Skip to content

Commit

Permalink
Run all signing tests with runroot since we now can
Browse files Browse the repository at this point in the history 
In the fakechroot days there was just no way to get gpg to run
inside that contraption, with the "new" container stuff, we can just
run everything there. Makes life simpler in many ways.

GPG still needs GPG_TTY set, do this centrally from snapshot()
to get it out of all the individual tests.
  • Loading branch information
@pmatilai
pmatilai committed Nov 4, 2024
1 parent 47faf99 commit b269177
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 30 deletions.
1 change: 1 addition & 0 deletions tests/atlocal.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ snapshot()
bwrap --unshare-pid --dev-bind $RPMTEST / --clearenv \
--setenv PATH $(env -i sh -c 'echo $PATH') \
--setenv HOME /root --chdir / --dev /dev --proc /proc \
--setenv GPG_TTY "" \
--die-with-parent "$@"
;;
shell)
Expand Down
50 changes: 20 additions & 30 deletions tests/rpmsigdig.at
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1131,21 +1131,19 @@ AT_KEYWORDS([rpmsign signature])
AT_SKIP_IF([test x$PGP = xdummy])
RPMDB_INIT
gpg2 --import ${RPMTEST}/data/keys/rpm.org-rsa-2048-test.secret
# Our keys have no passphrases to be asked, silence GPG_TTY warning
export GPG_TTY=""

# rpmsign --addsign --rpmv3 <unsigned>
RPMTEST_CHECK([
RPMDB_INIT

cp "${RPMTEST}"/data/RPMS/hello-2.0-1.x86_64.rpm "${RPMTEST}"/tmp/
run rpmsign --key-id 4344591E1964C5FC --rpmv3 --digest-algo sha256 --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
runroot rpmsign --key-id 4344591E1964C5FC --rpmv3 --digest-algo sha256 --addsign /tmp/hello-2.0-1.x86_64.rpm > /dev/null
echo PRE-IMPORT
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
echo POST-IMPORT
runroot rpmkeys --import /data/keys/rpm.org-rsa-2048-test.pub
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
run rpmsign --delsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
runroot rpmsign --delsign /tmp/hello-2.0-1.x86_64.rpm > /dev/null
echo POST-DELSIGN
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
],
Expand All @@ -1168,13 +1166,13 @@ RPMTEST_CHECK([
RPMDB_INIT

cp "${RPMTEST}"/data/RPMS/hello-2.0-1.x86_64.rpm "${RPMTEST}"/tmp/
run rpmsign --key-id 4344591E1964C5FC --digest-algo sha256 --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
runroot rpmsign --key-id 4344591E1964C5FC --digest-algo sha256 --addsign /tmp/hello-2.0-1.x86_64.rpm > /dev/null
echo PRE-IMPORT
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
echo POST-IMPORT
runroot rpmkeys --import /data/keys/rpm.org-rsa-2048-test.pub
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
run rpmsign --delsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
runroot rpmsign --delsign /tmp/hello-2.0-1.x86_64.rpm > /dev/null
echo POST-DELSIGN
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
],
Expand All @@ -1194,14 +1192,14 @@ POST-DELSIGN
RPMTEST_CHECK([
RPMDB_INIT

ORIG="${RPMTEST}/data/RPMS/hello-2.0-1.x86_64.rpm"
NEW="${RPMTEST}/tmp/hello-2.0-1.x86_64.rpm"
ORIG="/data/RPMS/hello-2.0-1.x86_64.rpm"
NEW="/tmp/hello-2.0-1.x86_64.rpm"

cp ${ORIG} "${RPMTEST}"/tmp/
run rpmsign --key-id 4344591E1964C5FC --addsign ${NEW} > /dev/null
cmp -s ${ORIG} ${NEW}; echo $?
run rpmsign --delsign ${NEW} > /dev/null
cmp -s ${ORIG} ${NEW}; echo $?
runroot_other cp ${ORIG} /tmp/
runroot rpmsign --key-id 4344591E1964C5FC --addsign /tmp/hello-2.0-1.x86_64.rpm > /dev/null
runroot_other cmp -s ${ORIG} ${NEW}; echo $?
runroot rpmsign --delsign ${NEW} > /dev/null
runroot_other cmp -s ${ORIG} ${NEW}; echo $?
],
[ignore],
[1
Expand All @@ -1210,15 +1208,15 @@ cmp -s ${ORIG} ${NEW}; echo $?
[])

RPMTEST_CHECK([
run rpmsign --define "__gpg_sign_cmd mumble" --key-id 1964C5FC --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
runroot rpmsign --define "__gpg_sign_cmd mumble" --key-id 1964C5FC --addsign /tmp/hello-2.0-1.x86_64.rpm > /dev/null
],
[1],
[],
[error: Invalid sign command: mumble
])

RPMTEST_CHECK([
run rpmsign --define "__gpg /gnus/not/here" --key-id 1964C5FC --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
runroot rpmsign --define "__gpg /gnus/not/here" --key-id 1964C5FC --addsign /tmp/hello-2.0-1.x86_64.rpm > /dev/null
],
[1],
[],
Expand All @@ -1231,7 +1229,7 @@ RPMTEST_CHECK([
RPMDB_INIT

cp "${RPMTEST}"/data/RPMS/hello-2.0-1.x86_64-signed.rpm "${RPMTEST}"/tmp/
run rpmsign --key-id 4344591E1964C5FC --digest-algo sha256 --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64-signed.rpm 2>&1 |grep -q "already contains identical signature, skipping"
runroot rpmsign --key-id 4344591E1964C5FC --digest-algo sha256 --addsign /tmp/hello-2.0-1.x86_64-signed.rpm 2>&1 |grep -q "already contains identical signature, skipping"
],
[0],
[],
Expand Down Expand Up @@ -1325,7 +1323,7 @@ runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
echo POST-IMPORT
runroot rpmkeys --import /data/keys/rpm.org-rsa-2048-test.pub
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
run rpmsign --delsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
runroot rpmsign --delsign /tmp/hello-2.0-1.x86_64.rpm > /dev/null
echo POST-DELSIGN
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
],
Expand Down Expand Up @@ -1354,7 +1352,7 @@ cp "${RPMTEST}"/data/RPMS/hello-2.0-1.x86_64-signed.rpm "${RPMTEST}"/tmp/
echo PRE-DELSIGN
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64-signed.rpm|grep -v digest
echo POST-DELSIGN
run rpmsign --delsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64-signed.rpm > /dev/null
runroot rpmsign --delsign /tmp/hello-2.0-1.x86_64-signed.rpm > /dev/null
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64-signed.rpm|grep -v digest
],
[0],
Expand Down Expand Up @@ -1397,13 +1395,11 @@ AT_KEYWORDS([rpmsign signature])
AT_SKIP_IF([test x$PGP = xdummy])
RPMDB_INIT
gpg2 --import ${RPMTEST}/data/keys/*.secret
# Our keys have no passphrases to be asked, silence GPG_TTY warning
export GPG_TTY=""
RPMTEST_CHECK([
RPMDB_INIT

cp "${RPMTEST}"/data/RPMS/hello-2.0-1.x86_64.rpm "${RPMTEST}"/tmp/
run rpmsign --key-id B0645AEC757BF69E --digest-algo sha512 --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
runroot rpmsign --key-id B0645AEC757BF69E --digest-algo sha512 --addsign /tmp/hello-2.0-1.x86_64.rpm > /dev/null
echo PRE-IMPORT
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
echo POST-IMPORT
Expand All @@ -1430,13 +1426,11 @@ AT_KEYWORDS([rpmsign signature])
AT_SKIP_IF([test x$PGP = xdummy])
RPMDB_INIT
gpg2 --import ${RPMTEST}/data/keys/*.secret
# Our keys have no passphrases to be asked, silence GPG_TTY warning
export GPG_TTY=""
RPMTEST_CHECK([
RPMDB_INIT

cp "${RPMTEST}"/data/RPMS/hello-2.0-1.x86_64.rpm "${RPMTEST}"/tmp/
run rpmsign --key-id 7f1c21f95f65bbe8 --digest-algo sha256 --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
runroot rpmsign --key-id 7f1c21f95f65bbe8 --digest-algo sha256 --addsign /tmp/hello-2.0-1.x86_64.rpm > /dev/null
echo PRE-IMPORT
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
echo POST-IMPORT
Expand All @@ -1463,13 +1457,11 @@ AT_KEYWORDS([rpmsign signature])
AT_SKIP_IF([test x$PGP = xdummy])
RPMDB_INIT
gpg2 --import ${RPMTEST}/data/keys/keyidcollision1.asc
# Our keys have no passphrases to be asked, silence GPG_TTY warning
export GPG_TTY=""
RPMTEST_CHECK([
RPMDB_INIT

cp "${RPMTEST}"/data/RPMS/hello-2.0-1.x86_64.rpm "${RPMTEST}"/tmp/
run rpmsign --key-id 79cc07f167fee8841829acaa42655a75156b3de0 --digest-algo sha256 --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
runroot rpmsign --key-id 79cc07f167fee8841829acaa42655a75156b3de0 --digest-algo sha256 --addsign /tmp/hello-2.0-1.x86_64.rpm > /dev/null
echo PRE-IMPORT
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
echo POST-IMPORT
Expand Down Expand Up @@ -1502,13 +1494,11 @@ AT_KEYWORDS([rpmsign signature])
AT_SKIP_IF([test x$PGP = xdummy])
RPMDB_INIT
gpg2 --import ${RPMTEST}/data/keys/keyidcollision2.asc
# Our keys have no passphrases to be asked, silence GPG_TTY warning
export GPG_TTY=""
RPMTEST_CHECK([
RPMDB_INIT

cp "${RPMTEST}"/data/RPMS/hello-2.0-1.x86_64.rpm "${RPMTEST}"/tmp/
run rpmsign --key-id 94706f8da571389e8642bdfd42655a75156b3de0 --digest-algo sha256 --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
runroot rpmsign --key-id 94706f8da571389e8642bdfd42655a75156b3de0 --digest-algo sha256 --addsign /tmp/hello-2.0-1.x86_64.rpm > /dev/null
echo PRE-IMPORT
runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
echo POST-IMPORT
Expand Down

0 comments on commit b269177

Please sign in to comment.