid
tag_signer='-a'
mktag
mustfail 'missing signature' $push_spec
prep unstable sid
tag_message='something'
mktag
mustfail 'tag message not in expected format' $push_spec
prep unstable sid
mktag
mustfail 'sid != sponge' HEAD:refs/dgit/sponge $push_spec2
# fixme test --sig-policy-url string
# fixme cannot test reject "signature is not of type 00!";
prep unstable sid
mktag
mustfail 'push is missing tag ref update' $push_spec1
mustfail 'push is missing head ref update' $push_spec2
mustfail 'pushing unexpected ref' $push_spec HEAD:refs/wombat
mustfail 'pushing multiple heads' $push_spec HEAD:refs/dgit/wombat
mustfail 'pushing multiple tags' $push_spec HEAD:refs/tags/debian/wombat
prep unstable sid
mktag
cp $tmp/dm.gpg $tmp/dd.gpg
mustfail 'key not found in keyrings' $push_spec
prep unstable sid
mustsucceed $push_spec # succeeds
mktag
mustfail 'not replacing previously-pushed version' $push_spec
prep_dm_mangle () {
prep unstable sid
perl -i.bak -pe '
next unless m/^fingerprint: 3A82860837A0CD32/i../^$/;
' -e "$1" $tmp/dm.txt
tag_signer='-u Populus'
mktag
}
git checkout v2
version=3-2_dummy2
prep_dm_mangle 's/allow:/asponge:/i'
mustfail 'missing Allow section in permission' $push_spec
prep_dm_mangle 's/\bpari-extra\b/sponge/i'
mustfail "package $p not allowed for key" $push_spec
prep_dm_mangle 'y/0-9/5-90-4/ if m/^fingerprint:/i'
mustfail "not in permissions list although in keyring" $push_spec
prep_dm_mangle ''
mustsucceed $push_spec # succeeds
echo ok.
|
