1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
#!/bin/bash
#
# Copyright (C) 2011,2015 Colin Walters <walters@verbum.org>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General
# Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
set -e
set -x
set -o pipefail
echo "1..7"
. $(dirname $0)/libtest.sh
setup_test_repository
cd ${test_tmpdir}
create_editor_script 'Release 2015.1'
echo "ok setup"
git clone repos/coolproject >&2
cd coolproject
trusted_git_submodule update --init >&2
with_editor_script git evtag sign -u 472CDAFA v2015.1 >&2
git show refs/tags/v2015.1 > tag.txt
sed -e 's/^/#tag.txt /' < tag.txt
${SRCDIR}/git-evtag-compute-py HEAD > tag-py.txt
sed -e 's/^/#tag-py.txt /' < tag-py.txt
TAG='Git-EVTag-v0-SHA512: 58e9834248c054f844f00148a030876f77eb85daa3caa15a20f3061f181403bae7b7e497fca199d25833b984c60f3202b16ebe0ed3a36e6b82f33618d75c569d'
assert_file_has_content tag.txt "${TAG}"
with_editor_script git evtag verify v2015.1 | tee verify.out >&2
assert_file_has_content verify.out "Successfully verified: ${TAG}"
# Also test subdirectory
(cd src && with_editor_script git evtag verify v2015.1 | tee ../verify2.out) >&2
assert_file_has_content verify2.out "Successfully verified: ${TAG}"
assert_file_has_content tag-py.txt "${TAG}"
rm -f tag.txt
rm -f verify.out
echo "ok tag + verify"
cd ${test_tmpdir}
rm coolproject -rf
git clone repos/coolproject >&2
cd coolproject
trusted_git_submodule update --init >&2
echo 'super cool' > src/cool.c
if with_editor_script git evtag sign -u 472CDAFA v2015.1 >&2 2>err.txt; then
assert_not_reached "expected failure due to dirty tree"
fi
assert_file_has_content err.txt 'Attempting to tag or verify dirty tree'
git checkout src/cool.c >&2
# But untracked files are ok
touch unknownfile
with_editor_script git evtag sign -u 472CDAFA v2015.1 >&2
git evtag verify v2015.1 >&2
echo 'ok no tag on dirty tree'
cd ${test_tmpdir}
rm coolproject -rf
git clone repos/coolproject >&2
cd coolproject
trusted_git_submodule update --init >&2
with_editor_script git evtag sign -u 472CDAFA v2015.1 >&2
git checkout -q HEAD^ >&2
if git evtag verify v2015.1 >&2 2>err.txt; then
assert_not_reached 'Expected failure due to non HEAD'
fi
assert_file_has_content err.txt "Target.*is not HEAD"
echo 'ok no tag verify on non-HEAD'
cd ${test_tmpdir}
rm coolproject -rf
git clone repos/coolproject >&2
cd coolproject
trusted_git_submodule update --init >&2
with_editor_script git evtag sign --with-legacy-archive-tag -u 472CDAFA v2015.1 >&2
git show refs/tags/v2015.1 > tag.txt
assert_file_has_content tag.txt 'ExtendedVerify-SHA256-archive-tar: 83991ee23a027d97ad1e06432ad87c6685e02eac38706e7fbfe6e5e781939dab'
gitversion=$(git --version)
assert_file_has_content tag.txt "ExtendedVerify-git-version: ${gitversion}"
with_editor_script git evtag verify v2015.1 | tee verify.out >&2
assert_file_has_content verify.out 'Successfully verified: Git-EVTag-v0-SHA512: 58e9834248c054f844f00148a030876f77eb85daa3caa15a20f3061f181403bae7b7e497fca199d25833b984c60f3202b16ebe0ed3a36e6b82f33618d75c569d'
rm -f tag.txt
rm -f verify.out
echo "ok tag + verify legacy"
cd ${test_tmpdir}
rm coolproject -rf
git clone repos/coolproject >&2
cd coolproject
trusted_git_submodule update --init >&2
with_editor_script git evtag sign --no-signature v2015.1 >&2
git show refs/tags/v2015.1 > tag.txt
assert_file_has_content tag.txt 'Git-EVTag-v0-SHA512: 58e9834248c054f844f00148a030876f77eb85daa3caa15a20f3061f181403bae7b7e497fca199d25833b984c60f3202b16ebe0ed3a36e6b82f33618d75c569d'
assert_not_file_has_content tag.txt '-----BEGIN PGP SIGNATURE-----'
if git evtag verify v2015.1 2>err.txt; then
assert_not_reached 'Expected failure due to no GPG signature'
fi
assert_file_has_content err.txt "no signature found"
git evtag verify --no-signature v2015.1 >&2
rm -f tag.txt
rm -f verify.out
echo "ok checksum-only tag + verify"
cd ${test_tmpdir}
rm coolproject -rf
git clone repos/coolproject2 >&2
cd coolproject2
trusted_git_submodule update --init >&2
with_editor_script git evtag sign -u 472CDAFA v2015.1 >&2
git show refs/tags/v2015.1 > tag.txt
TAG='Git-EVTag-v0-SHA512: 8ef922041663821b8208d6e1037adbd51e0b19cc4dd3314436b3078bdae4073a616e6e289891fa5ad9f798630962a33350f6035fffec6ca3c499bc01f07c3d0a'
assert_file_has_content tag.txt "${TAG}"
with_editor_script git evtag verify v2015.1 | tee verify.out >&2
assert_file_has_content verify.out "Successfully verified: ${TAG}"
# Also test subdirectory
(cd src && with_editor_script git evtag verify v2015.1 | tee ../verify2.out) >&2
assert_file_has_content verify2.out "Successfully verified: ${TAG}"
${SRCDIR}/git-evtag-compute-py HEAD > tag-py.txt
assert_file_has_content tag-py.txt "${TAG}"
rm -f tag.txt
rm -f verify.out
echo "ok tag + verify with nested submodules"
|
