Skip to content

Commit fadacf2

Browse files
ttaylorrttaylorr
committed
Merge branch 'jk/avoid-localhost'
Various tests exercising the transfer.credentialsInUrl configuration are taught to avoid making requests which require resolving localhost to reduce CI-flakiness. * jk/avoid-localhost: t5516/t5601: be less strict about the number of credential warnings t5516: move plaintext-password tests from t5601 and t5516
2 parents c03801e + db8016b commit fadacf2

File tree

3 files changed

+77
-54
lines changed

3 files changed

+77
-54
lines changed

t/t5516-fetch-push.sh

Lines changed: 0 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -1853,37 +1853,6 @@ test_expect_success 'refuse to push a hidden ref, and make sure do not pollute t
18531853
test_dir_is_empty testrepo/.git/objects/pack
18541854
'
18551855

1856-
test_expect_success LIBCURL 'fetch warns or fails when using username:password' '
1857-
message="URL '\''https://username:<redacted>@localhost/'\'' uses plaintext credentials" &&
1858-
test_must_fail git -c transfer.credentialsInUrl=allow fetch https://username:password@localhost 2>err &&
1859-
! grep "$message" err &&
1860-
1861-
test_must_fail git -c transfer.credentialsInUrl=warn fetch https://username:password@localhost 2>err &&
1862-
grep "warning: $message" err >warnings &&
1863-
test_line_count = 3 warnings &&
1864-
1865-
test_must_fail git -c transfer.credentialsInUrl=die fetch https://username:password@localhost 2>err &&
1866-
grep "fatal: $message" err >warnings &&
1867-
test_line_count = 1 warnings &&
1868-
1869-
test_must_fail git -c transfer.credentialsInUrl=die fetch https://username:@localhost 2>err &&
1870-
grep "fatal: $message" err >warnings &&
1871-
test_line_count = 1 warnings
1872-
'
1873-
1874-
1875-
test_expect_success LIBCURL 'push warns or fails when using username:password' '
1876-
message="URL '\''https://username:<redacted>@localhost/'\'' uses plaintext credentials" &&
1877-
test_must_fail git -c transfer.credentialsInUrl=allow push https://username:password@localhost 2>err &&
1878-
! grep "$message" err &&
1879-
1880-
test_must_fail git -c transfer.credentialsInUrl=warn push https://username:password@localhost 2>err &&
1881-
grep "warning: $message" err >warnings &&
1882-
test_must_fail git -c transfer.credentialsInUrl=die push https://username:password@localhost 2>err &&
1883-
grep "fatal: $message" err >warnings &&
1884-
test_line_count = 1 warnings
1885-
'
1886-
18871856
test_expect_success 'push with config push.useBitmaps' '
18881857
mk_test testrepo heads/main &&
18891858
git checkout main &&

t/t5551-http-fetch-smart.sh

Lines changed: 77 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -580,4 +580,81 @@ test_expect_success 'passing hostname resolution information works' '
580580
git -c "http.curloptResolve=$BOGUS_HOST:$LIB_HTTPD_PORT:127.0.0.1" ls-remote "$BOGUS_HTTPD_URL/smart/repo.git" >/dev/null
581581
'
582582

583+
# here user%40host is the URL-encoded version of user@host,
584+
# which is our intentionally-odd username to catch parsing errors
585+
url_user=$HTTPD_URL_USER/auth/smart/repo.git
586+
url_userpass=$HTTPD_URL_USER_PASS/auth/smart/repo.git
587+
url_userblank=$HTTPD_PROTO://user%40host:@$HTTPD_DEST/auth/smart/repo.git
588+
message="URL .*:<redacted>@.* uses plaintext credentials"
589+
590+
test_expect_success 'clone warns or fails when using username:password' '
591+
test_when_finished "rm -rf attempt*" &&
592+
593+
git -c transfer.credentialsInUrl=allow \
594+
clone $url_userpass attempt1 2>err &&
595+
! grep "$message" err &&
596+
597+
git -c transfer.credentialsInUrl=warn \
598+
clone $url_userpass attempt2 2>err &&
599+
grep "warning: $message" err >warnings &&
600+
test_line_count -ge 1 warnings &&
601+
602+
test_must_fail git -c transfer.credentialsInUrl=die \
603+
clone $url_userpass attempt3 2>err &&
604+
grep "fatal: $message" err >warnings &&
605+
test_line_count -ge 1 warnings &&
606+
607+
test_must_fail git -c transfer.credentialsInUrl=die \
608+
clone $url_userblank attempt4 2>err &&
609+
grep "fatal: $message" err >warnings &&
610+
test_line_count -ge 1 warnings
611+
'
612+
613+
test_expect_success 'clone does not detect username:password when it is https://username@domain:port/' '
614+
test_when_finished "rm -rf attempt1" &&
615+
616+
# we are relying on lib-httpd for url construction, so document our
617+
# assumptions
618+
case "$HTTPD_URL_USER" in
619+
*:[0-9]*) : ok ;;
620+
*) BUG "httpd url does not have port: $HTTPD_URL_USER"
621+
esac &&
622+
623+
git -c transfer.credentialsInUrl=warn clone $url_user attempt1 2>err &&
624+
! grep "uses plaintext credentials" err
625+
'
626+
627+
test_expect_success 'fetch warns or fails when using username:password' '
628+
git -c transfer.credentialsInUrl=allow fetch $url_userpass 2>err &&
629+
! grep "$message" err &&
630+
631+
git -c transfer.credentialsInUrl=warn fetch $url_userpass 2>err &&
632+
grep "warning: $message" err >warnings &&
633+
test_line_count -ge 1 warnings &&
634+
635+
test_must_fail git -c transfer.credentialsInUrl=die \
636+
fetch $url_userpass 2>err &&
637+
grep "fatal: $message" err >warnings &&
638+
test_line_count -ge 1 warnings &&
639+
640+
test_must_fail git -c transfer.credentialsInUrl=die \
641+
fetch $url_userblank 2>err &&
642+
grep "fatal: $message" err >warnings &&
643+
test_line_count -ge 1 warnings
644+
'
645+
646+
647+
test_expect_success 'push warns or fails when using username:password' '
648+
git -c transfer.credentialsInUrl=allow push $url_userpass 2>err &&
649+
! grep "$message" err &&
650+
651+
git -c transfer.credentialsInUrl=warn push $url_userpass 2>err &&
652+
grep "warning: $message" err >warnings &&
653+
654+
test_must_fail git -c transfer.credentialsInUrl=die \
655+
push $url_userpass 2>err &&
656+
grep "fatal: $message" err >warnings &&
657+
test_line_count -ge 1 warnings
658+
'
659+
583660
test_done

t/t5601-clone.sh

Lines changed: 0 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -71,29 +71,6 @@ test_expect_success 'clone respects GIT_WORK_TREE' '
7171
7272
'
7373

74-
test_expect_success LIBCURL 'clone warns or fails when using username:password' '
75-
message="URL '\''https://username:<redacted>@localhost/'\'' uses plaintext credentials" &&
76-
test_must_fail git -c transfer.credentialsInUrl=allow clone https://username:password@localhost attempt1 2>err &&
77-
! grep "$message" err &&
78-
79-
test_must_fail git -c transfer.credentialsInUrl=warn clone https://username:password@localhost attempt2 2>err &&
80-
grep "warning: $message" err >warnings &&
81-
test_line_count = 2 warnings &&
82-
83-
test_must_fail git -c transfer.credentialsInUrl=die clone https://username:password@localhost attempt3 2>err &&
84-
grep "fatal: $message" err >warnings &&
85-
test_line_count = 1 warnings &&
86-
87-
test_must_fail git -c transfer.credentialsInUrl=die clone https://username:@localhost attempt3 2>err &&
88-
grep "fatal: $message" err >warnings &&
89-
test_line_count = 1 warnings
90-
'
91-
92-
test_expect_success LIBCURL 'clone does not detect username:password when it is https://username@domain:port/' '
93-
test_must_fail git -c transfer.credentialsInUrl=warn clone https://username@localhost:8080 attempt3 2>err &&
94-
! grep "uses plaintext credentials" err
95-
'
96-
9774
test_expect_success 'clone from hooks' '
9875
9976
test_create_repo r0 &&

0 commit comments

Comments
 (0)