diff options
| author | Fabian Stelzer <fs@gigacodes.de> | 2021-10-12 11:22:35 +0200 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2021-10-12 10:35:27 -0700 |
| commit | 9d12546de9d75be70440e340a5f4bb6f9e41a89f (patch) | |
| tree | 42ad2525476dc7ee464d7755d58a7742ecd7a444 | |
| parent | e8191a52657ecfc12928cfe9eada80a883111ef2 (diff) | |
| download | git-9d12546de9d75be70440e340a5f4bb6f9e41a89f.tar.gz | |
ssh signing: fmt-merge-msg tests & config parse
When merging a signed tag fmt-merge-msg was unable to verify its
validity missing the necessary ssh allowedSignersFile config.
Adds gpg config parsing to fmt-merge-msg.
Adds tests for ssh signed tags to fmt-merge-msg tests.
Signed-off-by: Fabian Stelzer <fs@gigacodes.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| -rw-r--r-- | fmt-merge-msg.c | 6 | ||||
| -rwxr-xr-x | t/t6200-fmt-merge-msg.sh | 28 |
2 files changed, 34 insertions, 0 deletions
diff --git a/fmt-merge-msg.c b/fmt-merge-msg.c index 2901c5e4f8..5216191488 100644 --- a/fmt-merge-msg.c +++ b/fmt-merge-msg.c @@ -9,6 +9,7 @@ #include "branch.h" #include "fmt-merge-msg.h" #include "commit-reach.h" +#include "gpg-interface.h" static int use_branch_desc; static int suppress_dest_pattern_seen; @@ -16,6 +17,8 @@ static struct string_list suppress_dest_patterns = STRING_LIST_INIT_DUP; int fmt_merge_msg_config(const char *key, const char *value, void *cb) { + int status = 0; + if (!strcmp(key, "merge.log") || !strcmp(key, "merge.summary")) { int is_bool; merge_log_config = git_config_bool_or_int(key, value, &is_bool); @@ -34,6 +37,9 @@ int fmt_merge_msg_config(const char *key, const char *value, void *cb) string_list_append(&suppress_dest_patterns, value); suppress_dest_pattern_seen = 1; } else { + status = git_gpg_config(key, value, NULL); + if (status) + return status; return git_default_config(key, value, cb); } return 0; diff --git a/t/t6200-fmt-merge-msg.sh b/t/t6200-fmt-merge-msg.sh index 44f55d93fe..06c5fb5615 100755 --- a/t/t6200-fmt-merge-msg.sh +++ b/t/t6200-fmt-merge-msg.sh @@ -81,6 +81,16 @@ test_expect_success GPG 'set up a signed tag' ' git tag -s -m signed-tag-msg signed-good-tag left ' +test_expect_success GPGSSH 'created ssh signed commit and tag' ' + test_config gpg.format ssh && + git checkout -b signed-ssh && + touch file && + git add file && + git commit -m "ssh signed" -S"${GPGSSH_KEY_PRIMARY}" && + git tag -s -u"${GPGSSH_KEY_PRIMARY}" -m signed-ssh-tag-msg signed-good-ssh-tag left && + git tag -s -u"${GPGSSH_KEY_UNTRUSTED}" -m signed-ssh-tag-msg-untrusted signed-untrusted-ssh-tag left +' + test_expect_success 'message for merging local branch' ' echo "Merge branch ${apos}left${apos}" >expected && @@ -109,6 +119,24 @@ test_expect_success GPG 'message for merging local tag signed by unknown key' ' grep -E "^# gpg: Can${apos}t check signature: (public key not found|No public key)" actual ' +test_expect_success GPGSSH 'message for merging local tag signed by good ssh key' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + git checkout main && + git fetch . signed-good-ssh-tag && + git fmt-merge-msg <.git/FETCH_HEAD >actual 2>&1 && + grep "${GPGSSH_GOOD_SIGNATURE_TRUSTED}" actual && + ! grep "${GPGSSH_BAD_SIGNATURE}" actual +' + +test_expect_success GPGSSH 'message for merging local tag signed by unknown ssh key' ' + test_config gpg.ssh.allowedSignersFile "${GPGSSH_ALLOWED_SIGNERS}" && + git checkout main && + git fetch . signed-untrusted-ssh-tag && + git fmt-merge-msg <.git/FETCH_HEAD >actual 2>&1 && + grep "${GPGSSH_GOOD_SIGNATURE_UNTRUSTED}" actual && + ! grep "${GPGSSH_BAD_SIGNATURE}" actual && + grep "${GPGSSH_KEY_NOT_TRUSTED}" actual +' test_expect_success 'message for merging external branch' ' echo "Merge branch ${apos}left${apos} of $(pwd)" >expected && |