Skip to content

Commit

Permalink
ci: add other_key
Browse files Browse the repository at this point in the history
  • Loading branch information
@christian-monch
christian-monch committed Nov 6, 2024
1 parent 49eab46 commit 43c885c
Show file tree
Hide file tree
Showing 4 changed files with 24 additions and 34 deletions.
0 resources/test_keys/test_key → ...d_remake/annexremotes/tests/keys/test_key
View file
File renamed without changes.
0 resources/test_keys/test_key.pub → ...make/annexremotes/tests/keys/test_key.pub
View file
File renamed without changes.
52 changes: 21 additions & 31 deletions datalad_remake/annexremotes/tests/test_remake_remote.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ def test_compute_remote_main(tmp_path, datalad_cfg, monkeypatch, trusted):
monkeypatch.setenv('GNUPGHOME', str(gpg_homedir))

# Generate a keypair
keyid = create_keypair(gpg_homedir)
keyid = import_keypair(gpg_homedir)

datalad_cfg.add('datalad.trusted-keys', keyid, where='global')

Expand Down Expand Up @@ -148,43 +148,33 @@ def test_compute_remote_main(tmp_path, datalad_cfg, monkeypatch, trusted):
assert (tmp_path / 'remade.txt').read_text().strip() == 'content: some_string'


def create_keypair(gpg_dir: Path, name: bytes = b'Test User'):
def import_keypair(gpg_dir: Path, stem: str = 'test_key') -> str:
gpg_dir.mkdir(parents=True, exist_ok=True)
gpg_dir.chmod(0o700)
private_keys_dir = gpg_dir / 'private-keys-v1.d'
private_keys_dir.mkdir(exist_ok=True)
private_keys_dir.chmod(0o700)
template = b"""
Key-Type: RSA
Key-Length: 4096
Subkey-Type: RSA
Subkey-Length: 4096
Name-Real: $NAME
Name-Email: [email protected]
Expire-Date: 0
%no-protection
#%transient-key
%commit
"""
script = template.replace(b'$NAME', name)

key_dir = Path(__file__).parent / 'keys'

# Unset $HOME to prevent accidental changes to the user's keyring
environment = {'HOME': '/dev/null'}

subprocess.run(
[ # noqa: S607
'gpg',
'--batch',
'--homedir',
str(gpg_dir),
'--gen-key',
'--keyid-format',
'long',
],
input=script,
capture_output=True,
check=True,
env=environment,
)
for key_file in (stem, stem + '.pub'):
subprocess.run(
[ # noqa: S607
'gpg',
'--batch',
'--homedir',
str(gpg_dir),
'--import',
str(key_dir / key_file),
],
capture_output=True,
check=True,
env=environment,
)

result = subprocess.run(
[ # noqa: S607
'gpg',
Expand All @@ -199,6 +189,6 @@ def create_keypair(gpg_dir: Path, name: bytes = b'Test User'):
env=environment,
)
return re.findall(
r'(?m)sec.*rsa4096/([A-Z0-9]+).*\n.*\n.*' + name.decode(),
r'(?m)sec.*rsa4096/([A-Z0-9]+).*\n',
result.stdout.decode(),
)[0]
6 changes: 3 additions & 3 deletions datalad_remake/utils/tests/test_verification.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

import pytest

from datalad_remake.annexremotes.tests.test_remake_remote import create_keypair
from datalad_remake.annexremotes.tests.test_remake_remote import import_keypair
from datalad_remake.commands.tests.create_datasets import create_ds_hierarchy
from datalad_remake.utils.verify import verify_file

Expand All @@ -16,8 +16,8 @@ def test_whitelist(tmp_path, monkeypatch):

# Create two key-pairs, one is used for signing, the other is used to
# validate the whitelist functionality.
signing_key = create_keypair(gpg_dir=gpg_dir, name=b'Signing User')
other_key = create_keypair(gpg_dir=gpg_dir, name=b'Other User')
signing_key = import_keypair(gpg_dir=gpg_dir, stem='test_key')
other_key = import_keypair(gpg_dir=gpg_dir, stem='other_key')

# Activate the new keys to allow `create_ds_hierarchy` to sign the commits
monkeypatch.setenv('GNUPGHOME', str(gpg_dir))
Expand Down

0 comments on commit 43c885c

Please sign in to comment.