1 .include "../../got-version.mk"
2 
3 REGRESS_TARGETS=test_repo_read test_repo_read_group \
4 	test_repo_read_denied_user test_repo_read_denied_group \
5 	test_repo_read_bad_user test_repo_read_bad_group \
6 	test_repo_write test_repo_write_empty test_request_bad \
7 	test_repo_write_protected test_email_notification
8 NOOBJ=Yes
9 CLEANFILES=gotd.conf
10 
11 .PHONY: ensure_root prepare_test_repo check_test_repo start_gotd
12 
13 GOTD_TEST_ROOT=/tmp
14 GOTD_DEVUSER?=gotdev
15 GOTD_DEVUSER_HOME!=userinfo $(GOTD_DEVUSER) | awk '/^dir/ {print $$2}'
16 GOTD_TEST_REPO!?=mktemp -d "$(GOTD_TEST_ROOT)/gotd-test-repo-XXXXXXXXXX"
17 GOTD_TEST_REPO_NAME=test-repo
18 GOTD_TEST_REPO_URL=ssh://${GOTD_DEVUSER}@127.0.0.1/$(GOTD_TEST_REPO_NAME)
19 GOTD_TEST_SMTP_PORT=2525
20 
21 GOTD_TEST_USER?=${DOAS_USER}
22 .if empty(GOTD_TEST_USER)
23 GOTD_TEST_USER=${SUDO_USER}
24 .endif
25 .if empty(GOTD_TEST_USER)
26 GOTD_TEST_USER=${USER}
27 .endif
28 GOTD_TEST_USER_HOME!=userinfo $(GOTD_TEST_USER) | awk '/^dir/ {print $$2}'
29 
30 # gotd.conf parameters
31 GOTD_USER?=got
32 GOTD_SOCK=${GOTD_DEVUSER_HOME}/gotd.sock
33 
34 .if "${GOT_RELEASE}" == "Yes"
35 PREFIX ?= /usr/local
36 BINDIR ?= ${PREFIX}/bin
37 .else
38 PREFIX ?= ${GOTD_TEST_USER_HOME}
39 BINDIR ?= ${PREFIX}/bin
40 .endif
41 
42 GOTD_START_CMD?=env ${GOTD_ENV} $(BINDIR)/gotd -vv -f $(PWD)/gotd.conf
43 GOTD_STOP_CMD?=$(BINDIR)/gotctl -f $(GOTD_SOCK) stop
44 GOTD_TRAP=trap "$(GOTD_STOP_CMD)" HUP INT QUIT PIPE TERM
45 
46 GOTD_ENV=GOT_NOTIFY_EMAIL_TIMEOUT=1
47 
48 GOTD_TEST_ENV=GOTD_TEST_ROOT=$(GOTD_TEST_ROOT) \
49 	GOTD_TEST_REPO_URL=$(GOTD_TEST_REPO_URL) \
50 	GOTD_TEST_REPO_NAME=$(GOTD_TEST_REPO_NAME) \
51 	GOTD_TEST_REPO=$(GOTD_TEST_REPO) \
52 	GOTD_SOCK=$(GOTD_SOCK) \
53 	GOTD_DEVUSER=$(GOTD_DEVUSER) \
54 	GOTD_USER=$(GOTD_USER) \
55 	GOTD_TEST_SMTP_PORT=$(GOTD_TEST_SMTP_PORT) \
56 	HOME=$(GOTD_TEST_USER_HOME) \
57 	PATH=$(GOTD_TEST_USER_HOME)/bin:$(PATH)
58 
59 ensure_root:
60 	@if [[ `id -u` -ne 0 ]]; then \
61 		echo gotd test suite must be started by root >&2; \
62 		false; \
63 	fi ; \
64 	if [[ "$(GOTD_TEST_USER)" = "root" ]]; then \
65 		echo GOTD_TEST_USER must be a non-root user >&2; \
66 		false; \
67 	fi
68 
69 start_gotd_ro: ensure_root
70 	@echo 'listen on "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
71 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
72 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
73 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
74 	@echo '    permit ro $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
75 	@echo "}" >> $(PWD)/gotd.conf
76 	@$(GOTD_TRAP); $(GOTD_START_CMD)
77 	@$(GOTD_TRAP); sleep .5
78 
79 start_gotd_ro_group: ensure_root
80 	@echo 'listen on "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
81 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
82 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
83 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
84 	@echo '    permit ro :$(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
85 	@echo "}" >> $(PWD)/gotd.conf
86 	@$(GOTD_TRAP); $(GOTD_START_CMD)
87 	@$(GOTD_TRAP); sleep .5
88 
89 # try a permit rule followed by a deny rule; last matched rule wins
90 start_gotd_ro_denied_user: ensure_root
91 	@echo 'listen on "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
92 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
93 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
94 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
95 	@echo '    permit ro $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
96 	@echo '    deny $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
97 	@echo "}" >> $(PWD)/gotd.conf
98 	@$(GOTD_TRAP); $(GOTD_START_CMD)
99 	@$(GOTD_TRAP); sleep .5
100 
101 # try a permit rule followed by a deny rule; last matched rule wins
102 start_gotd_ro_denied_group: ensure_root
103 	@echo 'listen on "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
104 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
105 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
106 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
107 	@echo '    permit ro $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
108 	@echo '    deny :$(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
109 	@echo "}" >> $(PWD)/gotd.conf
110 	@$(GOTD_TRAP); $(GOTD_START_CMD)
111 	@$(GOTD_TRAP); sleep .5
112 
113 # $GOTD_DEVUSER should not equal $GOTD_USER
114 start_gotd_ro_bad_user: ensure_root
115 	@echo 'listen on "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
116 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
117 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
118 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
119 	@echo '    permit ro $(GOTD_USER)' >> $(PWD)/gotd.conf
120 	@echo "}" >> $(PWD)/gotd.conf
121 	@$(GOTD_TRAP); $(GOTD_START_CMD)
122 	@$(GOTD_TRAP); sleep .5
123 
124 # $GOTD_DEVUSER should not be in group wheel
125 start_gotd_ro_bad_group: ensure_root
126 	@echo 'listen on "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
127 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
128 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
129 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
130 	@echo '    permit ro :wheel' >> $(PWD)/gotd.conf
131 	@echo "}" >> $(PWD)/gotd.conf
132 	@$(GOTD_TRAP); $(GOTD_START_CMD)
133 	@$(GOTD_TRAP); sleep .5
134 
135 start_gotd_rw: ensure_root
136 	@echo 'listen on "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
137 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
138 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
139 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
140 	@echo '    permit rw $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
141 	@echo "}" >> $(PWD)/gotd.conf
142 	@$(GOTD_TRAP); $(GOTD_START_CMD)
143 	@$(GOTD_TRAP); sleep .5
144 
145 start_gotd_rw_protected: ensure_root
146 	@echo 'listen on "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
147 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
148 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
149 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
150 	@echo '    permit rw $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
151 	@echo '    protect branch "foo"' >> $(PWD)/gotd.conf
152 	@echo '    protect tag namespace "refs/tags/"' >> $(PWD)/gotd.conf
153 	@echo '    protect branch "refs/heads/main"' >> $(PWD)/gotd.conf
154 	@echo "}" >> $(PWD)/gotd.conf
155 	@$(GOTD_TRAP); $(GOTD_START_CMD)
156 	@$(GOTD_TRAP); sleep .5
157 
158 start_gotd_email_notification: ensure_root
159 	@echo 'listen on "$(GOTD_SOCK)"' > $(PWD)/gotd.conf
160 	@echo "user $(GOTD_USER)" >> $(PWD)/gotd.conf
161 	@echo 'repository "test-repo" {' >> $(PWD)/gotd.conf
162 	@echo '    path "$(GOTD_TEST_REPO)"' >> $(PWD)/gotd.conf
163 	@echo '    permit rw $(GOTD_DEVUSER)' >> $(PWD)/gotd.conf
164 	@echo '    notify {' >> $(PWD)/gotd.conf
165 	@echo -n '      email to ${GOTD_DEVUSER}' >> $(PWD)/gotd.conf
166 	@echo ' relay 127.0.0.1 port ${GOTD_TEST_SMTP_PORT}' >> $(PWD)/gotd.conf
167 	@echo "    }" >> $(PWD)/gotd.conf
168 	@echo "}" >> $(PWD)/gotd.conf
169 	@$(GOTD_TRAP); $(GOTD_START_CMD)
170 	@$(GOTD_TRAP); sleep .5
171 
172 prepare_test_repo: ensure_root
173 	@chown ${GOTD_USER} "${GOTD_TEST_REPO}"
174 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./prepare_test_repo.sh'
175 
176 prepare_test_repo_empty: ensure_root
177 	@chown ${GOTD_USER} "${GOTD_TEST_REPO}"
178 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./prepare_test_repo.sh 1'
179 
180 test_repo_read: prepare_test_repo start_gotd_ro
181 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
182 		'env $(GOTD_TEST_ENV) sh ./repo_read.sh'
183 	@$(GOTD_STOP_CMD) 2>/dev/null
184 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
185 
186 test_repo_read_group: prepare_test_repo start_gotd_ro_group
187 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
188 		'env $(GOTD_TEST_ENV) sh ./repo_read.sh'
189 	@$(GOTD_STOP_CMD) 2>/dev/null
190 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
191 
192 test_repo_read_denied_user: prepare_test_repo start_gotd_ro_denied_user
193 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
194 		'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
195 	@$(GOTD_STOP_CMD) 2>/dev/null
196 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
197 
198 test_repo_read_denied_group: prepare_test_repo start_gotd_ro_denied_group
199 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
200 		'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
201 	@$(GOTD_STOP_CMD) 2>/dev/null
202 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
203 
204 test_repo_read_bad_user: prepare_test_repo start_gotd_ro_bad_user
205 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
206 		'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
207 	@$(GOTD_STOP_CMD) 2>/dev/null
208 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
209 
210 test_repo_read_bad_group: prepare_test_repo start_gotd_ro_bad_group
211 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
212 		'env $(GOTD_TEST_ENV) sh ./repo_read_access_denied.sh'
213 	@$(GOTD_STOP_CMD) 2>/dev/null
214 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
215 
216 test_repo_write: prepare_test_repo start_gotd_rw
217 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
218 		'env $(GOTD_TEST_ENV) sh ./repo_write.sh'
219 	@$(GOTD_STOP_CMD) 2>/dev/null
220 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
221 
222 test_repo_write_empty: prepare_test_repo_empty start_gotd_rw
223 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
224 		'env $(GOTD_TEST_ENV) sh ./repo_write_empty.sh'
225 	@$(GOTD_STOP_CMD) 2>/dev/null
226 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
227 
228 test_repo_write_protected: prepare_test_repo start_gotd_rw_protected
229 	@-$(GOTD_TRAP); su ${GOTD_TEST_USER} -c \
230 		'env $(GOTD_TEST_ENV) sh ./repo_write_protected.sh'
231 	@$(GOTD_STOP_CMD) 2>/dev/null
232 	@su -m ${GOTD_USER} -c 'env $(GOTD_TEST_ENV) sh ./check_test_repo.sh'
233 	
234 test_request_bad: prepare_test_repo_empty start_gotd_ro
235 	@-$(GOTD_TRAP); su -m ${GOTD_TEST_USER} -c \
236 		'env $(GOTD_TEST_ENV) sh ./request_bad.sh'
237 	@$(GOTD_STOP_CMD) 2>/dev/null
238 
239 test_email_notification: prepare_test_repo start_gotd_email_notification
240 	@-$(GOTD_TRAP); su -m ${GOTD_TEST_USER} -c \
241 		'env $(GOTD_TEST_ENV) sh ./email_notification.sh'
242 	@$(GOTD_STOP_CMD) 2>/dev/null
243 
244 .include <bsd.regress.mk>