diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b5afbf0a..cbc45e80 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -47,3 +47,10 @@ jobs: - uses: actions/checkout@v3 - name: Run checks run: brew install gawk gnupg && make test + + osx-ci-verbose-test: + runs-on: macos-latest + steps: + - uses: actions/checkout@v3 + - name: Run checks + run: brew install gawk gnupg && SECRETS_TEST_VERBOSE=1 make test diff --git a/CHANGELOG.md b/CHANGELOG.md index 2bca968c..df6a6ef7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,7 +23,7 @@ - Upgrade bats-core to v1.6.0 (#755) - Update docs for use with CI/CD server (#675) - Test, and build RPMS, with Rocky and Alma Linux instead of CentOS (#765) -- Test .gitignore contents (#792) +- Improve testing of .gitignore contents (#792) ## 0.4.0 diff --git a/tests/_test_base.bash b/tests/_test_base.bash index fe0dbcb5..f9472779 100644 --- a/tests/_test_base.bash +++ b/tests/_test_base.bash @@ -17,9 +17,9 @@ FIXTURES_DIR="$BATS_TEST_DIRNAME/fixtures" TEST_GPG_HOMEDIR="$BATS_TMPDIR" # TODO: factor out tempdir creation. -# On osx TEST_GPG_OUTPUT_FILE, still has 'XXXXXX's, like +# On osx TEST_OUTPUT_FILE, still has 'XXXXXX's, like # /var/folders/mm/_f0j67x10l92b4zznyx4ylzh00017w/T/gitsecret_output.XXXXXX.RaqyGYqL -TEST_GPG_OUTPUT_FILE=$( +TEST_OUTPUT_FILE=$( TMPDIR="$BATS_TMPDIR" mktemp -t 'gitsecret_output.XXXXXX' ) @@ -83,17 +83,16 @@ function test_user_password { function file_has_line { # First parameter is the key, second is the filename. - local key="$1" # required + local line="$1" # required local filename="$2" # required - local contains + local exit_code # -F means 'Interpret PATTERN as a list of fixed strings' (not regexen) - # -q means 'do not write anything to standard output. Exit immediately with zero status if any match or error is found' - # -w means 'Select only those lines containing matches that form whole words' - contains=$(grep -Fqw "$key" "$filename"; echo $?) # this may not always be correct, especially because of -q + # -x means 'Select only those matches that exactly match the whole line' + exit_code=$(grep -Fx "$line" "$filename" 2>&1 > /dev/null; echo $?) - # 0 on contains or error, 1 for not contains. We cannot get 2 because of grep -q (see above and 'man grep') - echo "$contains" + # 0 means contains, 1 means not contains, and probably >1 for errors. + echo "$exit_code" } @@ -104,7 +103,7 @@ function stop_gpg_agent { username=$(id -u -n) if [[ "$SECRETS_DOCKER_ENV" == 'windows' ]]; then ps -l -u "$username" | gawk \ - '/gpg-agent/ { if ( $0 !~ "awk" ) { system("kill "$1) } }' >> "$TEST_GPG_OUTPUT_FILE" 2>&1 + '/gpg-agent/ { if ( $0 !~ "awk" ) { system("kill "$1) } }' >> "$TEST_OUTPUT_FILE" 2>&1 else local ps_is_busybox ps_is_busybox=_exe_is_busybox 'ps' @@ -112,7 +111,7 @@ function stop_gpg_agent { echo '# git-secret: tests: not stopping gpg-agent on busybox' >&3 else ps -wx -U "$username" | gawk \ - '/gpg-agent --homedir/ { if ( $0 !~ "awk" ) { system("kill "$1) } }' >> "$TEST_GPG_OUTPUT_FILE" 2>&1 + '/gpg-agent --homedir/ { if ( $0 !~ "awk" ) { system("kill "$1) } }' >> "$TEST_OUTPUT_FILE" 2>&1 fi fi } @@ -143,7 +142,7 @@ function install_fixture_key { local public_key="$BATS_TMPDIR/public-${1}.key" cp "$FIXTURES_DIR/gpg/${1}/public.key" "$public_key" - $GPGTEST --import "$public_key" >> "$TEST_GPG_OUTPUT_FILE" 2>&1 + $GPGTEST --import "$public_key" >> "$TEST_OUTPUT_FILE" 2>&1 rm -f "$public_key" || _abort "Couldn't delete public key: $public_key" } @@ -161,7 +160,7 @@ function install_fixture_full_key { cp "$FIXTURES_DIR/gpg/${1}/private.key" "$private_key" bash -c "$gpgtest_import --allow-secret-key-import \ - --import \"$private_key\"" >> "${TEST_GPG_OUTPUT_FILE}" 2>&1 + --import \"$private_key\"" >> "${TEST_OUTPUT_FILE}" 2>&1 # since 0.1.2 fingerprint is returned: fingerprint=$(get_gpg_fingerprint_by_email "$email") @@ -178,7 +177,7 @@ function uninstall_fixture_key { local email email="$1" - $GPGTEST --yes --delete-key "$email" >> "$TEST_GPG_OUTPUT_FILE" 2>&1 + $GPGTEST --yes --delete-key "$email" >> "$TEST_OUTPUT_FILE" 2>&1 } @@ -192,7 +191,7 @@ function uninstall_fixture_full_key { fingerprint=$(get_gpg_fingerprint_by_email "$email") fi - $GPGTEST --yes --delete-secret-keys "$fingerprint" >> "$TEST_GPG_OUTPUT_FILE" 2>&1 + $GPGTEST --yes --delete-secret-keys "$fingerprint" >> "$TEST_OUTPUT_FILE" 2>&1 uninstall_fixture_key "$1" } @@ -240,12 +239,12 @@ function set_state_initial { function set_state_git { - git init >> "$TEST_GPG_OUTPUT_FILE" 2>&1 + git init >> "$TEST_OUTPUT_FILE" 2>&1 } function set_state_secret_init { - git secret init >> "$TEST_GPG_OUTPUT_FILE" 2>&1 + git secret init >> "$TEST_OUTPUT_FILE" 2>&1 } @@ -253,7 +252,7 @@ function set_state_secret_tell { local email email="$1" - git secret tell -d "$TEST_GPG_HOMEDIR" "$email" >> "$TEST_GPG_OUTPUT_FILE" 2>&1 + git secret tell -d "$TEST_GPG_HOMEDIR" "$email" >> "$TEST_OUTPUT_FILE" 2>&1 } @@ -262,7 +261,7 @@ function set_state_secret_add { local content="$2" echo "$content" > "$filename" # we add a newline - git secret add "$filename" >> "$TEST_GPG_OUTPUT_FILE" 2>&1 + git secret add "$filename" >> "$TEST_OUTPUT_FILE" 2>&1 } function set_state_secret_add_without_newline { @@ -270,13 +269,13 @@ function set_state_secret_add_without_newline { local content="$2" echo -n "$content" > "$filename" # we do not add a newline - git secret add "$filename" >> "$TEST_GPG_OUTPUT_FILE" 2>&1 + git secret add "$filename" >> "$TEST_OUTPUT_FILE" 2>&1 } function set_state_secret_hide { local armor="$1" - SECRETS_GPG_ARMOR="$armor" git secret hide >> "$TEST_GPG_OUTPUT_FILE" 2>&1 + SECRETS_GPG_ARMOR="$armor" git secret hide >> "$TEST_OUTPUT_FILE" 2>&1 } @@ -286,7 +285,7 @@ function unset_current_state { # unsets `secret_hide` # removes .secret files: - git secret clean >> "$TEST_GPG_OUTPUT_FILE" 2>&1 + git secret clean >> "$TEST_OUTPUT_FILE" 2>&1 # unsets `secret_add`, `secret_tell` and `secret_init` by removing $_SECRETS_DIR local secrets_dir @@ -304,14 +303,14 @@ function unset_current_state { # SECRETS_TEST_VERBOSE is experimental if [[ -n "$SECRETS_TEST_VERBOSE" ]]; then # display the captured output as bats diagnostic (fd3, preceded by '# ') - sed "s/^/# $BATS_TEST_DESCRIPTION: /" < "$TEST_GPG_OUTPUT_FILE" >&3 + sed "s/^/# $BATS_TEST_DESCRIPTION: VERBOSE OUTPUT: /" < "$TEST_OUTPUT_FILE" >&3 # display the last $output # shellcheck disable=SC2001,SC2154 - echo "$output" | sed "s/^/# '$BATS_TEST_DESCRIPTION' final output: /" >&3 + echo "$output" | sed "s/^/# $BATS_TEST_DESCRIPTION: FINAL OUTPUT: /" >&3 fi - rm -f "$TEST_GPG_OUTPUT_FILE" + rm -f "$TEST_OUTPUT_FILE" # new code to remove temporary gpg homedir artifacts. # For #360, 'find and rm only relevant files when test fails'. @@ -330,5 +329,12 @@ function unset_current_state { } # show output if we wind up manually removing the test output file in a trap -trap 'if [[ -f "$TEST_GPG_OUTPUT_FILE" ]]; then if [[ -n "$SECRETS_TEST_VERBOSE" ]]; then echo "git-secret: test: cleaning up: $TEST_GPG_OUTPUT_FILE"; fi; rm -f "$TEST_GPG_OUTPUT_FILE"; fi;' EXIT +trap 'if [[ -f "$TEST_OUTPUT_FILE" ]]; then if [[ -n "$SECRETS_TEST_VERBOSE" ]]; then echo "git-secret: test: cleaning up: $TEST_OUTPUT_FILE"; fi; rm -f "$TEST_OUTPUT_FILE"; fi;' EXIT +function bats_diag_file { + local filename=$1 + + echo "# DEBUG: begin contents: $filename" >&3 + sed -e 's/^/# DEBUG: /' < "$filename" >&3 + echo "# DEBUG: end contents: $filename" >&3 +} diff --git a/tests/test_add.bats b/tests/test_add.bats index 126320fe..a533d96c 100644 --- a/tests/test_add.bats +++ b/tests/test_add.bats @@ -114,7 +114,7 @@ function teardown { [ "$status" -eq 0 ] [[ -f "$current_dir/.gitignore" ]] - run file_has_line "$test_file" "$current_dir/.gitignore" + run file_has_line "$nested_dir/$test_file" "$current_dir/.gitignore" [ "$output" = '0' ] # .gitignore was not created: diff --git a/tests/test_noname.bats b/tests/test_noname.bats index db8b3727..6c02b6df 100644 --- a/tests/test_noname.bats +++ b/tests/test_noname.bats @@ -1,8 +1,7 @@ #!/usr/bin/env bats # These tests using TEST_NONAME_USER, which has a email but no username. -# This test is copied from the start of test_remove.bats, -# and exercises an add and a remove. +# This was originally based on test_remove.bats load _test_base