Gotweb

Commit Diff

Commit:: ebc58f124450a45aa84172f009cdf14d9974e1ed
From:: Stefan Sperling <stsp@stsp.name>
Via:: Thomas Adam <thomas@xteddy.org>
Date:: Mon Jul 4 11:47:47 2022 UTC
Message:: in tests, verify that tag -V behaves like tag -l plus signature verification
Actions:: Patch | Tree
commit - 6304661828605dbefa07fb027fdbb8fd5225c7e6
commit + ebc58f124450a45aa84172f009cdf14d9974e1ed
blob - 71fb43e0fd8fa1f6b55870329e26e84a6b1d52aa
blob + 9c5092424f626fb5400194dd364dc0ce76e82897
--- regress/cmdline/tag.sh
+++ regress/cmdline/tag.sh
@@ -322,7 +322,7 @@ test_tag_create_ssh_signed() {
 		return 1
 	fi
 
-	GOOD_SIG='Good "git" signature for flan_hacker@openbsd.org with ED25519 key SHA256:'
+	GOOD_SIG='Good "git" signature for flan_hacker@openbsd.org with ED25519 key '
 
 	# Validate the signature with the key allowed
 	echo -n 'flan_hacker@openbsd.org ' > $testroot/allowed_signers
@@ -333,9 +333,66 @@ test_tag_create_ssh_signed() {
 		echo "got tag command failed unexpectedly"
 		diff -u $testroot/stdout.expected $testroot/stdout
 		test_done "$testroot" "$ret"
+		return 1
+	fi
+
+	if ! echo "$GOT_STDOUT" | grep -q "^signature: $GOOD_SIG"; then
+		echo "got tag command failed to validate signature"
+		test_done "$testroot" "1"
 		return 1
 	fi
 
+	# Ensure that Git recognizes and verifies the tag Got has created
+	(cd $testroot/repo && git checkout -q $tag)
+	ret=$?
+	if [ $ret -ne 0 ]; then
+		echo "git checkout command failed unexpectedly"
+		test_done "$testroot" "$ret"
+		return 1
+	fi
+	(cd $testroot/repo && git config --local gpg.ssh.allowedSignersFile \
+		$testroot/allowed_signers)
+	GIT_STDERR=$(cd $testroot/repo && git tag -v $tag 2>&1 1>/dev/null)
+	if ! echo "$GIT_STDERR" | grep -q "^$GOOD_SIG"; then
+		echo "git tag command failed to validate signature"
+		test_done "$testroot" "1"
+		return 1
+	fi
+
+	# Ensure Got recognizes the new tag
+	got checkout -c $tag $testroot/repo $testroot/wt >/dev/null
+	ret=$?
+	if [ $ret -ne 0 ]; then
+		echo "got checkout command failed unexpectedly"
+		test_done "$testroot" "$ret"
+		return 1
+	fi
+
+	# Create another signed tag with a SHA1 commit ID
+	got tag -s $testroot/id_ed25519 -m 'test' -r $testroot/repo \
+		-c $commit_id $tag2 > $testroot/stdout
+
+	# got tag -V behaves like got tag -l, but with verification enabled.
+	got tag -l -r $testroot/repo > $testroot/stdout.list
+	got tag -V -r $testroot/repo > $testroot/stdout.verify
+	diff -U0 $testroot/stdout.list $testroot/stdout.verify |
+	    sed -e '/^--- /d' -e '/^+++ /d' > $testroot/stdout
+	echo "@@ -5,0 +6 @@" > $testroot/stdout.expected
+	echo -n "+signature: $GOOD_SIG" >> $testroot/stdout.expected
+	ssh-keygen -l -f $testroot/id_ed25519.pub | cut -d' ' -f 2 \
+		>> $testroot/stdout.expected
+	echo "@@ -19,0 +21 @@" >> $testroot/stdout.expected
+	echo -n "+signature: $GOOD_SIG" >> $testroot/stdout.expected
+	ssh-keygen -l -f $testroot/id_ed25519.pub | cut -d' ' -f 2 \
+		>> $testroot/stdout.expected
+	cmp -s $testroot/stdout $testroot/stdout.expected
+	ret=$?
+	if [ $ret -ne 0 ]; then
+		diff -u $testroot/stdout.expected $testroot/stdout
+	fi
+	test_done "$testroot" "$ret"
+}
+
 test_tag_create_ssh_signed_missing_key() {
 	local testroot=`test_init tag_create`
 	local commit_id=`git_show_head $testroot/repo`