diff options
| author | David Kalnischkies <david@kalnischkies.de> | 2016-12-18 17:42:17 +0100 |
|---|---|---|
| committer | David Kalnischkies <david@kalnischkies.de> | 2016-12-21 19:36:10 +0100 |
| commit | 4ce2f35248123ff2366c8c365ad6a94945578d66 (patch) | |
| tree | cc4e9b7f9541137a78d1da52bb84a121ea69dc96 /test | |
| parent | 016b0e9f310e88ac843d5a5f453a147b04314db1 (diff) | |
tests: cache the apt-key homedir used for Release signing
Importing a new secret key into gpg(2) can be increadibly slow which
prolongs the test runs significantly – by caching the homedir we gain a
significant speedbonus as reimporting already present keys seems like a
far less costly operation.
Git-Dch: Ignore
Diffstat (limited to 'test')
| -rw-r--r-- | test/integration/framework | 29 | ||||
| -rwxr-xr-x | test/integration/run-tests | 10 |
2 files changed, 36 insertions, 3 deletions
diff --git a/test/integration/framework b/test/integration/framework index 05c8fcd2a..a0e9e759c 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -1157,6 +1157,30 @@ setupaptarchive() { fi } +killgpgagent() { + if [ -z "${TMPWORKINGDIRECTORY}" ]; then return; fi + local GPGHOME="${TMPWORKINGDIRECTORY}/signinghome" + if [ -e "${GPGHOME}" ]; then return; fi + # ensure the agent dies quickly as different versions have different suicide heuristics + GNUPGHOME="${GPGHOME}" gpgconf --kill gpg-agent >/dev/null 2>&1 || true + rm -rf "$GPGHOME" +} +dosigning() { + local KEY="$1" + shift + local GPGHOME="${TMPWORKINGDIRECTORY}/signinghome" + if [ -n "$APT_TEST_SIGNINGHOME" ]; then + GPGHOME="$APT_TEST_SIGNINGHOME" + else + if [ ! -e "$GPGHOME" ]; then + mkdir -p --mode=700 "${GPGHOME}" + addtrap 'prefix' 'killgpgagent;' + fi + fi + testsuccess aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly \ + --homedir "${GPGHOME}" adv --batch --yes --digest-algo "${APT_TESTS_DIGEST_ALGO:-SHA512}" \ + "$@" +} signreleasefiles() { local SIGNERS="${1:-Joe Sixpack}" local REPODIR="${2:-aptarchive}" @@ -1208,21 +1232,20 @@ signreleasefiles() { mv "${KEY}.new.pub" "${KEY}.pub" mv "${KEY}.new.sec" "${KEY}.sec" fi - local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes --digest-algo ${APT_TESTS_DIGEST_ALGO:-SHA512}" for RELEASE in $(find "${REPODIR}/" -name Release); do # we might have set a specific date for the Release file, so copy it local DATE="$(stat --format "%y" "${RELEASE}")" if [ "$APT_DONT_SIGN" = 'Release.gpg' ]; then rm -f "${RELEASE}.gpg" else - testsuccess $GPG "$@" $SIGUSERS --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}" + dosigning "$KEY" "$@" $SIGUSERS --armor --detach-sign --sign --output "${RELEASE}.gpg" "${RELEASE}" touch -d "$DATE" "${RELEASE}.gpg" fi local INRELEASE="${RELEASE%/*}/InRelease" if [ "$APT_DONT_SIGN" = 'InRelease' ]; then rm -f "$INRELEASE" else - testsuccess $GPG "$@" $SIGUSERS --clearsign --output "$INRELEASE" "$RELEASE" + dosigning "$KEY" "$@" $SIGUSERS --clearsign --output "$INRELEASE" "$RELEASE" touch -d "$DATE" "${INRELEASE}" fi done diff --git a/test/integration/run-tests b/test/integration/run-tests index 7c0b74ce2..3dcacc7bd 100755 --- a/test/integration/run-tests +++ b/test/integration/run-tests @@ -107,6 +107,16 @@ if [ -n "$APT_TEST_JOBS" ]; then fi exec $parallel -j "$APT_TEST_JOBS" "./$(basename "$0")" -- $(echo "$TESTLIST") fi + +APT_TEST_SIGNINGHOME="$(mktemp --directory --tmpdir 'apt-key-signinghome.XXXXXXXXXX')" +removesigninghome() { + if [ -z "$APT_TEST_SIGNINGHOME" ]; then return; fi + GNUPGHOME="${APT_TEST_SIGNINGHOME}" gpgconf --kill gpg-agent >/dev/null 2>&1 || true + rm -rf -- "$APT_TEST_SIGNINGHOME" +} +trap "removesigninghome; exit 0" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM +export APT_TEST_SIGNINGHOME + TOTAL="$(echo "$TESTLIST" | wc -l)" if [ "$MSGLEVEL" -le 1 ]; then printf "${CTEST}Running testcases${CRESET}: " |