tests/test_CLI.py: create $GNUPGHOME on the fly #31
Conversation
I'm fine with this. You can pick and modify them as you like. I must admit we have abandoned bmaptool in our project and have no longer the infrastructure to test anything. |
Thank you!
I'm a bit worried about the same having happened to Yocto as there was very little activity in this project since March 2024. What is the status @JPEWdev @twoerner? |
|
I'm looking at it, but I've lost the ability to trigger workflows, so until that's done I can't run the CI to test this |
|
@josch Sorry, I cannot figure out why I can't retrigger the CI on this. Can you please rebase your branch on main and push it again? That should trigger it. |
- avoid expiration of keys by re-creating them - prevent gnupg version being incompatible with $GNUPGHOME in git Storing binary data is bad because: - git is not good at handling binary data - binary data is harder to inspect (remember the xz incident)
Passing 0xFFFFFFFFFFFFFFFF to read causes python to complain about:
OverflowError: cannot fit 'int' into an index-sized integer
Signed-off-by: Jörg Sommer <[email protected]>
The current tests do not take into account whether the `gpg` package has been installed or not. If it is missing, the tests should be skipped. Furthermore, the output of the tests must be checked in order to decide whether tests fail due to an exception or whether the desired error message is displayed. Signed-off-by: Jörg Sommer <[email protected]>
The verification of PGP signatures had some flaws and didn't work, because the Python API and the GPG interface have changed. Inline signatures were not detected, because of a comparison of string and byte array. And even after this the code failed, because `sig.status` is no longer available. Signed-off-by: Jörg Sommer <[email protected]>
Done, everything seems to pass, thank you! 😃 |
|
The signing tests where skipped for some reason, so I'm not sure the test run is valid. Can you please look into that? |
|
Thank you, nice catch! I wonder though what is missing I tried adding Still, in |
|
Maybe temporarily remove the |
|
Ah right.... I attempt to fix this here: f61172a but it still doesn't work because it can't seem to import gpg after the change. It's an unfortunate combination of the gpg and setuptools version.... and I'm not actually sure if there is a way to fix it cleanly since we are kinda stuck with version of gpg that comes from the distro. |
josch
force-pushed
the
autogengpghome
branch
3 times, most recently
from
72e6599 to
d489086
Compare
|
I was looking at your changes, and I finally figured out what the problem with the CI is. Basically, the pre-canned python versions provided by GitHub Actions can't possibly provide the gpg module correctly, because it must come from the host package. To facilitate this, I made a patch that extends the CI testing to test with "native" python, which can use the host python3-gpg, and thus run the tests. This should cherry-pick on your branch in place of the wip patch you have: JPEWdev@eb978ae and I'm pretty sure this will fix the CI Thanks so much for looking into this, it was really helpful! |
Fixes up the way that the GPG tests work by adding a new "native" python test version. This is required because the python 'gpg' module *must* come from the host package in order to patch libgpgme (e.g. 'python3-gpg'). It's not possible to get this module installed with the pre-canned python versions provided by GitHub Actions, so the gpg tests are skipped for this version, but using the host native python can.
|
Ah, sorry, I panic-removed my last comment. I must've clicked the wrong test because I still saw those skip messages. It looks fine for the native case now. Thanks! :) |
|
Had to squash and merge because this repo only allows rebase or squash, and rebase wasn't an option because the branch was not up to date. Doesn't matter too much :) Thanks! |
Storing binary data is bad because:
With this commit,
test_clearsignfails with "TypeError: 'NamedFile' object is not iterable" but I read that this issue is addressed by #1 so I'm not adding this here.