git - git

	Commit message (Collapse)	Author	Age	Files	Lines
*	t0303: check that helper_test_clean removes all credentials	Jeff King	2024-02-20	1	-2/+24
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Our lib-credential.sh library comes with a "clean" function that removes all of the credentials used in its tests (to avoid leaving cruft in system credential storage). But it's easy to add a test that uses a new credential but forget to add it to the clean function. E.g., the case fixed by 83e6eb7d7a (t/lib-credential: clean additional credential, 2024-02-15). We should be able to catch this automatically, but it's a little tricky. We can't just compare the contents of the helper's storage before and after the test run, because there isn't a way to ask a helper to dump all of its storage. And in most cases we don't have direct access to the underlying storage (since the whole point of the helper is to abstract that away). We can work around that by using our own "store" helper, since we can directly inspect its state by looking at its on-disk file. But there's a catch: the "store" helper doesn't support features like caching or expiration, so using it naively fails tests (and skipping those tests would give us incomplete coverage). Implementing all of those features would be non-trivial. But we can hack around that by overriding the "check" function used by the tests to turn most requests into noop success (except for "approve" requests, which actually store things). And then at the end we can check that running the "clean" function takes us back to an empty state. Note that because we've skipped any tests that erase credentials (because of our noop check function), the state we see at cleanup time may be larger than it would be normally. That's OK. The point of the clean function is to clean up any cruft we _might_ have left in place, so we're just being doubly thorough. The way this is bolted onto t0303 feels a little messy. But it's really the best place to do it, because then we know that it is running the exact sequence of tests that we'd use for testing a real external helper. In a normal run of "make test" it currently does nothing (the idea is that you run it manually after pointing it at some helper program). But now with this patch, "make test" will sanity-check the script itself. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
*	credential/libsecret: store new attributes	M Hickford	2023-06-16	1	-0/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	d208bfd (credential: new attribute password_expiry_utc, 2023-02-18) and a5c76569e7 (credential: new attribute oauth_refresh_token) introduced new credential attributes. libsecret assumes attribute values are non-confidential and unchanging, so we encode the new attributes in the secret, separated by newline: hunter2 password_expiry_utc=1684189401 oauth_refresh_token=xyzzy This is extensible and backwards compatible. The credential protocol already assumes that attribute values do not contain newlines. Alternatives considered: store password_expiry_utc in a libsecret attribute. This has the problem that libsecret creates new items rather than overwrites when attribute values change. Signed-off-by: M Hickford <mirth.hickford@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
*	t0303: resurrect commit message as test documentation	Zbigniew Jędrzejewski-Szmek	2012-03-15	1	-1/+29
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The commit message which added those tests (861444f 't: add test harness for external credential helpers' 2011-12-10) provided nice documentation in the commit message. Let's make it more visible by putting it in the test description. The documentation is updated to reflect the fact that GIT_TEST_CREDENTIAL_HELPER must be set for GIT_TEST_CREDENTIAL_HELPER_TIMEOUT to be used and GIT_TEST_CREDENTIAL_HELPER_SETUP can be used. Based-on-commit-message-by: Jeff King <peff@peff.net> Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> Acked-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
*	t0303: immediately bail out w/o GIT_TEST_CREDENTIAL_HELPER	Zbigniew Jędrzejewski-Szmek	2012-03-15	1	-23/+16
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	t0300-credential-helpers.sh requires GIT_TEST_CREDENTIAL_HELPER to be configured to do something sensible. If it is not set, prove will say: ./t0303-credential-external.sh .. skipped: (no reason given) which isn't very nice. Use skip_all="..." && test_done to bail out immediately and provide a nicer message. In case GIT_TEST_CREDENTIAL_HELPER is set, but the timeout tests are skipped, mention GIT_TEST_CREDENTIAL_HELPER_TIMEOUT. Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> Acked-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
*	t: add test harness for external credential helpers	Jeff King	2011-12-13	1	-0/+39
	We already have tests for the internal helpers, but it's nice to give authors of external tools an easy way to sanity-check their helpers. If you have written the "git-credential-foo" helper, you can do so with: GIT_TEST_CREDENTIAL_HELPER=foo \ make t0303-credential-external.sh This assumes that your helper is capable of both storing and retrieving credentials (some helpers may be read-only, and they will fail these tests). If your helper supports time-based expiration with a configurable timeout, you can test that feature like this: GIT_TEST_CREDENTIAL_HELPER_TIMEOUT="foo --timeout=1" \ make t0303-credential-external.sh Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>