blob: aa092bc81ee7eb73f05cc22a87af78f762d066a6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
|
#!/bin/bash
set -e
. tests/lib
t-drs
t-git-none
p=pari-extra
t-worktree drs
cd $p
reporefs () {
(set -e
if test -d $tmp/git/$p.git; then
cd $tmp/git/$p.git
git show-ref
fi)
}
mustfail () {
local wantmsg="$1"; shift
reporefs >$tmp/show-refs.pre-push
set +e
git push origin "$@" 2>&1 |tee $tmp/mustfail.txt
ps="${PIPESTATUS[*]}"
set -e
case $ps in
"0 0") fail "push unexpectedly succeeded (instead of: $wantmsg)" ;;
*" 0") ;;
*) fail "tee failed" ;;
esac
if ! fgrep "$wantmsg" $tmp/mustfail.txt >/dev/null; then
fail "error message not found"
fi
reporefs >$tmp/show-refs.post-push
diff $tmp/show-refs.{pre,post}-push
}
mustsucceed () {
reporefs >$tmp/show-refs.pre-push
git push origin "$@"
reporefs >$tmp/show-refs.post-push
if diff $tmp/show-refs.{pre,post}-push >$tmp/show-refs.diff; then
fail "no refs updated"
fi
}
prep () {
local suite=$1
local csuite=$2
cp $tmp/masters/* $tmp/.
tag_signer='-u Senatus'
tag_message="$p release $version for $suite ($csuite) [dgit]"
tag_name=debian/$version
push_spec1="HEAD:refs/dgit/$csuite"
push_spec2="refs/tags/$tag_name"
push_spec="$push_spec1 $push_spec2"
}
mktag () {
git tag -f $tag_signer -m "$tag_message" $tag_name "$@"
}
mkdir $tmp/masters
cp $tmp/d[dm].* $tmp/masters
version=3-2_dummy1
prep unstable sid
tag_signer='-a'
mktag
mustfail 'missing signature' $push_spec
prep unstable sid
tag_message='something'
mktag
mustfail 'tag message not in expected format' $push_spec
prep unstable sid
mktag
mustfail 'sid != sponge' HEAD:refs/dgit/sponge $push_spec2
# fixme test --sig-policy-url string
# fixme cannot test reject "signature is not of type 00!";
prep unstable sid
mktag
mustfail 'push is missing tag ref update' $push_spec1
mustfail 'push is missing head ref update' $push_spec2
mustfail 'pushing unexpected ref' $push_spec HEAD:refs/wombat
mustfail 'pushing multiple heads' $push_spec HEAD:refs/dgit/wombat
mustfail 'pushing multiple tags' $push_spec HEAD:refs/tags/debian/wombat
prep unstable sid
mktag
cp $tmp/dm.gpg $tmp/dd.gpg
mustfail 'key not found in keyrings' $push_spec
prep unstable sid
mktag HEAD~
mustfail 'tag refers to wrong commit' $push_spec
prep unstable sid
mktag HEAD~:
mustfail 'tag refers to wrong kind of object' $push_spec
prep unstable sid
mktag
mustsucceed $push_spec # succeeds
mktag
mustfail 'not replacing previously-pushed version' $push_spec
prep_dm_mangle () {
prep unstable sid
perl -i.bak -pe '
next unless m/^fingerprint: 3A82860837A0CD32/i../^$/;
' -e "$1" $tmp/dm.txt
tag_signer='-u Populus'
mktag
}
git checkout v2
version=3-2_dummy2
prep_dm_mangle ''
perl -i.bak -ne 'print if 1..s/(pari-extra).*\n/$1/' $tmp/dm.txt
mustfail '' $push_spec # malformed (truncated) dm.txt; don't care about msg
prep_dm_mangle 's/allow:/asponge:/i'
mustfail 'missing Allow section in permission' $push_spec
prep_dm_mangle 's/\bpari-extra\b/sponge/i'
mustfail "package $p not allowed for key" $push_spec
prep_dm_mangle 'y/0-9/5-90-4/ if m/^fingerprint:/i'
mustfail "not in permissions list although in keyring" $push_spec
prep_dm_mangle ''
mustsucceed $push_spec # succeeds
echo ok.
|