Archives
/
git-secret
mirror of https://github.com/sobolevn/git-secret
2
1
Fork 0
Code Issues Projects Releases Wiki Activity

Revert "Issue 554 show gpg commands (#556)" (#559)

Browse Source 
This reverts commit 9e8438236c.
pull/560/head
Josh Rabinowitz 5 years ago committed by GitHub
parent 9e8438236c
commit 9348cd32e2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
27 changed files with 179 additions and 201 deletions
Show Stats Download Patch File Download Diff File

10
CHANGELOG.md
Unescape Escape View File

@ -1,15 +1,5 @@
# Changelog
## {Next Version}
### Features
- Verbose mode shows gpg commands used for hide, reveal, tell, and killperson (#554)
### Misc
- Fix tests from occasional hang when interrupting with cntl-c (#558)
## Version 0.3.2
### Bugfixes

30
src/_utils/_git_secret_tools.sh
Unescape Escape View File

@ -15,14 +15,13 @@ _SECRETS_DIR_PATHS_MAPPING="${_SECRETS_DIR_PATHS}/mapping.cfg"
# _SECRETS_VERBOSE is expected to be empty or '1'.
# Empty means 'off', any other value means 'on'.
# shellcheck disable=SC2153
if [[ -n "$SECRETS_VERBOSE" && "$SECRETS_VERBOSE" -ne 0 ]]; then
if [[ -n "$SECRETS_VERBOSE" ]] && [[ "$SECRETS_VERBOSE" -ne 0 ]]; then
# shellcheck disable=SC2034
_SECRETS_VERBOSE=1
_SECRETS_VERBOSE='1'
fi
: "${SECRETS_EXTENSION:=".secret"}"
# Commands:
: "${SECRETS_GPG_COMMAND:="gpg"}"
: "${SECRETS_CHECKSUM_COMMAND:="_os_based __sha256"}"
@ -472,7 +471,7 @@ function _find_and_clean_formatted {
if [[ -n "$_SECRETS_VERBOSE" ]] && [[ -n "$outputs" ]]; then
# shellcheck disable=SC2001
echo "$outputs" | sed "s/^/git-secret: removing: /"
echo "$outputs" | sed "s/^/git-secret: cleaning: /"
fi
}
@ -560,8 +559,9 @@ function _user_required {
local secrets_dir_keys
secrets_dir_keys=$(_get_secrets_dir_keys)
# see https://github.com/bats-core/bats-core#file-descriptor-3-read-this-if-bats-hangs for info about 3>&-
local keys_exist
keys_exist=$($SECRETS_GPG_COMMAND --homedir "$secrets_dir_keys" --no-permission-warning -n --list-keys)
keys_exist=$($SECRETS_GPG_COMMAND --homedir "$secrets_dir_keys" --no-permission-warning -n --list-keys 3>&-)
local exit_code=$?
if [[ -z "$keys_exist" ]]; then
_abort "$error_message"
@ -588,7 +588,8 @@ function _get_user_key_expiry {
local secrets_dir_keys
secrets_dir_keys=$(_get_secrets_dir_keys)
line=$($SECRETS_GPG_COMMAND --homedir "$secrets_dir_keys" --no-permission-warning --list-public-keys --with-colon --fixed-list-mode "$username" | grep ^pub:)
# 3>&- closes fd 3 for bats, see https://github.com/bats-core/bats-core#file-descriptor-3-read-this-if-bats-hangs
line=$($SECRETS_GPG_COMMAND --homedir "$secrets_dir_keys" --no-permission-warning --list-public-keys --with-colon --fixed-list-mode "$username" | grep ^pub: 3>&-)
local expiry_epoch
expiry_epoch=$(echo "$line" | cut -d: -f7)
@ -646,9 +647,10 @@ function _get_users_in_gpg_keyring {
# the gensub regex extracts email from <> within field 10. (If there's no <>, then field is just an email address
# (and maybe a comment) and the regex just passes it through.)
# sed at the end removes any 'comment' that appears in parentheses, for #530
# 3>&- closes fd 3 for bats, see https://github.com/bats-core/bats-core#file-descriptor-3-read-this-if-bats-hangs
result=$($SECRETS_GPG_COMMAND "${args[@]}" --no-permission-warning --list-public-keys --with-colon --fixed-list-mode | \
gawk -F: '$1~/uid/{print gensub(/.*<(.*)>.*/, "\\1", "g", $10); }' | \
sed 's/([^)]*)//g' )
sed 's/([^)]*)//g' 3>&-)
echo "$result"
}
@ -722,10 +724,11 @@ function _decrypt {
#echo "# gpg passphrase: $passphrase" >&3
local exit_code
if [[ -n "$passphrase" ]]; then
echo "$passphrase" | ( _maybe_show_command; $SECRETS_GPG_COMMAND "${args[@]}" --batch --yes --no-tty --passphrase-fd 0 "$encrypted_filename")
echo "$passphrase" | $SECRETS_GPG_COMMAND "${args[@]}" --batch --yes --no-tty --passphrase-fd 0 \
"$encrypted_filename"
exit_code=$?
else
(_maybe_show_command; $SECRETS_GPG_COMMAND "${args[@]}" "$encrypted_filename")
$SECRETS_GPG_COMMAND "${args[@]}" "$encrypted_filename"
exit_code=$?
fi
@ -742,12 +745,3 @@ function _decrypt {
# at this point the file should be written to disk or output to stdout
}
function _maybe_show_command {
# _SECRETS_VERBOSE is expected to be empty or '1'.
# Empty means 'off', any other value means 'on'.
# shellcheck disable=SC2153
if [[ -n "$_SECRETS_VERBOSE" ]]; then
set -x
export PS4="git-secret: running: "
fi
}

4
src/commands/git_secret_cat.sh
Unescape Escape View File

@ -7,10 +7,6 @@ function cat {
OPTIND=1
# 'cat' and 'changes' cannot show extra output
# shellcheck disable=SC2034
SECRETS_VERBOSE=0
while getopts 'hd:p:' opt; do
case "$opt" in
h) _show_manual_for 'cat';;

4
src/commands/git_secret_changes.sh
Unescape Escape View File

@ -5,10 +5,6 @@ function changes {
OPTIND=1
# 'cat' and 'changes' cannot show extra output
# shellcheck disable=SC2034
SECRETS_VERBOSE=0
while getopts 'hd:p:' opt; do
case "$opt" in
h) _show_manual_for 'changes';;

17
src/commands/git_secret_hide.sh
Unescape Escape View File

@ -31,13 +31,21 @@ function _optional_delete {
local path_mappings
path_mappings=$(_get_secrets_dir_paths_mapping)
# We use custom formatting here:
if [[ -n "$_SECRETS_VERBOSE" ]]; then
echo && _message 'removing unencrypted files:'
fi
while read -r line; do
# So the formatting would not be repeated several times here:
local filename
filename=$(_get_record_filename "$line")
_find_and_clean_formatted "*$filename"
_find_and_clean "*$filename"
done < "$path_mappings"
if [[ -n "$_SECRETS_VERBOSE" ]]; then
echo
fi
fi
}
@ -162,12 +170,9 @@ function hide {
set +e # disable 'set -e' so we can capture exit_code
# see https://github.com/bats-core/bats-core#file-descriptor-3-read-this-if-bats-hangs for info about 3>&-
local gpg_output
if [[ -n $_SECRETS_VERBOSE ]]; then
# we don't use _maybe_show_command here because we couldn't get it working right
echo "git-secret: running:" "$SECRETS_GPG_COMMAND" "${args[@]}"
fi
gpg_output=$($SECRETS_GPG_COMMAND "${args[@]}") # we leave stderr alone
gpg_output=$($SECRETS_GPG_COMMAND "${args[@]}" 3>&-) # we leave stderr alone
local exit_code=$?
set -e # re-enable set -e

3
src/commands/git_secret_killperson.sh
Unescape Escape View File

@ -31,7 +31,8 @@ function killperson {
_assert_keychain_contains_emails "$secrets_dir_keys" "${emails[@]}"
for email in "${emails[@]}"; do
( _maybe_show_command; $SECRETS_GPG_COMMAND --homedir "$secrets_dir_keys" --no-permission-warning --batch --yes --delete-key "$email" )
# see https://github.com/bats-core/bats-core#file-descriptor-3-read-this-if-bats-hangs for info about 3>&-
$SECRETS_GPG_COMMAND --homedir "$secrets_dir_keys" --no-permission-warning --batch --yes --delete-key "$email" 3>&-
local exit_code=$?
if [[ "$exit_code" -ne 0 ]]; then
_abort "problem deleting key for '$email' with gpg: exit code $exit_code"

14
src/commands/git_secret_tell.sh
Unescape Escape View File

@ -10,7 +10,8 @@ END { print cnt }
function get_gpg_key_count {
local secrets_dir_keys
secrets_dir_keys=$(_get_secrets_dir_keys)
$SECRETS_GPG_COMMAND --homedir "$secrets_dir_keys" --no-permission-warning --list-public-keys --with-colon | gawk "$AWK_GPG_KEY_CNT"
# 3>&- closes fd 3 for bats, see https://github.com/bats-core/bats-core#file-descriptor-3-read-this-if-bats-hangs
$SECRETS_GPG_COMMAND --homedir "$secrets_dir_keys" --no-permission-warning --list-public-keys --with-colon | gawk "$AWK_GPG_KEY_CNT" 3>&-
local exit_code=$?
if [[ "$exit_code" -ne 0 ]]; then
_abort "problem counting keys with gpg: exit code $exit_code"
@ -75,14 +76,15 @@ function tell {
# shellcheck disable=2154
local keyfile="$temporary_filename"
# 3>&- closes fd 3 for bats, see https://github.com/bats-core/bats-core#file-descriptor-3-read-this-if-bats-hangs
local exit_code
if [[ -z "$homedir" ]]; then
( _maybe_show_command; $SECRETS_GPG_COMMAND --export -a "$email" > "$keyfile" )
$SECRETS_GPG_COMMAND --export -a "$email" > "$keyfile" 3>&-
exit_code=$?
else
# It means that homedir is set as an extra argument via `-d`:
( _maybe_show_command; $SECRETS_GPG_COMMAND --no-permission-warning --homedir="$homedir" \
--export -a "$email" > "$keyfile" )
$SECRETS_GPG_COMMAND --no-permission-warning --homedir="$homedir" \
--export -a "$email" > "$keyfile" 3>&-
exit_code=$?
fi
if [[ "$exit_code" -ne 0 ]]; then
@ -99,9 +101,9 @@ function tell {
local args=( --homedir "$secrets_dir_keys" --no-permission-warning --import "$keyfile" )
if [[ -z "$_SECRETS_VERBOSE" ]]; then
( _maybe_show_command; $SECRETS_GPG_COMMAND "${args[@]}" > /dev/null 2>&1 )
$SECRETS_GPG_COMMAND "${args[@]}" > /dev/null 2>&1 3>&-
else
( _maybe_show_command; $SECRETS_GPG_COMMAND "${args[@]}" )
$SECRETS_GPG_COMMAND "${args[@]}" 3>&-
fi
exit_code=$?

8
tests/_test_base.bash
Unescape Escape View File

@ -62,12 +62,6 @@ export TEST_SECOND_FILENAME="space file two" # has spaces
export TEST_THIRD_FILENAME="space file three" # has spaces
# this works around https://github.com/bats-core/bats-core/issues/155
# always use run_wrapper() and not bats-core's run()
function run_wrapper {
run "${@}" 3>-
}
function test_user_password {
# Password for 'user3@gitsecret.io' is 'user3pass'
# As it was set on key creation.
@ -220,7 +214,7 @@ function set_state_initial {
function set_state_git {
git init | sed 's/^/git: /' >> "$TEST_GPG_OUTPUT_FILE" 2>&1
git init >> "$TEST_GPG_OUTPUT_FILE" 2>&1
}

24
tests/test_add.bats
Unescape Escape View File

@ -25,7 +25,7 @@ function teardown {
echo "content" > "$filename"
echo "$filename" > ".gitignore"
run_wrapper git secret add "$filename"
run git secret add "$filename"
[ "$status" -eq 0 ]
# Ensuring that path mappings was set correctly:
@ -45,7 +45,7 @@ function teardown {
touch "$test_file"
echo "content" > "$test_file"
run_wrapper git secret add -Z "$test_file"
run git secret add -Z "$test_file"
[ "$status" -ne 0 ]
rm "$test_file"
@ -57,7 +57,7 @@ function teardown {
touch "$test_file"
echo "content" > "$test_file"
run_wrapper git secret add "$test_file"
run git secret add "$test_file"
[ "$status" -eq 0 ]
rm "$test_file"
@ -70,10 +70,10 @@ function teardown {
echo "content" > "$test_file"
# add -i is now a no-op (See #225) so this tests that -i does nothing.
run_wrapper git secret add -i "$test_file"
run git secret add -i "$test_file"
[ "$status" -eq 0 ]
run_wrapper _file_has_line "$test_file" ".gitignore"
run _file_has_line "$test_file" ".gitignore"
[ "$status" -eq 0 ]
rm "$test_file"
@ -102,10 +102,10 @@ function teardown {
echo "content" > "$test_file"
# Test commands:
run_wrapper git secret add -i "$test_file"
run git secret add -i "$test_file"
[ "$status" -eq 0 ]
run_wrapper _file_has_line "$test_file" "../.gitignore"
run _file_has_line "$test_file" "../.gitignore"
[ "$status" -eq 0 ]
# .gitignore was not created:
@ -138,7 +138,7 @@ function teardown {
cd "$sibling"
# Testing:
run_wrapper git secret add "../node/$TEST_DEFAULT_FILENAME"
run git secret add "../node/$TEST_DEFAULT_FILENAME"
[ "$status" -eq 0 ]
[[ "$output" == *"git-secret: 1 item(s) added."* ]]
@ -171,7 +171,7 @@ function teardown {
echo "$test_dir/$test_file" > ".gitignore"
# Testing:
run_wrapper git secret add "$test_dir/$test_file"
run git secret add "$test_dir/$test_file"
[ "$status" -eq 0 ]
[[ "$output" == *"git-secret: 1 item(s) added."* ]]
@ -187,8 +187,8 @@ function teardown {
echo "$filename" > ".gitignore"
# Testing:
run_wrapper git secret add "$filename"
run_wrapper git secret add "$filename"
run git secret add "$filename"
run git secret add "$filename"
[ "$status" -eq 0 ]
[ "$output" = "git-secret: 1 item(s) added." ]
@ -215,7 +215,7 @@ function teardown {
echo "$filename2" >> ".gitignore"
# Testing:
run_wrapper git secret add "$filename1" "$filename2"
run git secret add "$filename1" "$filename2"
[ "$status" -eq 0 ]
[ "$output" = "git-secret: 2 item(s) added." ]

8
tests/test_cat.bats
Unescape Escape View File

@ -28,7 +28,7 @@ function teardown {
@test "run 'cat' with password argument" {
local password=$(test_user_password "$TEST_DEFAULT_USER")
run_wrapper git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
[ "$status" -eq 0 ]
@ -38,7 +38,7 @@ function teardown {
@test "run 'cat' with password argument and SECRETS_VERBOSE=1" {
local password=$(test_user_password "$TEST_DEFAULT_USER")
SECRETS_VERBOSE=1 run_wrapper git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
SECRETS_VERBOSE=1 run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
[ "$status" -eq 0 ]
@ -47,12 +47,12 @@ function teardown {
}
@test "run 'cat' with wrong filename" {
run_wrapper git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" NO_SUCH_FILE
run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" NO_SUCH_FILE
[ "$status" -eq 2 ]
}
@test "run 'cat' with bad arg" {
local password=$(test_user_password "$TEST_DEFAULT_USER")
run_wrapper git secret cat -Z -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
run git secret cat -Z -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
[ "$status" -ne 0 ]
}

22
tests/test_changes.bats
Unescape Escape View File

@ -33,7 +33,7 @@ function teardown {
@test "run 'changes' on one file with no file changed" {
local password=$(test_user_password "$TEST_DEFAULT_USER")
run_wrapper git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
[ "$status" -eq 0 ]
@ -47,7 +47,7 @@ function teardown {
local new_content="new content"
echo "$new_content" >> "$FILE_TO_HIDE"
run_wrapper git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
[ "$status" -eq 0 ]
# Testing that output has both filename and changes:
@ -65,7 +65,7 @@ function teardown {
local password=$(test_user_password "$TEST_DEFAULT_USER")
rm "$FILE_TO_HIDE" || _abort "error removing: $FILE_TO_HIDE"
run_wrapper git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
[ "$status" -ne 0 ]
}
@ -74,7 +74,7 @@ function teardown {
local encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE")
rm "$encrypted_file" || _abort "error removing: $encrypted_file"
run_wrapper git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
[ "$status" -ne 0 ]
}
@ -84,7 +84,7 @@ function teardown {
local new_content="replace"
echo "$new_content" > "$FILE_TO_HIDE"
run_wrapper git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
[ "$status" -eq 0 ]
# Testing that output has both filename and changes:
@ -98,7 +98,7 @@ function teardown {
@test "run 'changes' on two files with no file changed" {
local password=$(test_user_password "$TEST_DEFAULT_USER")
run_wrapper git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password"
run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password"
[ "$status" -eq 0 ]
@ -115,7 +115,7 @@ function teardown {
echo "$new_content" >> "$FILE_TO_HIDE"
echo "$second_new_content" >> "$SECOND_FILE_TO_HIDE"
run_wrapper git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password"
run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password"
[ "$status" -eq 0 ]
# Testing that output has both filename and changes:
@ -137,7 +137,7 @@ function teardown {
echo "$new_content" >> "$FILE_TO_HIDE"
echo "$second_new_content" >> "$SECOND_FILE_TO_HIDE"
run_wrapper git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" \
run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" \
"$FILE_TO_HIDE" "$SECOND_FILE_TO_HIDE"
[ "$status" -eq 0 ]
@ -153,7 +153,7 @@ function teardown {
}
@test "run 'changes' on file that does not exist" {
run_wrapper git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_NON_EXISTENT"
run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_NON_EXISTENT"
[ "$status" -ne 0 ]
}
@ -162,7 +162,7 @@ function teardown {
set_state_secret_hide
local password=$(test_user_password "$TEST_DEFAULT_USER")
run_wrapper git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$THIRD_FILE_TO_HIDE"
run git secret changes -d "$TEST_GPG_HOMEDIR" -p "$password" "$THIRD_FILE_TO_HIDE"
[ "$status" -eq 0 ]
local num_lines=$(echo "$output" | wc -l)
@ -172,7 +172,7 @@ function teardown {
}
@test "run 'changes' with bad arg" {
run_wrapper git secret changes -Z
run git secret changes -Z
[ "$status" -ne 0 ]
}

18
tests/test_clean.bats
Unescape Escape View File

@ -36,7 +36,7 @@ function _secret_files_exists {
@test "run 'clean' normally" {
run_wrapper git secret clean
run git secret clean
[ "$status" -eq 0 ]
# There must be no .secret files:
@ -45,18 +45,18 @@ function _secret_files_exists {
}
@test "run 'clean' with extra filename" {
run_wrapper git secret clean extra_filename
run git secret clean extra_filename
[ "$status" -ne 0 ]
}
@test "run 'clean' with bad arg" {
run_wrapper git secret clean -Z
run git secret clean -Z
[ "$status" -ne 0 ]
}
@test "run 'clean' with '-v'" {
run_wrapper git secret clean -v
run git secret clean -v
[ "$status" -eq 0 ]
# There must be no .secret files:
@ -67,7 +67,7 @@ function _secret_files_exists {
local second_filename=$(_get_encrypted_filename "$SECOND_FILE")
# Output must be verbose:
[[ "$output" == *"removing:"* ]]
[[ "$output" == *"cleaning"* ]]
[[ "$output" == *"$first_filename"* ]]
[[ "$output" == *"$second_filename"* ]]
}
@ -75,21 +75,21 @@ function _secret_files_exists {
# this test is like above, but uses SECRETS_VERBOSE env var
@test "run 'clean' with 'SECRETS_VERBOSE=1'" {
export SECRETS_VERBOSE=1
run_wrapper git secret clean
run git secret clean
[ "$status" -eq 0 ]
# Output must be verbose:
[[ "$output" == *"removing:"* ]]
[[ "$output" == *"cleaning"* ]]
}
# this test is like above, but sets SECRETS_VERBOSE env var to 0
# and expected non-verbose output
@test "run 'clean' with 'SECRETS_VERBOSE=0'" {
export SECRETS_VERBOSE=0
run_wrapper git secret clean
run git secret clean
[ "$status" -eq 0 ]
# Output must not be verbose:
[[ "$output" != *"removing:"* ]]
[[ "$output" != *"cleaning"* ]]
}

6
tests/test_expiration.bats
Unescape Escape View File

@ -23,7 +23,7 @@ function teardown {
FILE_CONTENTS="hidden content юникод"
set_state_secret_add "$FILE_TO_HIDE" "$FILE_CONTENTS"
run_wrapper git secret hide
run git secret hide
# this will fail, because we're using an expired key
#echo "$output" | sed "s/^/# '$BATS_TEST_DESCRIPTION' output: /" >&3
@ -35,7 +35,7 @@ function teardown {
@test "run 'whoknows -l' on only expired user" {
run_wrapper git secret whoknows -l
run git secret whoknows -l
[ "$status" -eq 0 ]
# diag output for bats-core
@ -54,7 +54,7 @@ function teardown {
install_fixture_key "$TEST_DEFAULT_USER"
set_state_secret_tell "$TEST_DEFAULT_USER"
run_wrapper git secret whoknows -l
run git secret whoknows -l
[ "$status" -eq 0 ]
#echo "$output" | sed "s/^/# '$BATS_TEST_DESCRIPTION' output: /" >&3

52
tests/test_hide.bats
Unescape Escape View File

@ -26,7 +26,7 @@ function teardown {
@test "run 'hide' normally" {
run_wrapper git secret hide
run git secret hide
#echo "$output" | sed "s/^/# '$BATS_TEST_DESCRIPTION' output: /" >&3
@ -40,17 +40,17 @@ function teardown {
}
@test "run 'hide' with extra filename" {
run_wrapper git secret hide extra_filename
run git secret hide extra_filename
[ "$status" -ne 0 ]
}
@test "run 'hide' with bad arg" {
run_wrapper git secret hide -Z
run git secret hide -Z
[ "$status" -ne 0 ]
}
@test "run 'hide' normally with SECRETS_VERBOSE=1" {
SECRETS_VERBOSE=1 run_wrapper git secret hide
SECRETS_VERBOSE=1 run git secret hide
# Command must execute normally.
[ "$status" -eq 0 ]
@ -61,7 +61,7 @@ function teardown {
# attempt to alter permissions on input file
chmod o-rwx "$FILE_TO_HIDE"
run_wrapper git secret hide -P
run git secret hide -P
#echo "$output" | sed "s/^/# '$BATS_TEST_DESCRIPTION' output: /" >&3
@ -103,7 +103,7 @@ function teardown {
cd "$root_dir"
# Now it should hide 2 files:
run_wrapper git secret hide
run git secret hide
[ "$status" -eq 0 ]
# cd back and clean up
@ -121,7 +121,7 @@ function teardown {
rm -f "$second_file"
# Now it should return an error because one file can't be found
run_wrapper git secret hide
run git secret hide
[ "$status" -ne 0 ]
[ "$output" != "git-secret: done. 2 of 2 files are hidden." ]
}
@ -134,7 +134,7 @@ function teardown {
set_state_secret_add "$second_file" "$second_content"
# Now it should hide 2 files:
run_wrapper git secret hide
run git secret hide
#echo "$output" | sed "s/^/# '$BATS_TEST_DESCRIPTION' output: /" >&3
[ "$status" -eq 0 ]
[[ "$output" == *"git-secret: done. 2 of 2 files are hidden."* ]]
@ -145,12 +145,12 @@ function teardown {
@test "run 'hide' with '-m'" {
run_wrapper git secret hide -m
run git secret hide -m
# Command must execute normally:
[ "$status" -eq 0 ]
# git secret hide -m: uses temp file so cleaning should take place, but we only show tmp file cleanup in VERBOSE mode
[[ "$output" == *"git-secret: done. 1 of 1 files are hidden."* ]]
[ "${lines[0]}" = "git-secret: done. 1 of 1 files are hidden." ]
# New files should be created:
local encrypted_file=$(_get_encrypted_filename "$FILE_TO_HIDE")
@ -161,19 +161,19 @@ function teardown {
@test "run 'hide' with '-m' twice" {
local path_mappings
path_mappings=$(_get_secrets_dir_paths_mapping)
run_wrapper git secret hide -m
run git secret hide -m
#echo "$output" | sed "s/^/# '$BATS_TEST_DESCRIPTION' output: /" >&3
# Command must execute normally:
[ "$status" -eq 0 ]
# git secret hide -m: uses temp file so cleaning should take place, but we only show tmp file cleanup in VERBOSE mode
[[ "$output" == *"git-secret: done. 1 of 1 files are hidden."* ]]
[[ "${lines[0]}" == *"git-secret: done. 1 of 1 files are hidden."* ]]
# back path mappings
cp "${path_mappings}" "${path_mappings}.bak"
# run_wrapper hide again
run_wrapper git secret hide -m
# run hide again
run git secret hide -m
# compare
[ "$status" -eq 0 ]
[[ "${#lines[@]}" -eq 1 ]]
@ -192,19 +192,19 @@ function teardown {
@test "run 'hide' without then with '-m'" {
local path_mappings
path_mappings=$(_get_secrets_dir_paths_mapping)
run_wrapper git secret hide
run git secret hide
#echo "$output" | sed "s/^/# '$BATS_TEST_DESCRIPTION' output: /" >&3
# Command must execute normally:
[ "$status" -eq 0 ]
# git secret hide -m: uses temp file so cleaning should take place, but we only show tmp file cleanup in VERBOSE mode
[[ "$output" == *"git-secret: done. 1 of 1 files are hidden."* ]]
[[ "${lines[0]}" == *"git-secret: done. 1 of 1 files are hidden."* ]]
# back path mappings
cp "${path_mappings}" "${path_mappings}.bak"
# run_wrapper hide again
run_wrapper git secret hide -m
# run hide again
run git secret hide -m
# compare
[ "$status" -eq 0 ]
[[ "${#lines[@]}" -eq 1 ]]
@ -225,20 +225,20 @@ function teardown {
local encrypted_filename=$(_get_encrypted_filename "$FILE_TO_HIDE")
set_state_secret_hide # so it would be data to clean
run_wrapper git secret hide -v -c
run git secret hide -v -c
[ "$status" -eq 0 ]
# File should be still there (it is not deletion):
[ -f "$FILE_TO_HIDE" ]
# Output should be verbose:
[[ "$output" == *"removing:"* ]]
[[ "$output" == *"cleaning"* ]]
[[ "$output" == *"$encrypted_filename"* ]]
}
@test "run 'hide' with '-d'" {
run_wrapper git secret hide -d
run git secret hide -d
[ "$status" -eq 0 ]
# File must be removed:
@ -247,14 +247,14 @@ function teardown {
@test "run 'hide' with '-d' and '-v'" {
run_wrapper git secret hide -v -d
run git secret hide -v -d
[ "$status" -eq 0 ]
# File must be removed:
[ ! -f "$FILE_TO_HIDE" ]
# It should be verbose:
[[ "$output" == *"removing:"* ]]
[[ "$output" == *"removing unencrypted files"* ]]
[[ "$output" == *"$FILE_TO_HIDE"* ]]
}
@ -271,7 +271,7 @@ function teardown {
[ -f "$second_file" ]
# Now it should hide 2 files:
run_wrapper git secret hide -v -d
run git secret hide -v -d
[ "$status" -eq 0 ]
# File must be removed:
@ -279,7 +279,7 @@ function teardown {
[ ! -f "$second_file" ]
# It should be verbose:
[[ "$output" == *"removing:"* ]]
[[ "$output" == *"removing unencrypted files"* ]]
[[ "$output" == *"$FILE_TO_HIDE"* ]]
[[ "$output" == *"$second_file"* ]]
@ -291,7 +291,7 @@ function teardown {
install_fixture_key "$TEST_SECOND_USER"
set_state_secret_tell "$TEST_SECOND_USER"
run_wrapper git secret hide
run git secret hide
[ "$status" -eq 0 ]
[[ "$output" == *"git-secret: done. 1 of 1 files are hidden."* ]]
}

2
tests/test_hide_continue.bats
Unescape Escape View File

@ -29,7 +29,7 @@ function teardown {
@test "run 'hide -F' with missing input file" {
mv "$FILE_TO_HIDE" "$FILE_TO_HIDE.was" # move the first file out of the way
run_wrapper git secret hide -F
run git secret hide -F
#echo "# output of 'git secret hide -F' is: $output" >&3

12
tests/test_init.bats
Unescape Escape View File

@ -23,13 +23,13 @@ function teardown {
@test "run 'init' without '.git'" {
remove_git_repository
run_wrapper git secret init
run git secret init
[ "$status" -eq 1 ]
}
@test "run 'init' normally" {
run_wrapper git secret init
run git secret init
[ "$status" -eq 0 ]
[[ -d "${_SECRETS_DIR}" ]]
@ -37,12 +37,12 @@ function teardown {
@test "run 'init' with extra filename" {
run_wrapper git secret init extra_filename
run git secret init extra_filename
[ "$status" -ne 0 ]
}
@test "run 'init' with bad arg" {
run_wrapper git secret init -Z
run git secret init -Z
[ "$status" -ne 0 ]
}
@ -64,7 +64,7 @@ function teardown {
cd "$nested_dir"
# Test:
run_wrapper git secret init
run git secret init
[ "$status" -eq 0 ]
# It should not be created in the current folder:
@ -87,7 +87,7 @@ function teardown {
mkdir "$secrets_dir"
run_wrapper git secret init
run git secret init
[ "$output" = "git-secret: abort: already initialized." ]
[ "$status" -eq 1 ]
}

16
tests/test_killperson.bats
Unescape Escape View File

@ -20,7 +20,7 @@ function teardown {
@test "run 'killperson' without arguments" {
run_wrapper git secret killperson
run git secret killperson
[ "$status" -eq 1 ]
}
@ -30,11 +30,11 @@ function teardown {
name=$(echo "$TEST_DEFAULT_USER" | sed -e 's/@.*//')
# killperson must use full email, not short name
run_wrapper git secret killperson "$name"
run git secret killperson "$name"
[ "$status" -eq 1 ]
# Then whoknows will be ok because user3@gitsecret.io still knows
run_wrapper git secret whoknows
run git secret whoknows
[ "$status" -eq 0 ]
# Testing output:
@ -45,14 +45,14 @@ function teardown {
@test "run 'killperson' with email" {
local email="$TEST_DEFAULT_USER"
run_wrapper git secret killperson "$email"
run git secret killperson "$email"
[ "$status" -eq 0 ]
# Testing output:
[[ "$output" == *"$email"* ]]
# Then whoknows must return an error with status code 1:
run_wrapper git secret whoknows
run git secret whoknows
[ "$status" -eq 1 ]
}
@ -65,7 +65,7 @@ function teardown {
local default_email="$TEST_DEFAULT_USER"
local second_email="$TEST_SECOND_USER"
run_wrapper git secret killperson "$default_email" "$second_email"
run git secret killperson "$default_email" "$second_email"
[ "$status" -eq 0 ]
# Testing output:
@ -73,13 +73,13 @@ function teardown {
[[ "$output" == *"$second_email"* ]]
# Nothing to show:
run_wrapper git secret whoknows
run git secret whoknows
[ "$status" -eq 1 ]
}
@test "run 'killperson' with bad arg" {
local email="$TEST_DEFAULT_USER"
run_wrapper git secret killperson -Z "$email"
run git secret killperson -Z "$email"
[ "$status" -ne 0 ]
}

10
tests/test_list.bats
Unescape Escape View File

@ -26,18 +26,18 @@ function teardown {
@test "run 'list' normally" {
run_wrapper git secret list
run git secret list
[ "$status" -eq 0 ]
[ "$output" = "$FILE_TO_HIDE" ]
}
@test "run 'list' with extra filename" {
run_wrapper git secret list extra_filename
run git secret list extra_filename
[ "$status" -ne 0 ]
}
@test "run 'list' with bad arg" {
run_wrapper git secret list -Z
run git secret list -Z
[ "$status" -ne 0 ]
}
@ -46,7 +46,7 @@ function teardown {
local second_file="second_file.txt"
set_state_secret_add "$second_file" "$FILE_CONTENTS"
run_wrapper git secret list
run git secret list
[ "$status" -eq 0 ]
# Now it should list two files:
@ -62,6 +62,6 @@ function teardown {
git secret remove "$FILE_TO_HIDE"
# Running `list` on empty mapping should result an error:
run_wrapper git secret list
run git secret list
[ "$status" -eq 1 ]
}

10
tests/test_main.bats
Unescape Escape View File

@ -15,19 +15,19 @@ function teardown {
@test "run 'git secret' without command" {
run_wrapper git secret
run git secret
[ "$status" -eq 126 ]
}
@test "run 'git secret' with bad command" {
run_wrapper git secret notacommand
run git secret notacommand
[ "$status" -eq 126 ]
}
@test "run 'git secret --version'" {
run_wrapper git secret --version
run git secret --version
[ "$output" == "$GITSECRET_VERSION" ]
}
@ -38,7 +38,7 @@ function teardown {
# test of 'git secret usage' here removed as it's duplicated in test_usage.bats
# Dry run_wrapper won't fail:
run_wrapper git secret --dry-run
# Dry run won't fail:
run git secret --dry-run
[ "$status" -eq 0 ]
}

6
tests/test_make_install.bats
Unescape Escape View File

@ -1,17 +1,17 @@
#!/usr/bin/env bats
load _test_base # for run_wrapper
: "${TMPDIR:=/tmp}"
INSTALL_BASE="${TMPDIR}/git-secret-test-install"
@test "run 'make install to tmpdir'" {
@test "install git-secret to DESTDIR='$INSTALL_BASE'" {
rm -f "${INSTALL_BASE}/usr/bin/git-secret"
cd $SECRET_PROJECT_ROOT
# set DESTDIR for this command and 'run' make install
DESTDIR="${INSTALL_BASE}" run_wrapper make install
DESTDIR="${INSTALL_BASE}" run make install
[ -x "${INSTALL_BASE}/usr/bin/git-secret" ]

2
tests/test_noname.bats
Unescape Escape View File

@ -41,7 +41,7 @@ function _has_line {
@test "run 'remove' for nameless user normally" {
run_wrapper git secret remove "$SECOND_FILE"
run git secret remove "$SECOND_FILE"
[ "$status" -eq 0 ]
# Test output:

10
tests/test_remove.bats
Unescape Escape View File

@ -39,7 +39,7 @@ function _has_line {
@test "run 'remove' normally" {
run_wrapper git secret remove "$SECOND_FILE"
run git secret remove "$SECOND_FILE"
[ "$status" -eq 0 ]
# Test output:
@ -64,7 +64,7 @@ function _has_line {
@test "run 'remove' with multiple arguments" {
run_wrapper git secret remove "$FIRST_FILE" "$SECOND_FILE"
run git secret remove "$FIRST_FILE" "$SECOND_FILE"
[ "$status" -eq 0 ]
local first_line=$(_has_line "$FIRST_FILE")
@ -95,7 +95,7 @@ function _has_line {
set_state_secret_hide # running hide again to hide new data
# Now it should remove filename with slashes from the mapping:
run_wrapper git secret remove "$file_in_folder"
run git secret remove "$file_in_folder"
[ "$status" -eq 0 ]
local mapping_contains=$(_has_line "$file_in_folder")
@ -112,7 +112,7 @@ function _has_line {
@test "run 'remove' with '-c'" {
set_state_secret_hide
run_wrapper git secret remove -c "$SECOND_FILE"
run git secret remove -c "$SECOND_FILE"
[ "$status" -eq 0 ]
local mapping_contains=$(_has_line "$SECOND_FILE")
@ -129,7 +129,7 @@ function _has_line {
@test "run 'remove' with bad arg" {
set_state_secret_hide
run_wrapper git secret remove -Z "$SECOND_FILE"
run git secret remove -Z "$SECOND_FILE"
[ "$status" -ne 0 ]
}

24
tests/test_reveal.bats
Unescape Escape View File

@ -33,7 +33,7 @@ function teardown {
rm -f "$FILE_TO_HIDE"
local password=$(test_user_password "$TEST_DEFAULT_USER")
run_wrapper git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
[ "$status" -eq 0 ]
[ -f "$FILE_TO_HIDE" ]
@ -48,7 +48,7 @@ function teardown {
rm -f "$FILE_TO_HIDE"
local password=$(test_user_password "$TEST_DEFAULT_USER")
run_wrapper git secret reveal -Z k-d "$TEST_GPG_HOMEDIR" -p "$password"
run git secret reveal -Z k-d "$TEST_GPG_HOMEDIR" -p "$password"
[ "$status" -ne 0 ]
}
@ -56,7 +56,7 @@ function teardown {
rm "$FILE_TO_HIDE"
local password=$(test_user_password "$TEST_DEFAULT_USER")
run_wrapper git secret reveal -f -d "$TEST_GPG_HOMEDIR" -p "$password"
run git secret reveal -f -d "$TEST_GPG_HOMEDIR" -p "$password"
[ "$status" -eq 0 ]
[ -f "$FILE_TO_HIDE" ]
@ -66,7 +66,7 @@ function teardown {
rm "$FILE_TO_HIDE"
local password=$(test_user_password "$TEST_DEFAULT_USER")
run_wrapper git secret reveal -v -d "$TEST_GPG_HOMEDIR" -p "$password"
run git secret reveal -v -d "$TEST_GPG_HOMEDIR" -p "$password"
[ "$status" -eq 0 ]
[ -f "$FILE_TO_HIDE" ]
@ -81,7 +81,7 @@ function teardown {
local secret_file=$(_get_encrypted_filename "$FILE_TO_HIDE")
chmod o-rwx "$secret_file"
run_wrapper git secret reveal -P -d "$TEST_GPG_HOMEDIR" -p "$password"
run git secret reveal -P -d "$TEST_GPG_HOMEDIR" -p "$password"
[ "$status" -eq 0 ]
@ -99,7 +99,7 @@ function teardown {
@test "run 'reveal' with wrong password" {
rm "$FILE_TO_HIDE"
run_wrapper git secret reveal -d "$TEST_GPG_HOMEDIR" -p "WRONG"
run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "WRONG"
[ "$status" -eq 2 ]
[ ! -f "$FILE_TO_HIDE" ]
}
@ -113,7 +113,7 @@ function teardown {
local attacker_fingerprint=$(install_fixture_full_key "$TEST_ATTACKER_USER")
local password=$(test_user_password "$TEST_ATTACKER_USER")
run_wrapper git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
# This should fail, nothing should be created:
[ "$status" -eq 2 ]
@ -130,7 +130,7 @@ function teardown {
local attacker_fingerprint=$(install_fixture_full_key "$TEST_ATTACKER_USER")
local password=$(test_user_password "$TEST_ATTACKER_USER")
run_wrapper git secret reveal -F -d "$TEST_GPG_HOMEDIR" -p "$password"
run git secret reveal -F -d "$TEST_GPG_HOMEDIR" -p "$password"
#echo "# status is $status" >&3
@ -157,7 +157,7 @@ function teardown {
uninstall_fixture_full_key "$TEST_DEFAULT_USER" "$FINGERPRINT"
# Testing:
run_wrapper git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
[ "$status" -eq 0 ]
[ -f "$FILE_TO_HIDE" ]
@ -176,7 +176,7 @@ function teardown {
set_state_secret_hide
# Testing:
run_wrapper git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
[ "$status" -eq 0 ]
[ -f "$FILE_TO_HIDE" ]
@ -189,7 +189,7 @@ function teardown {
rm -f "$FILE_TO_HIDE"
local password=$(test_user_password "$TEST_DEFAULT_USER")
SECRETS_PINENTRY=loopback run_wrapper git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
SECRETS_PINENTRY=loopback run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
[ "$status" -eq 0 ]
}
@ -201,6 +201,6 @@ function teardown {
rm -f "$FILE_TO_HIDE"
local password=$(test_user_password "$TEST_DEFAULT_USER")
SECRETS_PINENTRY=error run_wrapper git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
SECRETS_PINENTRY=error run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
[ "$status" -ne 0 ]
}

2
tests/test_reveal_filename.bats
Unescape Escape View File

@ -40,7 +40,7 @@ function teardown {
rm "$FILE_TO_HIDE"
local password=$(test_user_password "$TEST_DEFAULT_USER")
run_wrapper git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
[ "$status" -eq 0 ]
[ -f "$FILE_TO_HIDE" ]

48
tests/test_tell.bats
Unescape Escape View File

@ -18,7 +18,7 @@ function teardown {
}
@test "run 'tell' with '-v'" {
run_wrapper git secret tell -d "$TEST_GPG_HOMEDIR" -v "$TEST_DEFAULT_USER"
run git secret tell -d "$TEST_GPG_HOMEDIR" -v "$TEST_DEFAULT_USER"
#echo "$output" | sed "s/^/# '$BATS_TEST_DESCRIPTION' output: /" >&3
[[ "$output" == *"created"* ]]
@ -28,7 +28,7 @@ function teardown {
}
@test "run 'tell' without '-v'" {
run_wrapper git secret tell -d "$TEST_GPG_HOMEDIR" "$TEST_DEFAULT_USER"
run git secret tell -d "$TEST_GPG_HOMEDIR" "$TEST_DEFAULT_USER"
#echo "$output" | sed "s/^/# '$BATS_TEST_DESCRIPTION' output: /" >&3
[[ "$output" != *"imported:"* ]]
@ -37,19 +37,19 @@ function teardown {
}
@test "run 'tell' on substring of emails" {
run_wrapper git secret tell -d "$TEST_GPG_HOMEDIR" user
run git secret tell -d "$TEST_GPG_HOMEDIR" user
# this should give an error because there is no user named 'user',
# even though there are users with the substring 'user'.
# See issue https://github.com/sobolevn/git-secret/issues/176
[ "$status" -eq 1 ]
run_wrapper git secret whoknows
run git secret whoknows
[ "$status" -eq 1 ] # should error when there are no users told
}
@test "fail on no users" {
run_wrapper _user_required
run _user_required
[ "$status" -eq 1 ]
}
@ -65,7 +65,7 @@ function teardown {
# It was showing something like `tru::1:1289775241:0:2:1:6`
# after the preparations done and the error was not generated.
run_wrapper _user_required
run _user_required
[ "$status" -eq 1 ]
}
@ -78,7 +78,7 @@ function teardown {
echo "private key" > "$private_key"
[ -s "$private_key" ]
run_wrapper git secret tell -d "$TEST_GPG_HOMEDIR" "$TEST_DEFAULT_USER"
run git secret tell -d "$TEST_GPG_HOMEDIR" "$TEST_DEFAULT_USER"
[ "$status" -eq 1 ]
}
@ -89,32 +89,32 @@ function teardown {
rm -r "$secrets_dir"
run_wrapper git secret tell -d "$TEST_GPG_HOMEDIR" "$TEST_DEFAULT_USER"
run git secret tell -d "$TEST_GPG_HOMEDIR" "$TEST_DEFAULT_USER"
[ "$status" -eq 1 ]
}
@test "run 'tell' without arguments" {
run_wrapper git secret tell
run git secret tell
[ "$status" -eq 1 ]
}
@test "run 'init' with bad arg" {
run_wrapper git secret tell -Z -d "$TEST_GPG_HOMEDIR" "$TEST_DEFAULT_USER"
run git secret tell -Z -d "$TEST_GPG_HOMEDIR" "$TEST_DEFAULT_USER"
[ "$status" -ne 0 ]
}
@test "run 'tell' normally" {
run_wrapper git secret tell -d "$TEST_GPG_HOMEDIR" "$TEST_DEFAULT_USER"
run git secret tell -d "$TEST_GPG_HOMEDIR" "$TEST_DEFAULT_USER"
[ "$status" -eq 0 ]
# Testing that now user is found:
run_wrapper _user_required
run _user_required
[ "$status" -eq 0 ]
# Testing that now user is in the list of people who knows the secret:
run_wrapper git secret whoknows
run git secret whoknows
[[ "$output" == *"$TEST_DEFAULT_USER"* ]]
}
@ -123,7 +123,7 @@ function teardown {
local email="$TEST_DEFAULT_USER"
git_set_config_email "$email"
run_wrapper git secret tell -d "$TEST_GPG_HOMEDIR" -m
run git secret tell -d "$TEST_GPG_HOMEDIR" -m
[ "$status" -eq 0 ]
}
@ -132,7 +132,7 @@ function teardown {
# Preparations:
git_set_config_email "" # now it should not allow to add yourself
run_wrapper git secret tell -d "$TEST_GPG_HOMEDIR" -m
run git secret tell -d "$TEST_GPG_HOMEDIR" -m
[ "$status" -eq 1 ]
}
@ -142,14 +142,14 @@ function teardown {
install_fixture_key "$TEST_SECOND_USER"
# Testing the command itself:
run_wrapper git secret tell -d "$TEST_GPG_HOMEDIR" \
run git secret tell -d "$TEST_GPG_HOMEDIR" \
"$TEST_DEFAULT_USER" "$TEST_SECOND_USER"
[ "$status" -eq 0 ]
# Testing that these users are presented in the
# list of people who knows secret:
run_wrapper git secret whoknows
run git secret whoknows
[[ "$output" == *"$TEST_DEFAULT_USER"* ]]
[[ "$output" == *"$TEST_SECOND_USER"* ]]
@ -164,14 +164,14 @@ function teardown {
install_fixture_key "$TEST_NOEMAIL_COMMENT_USER"
# Testing the command itself fails because you have to use an email address
run_wrapper git secret tell -d "$TEST_GPG_HOMEDIR" "$TEST_NOEMAIL_COMMENT_USER"
run git secret tell -d "$TEST_GPG_HOMEDIR" "$TEST_NOEMAIL_COMMENT_USER"
# this should not succeed because we only support addressing users by email
[ "$status" -ne 0 ]
# Testing that these users are presented in the
# list of people who knows secret:
run_wrapper git secret whoknows
run git secret whoknows
[[ "$output" != *"$TEST_NOEMAIL_COMMENT_USER"* ]]
@ -186,14 +186,14 @@ function teardown {
#echo "$name" | sed "s/^/# '$BATS_TEST_DESCRIPTION' name is: /" >&3
# Testing the command itself, should fail because you must use email
run_wrapper git secret tell -d "$TEST_GPG_HOMEDIR" "$name"
run git secret tell -d "$TEST_GPG_HOMEDIR" "$name"
# this should not succeed because we only support addressing users by email
[ "$status" -ne 0 ]
# Testing that these users are presented in the
# list of people who knows secret:
run_wrapper git secret whoknows
run git secret whoknows
[[ "$output" != *"$name"* ]]
@ -215,15 +215,15 @@ function teardown {
cd "$test_dir"
# Test:
run_wrapper git secret tell -d "$TEST_GPG_HOMEDIR" "$TEST_DEFAULT_USER"
run git secret tell -d "$TEST_GPG_HOMEDIR" "$TEST_DEFAULT_USER"
[ "$status" -eq 0 ]
# Testing that now user is found:
run_wrapper _user_required
run _user_required
[ "$status" -eq 0 ]
# Testing that now user is in the list of people who knows the secret:
run_wrapper git secret whoknows
run git secret whoknows
[[ "$output" == *"$TEST_DEFAULT_USER"* ]]
# Cleaning up:

6
tests/test_usage.bats
Unescape Escape View File

@ -15,7 +15,7 @@ function teardown {
@test "run 'usage'" {
run_wrapper git secret usage
run git secret usage
[ "$status" -eq 0 ]
}
@ -24,7 +24,7 @@ function teardown {
remove_git_repository
# It's ok for 'usage' to succeed when there's no .git directory, but it doesn't
run_wrapper git secret usage
run git secret usage
[ "$status" -eq 1 ]
}
@ -38,7 +38,7 @@ function teardown {
#echo "# SECRETS_DIR is ${_SECRETS_DIR}" >&3
# It's ok for 'usage' to succeed when the .gitsecret directory is ignored, but it doesn't
run_wrapper git secret usage
run git secret usage
#echo "# git secret usage -> status $status" >&3
[ "$status" -eq 1 ]

12
tests/test_whoknows.bats
Unescape Escape View File

@ -23,7 +23,7 @@ function teardown {
@test "run 'whoknows' normally" {
run_wrapper git secret whoknows
run git secret whoknows
[ "$status" -eq 0 ]
# Now test the output, both users should be present:
@ -32,17 +32,17 @@ function teardown {
}
@test "run 'whoknows' with extra filename" {
run_wrapper git secret whoknows extra_filename
run git secret whoknows extra_filename
[ "$status" -ne 0 ]
}
@test "run 'whoknows' with bad arg" {
run_wrapper git secret whoknows -Z
run git secret whoknows -Z
[ "$status" -ne 0 ]
}
@test "run 'whoknows -l'" {
run_wrapper git secret whoknows -l
run git secret whoknows -l
[ "$status" -eq 0 ]
#echo "$output" | sed "s/^/# '$BATS_TEST_DESCRIPTION' output: /" >&3
@ -68,7 +68,7 @@ function teardown {
cd "$test_dir"
# Test:
run_wrapper git secret whoknows
run git secret whoknows
[ "$status" -eq 0 ]
# Now test the output, both users should be present:
@ -88,6 +88,6 @@ function teardown {
git secret killperson "$email1" "$email2"
# Now whoknows should raise an error: there are no users.
run_wrapper git secret whoknows
run git secret whoknows
[ "$status" -eq 1 ]
}

Write Preview
Loading…
Cancel
Save