summaryrefslogtreecommitdiff
path: root/t/t7612-merge-verify-signatures.sh
diff options
context:
space:
mode:
authorHans Jerry Illikainen <hji@dyntopia.com>2017-12-10 06:53:57 +0000
committerJunio C Hamano <gitster@pobox.com>2017-12-12 10:51:38 -0800
commitca779e82c9f263dfdea2a73a4f5494b37bc8aae7 (patch)
tree7ec371c22e16762da499e79911037ba510acdde8 /t/t7612-merge-verify-signatures.sh
parent95ec6b1b3393eb6e26da40c565520a8db9796e9f (diff)
downloadgit-ca779e82c9f263dfdea2a73a4f5494b37bc8aae7.tar.gz
merge: add config option for verifySignatures
git merge --verify-signatures can be used to verify that the tip commit of the branch being merged in is properly signed, but it's cumbersome to have to specify that every time. Add a configuration option that enables this behaviour by default, which can be overridden by --no-verify-signatures. Signed-off-by: Hans Jerry Illikainen <hji@dyntopia.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't/t7612-merge-verify-signatures.sh')
-rwxr-xr-xt/t7612-merge-verify-signatures.sh39
1 files changed, 39 insertions, 0 deletions
diff --git a/t/t7612-merge-verify-signatures.sh b/t/t7612-merge-verify-signatures.sh
index 8ae69a61c3..2344995a11 100755
--- a/t/t7612-merge-verify-signatures.sh
+++ b/t/t7612-merge-verify-signatures.sh
@@ -39,23 +39,62 @@ test_expect_success GPG 'merge unsigned commit with verification' '
test_i18ngrep "does not have a GPG signature" mergeerror
'
+test_expect_success GPG 'merge unsigned commit with merge.verifySignatures=true' '
+ test_config merge.verifySignatures true &&
+ test_must_fail git merge --ff-only side-unsigned 2>mergeerror &&
+ test_i18ngrep "does not have a GPG signature" mergeerror
+'
+
test_expect_success GPG 'merge commit with bad signature with verification' '
test_must_fail git merge --ff-only --verify-signatures $(cat forged.commit) 2>mergeerror &&
test_i18ngrep "has a bad GPG signature" mergeerror
'
+test_expect_success GPG 'merge commit with bad signature with merge.verifySignatures=true' '
+ test_config merge.verifySignatures true &&
+ test_must_fail git merge --ff-only $(cat forged.commit) 2>mergeerror &&
+ test_i18ngrep "has a bad GPG signature" mergeerror
+'
+
test_expect_success GPG 'merge commit with untrusted signature with verification' '
test_must_fail git merge --ff-only --verify-signatures side-untrusted 2>mergeerror &&
test_i18ngrep "has an untrusted GPG signature" mergeerror
'
+test_expect_success GPG 'merge commit with untrusted signature with merge.verifySignatures=true' '
+ test_config merge.verifySignatures true &&
+ test_must_fail git merge --ff-only side-untrusted 2>mergeerror &&
+ test_i18ngrep "has an untrusted GPG signature" mergeerror
+'
+
test_expect_success GPG 'merge signed commit with verification' '
+ test_when_finished "git checkout initial" &&
git merge --verbose --ff-only --verify-signatures side-signed >mergeoutput &&
test_i18ngrep "has a good GPG signature" mergeoutput
'
+test_expect_success GPG 'merge signed commit with merge.verifySignatures=true' '
+ test_when_finished "git checkout initial" &&
+ test_config merge.verifySignatures true &&
+ git merge --verbose --ff-only side-signed >mergeoutput &&
+ test_i18ngrep "has a good GPG signature" mergeoutput
+'
+
test_expect_success GPG 'merge commit with bad signature without verification' '
+ test_when_finished "git checkout initial" &&
+ git merge $(cat forged.commit)
+'
+
+test_expect_success GPG 'merge commit with bad signature with merge.verifySignatures=false' '
+ test_when_finished "git checkout initial" &&
+ test_config merge.verifySignatures false &&
git merge $(cat forged.commit)
'
+test_expect_success GPG 'merge commit with bad signature with merge.verifySignatures=true and --no-verify-signatures' '
+ test_when_finished "git checkout initial" &&
+ test_config merge.verifySignatures true &&
+ git merge --no-verify-signatures $(cat forged.commit)
+'
+
test_done