From 29a59c460403820d0f039398194e321b7e0921fc Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 9 Aug 2013 22:20:27 +0200 Subject: test Release file handling with expired keys Signing files with expired keys is not as easy as it sounds, so the framework jumps a few loops to do it, but it might come in handy to have an expired key around for later tests even if it is not that different from having no key in regards to APT behaviour. Git-Dch: Ignore --- test/integration/framework | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) (limited to 'test/integration/framework') diff --git a/test/integration/framework b/test/integration/framework index 7dd7c20a7..f64b8482c 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -711,22 +711,45 @@ setupaptarchive() { signreleasefiles() { local SIGNER="${1:-Joe Sixpack}" + local GPG="gpg --batch --yes --no-default-keyring --trustdb-name rootdir/etc/apt/trustdb.gpg" msgninfo "\tSign archive with $SIGNER key… " - local SECKEYS="" + local REXKEY='keys/rexexpired' + local SECEXPIREBAK="${REXKEY}.sec.bak" + local PUBEXPIREBAK="${REXKEY}.pub.bak" + if [ "${SIGNER}" = 'Rex Expired' ]; then + # the key is expired, so gpg doesn't allow to sign with and the --faked-system-time + # option doesn't exist anymore (and using faketime would add a new obscure dependency) + # therefore we 'temporary' make the key not expired and restore a backup after signing + cp ${REXKEY}.sec $SECEXPIREBAK + cp ${REXKEY}.pub $PUBEXPIREBAK + local SECUNEXPIRED="${REXKEY}.sec.unexpired" + local PUBUNEXPIRED="${REXKEY}.pub.unexpired" + if [ -f "$SECUNEXPIRED" ] && [ -f "$PUBUNEXPIRED" ]; then + cp $SECUNEXPIRED ${REXKEY}.sec + cp $PUBUNEXPIRED ${REXKEY}.pub + else + printf "expire\n1w\nsave\n" | $GPG --keyring ${REXKEY}.pub --secret-keyring ${REXKEY}.sec --command-fd 0 --edit-key "${SIGNER}" >/dev/null 2>&1 || true + cp ${REXKEY}.sec $SECUNEXPIRED + cp ${REXKEY}.pub $PUBUNEXPIRED + fi + fi for KEY in $(find keys/ -name '*.sec'); do - SECKEYS="$SECKEYS --secret-keyring $KEY" + GPG="$GPG --secret-keyring $KEY" done - local PUBKEYS="" for KEY in $(find keys/ -name '*.pub'); do - PUBKEYS="$PUBKEYS --keyring $KEY" + GPG="$GPG --keyring $KEY" done for RELEASE in $(find aptarchive/ -name Release); do - gpg --yes --no-default-keyring $SECKEYS $PUBKEYS --default-key "$SIGNER" -abs -o ${RELEASE}.gpg ${RELEASE} + $GPG --default-key "$SIGNER" --armor --detach-sign --sign --output ${RELEASE}.gpg ${RELEASE} local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')" - gpg --yes --no-default-keyring $SECKEYS $PUBKEYS --default-key "$SIGNER" --clearsign -o $INRELEASE $RELEASE + $GPG --default-key "$SIGNER" --clearsign --output $INRELEASE $RELEASE # we might have set a specific date for the Release file, so copy it touch -d "$(stat --format "%y" ${RELEASE})" ${RELEASE}.gpg ${INRELEASE} done + if [ -f "$SECEXPIREBAK" ] && [ -f "$PUBEXPIREBAK" ]; then + mv -f $SECEXPIREBAK ${REXKEY}.sec + mv -f $PUBEXPIREBAK ${REXKEY}.pub + fi msgdone "info" } -- cgit v1.2.3 From 0440d936d70b1e331d49bbc32735f1b749632604 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Sat, 10 Aug 2013 10:01:06 +0200 Subject: add chronic-like testsuccess/testfailure helpers For many commands the output isn't stable (like then dpkg is called) but the exitcode is, so this helper enhances the common && msgpass || msgfail by generating automatically a msgtest and showing the output of the command in case of failure instead of discarding it unconditionally, the later being chronic-like behaviour Git-Dch: Ignore --- test/integration/framework | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) (limited to 'test/integration/framework') diff --git a/test/integration/framework b/test/integration/framework index f64b8482c..e363977f5 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -928,6 +928,40 @@ testmarkedauto() { aptmark showauto 2>&1 | checkdiff $COMPAREFILE - && msgpass || msgfail } +testsuccess() { + if [ "$1" = '--nomsg' ]; then + shift + else + msgtest 'Test for successful execution of' "$*" + fi + local OUTPUT=$(mktemp) + addtrap "rm $OUTPUT;" + if $@ >${OUTPUT} 2>&1; then + msgpass + else + echo + cat $OUTPUT + msgfail + fi +} + +testfailure() { + if [ "$1" = '--nomsg' ]; then + shift + else + msgtest 'Test for failure in execution of' "$*" + fi + local OUTPUT=$(mktemp) + addtrap "rm $OUTPUT;" + if $@ >${OUTPUT} 2>&1; then + echo + cat $OUTPUT + msgfail + else + msgpass + fi +} + pause() { echo "STOPPED execution. Press enter to continue" local IGNORE -- cgit v1.2.3 From 7a2690a3bf59244fff417ab494f68fd9301b74d9 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Sat, 13 Jul 2013 22:57:44 +0200 Subject: fix output redirection order First redirect output to a file, then redirect other outputs to this output, not the other way around as this will not work. Git-Dch: Ignore --- test/integration/framework | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'test/integration/framework') diff --git a/test/integration/framework b/test/integration/framework index e363977f5..005e31bd3 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -177,7 +177,7 @@ setupenvironment() { echo "DPKG::options:: \"--root=${TMPWORKINGDIRECTORY}/rootdir\";" >> aptconfig.conf echo "DPKG::options:: \"--force-not-root\";" >> aptconfig.conf echo "DPKG::options:: \"--force-bad-path\";" >> aptconfig.conf - if ! $(which dpkg) --assert-multi-arch 2>&1 > /dev/null; then + if ! $(which dpkg) --assert-multi-arch >/dev/null 2>&1; then echo "DPKG::options:: \"--force-architecture\";" >> aptconfig.conf # Added to test multiarch before dpkg is ready for it… fi echo "DPKG::options:: \"--log=${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log\";" >> aptconfig.conf @@ -225,7 +225,7 @@ configdpkg() { echo -n > rootdir/var/lib/dpkg/status fi fi - if $(which dpkg) --assert-multi-arch 2>&1 > /dev/null; then + if $(which dpkg) --assert-multi-arch >/dev/null 2>&1; then local ARCHS="$(getarchitectures)" if echo "$ARCHS" | grep -E -q '[^ ]+ [^ ]+'; then DPKGARCH="$(dpkg --print-architecture)" @@ -851,7 +851,7 @@ testequalor2() { echo "$2" > $COMPAREFILE2 shift 2 msgtest "Test for equality OR of" "$*" - $* 2>&1 1> $COMPAREAGAINST + $* >$COMPAREAGAINST 2>&1 (checkdiff $COMPAREFILE1 $COMPAREAGAINST 1> /dev/null || checkdiff $COMPAREFILE2 $COMPAREAGAINST 1> /dev/null) && msgpass || ( echo "\n${CINFO}Diff against OR 1${CNORMAL}" "$(checkdiff $COMPAREFILE1 $COMPAREAGAINST)" \ -- cgit v1.2.3 From 804d4a0d92a2e107aad38198ac08f1d2d64b5e53 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Mon, 12 Aug 2013 15:51:42 +0200 Subject: ensure that testcases exiting because of set -e aren't successful Git-Dch: Ignore --- test/integration/framework | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'test/integration/framework') diff --git a/test/integration/framework b/test/integration/framework index 005e31bd3..72c899e32 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -131,13 +131,23 @@ exitwithstatus() { exit $((EXIT_CODE <= 255 ? EXIT_CODE : 255)); } +shellsetedetector() { + local exit_status=$? + if [ "$exit_status" != '0' ]; then + echo >&2 "${CERROR}E: Looks like the testcases ended prematurely with exitcode: ${exit_status}${CNORMAL}" + if [ "$EXIT_CODE" = '0' ]; then + EXIT_CODE="$exit_status" + fi + fi +} + addtrap() { if [ "$1" = 'prefix' ]; then CURRENTTRAP="$2 $CURRENTTRAP" else CURRENTTRAP="$CURRENTTRAP $1" fi - trap "$CURRENTTRAP exitwithstatus;" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM + trap "shellsetedetector; $CURRENTTRAP exitwithstatus;" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM } setupenvironment() { -- cgit v1.2.3