From 43c885c52bee22348def729d8d31bb127306ee19 Mon Sep 17 00:00:00 2001
From: Christian Monch <christian.moench@web.de>
Date: Wed, 6 Nov 2024 11:36:56 +0100
Subject: [PATCH] ci: add `other_key`

---
 .../annexremotes/tests/keys}/test_key         |  0
 .../annexremotes/tests/keys}/test_key.pub     |  0
 .../annexremotes/tests/test_remake_remote.py  | 52 ++++++++-----------
 .../utils/tests/test_verification.py          |  6 +--
 4 files changed, 24 insertions(+), 34 deletions(-)
 rename {resources/test_keys => datalad_remake/annexremotes/tests/keys}/test_key (100%)
 rename {resources/test_keys => datalad_remake/annexremotes/tests/keys}/test_key.pub (100%)

diff --git a/resources/test_keys/test_key b/datalad_remake/annexremotes/tests/keys/test_key
similarity index 100%
rename from resources/test_keys/test_key
rename to datalad_remake/annexremotes/tests/keys/test_key
diff --git a/resources/test_keys/test_key.pub b/datalad_remake/annexremotes/tests/keys/test_key.pub
similarity index 100%
rename from resources/test_keys/test_key.pub
rename to datalad_remake/annexremotes/tests/keys/test_key.pub
diff --git a/datalad_remake/annexremotes/tests/test_remake_remote.py b/datalad_remake/annexremotes/tests/test_remake_remote.py
index 578ce59..2690274 100644
--- a/datalad_remake/annexremotes/tests/test_remake_remote.py
+++ b/datalad_remake/annexremotes/tests/test_remake_remote.py
@@ -80,7 +80,7 @@ def test_compute_remote_main(tmp_path, datalad_cfg, monkeypatch, trusted):
         monkeypatch.setenv('GNUPGHOME', str(gpg_homedir))
 
         # Generate a keypair
-        keyid = create_keypair(gpg_homedir)
+        keyid = import_keypair(gpg_homedir)
 
         datalad_cfg.add('datalad.trusted-keys', keyid, where='global')
 
@@ -148,43 +148,33 @@ def test_compute_remote_main(tmp_path, datalad_cfg, monkeypatch, trusted):
     assert (tmp_path / 'remade.txt').read_text().strip() == 'content: some_string'
 
 
-def create_keypair(gpg_dir: Path, name: bytes = b'Test User'):
+def import_keypair(gpg_dir: Path, stem: str = 'test_key') -> str:
     gpg_dir.mkdir(parents=True, exist_ok=True)
     gpg_dir.chmod(0o700)
     private_keys_dir = gpg_dir / 'private-keys-v1.d'
     private_keys_dir.mkdir(exist_ok=True)
     private_keys_dir.chmod(0o700)
-    template = b"""
-        Key-Type: RSA
-        Key-Length: 4096
-        Subkey-Type: RSA
-        Subkey-Length: 4096
-        Name-Real: $NAME
-        Name-Email: test@example.com
-        Expire-Date: 0
-        %no-protection
-        #%transient-key
-        %commit
-    """
-    script = template.replace(b'$NAME', name)
+
+    key_dir = Path(__file__).parent / 'keys'
+
     # Unset $HOME to prevent accidental changes to the user's keyring
     environment = {'HOME': '/dev/null'}
 
-    subprocess.run(
-        [  # noqa: S607
-            'gpg',
-            '--batch',
-            '--homedir',
-            str(gpg_dir),
-            '--gen-key',
-            '--keyid-format',
-            'long',
-        ],
-        input=script,
-        capture_output=True,
-        check=True,
-        env=environment,
-    )
+    for key_file in (stem, stem + '.pub'):
+        subprocess.run(
+            [  # noqa: S607
+                'gpg',
+                '--batch',
+                '--homedir',
+                str(gpg_dir),
+                '--import',
+                str(key_dir / key_file),
+            ],
+            capture_output=True,
+            check=True,
+            env=environment,
+        )
+
     result = subprocess.run(
         [  # noqa: S607
             'gpg',
@@ -199,6 +189,6 @@ def create_keypair(gpg_dir: Path, name: bytes = b'Test User'):
         env=environment,
     )
     return re.findall(
-        r'(?m)sec.*rsa4096/([A-Z0-9]+).*\n.*\n.*' + name.decode(),
+        r'(?m)sec.*rsa4096/([A-Z0-9]+).*\n',
         result.stdout.decode(),
     )[0]
diff --git a/datalad_remake/utils/tests/test_verification.py b/datalad_remake/utils/tests/test_verification.py
index 80cc86a..cc04f36 100644
--- a/datalad_remake/utils/tests/test_verification.py
+++ b/datalad_remake/utils/tests/test_verification.py
@@ -2,7 +2,7 @@
 
 import pytest
 
-from datalad_remake.annexremotes.tests.test_remake_remote import create_keypair
+from datalad_remake.annexremotes.tests.test_remake_remote import import_keypair
 from datalad_remake.commands.tests.create_datasets import create_ds_hierarchy
 from datalad_remake.utils.verify import verify_file
 
@@ -16,8 +16,8 @@ def test_whitelist(tmp_path, monkeypatch):
 
     # Create two key-pairs, one is used for signing, the other is used to
     # validate the whitelist functionality.
-    signing_key = create_keypair(gpg_dir=gpg_dir, name=b'Signing User')
-    other_key = create_keypair(gpg_dir=gpg_dir, name=b'Other User')
+    signing_key = import_keypair(gpg_dir=gpg_dir, stem='test_key')
+    other_key = import_keypair(gpg_dir=gpg_dir, stem='other_key')
 
     # Activate the new keys to allow `create_ds_hierarchy` to sign the commits
     monkeypatch.setenv('GNUPGHOME', str(gpg_dir))