4d56716fe8
--- type: change message: |- Give the project a proper root, dehub.dev/src/dehub.git "dehub" was being used as a placeholder up till this point, but now that the project has matured enough to have a home, and people will want to be installing the binary, it's time to give it a proper import root. change_hash: ADTjLNnPARatUjx6HDo7m3O+0KUcWvcMJq1kNrj9++PU credentials: - type: pgp_signature pub_key_id: 95C46FA6A41148AC body: iQIzBAABAgAdFiEEJ6tQKp6olvZKJ0lwlcRvpqQRSKwFAl6BECkACgkQlcRvpqQRSKyeJBAAocdHTs8AB2u9kZmMcJNf136Cq8KWjglvhuH49Nj9ILkeGOBF7+fIHBRSYxBQm4IIDWsjaQaRRhESJxKrkHUd7BG/z5iVsCfjYTyY7LPgv0oYJKEGbPOF2LDK2fuLLpRlA5v1fwamTdFYxs5j7yxW7weWiiKEgjMGjOiWQCWuqhw8rwOG6vjvYttQ5pekI7GvkdqWe+qODKmIF9xFFuhz7BMsFUAAwLz97W1wZkHA+O1BXGTe9hGwH88RY9IGJZftA6wuGes/SqwWJk+hpb89KV1yR0woMrwz7ITZZeNBboXO7KyxUXrfiLtxeRD4t15tJkdRY0FbIZvNCktviTqjPXOtoVh7c3m3p/LR5vcbgYDxaZKk51DYruovfaRI96Q9CYCK2kVb2PIJ4BJhlsUPzw8AWNVxXFECYZNEZly10hqNh4Xophr/x7PWOmoPoKL2PvXLtOHzk0r4Tw6JqUaC+7/08U/+lhlSKFKLdCj7Xru57qB7gxgd+P3g4rfqjIHqiB4tlViqR5RV7V8Z/goBMJg2uOJXIJGvwEZF9nj+QDgaofImMiQmcLrE6IBCYEELYz274w/6ugSCcdwVIC/n3VHuNY4zJDKN7Q/FgI9/GBS7UoNhTaHF2JmSKR9ErMKpm3PYPZr/VnsaXjfCBO5bVquvWLzfJ9aQ4t+tsRkuAvQ= account: mediocregopher
200 lines
5.4 KiB
Go
200 lines
5.4 KiB
Go
package dehub
|
|
|
|
import (
|
|
"dehub.dev/src/dehub.git/sigcred"
|
|
"reflect"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/davecgh/go-spew/spew"
|
|
"gopkg.in/src-d/go-git.v4/plumbing"
|
|
yaml "gopkg.in/yaml.v2"
|
|
)
|
|
|
|
func TestChangeCommitVerify(t *testing.T) {
|
|
type step struct {
|
|
msg string
|
|
msgHead string // defaults to msg
|
|
tree map[string]string
|
|
}
|
|
testCases := []struct {
|
|
descr string
|
|
steps []step
|
|
}{
|
|
{
|
|
descr: "single commit",
|
|
steps: []step{
|
|
{
|
|
msg: "first commit",
|
|
tree: map[string]string{"a": "0", "b": "1"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
descr: "multiple commits",
|
|
steps: []step{
|
|
{
|
|
msg: "first commit",
|
|
tree: map[string]string{"a": "0", "b": "1"},
|
|
},
|
|
{
|
|
msg: "second commit, changing a",
|
|
tree: map[string]string{"a": "1"},
|
|
},
|
|
{
|
|
msg: "third commit, empty",
|
|
},
|
|
{
|
|
msg: "fourth commit, adding c, removing b",
|
|
tree: map[string]string{"b": "", "c": "2"},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
descr: "big body commits",
|
|
steps: []step{
|
|
{
|
|
msg: "first commit, single line but with newline\n",
|
|
},
|
|
{
|
|
msg: "second commit, single line but with two newlines\n\n",
|
|
msgHead: "second commit, single line but with two newlines\n\n",
|
|
},
|
|
{
|
|
msg: "third commit, multi-line with one newline\nanother line!",
|
|
msgHead: "third commit, multi-line with one newline\n\n",
|
|
},
|
|
{
|
|
msg: "fourth commit, multi-line with two newlines\n\nanother line!",
|
|
msgHead: "fourth commit, multi-line with two newlines\n\n",
|
|
},
|
|
},
|
|
},
|
|
}
|
|
|
|
for _, test := range testCases {
|
|
t.Run(test.descr, func(t *testing.T) {
|
|
h := newHarness(t)
|
|
for _, step := range test.steps {
|
|
h.stage(step.tree)
|
|
account := h.cfg.Accounts[0]
|
|
|
|
gitCommit := h.changeCommit(step.msg, account.ID, h.sig)
|
|
if step.msgHead == "" {
|
|
step.msgHead = strings.TrimSpace(step.msg) + "\n\n"
|
|
}
|
|
|
|
if !strings.HasPrefix(gitCommit.GitCommit.Message, step.msgHead) {
|
|
t.Fatalf("commit message %q does not start with expected head %q",
|
|
gitCommit.GitCommit.Message, step.msgHead)
|
|
}
|
|
|
|
var actualCommit Commit
|
|
if err := actualCommit.UnmarshalText([]byte(gitCommit.GitCommit.Message)); err != nil {
|
|
t.Fatalf("error unmarshaling commit body: %v", err)
|
|
} else if !reflect.DeepEqual(actualCommit, gitCommit.Commit) {
|
|
t.Fatalf("returned change commit:\n%s\ndoes not match actual one:\n%s",
|
|
spew.Sdump(gitCommit.Commit), spew.Sdump(actualCommit))
|
|
}
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestCombineCommitChanges(t *testing.T) {
|
|
h := newHarness(t)
|
|
|
|
// commit initial config, so the root user can modify it in the next commit
|
|
h.changeCommit("initial commit", h.cfg.Accounts[0].ID, h.sig)
|
|
|
|
// add a toot user and modify the access controls such that both accounts
|
|
// are required for the main branch
|
|
tootSig, tootPubKeyBody := sigcred.SignifierPGPTmp("toot", h.rand)
|
|
h.cfg.Accounts = append(h.cfg.Accounts, Account{
|
|
ID: "toot",
|
|
Signifiers: []sigcred.Signifier{{PGPPublicKey: &sigcred.SignifierPGP{
|
|
Body: string(tootPubKeyBody),
|
|
}}},
|
|
})
|
|
err := yaml.Unmarshal([]byte(`
|
|
- action: allow
|
|
filters:
|
|
- type: branch
|
|
pattern: main
|
|
- type: commit_type
|
|
commit_type: change
|
|
- type: signature
|
|
any_account: true
|
|
count: 2
|
|
|
|
- action: allow
|
|
filters:
|
|
- type: not
|
|
filter:
|
|
type: branch
|
|
pattern: main
|
|
- type: signature
|
|
any_account: true
|
|
count: 1
|
|
|
|
- action: deny
|
|
`), &h.cfg.AccessControls)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
h.stageCfg()
|
|
tootCommit := h.changeCommit("add toot", h.cfg.Accounts[0].ID, h.sig)
|
|
|
|
// make a single change commit in another branch using root. Then add a
|
|
// credential using toot, and combine them onto main.
|
|
otherBranch := plumbing.NewBranchReferenceName("other")
|
|
h.checkout(otherBranch)
|
|
h.stage(map[string]string{"foo": "bar"})
|
|
fooCommit := h.changeCommit("add foo file", h.cfg.Accounts[0].ID, h.sig)
|
|
|
|
// now adding a credential commit from toot should work
|
|
credCommitObj, err := h.repo.NewCommitCredential(fooCommit.Interface.GetHash())
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
credCommit := h.tryCommit(true, credCommitObj, h.cfg.Accounts[1].ID, tootSig)
|
|
|
|
allCommits, err := h.repo.GetGitCommitRange(
|
|
tootCommit.GitCommit.Hash,
|
|
credCommit.GitCommit.Hash,
|
|
)
|
|
if err != nil {
|
|
t.Fatalf("error getting commits: %v", err)
|
|
}
|
|
|
|
combinedCommit, err := h.repo.CombineCommitChanges(allCommits, MainRefName)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
// that new commit should have both credentials
|
|
creds := combinedCommit.Commit.Common.Credentials
|
|
if len(creds) != 2 {
|
|
t.Fatalf("combined commit has %d credentials, not 2", len(creds))
|
|
} else if creds[0].AccountID != "root" {
|
|
t.Fatalf("combined commit first credential should be from root, is from %q", creds[0].AccountID)
|
|
} else if creds[1].AccountID != "toot" {
|
|
t.Fatalf("combined commit second credential should be from toot, is from %q", creds[1].AccountID)
|
|
}
|
|
|
|
// double check that the HEAD commit of main got properly set
|
|
h.checkout(MainRefName)
|
|
mainHead, err := h.repo.GetGitHead()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if mainHead.GitCommit.Hash != combinedCommit.GitCommit.Hash {
|
|
t.Fatalf("mainHead's should be pointed at %s but is pointed at %s",
|
|
combinedCommit.GitCommit.Hash, mainHead.GitCommit.Hash)
|
|
} else if err = h.repo.VerifyCommits(MainRefName, []GitCommit{combinedCommit}); err != nil {
|
|
t.Fatalf("unable to verify combined commit: %v", err)
|
|
} else if author := combinedCommit.GitCommit.Author.Name; author != "root" {
|
|
t.Fatalf("unexpected author value %q", author)
|
|
}
|
|
}
|