| |
@@ -0,0 +1,155 @@
|
| |
+ # -*- coding: utf-8 -*-
|
| |
+
|
| |
+ # This program is free software; you can redistribute it and/or modify
|
| |
+ # it under the terms of the GNU General Public License as published by
|
| |
+ # the Free Software Foundation; either version 2 of the License, or
|
| |
+ # (at your option) any later version.
|
| |
+ #
|
| |
+ # This program is distributed in the hope that it will be useful,
|
| |
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
|
| |
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
| |
+ # GNU General Public License for more details.
|
| |
+ #
|
| |
+ # You should have received a copy of the GNU General Public License
|
| |
+ # along with this program; if not, write to the Free Software
|
| |
+ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
|
| |
+ # MA 02110-1301 USA.
|
| |
+
|
| |
+ """
|
| |
+ unit tests of CheckSourceVerification
|
| |
+ """
|
| |
+
|
| |
+ import os, sys, logging
|
| |
+ import unittest2 as unittest
|
| |
+ from glob import glob
|
| |
+
|
| |
+ import srcpath
|
| |
+ from FedoraReview.name_bug import NameBug
|
| |
+
|
| |
+ from fr_testcase import FR_TestCase
|
| |
+
|
| |
+
|
| |
+ class TestSourceVerification(FR_TestCase):
|
| |
+ """ unit tests of CheckSourceVerification """
|
| |
+
|
| |
+ def run_with_spec(self, spec_name):
|
| |
+ """ runs the source verification check on the given test spec file """
|
| |
+
|
| |
+ class DummyBug(NameBug):
|
| |
+ """ allows the testcases to share a dummy source RPM package """
|
| |
+
|
| |
+ def find_srpm_url(self):
|
| |
+ srpm = glob("dummy*.src.rpm")[0]
|
| |
+ self.srpm_url = "file://" + os.path.abspath(srpm)
|
| |
+
|
| |
+ self.init_test("test_source_verification",
|
| |
+ argv=["--name", spec_name, "--prebuilt",
|
| |
+ "--define", "DISTTAG=fc30"])
|
| |
+ return self.run_single_check(DummyBug(spec_name),
|
| |
+ "CheckSourceVerification")
|
| |
+
|
| |
+ def test_single_unverified(self):
|
| |
+ """
|
| |
+ This tests that a package that doesn't call gpgverify leaves the source
|
| |
+ verification check pending with an appropriate note.
|
| |
+ """
|
| |
+
|
| |
+ check = self.run_with_spec("single_unverified")
|
| |
+ self.assertTrue(check.is_pending)
|
| |
+ self.assertEqual(check.result.output_extra, "gpgverify is not used.")
|
| |
+
|
| |
+ def test_single_verified(self):
|
| |
+ """
|
| |
+ This tests that a package with a single correctly verified tarball
|
| |
+ passes the source verification check, and that a comment is not
|
| |
+ mistaken for a command before the source verification.
|
| |
+ """
|
| |
+
|
| |
+ check = self.run_with_spec("single_verified")
|
| |
+ self.assertTrue(check.is_passed)
|
| |
+ self.assertIsNone(check.result.output_extra)
|
| |
+
|
| |
+ def test_two_verified_correctly(self):
|
| |
+ """
|
| |
+ This tests that a package with two correctly verified tarballs passes
|
| |
+ the source verification check, and that macros are recognized both with
|
| |
+ and without braces.
|
| |
+ """
|
| |
+
|
| |
+ check = self.run_with_spec("two_verified_correctly")
|
| |
+ self.assertTrue(check.is_passed)
|
| |
+ self.assertIsNone(check.result.output_extra)
|
| |
+
|
| |
+ def test_one_verified_three_not(self):
|
| |
+ """
|
| |
+ This tests that a package with several unverified sources leaves the
|
| |
+ source verification check pending with a note that lists the unverified
|
| |
+ sources.
|
| |
+ """
|
| |
+
|
| |
+ check = self.run_with_spec("one_verified_three_not")
|
| |
+ self.assertTrue(check.is_pending)
|
| |
+ self.assertEqual(check.result.output_extra,
|
| |
+ "Sources 2, 3 and 4 are not passed to gpgverify.")
|
| |
+
|
| |
+ def test_late_verification(self):
|
| |
+ """
|
| |
+ This tests that a package that calls gpgverify after setup leaves the
|
| |
+ source verification check pending with an appropriate note.
|
| |
+ """
|
| |
+
|
| |
+ check = self.run_with_spec("late_verification")
|
| |
+ self.assertTrue(check.is_pending)
|
| |
+ self.assertEqual(check.result.output_extra,
|
| |
+ "gpgverify is not the first command in %prep.")
|
| |
+
|
| |
+ def test_two_verified_one_late_one_not(self):
|
| |
+ """
|
| |
+ This tests that a package with two separate problems leaves the source
|
| |
+ verification check pending with a note that mentions both problems,
|
| |
+ that one gpgverify call first in prep doesn't mask another that is too
|
| |
+ late, and that the note for a single unverified source is correct.
|
| |
+ """
|
| |
+
|
| |
+ check = self.run_with_spec("two_verified_one_late_one_not")
|
| |
+ self.assertTrue(check.is_pending)
|
| |
+ self.assertEqual(check.result.output_extra,
|
| |
+ "gpgverify is not the first command in %prep. " +
|
| |
+ "Source 3 is not passed to gpgverify.")
|
| |
+
|
| |
+ def test_misplaced_verification(self):
|
| |
+ """
|
| |
+ This tests that a package that calls gpgverify only from the wrong
|
| |
+ section leaves the source verification check pending with an
|
| |
+ appropriate note.
|
| |
+ """
|
| |
+
|
| |
+ check = self.run_with_spec("misplaced_verification")
|
| |
+ self.assertTrue(check.is_pending)
|
| |
+ self.assertEqual(check.result.output_extra,
|
| |
+ "gpgverify occurs outside of %prep.")
|
| |
+
|
| |
+ def test_two_verified_one_misplaced(self):
|
| |
+ """
|
| |
+ This tests that a package that calls gpgverify both from prep and from
|
| |
+ another section leaves the source verification check pending with an
|
| |
+ appropriate note.
|
| |
+ """
|
| |
+
|
| |
+ check = self.run_with_spec("two_verified_one_misplaced")
|
| |
+ self.assertTrue(check.is_pending)
|
| |
+ self.assertEqual(check.result.output_extra,
|
| |
+ "gpgverify occurs outside of %prep.")
|
| |
+
|
| |
+
|
| |
+ if __name__ == "__main__":
|
| |
+ if len(sys.argv) > 1:
|
| |
+ suite = unittest.TestSuite()
|
| |
+ for test in sys.argv[1:]:
|
| |
+ suite.addTest(TestSourceVerification(test))
|
| |
+ else:
|
| |
+ suite = unittest.TestLoader().loadTestsFromTestCase(
|
| |
+ TestSourceVerification)
|
| |
+ unittest.TextTestRunner(verbosity=2).run(suite)
|
| |
+
|
| |
+ # vim: set expandtab ts=4 sw=4:
|
| |
A source file verification policy has been added to the Packaging Guidelines. For upstream projects that sign their releases, the signature shall be verified first in the %prep section. This adds a corresponding check to fedora-review.