diff options
-rw-r--r-- | test/libremakepkg-test.sh | 26 | ||||
-rw-r--r-- | test/libremakepkg.d/PKGBUILD-signed | 17 | ||||
-rw-r--r-- | test/libremakepkg.d/hello.sh | 2 | ||||
-rwxr-xr-x | test/testenv | 17 |
4 files changed, 61 insertions, 1 deletions
diff --git a/test/libremakepkg-test.sh b/test/libremakepkg-test.sh index 363e4f7..6fa7962 100644 --- a/test/libremakepkg-test.sh +++ b/test/libremakepkg-test.sh @@ -177,3 +177,29 @@ it_doesnt_symlink_outputs() { [[ -f $(echo "$tmpdir/workdir/pkgdest"/libretools-hello-1.0-1-any.pkg.tar.?z) ]] [[ -f $(echo "$tmpdir/workdir/srcpkgdest"/libretools-hello-1.0-1-any.src.tar.?z) ]] } + +it_succeeds_with_good_signatures() { + require network sudo || return 0 + + cp libremakepkg.d/PKGBUILD-signed "$tmpdir/PKGBUILD" + cp libremakepkg.d/hello.sh "$tmpdir/hello.sh" + cd "$tmpdir" + gpg --detach-sign --use-agent --no-armor hello.sh + + libremessages msg 'Creating a chroot, may take a few minutes' &>/dev/tty + testsudo libremakepkg -l "$roundup_test_name" +} + +it_fails_with_bad_signatures() { + require network sudo || return 0 + + cp libremakepkg.d/PKGBUILD-signed "$tmpdir/PKGBUILD" + cp libremakepkg.d/hello.sh "$tmpdir/hello.sh" + cd "$tmpdir" + gpg --detach-sign --use-agent --no-armor hello.sh + echo 'echo pwned' >> hello.sh + makepkg -g >> PKGBUILD + + libremessages msg 'Creating a chroot, may take a few minutes' &>/dev/tty + not testsudo libremakepkg -l "$roundup_test_name" +} diff --git a/test/libremakepkg.d/PKGBUILD-signed b/test/libremakepkg.d/PKGBUILD-signed new file mode 100644 index 0000000..0979a85 --- /dev/null +++ b/test/libremakepkg.d/PKGBUILD-signed @@ -0,0 +1,17 @@ +pkgname='libretools-signed' +pkgver=1.0 +license=('GPL') +url='https://parabola.nu' + +source=(hello.sh{,.sig}) +sha256sums=('1e70cef0dfe5ce1120ccde5e1551c7277bcddaa75a1808f49512f404e6b8aec8' + 'SKIP') + +pkgrel=1 +arch=(any) +depends=(sh) + +package() { + cd "$srcdir" + install -Dm755 hello.sh "$pkgdir"/usr/bin/libretools-hello +} diff --git a/test/libremakepkg.d/hello.sh b/test/libremakepkg.d/hello.sh new file mode 100644 index 0000000..79a32fd --- /dev/null +++ b/test/libremakepkg.d/hello.sh @@ -0,0 +1,2 @@ +#!/bin/sh +echo "Hello, world!" diff --git a/test/testenv b/test/testenv index 36ae826..9357269 100755 --- a/test/testenv +++ b/test/testenv @@ -45,14 +45,29 @@ export LIBRETOOLS_LIBDIR="$destdir/usr/lib/libretools" export XBS_LIBDIR="$destdir/usr/lib/xbs" export HOME=$TMPDIR/home + export GNUPGHOME="$HOME/.gnupg" export XDG_CACHE_HOME="$HOME/.cache" export XDG_CONFIG_HOME="$HOME/.config" export _librelib_conf_sh_sysconfdir="$destdir/etc" export _librelib_conf_sh_pkgconfdir="$destdir/etc/libretools.d" + mkdir -p -- "$GNUPGHOME" + chmod 700 -- "$GNUPGHOME" + unset GPGKEY + gpg --quiet --no-tty --batch --gen-key <<-eot + Key-Type: default + Key-Usage: sign + Name-Real: Bob Tester + Name-Email: tester@localhost + Expire-Date: 0 + %no-protection + %commit + eot + export GPGKEY="$(gpg --quiet --list-secret-keys --with-colons | awk -F: '/^sec:/{print substr($5,9)}')" + # Hack to respect our variables in sudo _sudo() { - local vars=(TMPDIR PATH LIBRETOOLS_LIBDIR XDG_CACHE_HOME XDG_CONFIG_HOME _librelib_conf_sh_sysconfdir) + local vars=(TMPDIR PATH LIBRETOOLS_LIBDIR GNUPGHOME XDG_CACHE_HOME XDG_CONFIG_HOME _librelib_conf_sh_sysconfdir GPGKEY) local env=() local var for var in "${vars[@]}"; do |