mirror of
https://github.com/git/git.git
synced 2024-04-18 19:03:51 +02:00
ssh signing: fmt-merge-msg tests & config parse
When merging a signed tag fmt-merge-msg was unable to verify its validity missing the necessary ssh allowedSignersFile config. Adds gpg config parsing to fmt-merge-msg. Adds tests for ssh signed tags to fmt-merge-msg tests. Signed-off-by: Fabian Stelzer <fs@gigacodes.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
parent
e8191a5265
commit
9d12546de9
|
@ -9,6 +9,7 @@
|
|||
#include "branch.h"
|
||||
#include "fmt-merge-msg.h"
|
||||
#include "commit-reach.h"
|
||||
#include "gpg-interface.h"
|
||||
|
||||
static int use_branch_desc;
|
||||
static int suppress_dest_pattern_seen;
|
||||
|
@ -16,6 +17,8 @@ static struct string_list suppress_dest_patterns = STRING_LIST_INIT_DUP;
|
|||
|
||||
int fmt_merge_msg_config(const char *key, const char *value, void *cb)
|
||||
{
|
||||
int status = 0;
|
||||
|
||||
if (!strcmp(key, "merge.log") || !strcmp(key, "merge.summary")) {
|
||||
int is_bool;
|
||||
merge_log_config = git_config_bool_or_int(key, value, &is_bool);
|
||||
|
@ -34,6 +37,9 @@ int fmt_merge_msg_config(const char *key, const char *value, void *cb)
|
|||
string_list_append(&suppress_dest_patterns, value);
|
||||
suppress_dest_pattern_seen = 1;
|
||||
} else {
|
||||
status = git_gpg_config(key, value, NULL);
|
||||
if (status)
|
||||
return status;
|
||||
return git_default_config(key, value, cb);
|
||||
}
|
||||
return 0;
|
||||
|
|
|
@ -81,6 +81,16 @@ test_expect_success GPG 'set up a signed tag' '
|
|||
git tag -s -m signed-tag-msg signed-good-tag left
|
||||
'
|
||||
|
||||
test_expect_success GPGSSH 'created ssh signed commit and tag' '
|
||||
test_config gpg.format ssh &&
|
||||
git checkout -b signed-ssh &&
|
||||
touch file &&
|
||||
git add file &&
|
||||
git commit -m "ssh signed" -S"${GPGSSH_KEY_PRIMARY}" &&
|
||||
git tag -s -u"${GPGSSH_KEY_PRIMARY}" -m signed-ssh-tag-msg signed-good-ssh-tag left &&
|
||||
git tag -s -u"${GPGSSH_KEY_UNTRUSTED}" -m signed-ssh-tag-msg-untrusted signed-untrusted-ssh-tag left
|
||||
'
|
||||
|
||||
test_expect_success 'message for merging local branch' '
|
||||
echo "Merge branch ${apos}left${apos}" >expected &&
|
||||
|
||||
|
@ -109,6 +119,24 @@ test_expect_success GPG 'message for merging local tag signed by unknown key' '
|
|||
grep -E "^# gpg: Can${apos}t check signature: (public key not found|No public key)" actual
|
||||
'
|
||||
|
||||
test_expect_success GPGSSH 'message for merging local tag signed by good ssh key' '
|
||||
test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" &&
|
||||
git checkout main &&
|
||||
git fetch . signed-good-ssh-tag &&
|
||||
git fmt-merge-msg <.git/FETCH_HEAD >actual 2>&1 &&
|
||||
grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual &&
|
||||
! grep "${GPGSSH_BAD_SIGNATURE}" actual
|
||||
'
|
||||
|
||||
test_expect_success GPGSSH 'message for merging local tag signed by unknown ssh key' '
|
||||
test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" &&
|
||||
git checkout main &&
|
||||
git fetch . signed-untrusted-ssh-tag &&
|
||||
git fmt-merge-msg <.git/FETCH_HEAD >actual 2>&1 &&
|
||||
grep "${GPGSSH_GOOD_SIGNATURE_UNTRUSTED}" actual &&
|
||||
! grep "${GPGSSH_BAD_SIGNATURE}" actual &&
|
||||
grep "${GPGSSH_KEY_NOT_TRUSTED}" actual
|
||||
'
|
||||
test_expect_success 'message for merging external branch' '
|
||||
echo "Merge branch ${apos}left${apos} of $(pwd)" >expected &&
|
||||
|
||||
|
|
Loading…
Reference in New Issue