3 # Copyright (c) 2019 Stefan Sperling <stsp@openbsd.org>
5 # Permission to use, copy, modify, and distribute this software for any
6 # purpose with or without fee is hereby granted, provided that the above
7 # copyright notice and this permission notice appear in all copies.
9 # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 local testroot=`test_init tag_create`
21 local commit_id=`git_show_head $testroot/repo`
25 # Create a tag based on repository's HEAD reference
26 got tag -m 'test' -r $testroot/repo -c HEAD $tag > $testroot/stdout
28 if [ $ret -ne 0 ]; then
29 echo "got ref command failed unexpectedly"
30 test_done "$testroot" "$ret"
34 tag_id=`got ref -r $testroot/repo -l \
35 | grep "^refs/tags/$tag" | tr -d ' ' | cut -d: -f2`
36 echo "Created tag $tag_id" > $testroot/stdout.expected
37 cmp -s $testroot/stdout $testroot/stdout.expected
39 if [ $ret -ne 0 ]; then
40 diff -u $testroot/stdout.expected $testroot/stdout
41 test_done "$testroot" "$ret"
45 # Ensure that Git recognizes the tag Got has created
46 (cd $testroot/repo && git checkout -q $tag)
48 if [ $ret -ne 0 ]; then
49 echo "git checkout command failed unexpectedly"
50 test_done "$testroot" "$ret"
54 # Ensure Got recognizes the new tag
55 got checkout -c $tag $testroot/repo $testroot/wt >/dev/null
57 if [ $ret -ne 0 ]; then
58 echo "got checkout command failed unexpectedly"
59 test_done "$testroot" "$ret"
63 # Create a tag based on implied worktree HEAD ref
64 (cd $testroot/wt && got branch foo > /dev/null)
65 echo 'foo' >> $testroot/wt/alpha
66 (cd $testroot/wt && got commit -m foo > /dev/null)
67 local commit_id2=`git_show_branch_head $testroot/repo foo`
68 (cd $testroot/wt && got tag -m 'test' $tag2 > $testroot/stdout)
70 if [ $ret -ne 0 ]; then
71 test_done "$testroot" "$ret"
75 tag_id2=`got ref -r $testroot/repo -l \
76 | grep "^refs/tags/$tag2" | tr -d ' ' | cut -d: -f2`
77 echo "Created tag $tag_id2" > $testroot/stdout.expected
78 cmp -s $testroot/stdout $testroot/stdout.expected
80 if [ $ret -ne 0 ]; then
81 diff -u $testroot/stdout.expected $testroot/stdout
82 test_done "$testroot" "$ret"
86 tagged_commit=`got cat -r $testroot/repo $tag2 | grep ^object \
88 if [ "$tagged_commit" != "$commit_id2" ]; then
89 echo "wrong commit was tagged" >&2
90 test_done "$testroot" "1"
94 (cd $testroot/repo && git checkout -q $tag2)
96 if [ $ret -ne 0 ]; then
97 echo "git checkout command failed unexpectedly"
98 test_done "$testroot" "$ret"
102 # Attempt to create a tag pointing at a non-commit
103 local tree_id=`git_show_tree $testroot/repo`
104 (cd $testroot/wt && got tag -m 'test' -c $tree_id foobar \
107 if [ $ret -eq 0 ]; then
108 echo "got tag command succeeded unexpectedly"
109 test_done "$testroot" "1"
113 echo "got: commit $tree_id: object not found" \
114 > $testroot/stderr.expected
115 cmp -s $testroot/stderr $testroot/stderr.expected
117 if [ $ret -ne 0 ]; then
118 diff -u $testroot/stderr.expected $testroot/stderr
119 test_done "$testroot" "$ret"
123 got ref -r $testroot/repo -l > $testroot/stdout
124 echo "HEAD: $commit_id2" > $testroot/stdout.expected
125 echo -n "refs/got/worktree/base-" >> $testroot/stdout.expected
126 cat $testroot/wt/.got/uuid | tr -d '\n' >> $testroot/stdout.expected
127 echo ": $commit_id2" >> $testroot/stdout.expected
128 echo "refs/heads/foo: $commit_id2" >> $testroot/stdout.expected
129 echo "refs/heads/master: $commit_id" >> $testroot/stdout.expected
130 echo "refs/tags/$tag: $tag_id" >> $testroot/stdout.expected
131 echo "refs/tags/$tag2: $tag_id2" >> $testroot/stdout.expected
132 cmp -s $testroot/stdout $testroot/stdout.expected
134 if [ $ret -ne 0 ]; then
135 diff -u $testroot/stdout.expected $testroot/stdout
137 test_done "$testroot" "$ret"
141 local testroot=`test_init tag_list`
142 local commit_id=`git_show_head $testroot/repo`
146 # create tag with Git
147 (cd $testroot/repo && git tag -a -m 'test' $tag)
148 # create tag with Got
149 (cd $testroot/repo && got tag -m 'test' $tag2 > /dev/null)
151 tag_id=`got ref -r $testroot/repo -l \
152 | grep "^refs/tags/$tag" | tr -d ' ' | cut -d: -f2`
153 local tagger_time=`git_show_tagger_time $testroot/repo $tag`
155 local prev_LC_TIME=$LC_TIME
157 d1=`date -u -d "@$tagger_time" +"%a %b %e %X %Y UTC"`
158 LC_TIME="$prev_LC_TIME"
160 tag_id2=`got ref -r $testroot/repo -l \
161 | grep "^refs/tags/$tag2" | tr -d ' ' | cut -d: -f2`
162 local tagger_time2=`git_show_tagger_time $testroot/repo $tag2`
164 prev_LC_TIME="$LC_TIME"
166 d2=`date -u -d "@$tagger_time2" +"%a %b %e %X %Y UTC"`
167 LC_TIME="$prev_LC_TIME"
169 got tag -r $testroot/repo -l > $testroot/stdout
171 echo "-----------------------------------------------" \
172 > $testroot/stdout.expected
173 echo "tag $tag2 $tag_id2" >> $testroot/stdout.expected
174 echo "from: $GOT_AUTHOR" >> $testroot/stdout.expected
175 echo "date: $d2" >> $testroot/stdout.expected
176 echo "object: commit $commit_id" >> $testroot/stdout.expected
177 echo " " >> $testroot/stdout.expected
178 echo " test" >> $testroot/stdout.expected
179 echo " " >> $testroot/stdout.expected
180 echo "-----------------------------------------------" \
181 >> $testroot/stdout.expected
182 echo "tag $tag $tag_id" >> $testroot/stdout.expected
183 echo "from: $GOT_AUTHOR" >> $testroot/stdout.expected
184 echo "date: $d1" >> $testroot/stdout.expected
185 echo "object: commit $commit_id" >> $testroot/stdout.expected
186 echo " " >> $testroot/stdout.expected
187 echo " test" >> $testroot/stdout.expected
188 echo " " >> $testroot/stdout.expected
189 cmp -s $testroot/stdout $testroot/stdout.expected
191 if [ $ret -ne 0 ]; then
192 diff -u $testroot/stdout.expected $testroot/stdout
193 test_done "$testroot" "$ret"
197 got tag -r $testroot/repo -l $tag > $testroot/stdout
199 echo "-----------------------------------------------" \
200 > $testroot/stdout.expected
201 echo "tag $tag $tag_id" >> $testroot/stdout.expected
202 echo "from: $GOT_AUTHOR" >> $testroot/stdout.expected
203 echo "date: $d1" >> $testroot/stdout.expected
204 echo "object: commit $commit_id" >> $testroot/stdout.expected
205 echo " " >> $testroot/stdout.expected
206 echo " test" >> $testroot/stdout.expected
207 echo " " >> $testroot/stdout.expected
208 cmp -s $testroot/stdout $testroot/stdout.expected
210 if [ $ret -ne 0 ]; then
211 diff -u $testroot/stdout.expected $testroot/stdout
212 test_done "$testroot" "$ret"
216 got tag -r $testroot/repo -l $tag2 > $testroot/stdout
218 echo "-----------------------------------------------" \
219 > $testroot/stdout.expected
220 echo "tag $tag2 $tag_id2" >> $testroot/stdout.expected
221 echo "from: $GOT_AUTHOR" >> $testroot/stdout.expected
222 echo "date: $d2" >> $testroot/stdout.expected
223 echo "object: commit $commit_id" >> $testroot/stdout.expected
224 echo " " >> $testroot/stdout.expected
225 echo " test" >> $testroot/stdout.expected
226 echo " " >> $testroot/stdout.expected
227 cmp -s $testroot/stdout $testroot/stdout.expected
229 if [ $ret -ne 0 ]; then
230 diff -u $testroot/stdout.expected $testroot/stdout
232 test_done "$testroot" "$ret"
235 test_tag_list_lightweight() {
236 local testroot=`test_init tag_list_lightweight`
237 local commit_id=`git_show_head $testroot/repo`
241 # create "lightweight" tag with Git
242 (cd $testroot/repo && git tag $tag)
243 (cd $testroot/repo && git tag $tag2)
245 tag_id=`got ref -r $testroot/repo -l \
246 | grep "^refs/tags/$tag" | tr -d ' ' | cut -d: -f2`
247 local tagger_time=`git_show_author_time $testroot/repo $tag`
248 local prev_LC_TIME=$LC_TIME
250 d1=`date -u -d "@$tagger_time" +"%a %b %e %X %Y UTC"`
251 LC_TIME="$prev_LC_TIME"
252 tag_id2=`got ref -r $testroot/repo -l \
253 | grep "^refs/tags/$tag2" | tr -d ' ' | cut -d: -f2`
254 local tagger_time2=`git_show_author_time $testroot/repo $tag2`
257 d2=`date -u -d "@$tagger_time2" +"%a %b %e %X %Y UTC"`
258 LC_TIME="$prev_LC_TIME"
260 got tag -r $testroot/repo -l > $testroot/stdout
262 echo "-----------------------------------------------" \
263 > $testroot/stdout.expected
264 echo "tag $tag2 $tag_id2" >> $testroot/stdout.expected
265 echo "from: $GOT_AUTHOR" >> $testroot/stdout.expected
266 echo "date: $d2" >> $testroot/stdout.expected
267 echo "object: commit $commit_id" >> $testroot/stdout.expected
268 echo " " >> $testroot/stdout.expected
269 echo " adding the test tree" >> $testroot/stdout.expected
270 echo " " >> $testroot/stdout.expected
271 echo "-----------------------------------------------" \
272 >> $testroot/stdout.expected
273 echo "tag $tag $tag_id" >> $testroot/stdout.expected
274 echo "from: $GOT_AUTHOR" >> $testroot/stdout.expected
275 echo "date: $d1" >> $testroot/stdout.expected
276 echo "object: commit $commit_id" >> $testroot/stdout.expected
277 echo " " >> $testroot/stdout.expected
278 echo " adding the test tree" >> $testroot/stdout.expected
279 echo " " >> $testroot/stdout.expected
280 cmp -s $testroot/stdout $testroot/stdout.expected
282 if [ $ret -ne 0 ]; then
283 diff -u $testroot/stdout.expected $testroot/stdout
285 test_done "$testroot" "$ret"
288 test_tag_create_ssh_signed() {
289 local testroot=`test_init tag_create`
290 local commit_id=`git_show_head $testroot/repo`
295 ssh-keygen -q -N '' -t ed25519 -f $testroot/id_ed25519
297 if [ $ret -ne 0 ]; then
298 echo "ssh-keygen failed unexpectedly"
299 test_done "$testroot" "$ret"
302 touch $testroot/allowed_signers
303 touch $testroot/revoked_signers
304 echo "allowed_signers \"$testroot/allowed_signers\"" >> \
305 $testroot/repo/.git/got.conf
306 echo "revoked_signers \"$testroot/revoked_signers\"" >> \
307 $testroot/repo/.git/got.conf
309 # Create a signed tag based on repository's HEAD reference
310 got tag -s $testroot/id_ed25519 -m 'test' -r $testroot/repo -c HEAD \
311 $tag > $testroot/stdout
313 if [ $ret -ne 0 ]; then
314 echo "got tag command failed unexpectedly"
315 test_done "$testroot" "$ret"
319 tag_id=`got ref -r $testroot/repo -l \
320 | grep "^refs/tags/$tag" | tr -d ' ' | cut -d: -f2`
321 echo "Created tag $tag_id" > $testroot/stdout.expected
322 cmp -s $testroot/stdout $testroot/stdout.expected
324 if [ $ret -ne 0 ]; then
325 diff -u $testroot/stdout.expected $testroot/stdout
326 test_done "$testroot" "$ret"
330 # Ensure validation fails when the key is not allowed
331 echo "signature: Could not verify signature." > \
332 $testroot/stdout.expected
333 VERIFY_STDOUT=$(got tag -r $testroot/repo -V $tag 2> $testroot/stderr)
335 echo "$VERIFY_STDOUT" | grep '^signature: ' > $testroot/stdout
336 if [ $ret -eq 0 ]; then
337 diff -u $testroot/stdout.expected $testroot/stdout
338 test_done "$testroot" "1"
342 GOOD_SIG='Good "git" signature for flan_hacker@openbsd.org with ED25519 key '
344 # Validate the signature with the key allowed
345 echo -n 'flan_hacker@openbsd.org ' > $testroot/allowed_signers
346 cat $testroot/id_ed25519.pub >> $testroot/allowed_signers
347 GOT_STDOUT=$(got tag -r $testroot/repo -V $tag 2> $testroot/stderr)
349 if [ $ret -ne 0 ]; then
350 echo "got tag command failed unexpectedly"
351 diff -u $testroot/stdout.expected $testroot/stdout
352 test_done "$testroot" "$ret"
356 if ! echo "$GOT_STDOUT" | grep -q "^signature: $GOOD_SIG"; then
357 echo "got tag command failed to validate signature"
358 test_done "$testroot" "1"
362 # Ensure validation fails after revoking the key
363 ssh-keygen -y -f $testroot/id_ed25519 >> $testroot/revoked_signers
364 echo "signature: Could not verify signature." > \
365 $testroot/stdout.expected
366 VERIFY_STDOUT=$(got tag -r $testroot/repo -V $tag 2> $testroot/stderr)
368 echo "$VERIFY_STDOUT" | grep '^signature: ' > $testroot/stdout
369 if [ $ret -eq 0 ]; then
370 diff -u $testroot/stdout.expected $testroot/stdout
371 test_done "$testroot" "1"
375 # Later tests expect validation to work
376 echo -n > $testroot/revoked_signers
378 # Ensure that Git recognizes and verifies the tag Got has created
379 (cd $testroot/repo && git checkout -q $tag)
381 if [ $ret -ne 0 ]; then
382 echo "git checkout command failed unexpectedly"
383 test_done "$testroot" "$ret"
386 (cd $testroot/repo && git config --local gpg.ssh.allowedSignersFile \
387 $testroot/allowed_signers)
388 GIT_STDERR=$(cd $testroot/repo && git tag -v $tag 2>&1 1>/dev/null)
389 if ! echo "$GIT_STDERR" | grep -q "^$GOOD_SIG"; then
390 echo "git tag command failed to validate signature"
391 test_done "$testroot" "1"
395 # Ensure Got recognizes the new tag
396 got checkout -c $tag $testroot/repo $testroot/wt >/dev/null
398 if [ $ret -ne 0 ]; then
399 echo "got checkout command failed unexpectedly"
400 test_done "$testroot" "$ret"
404 # Create another signed tag with a SHA1 commit ID
405 got tag -s $testroot/id_ed25519 -m 'test' -r $testroot/repo \
406 -c $commit_id $tag2 > $testroot/stdout
408 # Create another signed tag with key defined in got.conf(5)
409 echo "signer_id \"$testroot/id_ed25519\"" >> \
410 $testroot/repo/.git/got.conf
411 got tag -m 'test' -r $testroot/repo -c HEAD $tag3 > $testroot/stdout
413 if [ $ret -ne 0 ]; then
414 echo "got tag command failed unexpectedly"
415 test_done "$testroot" "$ret"
419 # got tag -V behaves like got tag -l, but with verification enabled.
420 got tag -l -r $testroot/repo > $testroot/stdout.list
421 got tag -V -r $testroot/repo > $testroot/stdout.verify
422 diff -U0 $testroot/stdout.list $testroot/stdout.verify |
423 sed -e '/^--- /d' -e '/^+++ /d' > $testroot/stdout
424 echo "@@ -5,0 +6 @@" > $testroot/stdout.expected
425 echo -n "+signature: $GOOD_SIG" >> $testroot/stdout.expected
426 ssh-keygen -l -f $testroot/id_ed25519.pub | cut -d' ' -f 2 \
427 >> $testroot/stdout.expected
428 echo "@@ -19,0 +21 @@" >> $testroot/stdout.expected
429 echo -n "+signature: $GOOD_SIG" >> $testroot/stdout.expected
430 ssh-keygen -l -f $testroot/id_ed25519.pub | cut -d' ' -f 2 \
431 >> $testroot/stdout.expected
432 echo "@@ -33,0 +36 @@" >> $testroot/stdout.expected
433 echo -n "+signature: $GOOD_SIG" >> $testroot/stdout.expected
434 ssh-keygen -l -f $testroot/id_ed25519.pub | cut -d' ' -f 2 \
435 >> $testroot/stdout.expected
436 cmp -s $testroot/stdout $testroot/stdout.expected
438 if [ $ret -ne 0 ]; then
439 diff -u $testroot/stdout.expected $testroot/stdout
441 test_done "$testroot" "$ret"
444 test_tag_create_ssh_signed_missing_key() {
445 local testroot=`test_init tag_create`
446 local commit_id=`git_show_head $testroot/repo`
449 # Fail to create a signed tag due to a missing SSH key
450 got tag -s $testroot/bogus -m 'test' -r $testroot/repo \
451 -c HEAD $tag > $testroot/stdout 2> $testroot/stderr
453 if [ $ret -eq 0 ]; then
454 echo "got tag command succeeded unexpectedly"
455 test_done "$testroot" 1
459 got ref -r $testroot/repo -l > $testroot/stdout
460 echo "HEAD: refs/heads/master" > $testroot/stdout.expected
461 echo "refs/heads/master: $commit_id" >> $testroot/stdout.expected
462 cmp -s $testroot/stdout $testroot/stdout.expected
464 if [ $ret -ne 0 ]; then
465 diff -u $testroot/stdout.expected $testroot/stdout
466 test_done "$testroot" "$ret"
469 printf "Couldn't load public key $testroot/bogus: " \
470 >> $testroot/stderr.expected
471 printf "No such file or directory\r\n" >> $testroot/stderr.expected
472 echo "got: unable to sign tag" >> $testroot/stderr.expected
473 cmp -s $testroot/stderr $testroot/stderr.expected
475 if [ $ret -ne 0 ]; then
476 diff -u $testroot/stderr.expected $testroot/stderr
478 test_done "$testroot" "$ret"
482 run_test test_tag_create
483 run_test test_tag_list
484 run_test test_tag_list_lightweight
485 run_test test_tag_create_ssh_signed
486 run_test test_tag_create_ssh_signed_missing_key