Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/glsamaker/tests/test_glsarepo.py
blob: f1f9bc99498e4ebcfc597558c99cfa5c8d31e959 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

import gnupg
from git.exc import GitCommandError
from util import GPG_TEST_PASSPHRASE

from glsamaker.glsarepo import GLSARepo
from glsamaker.models.bug import Bug
from glsamaker.models.glsa import GLSA


def validate_commit(repo):
    assert (
        "[ GLSA 1 ] Foo Bar: Multiple vulnerabilities" in repo.repo.head.commit.summary
    )
    assert (
        "Signed-off-by: GLSAMaker <glsamaker@gentoo.org>"
        in repo.repo.head.commit.message
    )

    # TODO: Need to check the file was actually created, and verify
    # the commit. Gitpython doesn't support commit verification, and
    # doesn't seem to have a way to query diff information for the
    # first commit of a repo.


def test_commit(app, gitrepo, gpghome, db):
    repo = GLSARepo(gitrepo, GPG_TEST_PASSPHRASE, gpghome)
    glsa = GLSA()
    with app.app_context():
        glsa.glsa_id = 1
        glsa.title = "Foo Bar: Multiple vulnerabilities"
        repo.commit(glsa)
    validate_commit(repo)


def test_commit_without_subkey(app, gitrepo, gpghome, db):
    gpg = gnupg.GPG(gnupghome=gpghome)
    repo = GLSARepo(gitrepo, GPG_TEST_PASSPHRASE, gpghome)

    glsa = GLSA()
    with app.app_context():
        glsa.glsa_id = 1
        glsa.title = "Foo Bar: Multiple vulnerabilities"
        repo.commit(glsa)
    validate_commit(repo)


def test_commit_with_subkey(app, gitrepo, gpghome, db):
    gpg = gnupg.GPG(gnupghome=gpghome)
    subkey_fprint = list(gpg.list_keys()[0]["subkey_info"].keys())[0]
    repo = GLSARepo(gitrepo, GPG_TEST_PASSPHRASE, gpghome, signing_key=subkey_fprint)

    glsa = GLSA()
    with app.app_context():
        glsa.glsa_id = 1
        glsa.title = "Foo Bar: Multiple vulnerabilities"
        repo.commit(glsa)
    validate_commit(repo)


def test_commit_failure(app, gitrepo, gpghome, db):
    repo = GLSARepo(gitrepo, GPG_TEST_PASSPHRASE, gpghome, signing_key="doesn't exist")

    glsa = GLSA()
    with app.app_context():
        glsa.glsa_id = 1
        glsa.title = "Foo Bar: Multiple vulnerabilities"
        try:
            repo.commit(glsa)
        except GitCommandError:
            assert len(repo.repo.untracked_files) == 0
            assert not repo.repo.is_dirty()
        else:
            # The git command should've failed since signing_key is
            # garbage
            assert False


def test_commit_bugs(app, db, gitrepo, gpghome):
    repo = GLSARepo(gitrepo, GPG_TEST_PASSPHRASE, gpghome)

    glsa = GLSA()
    with app.app_context():
        glsa.glsa_id = 1
        glsa.title = "Foo Bar: Multiple vulnerabilities"
        glsa.bugs = [Bug("654321"), Bug("123456")]
        db.session.merge(glsa)
        repo.commit(glsa)

    expected = """[ GLSA 1 ] Foo Bar: Multiple vulnerabilities

Bug: https://bugs.gentoo.org/123456
Bug: https://bugs.gentoo.org/654321
Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
"""

    assert expected == repo.repo.head.commit.message