From 9f5511c8d54191367cb935899e31810266c3632c Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Sun, 28 May 2023 20:23:24 +0200 Subject: [PATCH 1/7] osxkeychain: use go build constraint Signed-off-by: CrazyMax --- osxkeychain/cmd/{main_darwin.go => main.go} | 2 ++ osxkeychain/{osxkeychain_darwin.c => osxkeychain.c} | 2 +- osxkeychain/{osxkeychain_darwin.go => osxkeychain.go} | 4 +++- osxkeychain/{osxkeychain_darwin.h => osxkeychain.h} | 0 .../{osxkeychain_darwin_test.go => osxkeychain_test.go} | 2 ++ 5 files changed, 8 insertions(+), 2 deletions(-) rename osxkeychain/cmd/{main_darwin.go => main.go} (88%) rename osxkeychain/{osxkeychain_darwin.c => osxkeychain.c} (99%) rename osxkeychain/{osxkeychain_darwin.go => osxkeychain.go} (99%) rename osxkeychain/{osxkeychain_darwin.h => osxkeychain.h} (100%) rename osxkeychain/{osxkeychain_darwin_test.go => osxkeychain_test.go} (99%) diff --git a/osxkeychain/cmd/main_darwin.go b/osxkeychain/cmd/main.go similarity index 88% rename from osxkeychain/cmd/main_darwin.go rename to osxkeychain/cmd/main.go index e3ab9ab7..08844b47 100644 --- a/osxkeychain/cmd/main_darwin.go +++ b/osxkeychain/cmd/main.go @@ -1,3 +1,5 @@ +//go:build darwin && cgo + package main import ( diff --git a/osxkeychain/osxkeychain_darwin.c b/osxkeychain/osxkeychain.c similarity index 99% rename from osxkeychain/osxkeychain_darwin.c rename to osxkeychain/osxkeychain.c index 845012bd..840b85a5 100644 --- a/osxkeychain/osxkeychain_darwin.c +++ b/osxkeychain/osxkeychain.c @@ -1,4 +1,4 @@ -#include "osxkeychain_darwin.h" +#include "osxkeychain.h" #include #include #include diff --git a/osxkeychain/osxkeychain_darwin.go b/osxkeychain/osxkeychain.go similarity index 99% rename from osxkeychain/osxkeychain_darwin.go rename to osxkeychain/osxkeychain.go index 08a08463..e6347304 100644 --- a/osxkeychain/osxkeychain_darwin.go +++ b/osxkeychain/osxkeychain.go @@ -1,10 +1,12 @@ +//go:build darwin && cgo + package osxkeychain /* #cgo CFLAGS: -x objective-c #cgo LDFLAGS: -framework Security -framework Foundation -#include "osxkeychain_darwin.h" +#include "osxkeychain.h" #include */ import "C" diff --git a/osxkeychain/osxkeychain_darwin.h b/osxkeychain/osxkeychain.h similarity index 100% rename from osxkeychain/osxkeychain_darwin.h rename to osxkeychain/osxkeychain.h diff --git a/osxkeychain/osxkeychain_darwin_test.go b/osxkeychain/osxkeychain_test.go similarity index 99% rename from osxkeychain/osxkeychain_darwin_test.go rename to osxkeychain/osxkeychain_test.go index 425f3140..447c1452 100644 --- a/osxkeychain/osxkeychain_darwin_test.go +++ b/osxkeychain/osxkeychain_test.go @@ -1,3 +1,5 @@ +//go:build darwin && cgo + package osxkeychain import ( From 6a2f53622ba04d3c7dfbe5b1a6f1e13f4bd59bf8 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Sun, 28 May 2023 20:23:33 +0200 Subject: [PATCH 2/7] secretservice: use go build constraint Signed-off-by: CrazyMax --- secretservice/cmd/{main_linux.go => main.go} | 2 ++ secretservice/{secretservice_linux.c => secretservice.c} | 2 +- secretservice/{secretservice_linux.go => secretservice.go} | 4 +++- secretservice/{secretservice_linux.h => secretservice.h} | 0 .../{secretservice_linux_test.go => secretservice_test.go} | 2 ++ 5 files changed, 8 insertions(+), 2 deletions(-) rename secretservice/cmd/{main_linux.go => main.go} (89%) rename secretservice/{secretservice_linux.c => secretservice.c} (99%) rename secretservice/{secretservice_linux.go => secretservice.go} (98%) rename secretservice/{secretservice_linux.h => secretservice.h} (100%) rename secretservice/{secretservice_linux_test.go => secretservice_test.go} (98%) diff --git a/secretservice/cmd/main_linux.go b/secretservice/cmd/main.go similarity index 89% rename from secretservice/cmd/main_linux.go rename to secretservice/cmd/main.go index 6965ca75..22d2a6d4 100644 --- a/secretservice/cmd/main_linux.go +++ b/secretservice/cmd/main.go @@ -1,3 +1,5 @@ +//go:build linux && cgo + package main import ( diff --git a/secretservice/secretservice_linux.c b/secretservice/secretservice.c similarity index 99% rename from secretservice/secretservice_linux.c rename to secretservice/secretservice.c index 73502a2e..676cddb2 100644 --- a/secretservice/secretservice_linux.c +++ b/secretservice/secretservice.c @@ -1,6 +1,6 @@ #include #include -#include "secretservice_linux.h" +#include "secretservice.h" const SecretSchema *docker_get_schema(void) { diff --git a/secretservice/secretservice_linux.go b/secretservice/secretservice.go similarity index 98% rename from secretservice/secretservice_linux.go rename to secretservice/secretservice.go index 9b1d4cca..caf0fe7c 100644 --- a/secretservice/secretservice_linux.go +++ b/secretservice/secretservice.go @@ -1,9 +1,11 @@ +//go:build linux && cgo + package secretservice /* #cgo pkg-config: libsecret-1 -#include "secretservice_linux.h" +#include "secretservice.h" #include */ import "C" diff --git a/secretservice/secretservice_linux.h b/secretservice/secretservice.h similarity index 100% rename from secretservice/secretservice_linux.h rename to secretservice/secretservice.h diff --git a/secretservice/secretservice_linux_test.go b/secretservice/secretservice_test.go similarity index 98% rename from secretservice/secretservice_linux_test.go rename to secretservice/secretservice_test.go index 402fdfaf..7609d656 100644 --- a/secretservice/secretservice_linux_test.go +++ b/secretservice/secretservice_test.go @@ -1,3 +1,5 @@ +//go:build linux && cgo + package secretservice import ( From 90bf5da1c9361944281b1530c48c85efd955f076 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Sun, 28 May 2023 20:23:45 +0200 Subject: [PATCH 3/7] wincred: use go build constraint Signed-off-by: CrazyMax --- wincred/cmd/{main_windows.go => main.go} | 2 ++ wincred/{wincred_windows.go => wincred.go} | 2 ++ wincred/{wincred_windows_test.go => wincred_test.go} | 2 ++ 3 files changed, 6 insertions(+) rename wincred/cmd/{main_windows.go => main.go} (90%) rename wincred/{wincred_windows.go => wincred.go} (99%) rename wincred/{wincred_windows_test.go => wincred_test.go} (99%) diff --git a/wincred/cmd/main_windows.go b/wincred/cmd/main.go similarity index 90% rename from wincred/cmd/main_windows.go rename to wincred/cmd/main.go index c0b797fb..d2bcefb7 100644 --- a/wincred/cmd/main_windows.go +++ b/wincred/cmd/main.go @@ -1,3 +1,5 @@ +//go:build windows + package main import ( diff --git a/wincred/wincred_windows.go b/wincred/wincred.go similarity index 99% rename from wincred/wincred_windows.go rename to wincred/wincred.go index 9579ce59..41c792bc 100644 --- a/wincred/wincred_windows.go +++ b/wincred/wincred.go @@ -1,3 +1,5 @@ +//go:build windows + package wincred import ( diff --git a/wincred/wincred_windows_test.go b/wincred/wincred_test.go similarity index 99% rename from wincred/wincred_windows_test.go rename to wincred/wincred_test.go index e6010fe2..ed5f1f84 100644 --- a/wincred/wincred_windows_test.go +++ b/wincred/wincred_test.go @@ -1,3 +1,5 @@ +//go:build windows + package wincred import ( From ea29253d2ab166073e04dfd5a5c1c6140094221b Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Sun, 28 May 2023 20:03:51 +0200 Subject: [PATCH 4/7] ci: install pass on macOS for testing Signed-off-by: CrazyMax --- .github/workflows/build.yml | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f05e9683..72b6523b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -59,14 +59,19 @@ jobs: go-version: ${{ env.GO_VERSION }} cache: true - - name: Install deps + name: Install deps (ubuntu) if: startsWith(matrix.os, 'ubuntu-') run: | sudo apt-get update sudo apt-get install -y dbus-x11 gnome-keyring libsecret-1-dev pass + - + name: Install deps (macOS) + if: startsWith(matrix.os, 'macOS-') + run: | + brew install pass - name: GPG conf - if: startsWith(matrix.os, 'ubuntu-') + if: ${{ !startsWith(matrix.os, 'windows-') }} uses: actions/github-script@v6 id: gpg with: @@ -83,18 +88,21 @@ jobs: core.setOutput('passphrase', fs.readFileSync('.github/workflows/fixtures/7D851EB72D73BDA0.pass', {encoding: 'utf8'})); - name: Import GPG key - if: startsWith(matrix.os, 'ubuntu-') + if: ${{ !startsWith(matrix.os, 'windows-') }} uses: crazy-max/ghaction-import-gpg@v5 with: gpg_private_key: ${{ steps.gpg.outputs.key }} passphrase: ${{ steps.gpg.outputs.passphrase }} + - + name: Init pass + if: ${{ !startsWith(matrix.os, 'windows-') }} + run: | + echo -e "trust\n5\ny" | gpg --batch --no-tty --command-fd 0 --edit-key 7D851EB72D73BDA0 + pass init 7D851EB72D73BDA0 + shell: bash - name: Test run: | - if [[ "${{ matrix.os }}" = ubuntu-* ]]; then - echo -e "trust\n5\ny" | gpg --batch --no-tty --command-fd 0 --edit-key 7D851EB72D73BDA0 - pass init 7D851EB72D73BDA0 - fi make test COVERAGEDIR=${{ env.DESTDIR }} shell: bash - From a51d46e82c09f93e841234df5342faa23d380d13 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Sun, 28 May 2023 20:54:28 +0200 Subject: [PATCH 5/7] ci: set gpg key trust level with import-gpg action Signed-off-by: CrazyMax --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 72b6523b..57683336 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -93,11 +93,11 @@ jobs: with: gpg_private_key: ${{ steps.gpg.outputs.key }} passphrase: ${{ steps.gpg.outputs.passphrase }} + trust_level: 5 - name: Init pass if: ${{ !startsWith(matrix.os, 'windows-') }} run: | - echo -e "trust\n5\ny" | gpg --batch --no-tty --command-fd 0 --edit-key 7D851EB72D73BDA0 pass init 7D851EB72D73BDA0 shell: bash - From d0668939bb1ef4df43274dc8770baaa710e63178 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Mon, 29 May 2023 11:33:00 +0200 Subject: [PATCH 6/7] pass: exclude tests on windows Signed-off-by: CrazyMax --- pass/pass_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pass/pass_test.go b/pass/pass_test.go index bec40530..352dcb30 100644 --- a/pass/pass_test.go +++ b/pass/pass_test.go @@ -1,3 +1,5 @@ +//go:build !windows + package pass import ( From 72391b37df1cd717a853e87eecd446d2bef10bb6 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Sun, 28 May 2023 20:36:04 +0200 Subject: [PATCH 7/7] pass: properly handle errors in tests Signed-off-by: CrazyMax --- pass/pass_test.go | 106 +++++++++++++++++++++++++++++++--------------- 1 file changed, 73 insertions(+), 33 deletions(-) diff --git a/pass/pass_test.go b/pass/pass_test.go index 352dcb30..8ab10f59 100644 --- a/pass/pass_test.go +++ b/pass/pass_test.go @@ -10,75 +10,115 @@ import ( ) func TestPassHelper(t *testing.T) { - helper := Pass{} - creds := &credentials.Credentials{ ServerURL: "https://foobar.docker.io:2376/v1", Username: "nothing", Secret: "isthebestmeshuggahalbum", } - _ = helper.CheckInitialized() + helper := Pass{} + if err := helper.checkInitialized(); err != nil { + t.Error(err) + } - helper.Add(creds) + if err := helper.Add(creds); err != nil { + t.Error(err) + } - creds.ServerURL = "https://foobar.docker.io:9999/v2" - helper.Add(creds) + u, s, err := helper.Get(creds.ServerURL) + if err != nil { + t.Error(err) + } + if u != creds.Username { + t.Errorf("invalid username %s", u) + } + if s != creds.Secret { + t.Errorf("invalid secret: %s", s) + } + + if err := helper.Delete(creds.ServerURL); err != nil { + t.Error(err) + } + if _, _, err := helper.Get(creds.ServerURL); !credentials.IsErrCredentialsNotFound(err) { + t.Errorf("expected credentials not found, actual: %v", err) + } +} + +func TestPassHelperCheckInit(t *testing.T) { + helper := Pass{} + if v := helper.CheckInitialized(); !v { + t.Errorf("expected true, actual: %v", v) + } +} + +func TestPassHelperList(t *testing.T) { + creds := []*credentials.Credentials{ + { + ServerURL: "https://foobar.docker.io:2376/v1", + Username: "foo", + Secret: "isthebestmeshuggahalbum", + }, + { + ServerURL: "https://foobar.docker.io:2375/v1", + Username: "bar", + Secret: "isthebestmeshuggahalbum", + }, + } + + helper := Pass{} + if err := helper.checkInitialized(); err != nil { + t.Error(err) + } + + for _, cred := range creds { + if err := helper.Add(cred); err != nil { + t.Error(err) + } + } credsList, err := helper.List() if err != nil { - t.Fatal(err) + t.Error(err) } - for server, username := range credsList { - if !(strings.Contains(server, "2376") || - strings.Contains(server, "9999")) { - t.Fatalf("invalid url: %s", creds.ServerURL) + if !(strings.HasSuffix(server, "2376/v1") || strings.HasSuffix(server, "2375/v1")) { + t.Errorf("invalid url: %s", server) } - - if username != "nothing" { - t.Fatalf("invalid username: %v", username) + if !(username == "foo" || username == "bar") { + t.Errorf("invalid username: %v", username) } u, s, err := helper.Get(server) if err != nil { - t.Fatal(err) + t.Error(err) } - if u != username { - t.Fatalf("invalid username %s", u) + t.Errorf("invalid username %s", u) } - if s != "isthebestmeshuggahalbum" { - t.Fatalf("invalid secret: %s", s) + t.Errorf("invalid secret: %s", s) } - err = helper.Delete(server) - if err != nil { - t.Fatal(err) + if err := helper.Delete(server); err != nil { + t.Error(err) } - - _, _, err = helper.Get(server) - if !credentials.IsErrCredentialsNotFound(err) { - t.Fatalf("expected credentials not found, actual: %v", err) + if _, _, err := helper.Get(server); !credentials.IsErrCredentialsNotFound(err) { + t.Errorf("expected credentials not found, actual: %v", err) } } credsList, err = helper.List() if err != nil { - t.Fatal(err) + t.Error(err) } - if len(credsList) != 0 { - t.Fatal("didn't delete all creds?") + t.Error("didn't delete all creds?") } } func TestMissingCred(t *testing.T) { helper := Pass{} - - _, _, err := helper.Get("garbage") - if !credentials.IsErrCredentialsNotFound(err) { - t.Fatalf("expected credentials not found, actual: %v", err) + if _, _, err := helper.Get("garbage"); !credentials.IsErrCredentialsNotFound(err) { + t.Errorf("expected credentials not found, actual: %v", err) } }