git/t/t7510-signed-commit.sh, branch v2.7.2

verify-commit: add option to print raw gpg status information

2015-06-22T21:20:47Z

verify-commit by default displays human-readable output on standard error. However, it can also be useful to get access to the raw gpg status information, which is machine-readable, allowing automated implementation of signing policy. Add a --raw option to make verify-commit produce the gpg status information on standard error instead of the human-readable format. Signed-off-by: brian m. carlson Signed-off-by: Junio C Hamano

gpg: centralize signature check

2015-06-22T21:20:46Z

verify-commit and verify-tag both share a central codepath for verifying commits: check_signature. However, verify-tag exited successfully for untrusted signature, while verify-commit exited unsuccessfully. Centralize this signature check and make verify-commit adopt the older verify-tag behavior. This behavior is more logical anyway, as the signature is in fact valid, whether or not there's a path of trust to the author. Signed-off-by: brian m. carlson Signed-off-by: Junio C Hamano

verify-commit: add test for exit status on untrusted signature

2015-06-22T21:20:46Z

verify-tag exits successfully if the signature is good but the key is untrusted. verify-commit exits unsuccessfully. This divergence in behavior is unexpected and unwanted. Since verify-tag existed earlier, add a failing test to have verify-commit share verify-tag's behavior. Signed-off-by: brian m. carlson Signed-off-by: Junio C Hamano

Merge branch 'jk/test-chain-lint'

2015-03-26T18:57:14Z

People often forget to chain the commands in their test together with &&, leaving a failure from an earlier command in the test go unnoticed. The new GIT_TEST_CHAIN_LINT mechanism allows you to catch such a mistake more easily. * jk/test-chain-lint: (36 commits) t9001: drop save_confirm helper t0020: use test_* helpers instead of hand-rolled messages t: simplify loop exit-code status variables t: fix some trivial cases of ignored exit codes in loops t7701: fix ignored exit code inside loop t3305: fix ignored exit code inside loop t0020: fix ignored exit code inside loops perf-lib: fix ignored exit code inside loop t6039: fix broken && chain t9158, t9161: fix broken &&-chain in git-svn tests t9104: fix test for following larger parents t4104: drop hand-rolled error reporting t0005: fix broken &&-chains t7004: fix embedded single-quotes t0050: appease --chain-lint t9001: use test_when_finished t4117: use modern test_* helpers t6034: use modern test_* helpers t1301: use modern test_* helpers t0020: use modern test_* helpers ...

Merge branch 'mg/verify-commit'

2015-03-20T20:11:51Z

Workarounds for certain build of GPG that triggered false breakage in a test. * mg/verify-commit: t7510: do not fail when gpg warns about insecure memory

t: fix trivial &&-chain breakage

2015-03-20T17:20:14Z

These are tests which are missing a link in their &&-chain, but during a setup phase. We may fail to notice failure in commands that build the test environment, but these are typically not expected to fail at all (but it's still good to double-check that our test environment is what we expect). Signed-off-by: Jeff King Signed-off-by: Junio C Hamano

t7510: do not fail when gpg warns about insecure memory

2015-03-10T22:25:22Z

Depending on how gpg was built, it may issue the following message to stderr when run: Warning: using insecure memory! When the test is collecting gpg output it is therefore not enough to just match on a "gpg: " prefix it must also match on a "Warning: " prefix wherever it needs to match lines that have been produced by gpg. Signed-off-by: Kyle J. McKay Acked-by: Michael J Gruber Signed-off-by: Junio C Hamano

Merge branch 'mg/verify-commit'

2014-07-10T18:27:34Z

Add 'verify-commit' to be used in a way similar to 'verify-tag' is used. Further work on verifying the mergetags might be needed. * mg/verify-commit: t7510: test verify-commit t7510: exit for loop with test result verify-commit: scriptable commit signature verification gpg-interface: provide access to the payload gpg-interface: provide clear helper for struct signature_check

move "%G" format test from t7510 to t6006

2014-06-25T22:01:06Z

The final test in t7510 checks that "--format" placeholders that look similar to GPG placeholders (but that we don't actually understand) are passed through. That test was placed in t7510, since the other GPG placeholder tests are there. However, it does not have a GPG prerequisite, because it is not actually checking any signed commits. This causes the test to erroneously fail when gpg is not installed on a system, however. Not because we need signed commits, but because we need _any_ commit to run "git log". If we don't have gpg installed, t7510 doesn't create any commits at all. We can fix this by moving the test into t6006. This is arguably a better place anyway, because it is where we test most of the other placeholders (we do not test GPG placeholders there because of the infrastructure needed to make signed commits). Signed-off-by: Jeff King Signed-off-by: Junio C Hamano

t7510: test verify-commit

2014-06-23T22:50:31Z

This mixes the "git verify-commit" tests in with the "git show --show-signature" tests, to keep the tests more readable. The tests already mix in the "call show" tests with the "verify" tests. So in case of a test beakage, a '-v' run would be needed to reveal the exact point of breakage anyway. Additionally, test the actual output of "git verify-commit" and "git show --show-signature" and compare to "git cat-file". Signed-off-by: Michael J Gruber Signed-off-by: Junio C Hamano