diff options
| author | Justin Worthe <justin@jemstep.com> | 2020-03-13 11:33:09 +0200 |
|---|---|---|
| committer | Justin Worthe <justin@jemstep.com> | 2020-03-13 11:33:09 +0200 |
| commit | 31b583d30f9ac42ce8056cad96cee9b715ff8da5 (patch) | |
| tree | f44faf8de8f03a9e1a75e958a35d5cc9ac008857 | |
| parent | 8ea472513df5d46fa234f2a5ca1b23737b1620d0 (diff) | |
Moved ReferenceUpdate parsing to happen with the rest of hook info parsing
| -rw-r--r-- | src/lib.rs | 10 | ||||
| -rw-r--r-- | src/policies.rs | 5 | ||||
| -rw-r--r-- | tests/policies_test.rs | 208 |
3 files changed, 147 insertions, 76 deletions
@@ -12,7 +12,7 @@ use crate::config::Config; use crate::fs::Fs; use crate::git::Git; use crate::gpg::Gpg; -use crate::policies::{policy_result::PolicyResult, *}; +use crate::policies::{policy_result::PolicyResult, reference_update::ReferenceUpdate, *}; pub mod config; pub mod error; @@ -76,10 +76,12 @@ pub fn pre_push<G: Git, P: Gpg>( _remote_ref: &str, remote_sha: &str, ) -> Result<PolicyResult, Box<dyn Error>> { + let ref_update = ReferenceUpdate::from_git_hook_format(remote_sha, local_sha, local_ref)?; + vec![config .verify_git_commits .as_ref() - .map(|c| verify_git_commits::<G, P>(git, gpg, c, remote_sha, local_sha, local_ref))] + .map(|c| verify_git_commits::<G, P>(git, gpg, c, &ref_update))] .into_iter() .flatten() .collect() @@ -93,10 +95,12 @@ pub fn pre_receive<G: Git, P: Gpg>( new_value: &str, ref_name: &str, ) -> Result<PolicyResult, Box<dyn Error>> { + let ref_update = ReferenceUpdate::from_git_hook_format(old_value, new_value, ref_name)?; + vec![config .verify_git_commits .as_ref() - .map(|c| verify_git_commits::<G, P>(git, gpg, c, old_value, new_value, ref_name))] + .map(|c| verify_git_commits::<G, P>(git, gpg, c, &ref_update))] .into_iter() .flatten() .collect() diff --git a/src/policies.rs b/src/policies.rs index 7d771a4..b02f770 100644 --- a/src/policies.rs +++ b/src/policies.rs @@ -34,13 +34,10 @@ pub fn verify_git_commits<G: Git, P: Gpg>( git: &G, gpg: P, config: &VerifyGitCommitsConfig, - old_value: &str, - new_value: &str, - ref_name: &str, + ref_update: &ReferenceUpdate, ) -> Result<PolicyResult, Box<dyn Error>> { info!("Executing policy: verify_git_commits"); let start = Instant::now(); - let ref_update = ReferenceUpdate::from_git_hook_format(old_value, new_value, ref_name)?; let mut policy_result = PolicyResult::Ok; diff --git a/tests/policies_test.rs b/tests/policies_test.rs index 0462297..966e95c 100644 --- a/tests/policies_test.rs +++ b/tests/policies_test.rs @@ -1,6 +1,7 @@ use capn; use capn::config::{Config, GitConfig, VerifyGitCommitsConfig}; use capn::policies; +use capn::policies::reference_update::ReferenceUpdate; use capn::git::LiveGit; use capn::gpg::test::MockGpg; @@ -87,9 +88,12 @@ fn verify_git_commits_happy_path_from_empty() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "0000000000000000000000000000000000000000", - "7f9763e189ade34345e683ab7e0c22d164280452", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "0000000000000000000000000000000000000000", + "7f9763e189ade34345e683ab7e0c22d164280452", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_ok(), "Error: {:?}", result); @@ -102,9 +106,12 @@ fn verify_git_commits_happy_path_from_existing() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "7f9763e189ade34345e683ab7e0c22d164280452", - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "7f9763e189ade34345e683ab7e0c22d164280452", + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_ok(), "Error: {:?}", result); @@ -117,9 +124,12 @@ fn verify_git_commits_happy_path_unsigned_trivial_no_fast_forward_merge() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "3eb315d10e2ad89555d7bfc78a1db1ce07bce434", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "3eb315d10e2ad89555d7bfc78a1db1ce07bce434", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_ok(), "Error: {:?}", result); @@ -132,9 +142,12 @@ fn verify_git_commits_happy_path_unsigned_trivial_merge() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "6754e4ec9b2dec567190d5a7f0be18b1a23d632a", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "6754e4ec9b2dec567190d5a7f0be18b1a23d632a", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_ok(), "Error: {:?}", result); @@ -147,9 +160,12 @@ fn verify_git_commits_single_unsigned_commit() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "d2e3bfdc923986d04e7a6368b5fdd78b1ddf84f1", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "d2e3bfdc923986d04e7a6368b5fdd78b1ddf84f1", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_err()); @@ -162,9 +178,12 @@ fn verify_git_commits_single_unsigned_commit_new_branch() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "0000000000000000000000000000000000000000", - "d2e3bfdc923986d04e7a6368b5fdd78b1ddf84f1", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "0000000000000000000000000000000000000000", + "d2e3bfdc923986d04e7a6368b5fdd78b1ddf84f1", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_err()); @@ -177,9 +196,12 @@ fn verify_git_commits_unsigned_commit_being_merged_in() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "ef1710ba8bd1f5ed0eec7883af30fca732d39afd", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "ef1710ba8bd1f5ed0eec7883af30fca732d39afd", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_err()); @@ -192,9 +214,12 @@ fn verify_git_commits_unsigned_commit_behind_a_merge_commit() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "e9752e78505f3c9bcec15d4bef4299caf0538388", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "e9752e78505f3c9bcec15d4bef4299caf0538388", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_err()); @@ -207,9 +232,12 @@ fn verify_git_commits_invalid_author() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "afe2141ef20abd098927adc66d6728821cb34f59", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "afe2141ef20abd098927adc66d6728821cb34f59", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_err()); @@ -222,9 +250,12 @@ fn verify_git_commits_code_injected_into_unsigned_merge() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "eef93e7f977c125f92fc78116fc9b881e4055ae8", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "eef93e7f977c125f92fc78116fc9b881e4055ae8", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_err()); @@ -238,9 +269,12 @@ fn verify_git_commits_happy_path_pushing_previously_checked_merge_commit() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "3eb315d10e2ad89555d7bfc78a1db1ce07bce434", - "3eb315d10e2ad89555d7bfc78a1db1ce07bce434", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "3eb315d10e2ad89555d7bfc78a1db1ce07bce434", + "3eb315d10e2ad89555d7bfc78a1db1ce07bce434", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_ok(), "Error: {:?}", result); @@ -253,9 +287,12 @@ fn verify_git_commits_author_merged_own_code_not_on_head() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "6004dfdb071c71e5e76ad55b924b576487e1c485", - "refs/heads/valid-branch", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "6004dfdb071c71e5e76ad55b924b576487e1c485", + "refs/heads/valid-branch", + ) + .unwrap(), ) .unwrap(); assert!(result.is_ok(), "Error: {:?}", result); @@ -274,9 +311,12 @@ fn verify_git_commits_author_merged_own_code_on_configured_mainline() { .unwrap(), MockGpg, &verify_commits_config(), - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "6004dfdb071c71e5e76ad55b924b576487e1c485", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "6004dfdb071c71e5e76ad55b924b576487e1c485", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_err()); @@ -295,9 +335,12 @@ fn verify_git_commits_author_trivial_merge_between_mainlines() { .unwrap(), MockGpg, &verify_commits_config(), - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "6004dfdb071c71e5e76ad55b924b576487e1c485", - "refs/heads/valid-branch", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "6004dfdb071c71e5e76ad55b924b576487e1c485", + "refs/heads/valid-branch", + ) + .unwrap(), ) .unwrap(); assert!(result.is_ok(), "Error: {:?}", result); @@ -310,9 +353,12 @@ fn verify_git_commits_author_merged_own_code_on_head() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "6004dfdb071c71e5e76ad55b924b576487e1c485", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "6004dfdb071c71e5e76ad55b924b576487e1c485", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_err()); @@ -325,9 +371,12 @@ fn verify_git_commits_author_merged_own_code_on_head_with_tag() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "e5924d0748c8852d74049679b34ca4b3b0570d0d", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "e5924d0748c8852d74049679b34ca4b3b0570d0d", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_ok()); @@ -340,9 +389,12 @@ fn verify_tagged_git_commits_override_rules() { &LiveGit::default("./").unwrap(), MockGpg, &verify_commits_config(), - "7f9763e189ade34345e683ab7e0c22d164280452", - "6f00838625cd1b7dc0acc66e43fee5594f0f124c", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "7f9763e189ade34345e683ab7e0c22d164280452", + "6f00838625cd1b7dc0acc66e43fee5594f0f124c", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_ok(), "Error: {:?}", result); @@ -358,9 +410,12 @@ fn verify_tagged_git_commits_not_overridden_if_not_enough_tags() { override_tags_required: 2, ..verify_commits_config() }, - "7f9763e189ade34345e683ab7e0c22d164280452", - "6f00838625cd1b7dc0acc66e43fee5594f0f124c", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "7f9763e189ade34345e683ab7e0c22d164280452", + "6f00838625cd1b7dc0acc66e43fee5594f0f124c", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_err()); @@ -376,9 +431,12 @@ fn verify_unrebased_branch_is_allowed_if_not_required() { verify_rebased: false, ..verify_commits_config() }, - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "6eea56095f7498043f1d3d74bad46056b92675ea", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "6eea56095f7498043f1d3d74bad46056b92675ea", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_ok(), "Error: {:?}", result); @@ -394,9 +452,12 @@ fn verify_unrebased_branch_is_blocked_if_required() { verify_rebased: true, ..verify_commits_config() }, - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "6eea56095f7498043f1d3d74bad46056b92675ea", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "6eea56095f7498043f1d3d74bad46056b92675ea", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_err()); @@ -412,9 +473,12 @@ fn verify_rebased_branch_is_allowed_when_required() { verify_rebased: true, ..verify_commits_config() }, - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "3eb315d10e2ad89555d7bfc78a1db1ce07bce434", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "3eb315d10e2ad89555d7bfc78a1db1ce07bce434", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_ok(), "Error: {:?}", result); @@ -430,9 +494,12 @@ fn verify_unrebased_branch_is_blocked_when_mainline_has_reverts() { verify_rebased: true, ..verify_commits_config() }, - "3f48e07e5f8d5ab932a0a298ba3dd52809eef6d2", - "3911fdcbba1621d39096cef1bddbf4b35be2aeb6", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "3f48e07e5f8d5ab932a0a298ba3dd52809eef6d2", + "3911fdcbba1621d39096cef1bddbf4b35be2aeb6", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_err()); @@ -448,9 +515,12 @@ fn verify_rebased_branch_is_allowed_when_a_force_push_has_occurred() { verify_rebased: true, ..verify_commits_config() }, - "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", - "02bb68e637bda7667428f8fb3b709be5720fe76a", - "refs/heads/master", + &ReferenceUpdate::from_git_hook_format( + "eb5e0185546b0bb1a13feec6b9ee8b39985fea42", + "02bb68e637bda7667428f8fb3b709be5720fe76a", + "refs/heads/master", + ) + .unwrap(), ) .unwrap(); assert!(result.is_ok(), "Error: {:?}", result); |