WIP: Include tests for CLI whck
Web tests for endpoints.php are probably broken at this point. Will be fixed in a later commit.
This commit is contained in:
parent
a72ceda21c
commit
7eb833a59e
|
@ -12,5 +12,11 @@ This repository contains the specification and tests for the forge webhook endpo
|
||||||
Running tests requires the bats framework (`apt install bats`). You can run the `test.sh` script to start the tests. If you are not running from the implementation's folder, you may pass it as first argument the path to the program starting the local server (for tests).
|
Running tests requires the bats framework (`apt install bats`). You can run the `test.sh` script to start the tests. If you are not running from the implementation's folder, you may pass it as first argument the path to the program starting the local server (for tests).
|
||||||
|
|
||||||
```
|
```
|
||||||
$ ./test.sh ~/endpoints.php/server
|
$ ./test_web.sh ~/endpoints.php/server
|
||||||
|
```
|
||||||
|
|
||||||
|
If you're running test for a CLI program to check credentials (like [whck](https://tildegit.org/forge/whck)), use test_cli.sh instead:
|
||||||
|
|
||||||
|
```
|
||||||
|
$ ./test_cli.sh ~/whck/target/debug/whck
|
||||||
```
|
```
|
||||||
|
|
15
test_cli.sh
Executable file
15
test_cli.sh
Executable file
|
@ -0,0 +1,15 @@
|
||||||
|
#! /bin/bash
|
||||||
|
|
||||||
|
# Test me with: ./test_cli.sh PATH/TO/PROGRAM
|
||||||
|
|
||||||
|
SCRIPTDIR="$(dirname "$0")"
|
||||||
|
|
||||||
|
ORIGDIR="$(pwd)"
|
||||||
|
cd "$SCRIPTDIR"
|
||||||
|
|
||||||
|
export FORGEHOOK="$(pwd)/tests/mock-forgehook.sh"
|
||||||
|
export WHCK="$ORIGDIR"/"$1"
|
||||||
|
|
||||||
|
bats tests/cli/*.bats
|
||||||
|
|
||||||
|
cd "$ORIGDIR"
|
|
@ -25,6 +25,6 @@ cd "$SCRIPTDIR"
|
||||||
|
|
||||||
export FORGEHOOK="$(pwd)/tests/mock-forgehook.sh"
|
export FORGEHOOK="$(pwd)/tests/mock-forgehook.sh"
|
||||||
export FORGEHOOKNOTIFY=/bin/true
|
export FORGEHOOKNOTIFY=/bin/true
|
||||||
bats tests/*.bats
|
bats tests/web/*.bats
|
||||||
|
|
||||||
cd "$ORIGDIR"
|
cd "$ORIGDIR"
|
40
tests/cli/gitea.bats
Normal file
40
tests/cli/gitea.bats
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
#! /bin/bash
|
||||||
|
|
||||||
|
function setup {
|
||||||
|
# Load helper functions
|
||||||
|
load ../helper
|
||||||
|
# Which forgehook implementation to use?
|
||||||
|
if [ -z "$FORGEHOOK" ]; then FORGEHOOK="forgehook"; fi
|
||||||
|
|
||||||
|
# Which CLI validator to use?
|
||||||
|
if [ -z "$WHCK" ]; then WHCK="whck"; fi
|
||||||
|
|
||||||
|
export WHCK_DIR="$(mktemp -d)"
|
||||||
|
}
|
||||||
|
|
||||||
|
function teardown {
|
||||||
|
if [ -d $WHCK_DIR ]; then rm -r $WHCK_DIR; fi
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "correct signature works" {
|
||||||
|
repo="https://tildegit.org/forge/hook.sh"
|
||||||
|
webhook="$(gen_webhook ../gitea.json "$repo")"
|
||||||
|
secret="$($FORGEHOOK secret $repo)"
|
||||||
|
echo -n "$secret" > $WHCK_DIR/identifier
|
||||||
|
sig="$(hash_hmac sha256 "$webhook" "$secret")"
|
||||||
|
# Can't echo "$webhook" | $WHCK because of bats bug which eats STDIN
|
||||||
|
# Can't $WHCK <<< "$webhook" because bash appends a trailing newline?!
|
||||||
|
run $WHCK hmac-sha256 identifier "$sig" < <(echo -n "$webhook")
|
||||||
|
echo "$output"
|
||||||
|
[ $status -eq 0 ]
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "incorrect signature fails" {
|
||||||
|
repo="https://tildegit.org/forge/hook.sh"
|
||||||
|
webhook="$(gen_webhook ../gitea.json "$repo")"
|
||||||
|
secret="$($FORGEHOOK secret $repo)"
|
||||||
|
echo -n "FAIL$secret" > $WHCK_DIR/identifier
|
||||||
|
sig="$(hash_hmac sha256 "$webhook" "$secret")"
|
||||||
|
run $WHCK hmac-sha256 identifier "$sig" < <(echo -n "$webhook")
|
||||||
|
[ ! $status -eq 0 ]
|
||||||
|
}
|
40
tests/cli/github.bats
Normal file
40
tests/cli/github.bats
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
#! /bin/bash
|
||||||
|
|
||||||
|
function setup {
|
||||||
|
# Load helper functions
|
||||||
|
load ../helper
|
||||||
|
# Which forgehook implementation to use?
|
||||||
|
if [ -z "$FORGEHOOK" ]; then FORGEHOOK="forgehook"; fi
|
||||||
|
|
||||||
|
# Which CLI validator to use?
|
||||||
|
if [ -z "$WHCK" ]; then WHCK="whck"; fi
|
||||||
|
|
||||||
|
export WHCK_DIR="$(mktemp -d)"
|
||||||
|
}
|
||||||
|
|
||||||
|
function teardown {
|
||||||
|
if [ -d $WHCK_DIR ]; then rm -r $WHCK_DIR; fi
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "correct signature works" {
|
||||||
|
repo="https://tildegit.org/forge/hook.sh"
|
||||||
|
webhook="$(gen_webhook ../github.json "$repo")"
|
||||||
|
secret="$($FORGEHOOK secret $repo)"
|
||||||
|
echo -n "$secret" > $WHCK_DIR/identifier
|
||||||
|
sig="$(hash_hmac sha256 "$webhook" "$secret")"
|
||||||
|
# Can't echo "$webhook" | $WHCK because of bats bug which eats STDIN
|
||||||
|
# Can't $WHCK <<< "$webhook" because bash appends a trailing newline?!
|
||||||
|
run $WHCK hmac-sha256 identifier "$sig" < <(echo -n "$webhook")
|
||||||
|
echo "$output"
|
||||||
|
[ $status -eq 0 ]
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "incorrect signature fails" {
|
||||||
|
repo="https://tildegit.org/forge/hook.sh"
|
||||||
|
webhook="$(gen_webhook ../gitea.json "$repo")"
|
||||||
|
secret="$($FORGEHOOK secret $repo)"
|
||||||
|
echo -n "FAIL$secret" > $WHCK_DIR/identifier
|
||||||
|
sig="$(hash_hmac sha256 "$webhook" "$secret")"
|
||||||
|
run $WHCK hmac-sha256 identifier "$sig" < <(echo -n "$webhook")
|
||||||
|
[ ! $status -eq 0 ]
|
||||||
|
}
|
38
tests/cli/gitlab.bats
Normal file
38
tests/cli/gitlab.bats
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
#! /bin/bash
|
||||||
|
|
||||||
|
function setup {
|
||||||
|
# Load helper functions
|
||||||
|
load ../helper
|
||||||
|
# Which forgehook implementation to use?
|
||||||
|
if [ -z "$FORGEHOOK" ]; then FORGEHOOK="forgehook"; fi
|
||||||
|
|
||||||
|
# Which CLI validator to use?
|
||||||
|
if [ -z "$WHCK" ]; then WHCK="whck"; fi
|
||||||
|
|
||||||
|
export WHCK_DIR="$(mktemp -d)"
|
||||||
|
}
|
||||||
|
|
||||||
|
function teardown {
|
||||||
|
if [ -f $WHCK_DIR ]; then rm $WHCK_DIR; fi
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "correct signature works" {
|
||||||
|
repo="https://tildegit.org/forge/hook.sh"
|
||||||
|
webhook="$(gen_webhook ../gitea.json "$repo")"
|
||||||
|
secret="$($FORGEHOOK secret $repo)"
|
||||||
|
echo -n "$secret" > $WHCK_DIR/identifier
|
||||||
|
# Can't echo "$webhook" | $WHCK because of bats bug which eats STDIN
|
||||||
|
# Can't $WHCK <<< "$webhook" because bash appends a trailing newline?!
|
||||||
|
run $WHCK token identifier "$secret" < <(echo -n "$webhook")
|
||||||
|
echo "$output"
|
||||||
|
[ $status -eq 0 ]
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "incorrect signature fails" {
|
||||||
|
repo="https://tildegit.org/forge/hook.sh"
|
||||||
|
webhook="$(gen_webhook ../gitea.json "$repo")"
|
||||||
|
secret="$($FORGEHOOK secret $repo)"
|
||||||
|
echo -n "FAIL$secret" > $WHCK_DIR/identifier
|
||||||
|
run $WHCK token identifier "$secret" < <(echo -n "$webhook")
|
||||||
|
[ ! $status -eq 0 ]
|
||||||
|
}
|
|
@ -21,10 +21,12 @@ function gen_webhook() {
|
||||||
# SECRET: the secret for this transaction
|
# SECRET: the secret for this transaction
|
||||||
# HEADER: where to store the secret
|
# HEADER: where to store the secret
|
||||||
function send_webhook {
|
function send_webhook {
|
||||||
echo "$2" > $TMPFILE
|
TMPFILE="$(mktemp)"
|
||||||
|
echo -n "$2" > $TMPFILE
|
||||||
|
|
||||||
# We can make a few attempts, just in case the webserver hasn't started yet
|
# We can make a few attempts, just in case the webserver hasn't started yet
|
||||||
n=0
|
n=0
|
||||||
|
status=""
|
||||||
while [[ "$status" != "0" ]]; do
|
while [[ "$status" != "0" ]]; do
|
||||||
if [ $n -eq 3 ]; then
|
if [ $n -eq 3 ]; then
|
||||||
# Failed to reach server after 3 attempts
|
# Failed to reach server after 3 attempts
|
||||||
|
@ -32,16 +34,20 @@ function send_webhook {
|
||||||
fi
|
fi
|
||||||
# --data-binary so that newlines aren't broken
|
# --data-binary so that newlines aren't broken
|
||||||
# (otherwise, signature won't match)
|
# (otherwise, signature won't match)
|
||||||
run curl --header "Content-Type: application/json" \
|
output="$(curl --header "Content-Type: application/json" \
|
||||||
--header ""$4": "$3"" \
|
--header ""$4": "$3"" \
|
||||||
--request POST \
|
--request POST \
|
||||||
--data-binary @$TMPFILE \
|
--data-binary @$TMPFILE \
|
||||||
-s -w "%{http_code}" \
|
-s -w "%{http_code}" \
|
||||||
"$1"
|
"$1")"
|
||||||
|
status=$?
|
||||||
|
rm $TMPFILE
|
||||||
# Requested succeeded, break out of loop
|
# Requested succeeded, break out of loop
|
||||||
if [ $status -eq 0 ]; then
|
if [ $status -eq 0 ]; then
|
||||||
echo "$output"
|
if [[ ! "$output" = 200 ]]; then
|
||||||
if [[ ! "$output" = 200 ]]; then return 2; fi
|
echo "|$output|"
|
||||||
|
return 2
|
||||||
|
fi
|
||||||
return 0;
|
return 0;
|
||||||
fi
|
fi
|
||||||
((n++))
|
((n++))
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
function setup {
|
function setup {
|
||||||
# Load helper functions
|
# Load helper functions
|
||||||
load helper
|
load ../helper
|
||||||
# Which forgehook implementation to use?
|
# Which forgehook implementation to use?
|
||||||
if [ -z "$FORGEHOOK" ]; then FORGEHOOK="forgehook"; fi
|
if [ -z "$FORGEHOOK" ]; then FORGEHOOK="forgehook"; fi
|
||||||
port=$(find_free_port)
|
port=$(find_free_port)
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
function setup {
|
function setup {
|
||||||
# Load helper functions
|
# Load helper functions
|
||||||
load helper
|
load ../helper
|
||||||
# Which forgehook implementation to use?
|
# Which forgehook implementation to use?
|
||||||
if [ -z "$FORGEHOOK" ]; then FORGEHOOK="forgehook"; fi
|
if [ -z "$FORGEHOOK" ]; then FORGEHOOK="forgehook"; fi
|
||||||
port=$(find_free_port)
|
port=$(find_free_port)
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
function setup {
|
function setup {
|
||||||
# Load helper functions
|
# Load helper functions
|
||||||
load helper
|
load ../helper
|
||||||
# Which forgehook implementation to use?
|
# Which forgehook implementation to use?
|
||||||
if [ -z "$FORGEHOOK" ]; then FORGEHOOK="forgehook"; fi
|
if [ -z "$FORGEHOOK" ]; then FORGEHOOK="forgehook"; fi
|
||||||
port=$(find_free_port)
|
port=$(find_free_port)
|
Loading…
Reference in New Issue
Block a user