diff --git a/test/integration/targets/git/tasks/change-repo-url.yml b/test/integration/targets/git/tasks/change-repo-url.yml new file mode 100644 index 0000000000..721db53c6a --- /dev/null +++ b/test/integration/targets/git/tasks/change-repo-url.yml @@ -0,0 +1,118 @@ +--- + +# test change of repo url +# see https://github.com/ansible/ansible-modules-core/pull/721 + +- name: clear checkout_dir + file: state=absent path={{ checkout_dir }} + +- name: Clone example git repo + git: + repo: '{{ repo_update_url_1 }}' + dest: '{{ checkout_dir }}' + +- name: Clone repo with changed url to the same place + git: + repo: '{{ repo_update_url_2 }}' + dest: '{{ checkout_dir }}' + register: clone2 + +- assert: + that: "clone2|success" + +- name: check url updated + shell: git remote show origin | grep Fetch + register: remote_url + args: + chdir: '{{ checkout_dir }}' + environment: + LC_ALL: C + +- assert: + that: + - "'git-test-new' in remote_url.stdout" + - "'git-test-old' not in remote_url.stdout" + +- name: check for new content in git-test-new + stat: path={{ checkout_dir }}/newfilename + register: repo_content + +- name: assert presence of new file in repo (i.e. working copy updated) + assert: + that: "repo_content.stat.exists" + +# Make sure 'changed' result is accurate in check mode. +# See https://github.com/ansible/ansible-modules-core/pull/4243 + +- name: clear checkout_dir + file: state=absent path={{ checkout_dir }} + +- name: clone repo + git: repo={{ repo_update_url_1 }} dest={{ checkout_dir }} + +- name: clone repo with same url to same destination + git: repo={{ repo_update_url_1 }} dest={{ checkout_dir }} + register: checkout_same_url + +- name: check repo not changed + assert: + that: + - not checkout_same_url|changed + + +- name: clone repo with new url to same destination + git: repo={{ repo_update_url_2 }} dest={{ checkout_dir }} + register: checkout_new_url + +- name: check repo changed + assert: + that: + - checkout_new_url|changed + + +- name: clone repo with new url in check mode + git: repo={{ repo_update_url_1 }} dest={{ checkout_dir }} + register: checkout_new_url_check_mode + check_mode: True + +- name: check repo reported changed in check mode + assert: + that: + - checkout_new_url_check_mode|changed + when: git_version.stdout | version_compare("{{git_version_supporting_ls_remote}}", '>=') + +- name: clone repo with new url after check mode + git: repo={{ repo_update_url_1 }} dest={{ checkout_dir }} + register: checkout_new_url_after_check_mode + +- name: check repo still changed after check mode + assert: + that: + - checkout_new_url_after_check_mode|changed + + +# Test that checkout by branch works when the branch is not in our current repo but the sha is + +- name: clear checkout_dir + file: state=absent path={{ checkout_dir }} + +- name: "Clone example git repo that we're going to modify" + git: + repo: '{{ repo_update_url_1 }}' + dest: '{{ checkout_dir }}/repo' + +- name: Clone the repo again - this is what we test + git: + repo: '{{ checkout_dir }}/repo' + dest: '{{ checkout_dir }}/checkout' + +- name: Add a branch to the repo + command: git branch new-branch + args: + chdir: '{{ checkout_dir }}/repo' + +- name: Checkout the new branch in the checkout + git: + repo: '{{ checkout_dir}}/repo' + version: 'new-branch' + dest: '{{ checkout_dir }}/checkout' diff --git a/test/integration/targets/git/tasks/checkout-new-tag.yml b/test/integration/targets/git/tasks/checkout-new-tag.yml new file mode 100644 index 0000000000..fded0af634 --- /dev/null +++ b/test/integration/targets/git/tasks/checkout-new-tag.yml @@ -0,0 +1,56 @@ +--- + +# test for https://github.com/ansible/ansible-modules-core/issues/527 +# clone a repo, add a tag to the same commit and try to checkout the new commit + + +- name: clear checkout_dir + file: + state: absent + path: '{{ checkout_dir }}' + +- name: checkout example repo + git: + repo: '{{ repo_dir }}/format1' + dest: '{{ checkout_dir }}' + +- name: get tags of head + command: git tag --contains + args: + chdir: "{{ checkout_dir }}" + register: listoftags + +- name: make sure the tag does not yet exist + assert: + that: + - "'newtag' not in listoftags.stdout_lines" + +- name: add tag in orig repo + command: git tag newtag + args: + chdir: "{{ repo_dir }}/format1" + +- name: update copy with new tag + git: + repo: '{{ repo_dir }}/format1' + dest: '{{checkout_dir}}' + version: newtag + register: update_new_tag + +- name: get tags of new head + command: git tag --contains + args: + chdir: "{{ checkout_dir }}" + register: listoftags + +- name: check new head + assert: + that: + - not update_new_tag|changed + - "'newtag' in listoftags.stdout_lines" + + +- name: clear checkout_dir + file: + state: absent + path: '{{ checkout_dir }}' diff --git a/test/integration/targets/git/tasks/depth.yml b/test/integration/targets/git/tasks/depth.yml new file mode 100644 index 0000000000..a60299f3e2 --- /dev/null +++ b/test/integration/targets/git/tasks/depth.yml @@ -0,0 +1,147 @@ +--- + +# Test the depth option and fetching revisions that were ignored first + +- name: clear checkout_dir + file: state=absent path={{ checkout_dir }} + +- name: Clone example git repo with depth 1 + git: + repo: 'file://{{ repo_dir|expanduser }}/shallow' + dest: '{{ checkout_dir }}' + depth: 1 + +- name: try to access earlier commit + command: "git checkout {{git_shallow_head_1.stdout}}" + register: checkout_early + failed_when: False + args: + chdir: '{{ checkout_dir }}' + +- name: make sure the old commit was not fetched + assert: + that: 'checkout_early.rc != 0' + when: git_version.stdout | version_compare("{{git_version_supporting_depth}}", '>=') + +# tests https://github.com/ansible/ansible/issues/14954 +- name: fetch repo again with depth=1 + git: + repo: 'file://{{ repo_dir|expanduser }}/shallow' + dest: '{{ checkout_dir }}' + depth: 1 + register: checkout2 + +- assert: + that: "not checkout2|changed" + when: git_version.stdout | version_compare("{{git_version_supporting_depth}}", '>=') + +- name: again try to access earlier commit + shell: "git checkout {{git_shallow_head_1.stdout}}" + register: checkout_early + failed_when: False + args: + chdir: '{{ checkout_dir }}' + +- name: again make sure the old commit was not fetched + assert: + that: 'checkout_early.rc != 0' + when: git_version.stdout | version_compare("{{git_version_supporting_depth}}", '>=') + +# make sure we are still able to fetch other versions +- name: Clone same repo with older version + git: + repo: 'file://{{ repo_dir|expanduser }}/shallow' + dest: '{{ checkout_dir }}' + depth: 1 + version: earlytag + register: cloneold + +- assert: + that: "cloneold|success" + +- name: try to access earlier commit + shell: "git checkout {{git_shallow_head_1.stdout}}" + args: + chdir: '{{ checkout_dir }}' + + + # Test for https://github.com/ansible/ansible-modules-core/issues/3456 + # clone a repo with depth and version specified + +- name: clone repo with both version and depth specified + git: + repo: 'file://{{ repo_dir|expanduser }}/shallow' + dest: '{{ checkout_dir }}' + depth: 1 + version: master + +- name: run a second time (now fetch, not clone) + git: + repo: 'file://{{ repo_dir|expanduser }}/shallow' + dest: '{{ checkout_dir }}' + depth: 1 + version: master + register: git_fetch + +- name: ensure the fetch succeeded + assert: + that: git_fetch|success + + +- name: clear checkout_dir + file: state=absent path={{ checkout_dir }} + +- name: clone repo with both version and depth specified + git: + repo: 'file://{{ repo_dir|expanduser }}/shallow' + dest: '{{ checkout_dir }}' + depth: 1 + version: master + +- name: switch to older branch with depth=1 (uses fetch) + git: + repo: 'file://{{ repo_dir|expanduser }}/shallow' + dest: '{{ checkout_dir }}' + depth: 1 + version: earlybranch + register: git_fetch + +- name: ensure the fetch succeeded + assert: + that: git_fetch|success + +- name: clear checkout_dir + file: state=absent path={{ checkout_dir }} + +# test for https://github.com/ansible/ansible-modules-core/issues/3782 +# make sure shallow fetch works when no version is specified + +- name: checkout old repo + git: + repo: 'file://{{ repo_dir|expanduser }}/shallow' + dest: '{{ checkout_dir }}' + depth: 1 + +- name: "update repo" + shell: echo "3" > a; git commit -a -m "3" + args: + chdir: "{{repo_dir}}/shallow" + +- name: fetch updated repo + git: + repo: 'file://{{ repo_dir|expanduser }}/shallow' + dest: '{{ checkout_dir }}' + depth: 1 + register: git_fetch + ignore_errors: yes + +- name: check update arrived + assert: + that: + - "{{ lookup('file', checkout_dir+'/a' )}} == 3" + - git_fetch|changed + +- name: clear checkout_dir + file: + state: absent + path: "{{ checkout_dir }}" diff --git a/test/integration/targets/git/tasks/formats.yml b/test/integration/targets/git/tasks/formats.yml new file mode 100644 index 0000000000..396e24deaf --- /dev/null +++ b/test/integration/targets/git/tasks/formats.yml @@ -0,0 +1,42 @@ +--- + +- name: initial checkout + git: + repo: "{{ repo_format1 }}" + dest: "{{ repo_dir }}/format1" + register: git_result + +- name: verify information about the initial clone + assert: + that: + - "'before' in git_result" + - "'after' in git_result" + - "not git_result.before" + - "git_result.changed" + +- name: repeated checkout + git: + repo: "{{ repo_format1 }}" + dest: "{{ repo_dir }}/format1" + register: git_result2 + +- name: check for tags + stat: + path: "{{ repo_dir }}/format1/.git/refs/tags" + register: tags + +- name: check for HEAD + stat: + path: "{{ repo_dir }}/format1/.git/HEAD" + register: head + +- name: assert presence of tags/trunk/branches + assert: + that: + - "tags.stat.isdir" + - "head.stat.isreg" + +- name: verify on a reclone things are marked unchanged + assert: + that: + - "not git_result2.changed" diff --git a/test/integration/targets/git/tasks/localmods.yml b/test/integration/targets/git/tasks/localmods.yml new file mode 100644 index 0000000000..866d025b77 --- /dev/null +++ b/test/integration/targets/git/tasks/localmods.yml @@ -0,0 +1,104 @@ +--- + +# test for https://github.com/ansible/ansible-modules-core/pull/5505 +- name: prepare old git repo + shell: rm -rf localmods; mkdir localmods; cd localmods; git init; echo "1" > a; git add a; git commit -m "1" + args: + chdir: "{{repo_dir}}" + +- name: checkout old repo + git: + repo: '{{ repo_dir }}/localmods' + dest: '{{ checkout_dir }}' + +- name: "update repo" + shell: echo "2" > a; git commit -a -m "2" + args: + chdir: "{{repo_dir}}/localmods" + +- name: "add local mods" + shell: echo "3" > a + args: + chdir: "{{ checkout_dir }}" + +- name: fetch with local mods without force (should fail) + git: + repo: '{{ repo_dir }}/localmods' + dest: '{{ checkout_dir }}' + register: git_fetch + ignore_errors: yes + +- name: check fetch with localmods failed + assert: + that: + - git_fetch|failed + +- name: fetch with local mods with force + git: + repo: '{{ repo_dir }}/localmods' + dest: '{{ checkout_dir }}' + force: True + register: git_fetch_force + ignore_errors: yes + +- name: check update arrived + assert: + that: + - "{{ lookup('file', checkout_dir+'/a' )}} == 2" + - git_fetch_force|changed + +- name: clear checkout_dir + file: state=absent path={{ checkout_dir }} + +# localmods and shallow clone +- name: prepare old git repo + shell: rm -rf localmods; mkdir localmods; cd localmods; git init; echo "1" > a; git add a; git commit -m "1" + args: + chdir: "{{repo_dir}}" + +- name: checkout old repo + git: + repo: '{{ repo_dir }}/localmods' + dest: '{{ checkout_dir }}' + depth: 1 + +- name: "update repo" + shell: echo "2" > a; git commit -a -m "2" + args: + chdir: "{{repo_dir}}/localmods" + +- name: "add local mods" + shell: echo "3" > a + args: + chdir: "{{ checkout_dir }}" + +- name: fetch with local mods without force (should fail) + git: + repo: '{{ repo_dir }}/localmods' + dest: '{{ checkout_dir }}' + depth: 1 + register: git_fetch + ignore_errors: yes + +- name: check fetch with localmods failed + assert: + that: + - git_fetch|failed + +- name: fetch with local mods with force + git: + repo: '{{ repo_dir }}/localmods' + dest: '{{ checkout_dir }}' + depth: 1 + force: True + register: git_fetch_force + ignore_errors: yes + +- name: check update arrived + assert: + that: + - "{{ lookup('file', checkout_dir+'/a' )}} == 2" + - git_fetch_force|changed + +- name: clear checkout_dir + file: state=absent path={{ checkout_dir }} diff --git a/test/integration/targets/git/tasks/main.yml b/test/integration/targets/git/tasks/main.yml index 80ee917190..c8ac11a1db 100644 --- a/test/integration/targets/git/tasks/main.yml +++ b/test/integration/targets/git/tasks/main.yml @@ -16,858 +16,16 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . -- name: set role facts - set_fact: - checkout_dir: '{{ output_dir }}/git' - repo_dir: '{{ output_dir }}/local_repos' - repo_format1: 'https://github.com/jimi-c/test_role' - repo_format2: 'git@github.com:jimi-c/test_role.git' - repo_format3: 'ssh://git@github.com/jimi-c/test_role.git' - repo_submodules: 'https://github.com/abadger/test_submodules.git' - repo_submodules_newer: 'https://github.com/abadger/test_submodules_newer.git' - repo_submodule1: 'https://github.com/abadger/test_submodules_subm1.git' - repo_submodule1_newer: 'https://github.com/abadger/test_submodules_subm1_newer.git' - repo_submodule2: 'https://github.com/abadger/test_submodules_subm2.git' - repo_update_url_1: 'https://github.com/ansible-test-robinro/git-test-old' - repo_update_url_2: 'https://github.com/ansible-test-robinro/git-test-new' - repo_depth_url: 'https://github.com/ansible-test-robinro/git-test-shallow-depth' - repo_verify: 'https://github.com/pixelrebel/ansible-git-test.git' - known_host_files: - - "{{ lookup('env','HOME') }}/.ssh/known_hosts" - - '/etc/ssh/ssh_known_hosts' - git_version_supporting_depth: 1.9.1 - git_version_supporting_ls_remote: 1.7.5 - -- name: clean out the output_dir - shell: rm -rf {{ output_dir }}/* - -- name: verify that git is installed so this test can continue - shell: which git - -- name: get git version, only newer than {{git_version_supporting_depth}} has fixed git depth - shell: git --version | grep 'git version' | sed 's/git version //' - register: git_version - -- name: get gpg version - shell: gpg --version 2>1 | head -1 | sed -e 's/gpg (GnuPG) //' - register: gpg_version - -- name: set dummy git config - shell: git config --global user.email "noreply@example.com"; git config --global user.name "Ansible Test Runner" - -- name: create repo_dir - file: path={{repo_dir}} state=directory - -# -# Test repo=https://github.com/... -# - - -- name: initial checkout - git: repo={{ repo_format1 }} dest={{ checkout_dir }} - register: git_result - -- name: verify information about the initial clone - assert: - that: - - "'before' in git_result" - - "'after' in git_result" - - "not git_result.before" - - "git_result.changed" - -- name: repeated checkout - git: repo={{ repo_format1 }} dest={{ checkout_dir }} - register: git_result2 - -- name: check for tags - stat: path={{ checkout_dir }}/.git/refs/tags - register: tags - -- name: check for HEAD - stat: path={{ checkout_dir }}/.git/HEAD - register: head - -- name: assert presence of tags/trunk/branches - assert: - that: - - "tags.stat.isdir" - - "head.stat.isreg" - -- name: verify on a reclone things are marked unchanged - assert: - that: - - "not git_result2.changed" - -# -# Test repo=git@github.com:/... -# Requires variable: github_ssh_private_key -# - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -- name: remove known_host files - file: state=absent path={{ item }} - with_items: "{{known_host_files}}" - -- name: checkout ssh://git@github.com repo without accept_hostkey (expected fail) - git: repo={{ repo_format2 }} dest={{ checkout_dir }} - register: git_result - ignore_errors: true - -- assert: - that: - - 'git_result.failed' - - 'git_result.msg == "github.com has an unknown hostkey. Set accept_hostkey to True or manually add the hostkey prior to running the git module"' - -- name: checkout git@github.com repo with accept_hostkey (expected pass) - git: - repo: '{{ repo_format2 }}' - dest: '{{ checkout_dir }}' - accept_hostkey: true - key_file: '{{ github_ssh_private_key }}' - register: git_result - when: github_ssh_private_key is defined - -- assert: - that: - - 'git_result.changed' - when: not git_result|skipped - -# -# Test repo=ssh://git@github.com/... -# Requires variable: github_ssh_private_key -# - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -- name: checkout ssh://git@github.com repo with accept_hostkey (expected pass) - git: - repo: '{{ repo_format3 }}' - dest: '{{ checkout_dir }}' - version: 'master' - accept_hostkey: false # should already have been accepted - key_file: '{{ github_ssh_private_key }}' - register: git_result - when: github_ssh_private_key is defined - -- assert: - that: - - 'git_result.changed' - when: not git_result|skipped - -# Test a non-updating repo query with no destination specified - -- name: get info on a repo without updating and with no destination specified - git: - repo: '{{ repo_format1 }}' - update: no - clone: no - accept_hostkey: yes - register: git_result - -- assert: - that: - - 'git_result.changed' - -# Test that a specific revision can be checked out - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -- name: clone to specific revision - git: - repo: "{{ repo_format1 }}" - dest: "{{ checkout_dir }}" - version: df4612ba925fbc1b3c51cbb006f51a0443bd2ce9 - -- name: check HEAD after clone to revision - command: git rev-parse HEAD chdir="{{ checkout_dir }}" - register: git_result - -- assert: - that: - - 'git_result.stdout == "df4612ba925fbc1b3c51cbb006f51a0443bd2ce9"' - -- name: update to specific revision - git: - repo: "{{ repo_format1 }}" - dest: "{{ checkout_dir }}" - version: 4e739a34719654db7b04896966e2354e1256ea5d - register: git_result - -- assert: - that: - - 'git_result.changed' - -- name: check HEAD after update to revision - command: git rev-parse HEAD chdir="{{ checkout_dir }}" - register: git_result - -- assert: - that: - - 'git_result.stdout == "4e739a34719654db7b04896966e2354e1256ea5d"' - -# Test a revision not available under refs/heads/ or refs/tags/ - -- name: attempt to get unavailable revision - git: - repo: "{{ repo_format1 }}" - dest: "{{ checkout_dir }}" - version: 2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b - ignore_errors: true - register: git_result - -- assert: - that: - - 'git_result.failed' - -# Same as the previous test, but this time we specify which ref -# contains the SHA1 -- name: update to revision by specifying the refspec - git: - repo: https://github.com/ansible/ansible-examples.git - dest: '{{ checkout_dir }}' - version: 2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b - refspec: refs/pull/7/merge - -- name: check HEAD after update with refspec - command: git rev-parse HEAD chdir="{{ checkout_dir }}" - register: git_result - -- assert: - that: - - 'git_result.stdout == "2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b"' - -# try out combination of refspec and depth -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -- name: update to revision by specifying the refspec with depth=1 - git: - repo: https://github.com/ansible/ansible-examples.git - dest: '{{ checkout_dir }}' - version: 2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b - refspec: refs/pull/7/merge - depth: 1 - -- name: check HEAD after update with refspec - command: git rev-parse HEAD chdir="{{ checkout_dir }}" - register: git_result - -- assert: - that: - - 'git_result.stdout == "2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b"' - -- name: try to access other commit - shell: git checkout 0ce1096 - register: checkout_shallow - failed_when: False - args: - chdir: '{{ checkout_dir }}' - -- name: make sure the old commit was not fetched - assert: - that: - - checkout_shallow.rc == 1 - - checkout_shallow|failed - when: git_version.stdout | version_compare("{{git_version_supporting_depth}}", '>=') - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -- name: clone to revision by specifying the refspec - git: - repo: https://github.com/ansible/ansible-examples.git - dest: '{{ checkout_dir }}' - version: 2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b - refspec: refs/pull/7/merge - -- name: check HEAD after update with refspec - command: git rev-parse HEAD chdir="{{ checkout_dir }}" - register: git_result - -- assert: - that: - - 'git_result.stdout == "2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b"' - -# -# Submodule tests -# - -# Repository A with submodules defined (repo_submodules) -# .gitmodules file points to Repository I -# Repository B forked from A that has newer commits (repo_submodules_newer) -# .gitmodules file points to Repository II instead of I -# .gitmodules file also points to Repository III -# Repository I for submodule1 (repo_submodule1) -# Has 1 file checked in -# Repository II forked from I that has newer commits (repo_submodule1_newer) -# Has 2 files checked in -# Repository III for a second submodule (repo_submodule2) -# Has 1 file checked in - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -- name: Test that clone without recursive does not retrieve submodules - git: - repo: '{{ repo_submodules }}' - dest: '{{ checkout_dir }}' - recursive: no - -- command: 'ls -1a {{ checkout_dir }}/submodule1' - register: submodule1 - -- assert: - that: '{{ submodule1.stdout_lines|length }} == 2' - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - - -- name: Test that clone with recursive retrieves submodules - git: - repo: '{{ repo_submodules }}' - dest: '{{ checkout_dir }}' - recursive: yes - -- command: 'ls -1a {{ checkout_dir }}/submodule1' - register: submodule1 - -- assert: - that: '{{ submodule1.stdout_lines|length }} == 4' - -- name: Copy the checkout so we can run several different tests on it - command: 'cp -pr {{ checkout_dir }} {{ checkout_dir }}.bak' - - - -- name: Test that update without recursive does not change submodules - command: 'git config --replace-all remote.origin.url {{ repo_submodules_newer }}' - args: - chdir: '{{ checkout_dir }}' - -- git: - repo: '{{ repo_submodules_newer }}' - dest: '{{ checkout_dir }}' - recursive: no - update: yes - track_submodules: yes - -- command: 'ls -1a {{ checkout_dir }}/submodule1' - register: submodule1 - -- stat: - path: '{{ checkout_dir }}/submodule2' - register: submodule2 - -- command: 'ls -1a {{ checkout_dir }}/submodule2' - register: submodule2 - -- assert: - that: '{{ submodule1.stdout_lines|length }} == 4' -- assert: - that: '{{ submodule2.stdout_lines|length }} == 2' - - - -- name: Restore checkout to prior state - file: state=absent path={{ checkout_dir }} -- command: 'cp -pr {{ checkout_dir }}.bak {{ checkout_dir }}' - -- name: Test that update with recursive updated existing submodules - command: 'git config --replace-all remote.origin.url {{ repo_submodules_newer }}' - args: - chdir: '{{ checkout_dir }}' - -- git: - repo: '{{ repo_submodules_newer }}' - dest: '{{ checkout_dir }}' - update: yes - recursive: yes - track_submodules: yes - -- command: 'ls -1a {{ checkout_dir }}/submodule1' - register: submodule1 - -- assert: - that: '{{ submodule1.stdout_lines|length }} == 5' - - -- name: Test that update with recursive found new submodules - command: 'ls -1a {{ checkout_dir }}/submodule2' - register: submodule2 - -- assert: - that: '{{ submodule2.stdout_lines|length }} == 4' -# test change of repo url -# see https://github.com/ansible/ansible-modules-core/pull/721 - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -- name: Clone example git repo - git: - repo: '{{ repo_update_url_1 }}' - dest: '{{ checkout_dir }}' - -- name: Clone repo with changed url to the same place - git: - repo: '{{ repo_update_url_2 }}' - dest: '{{ checkout_dir }}' - register: clone2 - -- assert: - that: "clone2|success" - -- name: check url updated - shell: git remote show origin | grep Fetch - register: remote_url - args: - chdir: '{{ checkout_dir }}' - environment: - LC_ALL: C - -- assert: - that: - - "'git-test-new' in remote_url.stdout" - - "'git-test-old' not in remote_url.stdout" - -- name: check for new content in git-test-new - stat: path={{ checkout_dir }}/newfilename - register: repo_content - -- name: assert presence of new file in repo (i.e. working copy updated) - assert: - that: "repo_content.stat.exists" - -# Make sure 'changed' result is accurate in check mode. -# See https://github.com/ansible/ansible-modules-core/pull/4243 - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -- name: clone repo - git: repo={{ repo_update_url_1 }} dest={{ checkout_dir }} - -- name: clone repo with same url to same destination - git: repo={{ repo_update_url_1 }} dest={{ checkout_dir }} - register: checkout_same_url - -- name: check repo not changed - assert: - that: - - not checkout_same_url|changed - - -- name: clone repo with new url to same destination - git: repo={{ repo_update_url_2 }} dest={{ checkout_dir }} - register: checkout_new_url - -- name: check repo changed - assert: - that: - - checkout_new_url|changed - - -- name: clone repo with new url in check mode - git: repo={{ repo_update_url_1 }} dest={{ checkout_dir }} - register: checkout_new_url_check_mode - check_mode: True - -- name: check repo reported changed in check mode - assert: - that: - - checkout_new_url_check_mode|changed - when: git_version.stdout | version_compare("{{git_version_supporting_ls_remote}}", '>=') - -- name: clone repo with new url after check mode - git: repo={{ repo_update_url_1 }} dest={{ checkout_dir }} - register: checkout_new_url_after_check_mode - -- name: check repo still changed after check mode - assert: - that: - - checkout_new_url_after_check_mode|changed - -# Test that checkout by branch works when the branch is not in our current repo but the sha is - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -- name: "Clone example git repo that we're going to modify" - git: - repo: '{{ repo_update_url_1 }}' - dest: '{{ checkout_dir }}/repo' - -- name: Clone the repo again - this is what we test - git: - repo: '{{ checkout_dir }}/repo' - dest: '{{ checkout_dir }}/checkout' - -- name: Add a branch to the repo - command: git branch new-branch - args: - chdir: '{{ checkout_dir }}/repo' - -- name: Checkout the new branch in the checkout - git: - repo: '{{ checkout_dir}}/repo' - version: 'new-branch' - dest: '{{ checkout_dir }}/checkout' - - -# Test the depth option and fetching revisions that were ignored first - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -- name: Clone example git repo with depth=1 - git: - repo: '{{ repo_depth_url }}' - dest: '{{ checkout_dir }}' - depth: 1 - -- name: try to access earlier commit - shell: git checkout 79624b4 - register: checkout_early - failed_when: False - args: - chdir: '{{ checkout_dir }}' - -- name: make sure the old commit was not fetched - assert: - that: checkout_early.rc == 1 - when: git_version.stdout | version_compare("{{git_version_supporting_depth}}", '>=') - -# tests https://github.com/ansible/ansible/issues/14954 -- name: fetch repo again with depth=1 - git: - repo: '{{ repo_depth_url }}' - dest: '{{ checkout_dir }}' - depth: 1 - register: checkout2 - -- assert: - that: "not checkout2|changed" - when: git_version.stdout | version_compare("{{git_version_supporting_depth}}", '>=') - -- name: again try to access earlier commit - shell: git checkout 79624b4 - register: checkout_early - failed_when: False - args: - chdir: '{{ checkout_dir }}' - -- name: again make sure the old commit was not fetched - assert: - that: checkout_early.rc == 1 - when: git_version.stdout | version_compare("{{git_version_supporting_depth}}", '>=') - -# make sure we are still able to fetch other versions -- name: Clone same repo with older version - git: - repo: '{{ repo_depth_url }}' - dest: '{{ checkout_dir }}' - depth: 1 - version: earlytag - register: cloneold - -- assert: - that: "cloneold|success" - -- name: try to access earlier commit - shell: git checkout 79624b4 - args: - chdir: '{{ checkout_dir }}' - -# test for https://github.com/ansible/ansible-modules-core/issues/527 -# clone a repo, add a tag to the same commit and try to checkout the new commit - - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -- name: checkout example repo - git: repo={{ repo_format1 }} dest={{ checkout_dir }} - -- name: clone example repo locally - git: repo={{ checkout_dir }} dest={{checkout_dir}}.copy - -- name: get tags of head - command: git tag --contains chdir="{{ checkout_dir }}.copy" - register: listoftags - -- name: make sure the tag does not yet exist - assert: - that: - - "'newtag' not in listoftags.stdout_lines" - -- name: add tag in orig repo - command: git tag newtag chdir="{{ checkout_dir }}" - -- name: update copy with new tag - git: repo={{ checkout_dir }} dest={{checkout_dir}}.copy version=newtag - register: update_new_tag - -- name: get tags of new head - command: git tag --contains chdir="{{ checkout_dir }}.copy" - register: listoftags - -- name: check new head - assert: - that: - - not update_new_tag|changed - - "'newtag' in listoftags.stdout_lines" - - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - - - # Test for https://github.com/ansible/ansible-modules-core/issues/3456 - # clone a repo with depth and version specified - -- name: clone repo with both version and depth specified - git: - repo: '{{ repo_depth_url }}' - dest: '{{ checkout_dir }}' - depth: 1 - version: master - -- name: run a second time (now fetch, not clone) - git: - repo: '{{ repo_depth_url }}' - dest: '{{ checkout_dir }}' - depth: 1 - version: master - register: git_fetch - -- name: ensure the fetch succeeded - assert: - that: git_fetch|success - - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -- name: clone repo with both version and depth specified - git: - repo: '{{ repo_depth_url }}' - dest: '{{ checkout_dir }}' - depth: 1 - version: master - -- name: switch to older branch with depth=1 (uses fetch) - git: - repo: '{{ repo_depth_url }}' - dest: '{{ checkout_dir }}' - depth: 1 - version: earlybranch - register: git_fetch - -- name: ensure the fetch succeeded - assert: - that: git_fetch|success - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -# test for https://github.com/ansible/ansible-modules-core/issues/3782 -# make sure shallow fetch works when no version is specified - -- name: prepare old git repo - shell: git init; echo "1" > a; git add a; git commit -m "1" - args: - chdir: "{{repo_dir}}" - -- name: checkout old repo - git: - repo: '{{ repo_dir }}' - dest: '{{ checkout_dir }}' - depth: 1 - -- name: "update repo" - shell: echo "2" > a; git commit -a -m "2" - args: - chdir: "{{repo_dir}}" - -- name: fetch updated repo - git: - repo: '{{ repo_dir }}' - dest: '{{ checkout_dir }}' - depth: 1 - register: git_fetch - ignore_errors: yes - -- name: check update arrived - assert: - that: - - "{{ lookup('file', checkout_dir+'/a' )}} == 2" - - git_fetch|changed - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - - - # Test for tag verification - # clone a repo checkout signed tag, verify tag - -- name: Import Jamie Evans GPG key - command: gpg --keyserver keyserver.ubuntu.com --recv-key 61107C8E - when: > - not gpg_version.stderr and - gpg_version.stdout and - (git_version.stdout | version_compare("2.1.0", '>=') or - gpg_version.stdout | version_compare("1.4.16", '>=')) - -- name: Copy ownertrust - copy: "content='2D55902D66FEEBCEA4447C93E79A36DA61107C8E:6:\n' dest=/tmp/ownertrust-git.txt" - when: > - not gpg_version.stderr and - gpg_version.stdout and - (git_version.stdout | version_compare("2.1.0", '>=') or - gpg_version.stdout | version_compare("1.4.16", '>=')) - -- name: Import ownertrust - command: gpg --import-ownertrust /tmp/ownertrust-git.txt - when: > - not gpg_version.stderr and - gpg_version.stdout and - (git_version.stdout | version_compare("2.1.0", '>=') or - gpg_version.stdout | version_compare("1.4.16", '>=')) - -- name: Clone signed repo and verify tag - git: repo={{ repo_verify }} dest={{ checkout_dir }} version=v0.0 verify_commit=yes - when: > - not gpg_version.stderr and - gpg_version.stdout and - (git_version.stdout | version_compare("2.1.0", '>=') or - gpg_version.stdout | version_compare("1.4.16", '>=')) - -- name: Remove Jamie Evans GPG key - command: gpg --batch --yes --delete-key 61107C8E - when: > - not gpg_version.stderr and - gpg_version.stdout and - (git_version.stdout | version_compare("2.1.0", '>=') or - gpg_version.stdout | version_compare("1.4.16", '>=')) - -- name: Clean up files - file: path="{{ item }}" state=absent - with_items: - - "{{ checkout_dir }}" - - /tmp/ownertrust-git.txt - when: > - not gpg_version.stderr and - gpg_version.stdout and - (git_version.stdout | version_compare("2.1.0", '>=') or - gpg_version.stdout | version_compare("1.4.16", '>=')) - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -# test for https://github.com/ansible/ansible-modules-core/pull/5505 -- name: prepare old git repo - shell: rm -rf localmods; mkdir localmods; cd localmods; git init; echo "1" > a; git add a; git commit -m "1" - args: - chdir: "{{repo_dir}}" - -- name: checkout old repo - git: - repo: '{{ repo_dir }}/localmods' - dest: '{{ checkout_dir }}' - -- name: "update repo" - shell: echo "2" > a; git commit -a -m "2" - args: - chdir: "{{repo_dir}}/localmods" - -- name: "add local mods" - shell: echo "3" > a - args: - chdir: "{{ checkout_dir }}" - -- name: fetch with local mods without force (should fail) - git: - repo: '{{ repo_dir }}/localmods' - dest: '{{ checkout_dir }}' - register: git_fetch - ignore_errors: yes - -- name: check fetch with localmods failed - assert: - that: - - git_fetch|failed - -- name: fetch with local mods with force - git: - repo: '{{ repo_dir }}/localmods' - dest: '{{ checkout_dir }}' - force: True - register: git_fetch_force - ignore_errors: yes - -- name: check update arrived - assert: - that: - - "{{ lookup('file', checkout_dir+'/a' )}} == 2" - - git_fetch_force|changed - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} - -# localmods and shallow clone -- name: prepare old git repo - shell: rm -rf localmods; mkdir localmods; cd localmods; git init; echo "1" > a; git add a; git commit -m "1" - args: - chdir: "{{repo_dir}}" - -- name: checkout old repo - git: - repo: '{{ repo_dir }}/localmods' - dest: '{{ checkout_dir }}' - depth: 1 - -- name: "update repo" - shell: echo "2" > a; git commit -a -m "2" - args: - chdir: "{{repo_dir}}/localmods" - -- name: "add local mods" - shell: echo "3" > a - args: - chdir: "{{ checkout_dir }}" - -- name: fetch with local mods without force (should fail) - git: - repo: '{{ repo_dir }}/localmods' - dest: '{{ checkout_dir }}' - depth: 1 - register: git_fetch - ignore_errors: yes - -- name: check fetch with localmods failed - assert: - that: - - git_fetch|failed - -- name: fetch with local mods with force - git: - repo: '{{ repo_dir }}/localmods' - dest: '{{ checkout_dir }}' - depth: 1 - force: True - register: git_fetch_force - ignore_errors: yes - -- name: check update arrived - assert: - that: - - "{{ lookup('file', checkout_dir+'/a' )}} == 2" - - git_fetch_force|changed - -- name: clear checkout_dir - file: state=absent path={{ checkout_dir }} +- include: setup.yml +- include: setup-local-repos.yml + +- include: formats.yml +- include: missing_hostkey.yml +- include: no-destination.yml +- include: specific-revision.yml +- include: submodules.yml +- include: change-repo-url.yml +- include: depth.yml +- include: checkout-new-tag.yml +- include: tag-verification.yml +- include: localmods.yml diff --git a/test/integration/targets/git/tasks/missing_hostkey.yml b/test/integration/targets/git/tasks/missing_hostkey.yml new file mode 100644 index 0000000000..ce19eea96f --- /dev/null +++ b/test/integration/targets/git/tasks/missing_hostkey.yml @@ -0,0 +1,54 @@ +--- + +- name: remove known_host files + file: + state: absent + path: '{{ item }}' + with_items: "{{known_host_files}}" + +- name: checkout ssh://git@github.com repo without accept_hostkey (expected fail) + git: + repo: '{{ repo_format2 }}' + dest: '{{ checkout_dir }}' + register: git_result + ignore_errors: true + +- assert: + that: + - 'git_result.failed' + - 'git_result.msg == "github.com has an unknown hostkey. Set accept_hostkey to True or manually add the hostkey prior to running the git module"' + +- name: checkout git@github.com repo with accept_hostkey (expected pass) + git: + repo: '{{ repo_format2 }}' + dest: '{{ checkout_dir }}' + accept_hostkey: true + key_file: '{{ github_ssh_private_key }}' + register: git_result + when: github_ssh_private_key is defined + +- assert: + that: + - 'git_result.changed' + when: not git_result|skipped + + +- name: clear checkout_dir + file: + state: absent + path: '{{ checkout_dir }}' + +- name: checkout ssh://git@github.com repo with accept_hostkey (expected pass) + git: + repo: '{{ repo_format3 }}' + dest: '{{ checkout_dir }}' + version: 'master' + accept_hostkey: false # should already have been accepted + key_file: '{{ github_ssh_private_key }}' + register: git_result + when: github_ssh_private_key is defined + +- assert: + that: + - 'git_result.changed' + when: not git_result|skipped diff --git a/test/integration/targets/git/tasks/no-destination.yml b/test/integration/targets/git/tasks/no-destination.yml new file mode 100644 index 0000000000..fd8513c1b0 --- /dev/null +++ b/test/integration/targets/git/tasks/no-destination.yml @@ -0,0 +1,14 @@ +--- +# Test a non-updating repo query with no destination specified + +- name: get info on a repo without updating and with no destination specified + git: + repo: '{{ repo_dir }}/minimal' + update: no + clone: no + accept_hostkey: yes + register: git_result + +- assert: + that: + - 'git_result.changed' diff --git a/test/integration/targets/git/tasks/setup-local-repos.yml b/test/integration/targets/git/tasks/setup-local-repos.yml new file mode 100644 index 0000000000..45b83fdf55 --- /dev/null +++ b/test/integration/targets/git/tasks/setup-local-repos.yml @@ -0,0 +1,28 @@ +--- + +- name: create dirs + file: + name: "{{item}}" + state: directory + with_items: + - "{{repo_dir}}/minimal" + - "{{repo_dir}}/shallow" + +- name: prepare minimal git repo + shell: git init; echo "1" > a; git add a; git commit -m "1" + args: + chdir: "{{repo_dir}}/minimal" + +- name: prepare git repo for shallow clone + shell: | + git init; + echo "1" > a; git add a; git commit -m "1"; git tag earlytag; git branch earlybranch; + echo "2" > a; git add a; git commit -m "2"; + args: + chdir: "{{repo_dir}}/shallow" + +- name: set old hash var for shallow test + command: 'git rev-parse HEAD~1' + register: git_shallow_head_1 + args: + chdir: "{{repo_dir}}/shallow" diff --git a/test/integration/targets/git/tasks/setup.yml b/test/integration/targets/git/tasks/setup.yml new file mode 100644 index 0000000000..4968fe2c2e --- /dev/null +++ b/test/integration/targets/git/tasks/setup.yml @@ -0,0 +1,28 @@ +--- + +- name: clean out the output_dir + file: + path: "{{ output_dir }}" + state: absent + +- name: create clean output_dir + file: + path: "{{ output_dir }}" + state: directory + +- name: verify that git is installed so this test can continue + shell: which git + +- name: get git version, only newer than {{git_version_supporting_depth}} has fixed git depth + shell: git --version | grep 'git version' | sed 's/git version //' + register: git_version + +- name: get gpg version + shell: gpg --version 2>1 | head -1 | sed -e 's/gpg (GnuPG) //' + register: gpg_version + +- name: set dummy git config + shell: git config --global user.email "noreply@example.com"; git config --global user.name "Ansible Test Runner" + +- name: create repo_dir + file: path={{repo_dir}} state=directory diff --git a/test/integration/targets/git/tasks/specific-revision.yml b/test/integration/targets/git/tasks/specific-revision.yml new file mode 100644 index 0000000000..7bdf0f2117 --- /dev/null +++ b/test/integration/targets/git/tasks/specific-revision.yml @@ -0,0 +1,138 @@ +--- + +# Test that a specific revision can be checked out + +- name: clear checkout_dir + file: + state: absent + path: '{{ checkout_dir }}' + +- name: clone to specific revision + git: + repo: "{{ repo_dir }}/format1" + dest: "{{ checkout_dir }}" + version: df4612ba925fbc1b3c51cbb006f51a0443bd2ce9 + +- name: check HEAD after clone to revision + command: git rev-parse HEAD + args: + chdir: "{{ checkout_dir }}" + register: git_result + +- assert: + that: + - 'git_result.stdout == "df4612ba925fbc1b3c51cbb006f51a0443bd2ce9"' + +- name: update to specific revision + git: + repo: "{{ repo_dir }}/format1" + dest: "{{ checkout_dir }}" + version: 4e739a34719654db7b04896966e2354e1256ea5d + register: git_result + +- assert: + that: + - 'git_result.changed' + +- name: check HEAD after update to revision + command: git rev-parse HEAD + args: + chdir: "{{ checkout_dir }}" + register: git_result + +- assert: + that: + - 'git_result.stdout == "4e739a34719654db7b04896966e2354e1256ea5d"' + +# Test a revision not available under refs/heads/ or refs/tags/ + +- name: attempt to get unavailable revision + git: + repo: "{{ repo_dir }}/format1" + dest: "{{ checkout_dir }}" + version: 2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b + ignore_errors: true + register: git_result + +- assert: + that: + - 'git_result.failed' + +# Same as the previous test, but this time we specify which ref +# contains the SHA1 +- name: update to revision by specifying the refspec + git: + repo: https://github.com/ansible/ansible-examples.git + dest: '{{ checkout_dir }}' + version: 2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b + refspec: refs/pull/7/merge + +- name: check HEAD after update with refspec + command: git rev-parse HEAD + args: + chdir: "{{ checkout_dir }}" + register: git_result + +- assert: + that: + - 'git_result.stdout == "2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b"' + +# try out combination of refspec and depth +- name: clear checkout_dir + file: + state: absent + path: '{{ checkout_dir }}' + +- name: update to revision by specifying the refspec with depth=1 + git: + repo: https://github.com/ansible/ansible-examples.git + dest: '{{ checkout_dir }}' + version: 2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b + refspec: refs/pull/7/merge + depth: 1 + +- name: check HEAD after update with refspec + command: git rev-parse HEAD + args: + chdir: "{{ checkout_dir }}" + register: git_result + +- assert: + that: + - 'git_result.stdout == "2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b"' + +- name: try to access other commit + shell: git checkout 0ce1096 + register: checkout_shallow + failed_when: False + args: + chdir: '{{ checkout_dir }}' + +- name: make sure the old commit was not fetched + assert: + that: + - 'checkout_shallow.rc != 0' + - checkout_shallow|failed + when: git_version.stdout | version_compare("{{git_version_supporting_depth}}", '>=') + +- name: clear checkout_dir + file: + state: absent + path: '{{ checkout_dir }}' + +- name: clone to revision by specifying the refspec + git: + repo: https://github.com/ansible/ansible-examples.git + dest: '{{ checkout_dir }}' + version: 2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b + refspec: refs/pull/7/merge + +- name: check HEAD after update with refspec + command: git rev-parse HEAD + args: + chdir: "{{ checkout_dir }}" + register: git_result + +- assert: + that: + - 'git_result.stdout == "2cfde3668b8bb10fbe2b9d5cec486025ad8cc51b"' diff --git a/test/integration/targets/git/tasks/submodules.yml b/test/integration/targets/git/tasks/submodules.yml new file mode 100644 index 0000000000..fc78a92ac1 --- /dev/null +++ b/test/integration/targets/git/tasks/submodules.yml @@ -0,0 +1,112 @@ +--- + +# +# Submodule tests +# + +# Repository A with submodules defined (repo_submodules) +# .gitmodules file points to Repository I +# Repository B forked from A that has newer commits (repo_submodules_newer) +# .gitmodules file points to Repository II instead of I +# .gitmodules file also points to Repository III +# Repository I for submodule1 (repo_submodule1) +# Has 1 file checked in +# Repository II forked from I that has newer commits (repo_submodule1_newer) +# Has 2 files checked in +# Repository III for a second submodule (repo_submodule2) +# Has 1 file checked in + +- name: clear checkout_dir + file: state=absent path={{ checkout_dir }} + +- name: Test that clone without recursive does not retrieve submodules + git: + repo: '{{ repo_submodules }}' + dest: '{{ checkout_dir }}' + recursive: no + +- command: 'ls -1a {{ checkout_dir }}/submodule1' + register: submodule1 + +- assert: + that: '{{ submodule1.stdout_lines|length }} == 2' + +- name: clear checkout_dir + file: state=absent path={{ checkout_dir }} + + +- name: Test that clone with recursive retrieves submodules + git: + repo: '{{ repo_submodules }}' + dest: '{{ checkout_dir }}' + recursive: yes + +- command: 'ls -1a {{ checkout_dir }}/submodule1' + register: submodule1 + +- assert: + that: '{{ submodule1.stdout_lines|length }} == 4' + +- name: Copy the checkout so we can run several different tests on it + command: 'cp -pr {{ checkout_dir }} {{ checkout_dir }}.bak' + + + +- name: Test that update without recursive does not change submodules + command: 'git config --replace-all remote.origin.url {{ repo_submodules_newer }}' + args: + chdir: '{{ checkout_dir }}' + +- git: + repo: '{{ repo_submodules_newer }}' + dest: '{{ checkout_dir }}' + recursive: no + update: yes + track_submodules: yes + +- command: 'ls -1a {{ checkout_dir }}/submodule1' + register: submodule1 + +- stat: + path: '{{ checkout_dir }}/submodule2' + register: submodule2 + +- command: 'ls -1a {{ checkout_dir }}/submodule2' + register: submodule2 + +- assert: + that: '{{ submodule1.stdout_lines|length }} == 4' +- assert: + that: '{{ submodule2.stdout_lines|length }} == 2' + + + +- name: Restore checkout to prior state + file: state=absent path={{ checkout_dir }} +- command: 'cp -pr {{ checkout_dir }}.bak {{ checkout_dir }}' + +- name: Test that update with recursive updated existing submodules + command: 'git config --replace-all remote.origin.url {{ repo_submodules_newer }}' + args: + chdir: '{{ checkout_dir }}' + +- git: + repo: '{{ repo_submodules_newer }}' + dest: '{{ checkout_dir }}' + update: yes + recursive: yes + track_submodules: yes + +- command: 'ls -1a {{ checkout_dir }}/submodule1' + register: submodule1 + +- assert: + that: '{{ submodule1.stdout_lines|length }} == 5' + + +- name: Test that update with recursive found new submodules + command: 'ls -1a {{ checkout_dir }}/submodule2' + register: submodule2 + +- assert: + that: '{{ submodule2.stdout_lines|length }} == 4' diff --git a/test/integration/targets/git/tasks/tag-verification.yml b/test/integration/targets/git/tasks/tag-verification.yml new file mode 100644 index 0000000000..6bd06b87e1 --- /dev/null +++ b/test/integration/targets/git/tasks/tag-verification.yml @@ -0,0 +1,57 @@ +--- + # Test for tag verification + # clone a repo checkout signed tag, verify tag + +- name: Import Jamie Evans GPG key + command: gpg --keyserver keyserver.ubuntu.com --recv-key 61107C8E + when: > + not gpg_version.stderr and + gpg_version.stdout and + (git_version.stdout | version_compare("2.1.0", '>=') or + gpg_version.stdout | version_compare("1.4.16", '>=')) + +- name: Copy ownertrust + copy: "content='2D55902D66FEEBCEA4447C93E79A36DA61107C8E:6:\n' dest=/tmp/ownertrust-git.txt" + when: > + not gpg_version.stderr and + gpg_version.stdout and + (git_version.stdout | version_compare("2.1.0", '>=') or + gpg_version.stdout | version_compare("1.4.16", '>=')) + +- name: Import ownertrust + command: gpg --import-ownertrust /tmp/ownertrust-git.txt + when: > + not gpg_version.stderr and + gpg_version.stdout and + (git_version.stdout | version_compare("2.1.0", '>=') or + gpg_version.stdout | version_compare("1.4.16", '>=')) + +- name: Clone signed repo and verify tag + git: repo={{ repo_verify }} dest={{ checkout_dir }} version=v0.0 verify_commit=yes + when: > + not gpg_version.stderr and + gpg_version.stdout and + (git_version.stdout | version_compare("2.1.0", '>=') or + gpg_version.stdout | version_compare("1.4.16", '>=')) + +- name: Remove Jamie Evans GPG key + command: gpg --batch --yes --delete-key 61107C8E + when: > + not gpg_version.stderr and + gpg_version.stdout and + (git_version.stdout | version_compare("2.1.0", '>=') or + gpg_version.stdout | version_compare("1.4.16", '>=')) + +- name: Clean up files + file: path="{{ item }}" state=absent + with_items: + - "{{ checkout_dir }}" + - /tmp/ownertrust-git.txt + when: > + not gpg_version.stderr and + gpg_version.stdout and + (git_version.stdout | version_compare("2.1.0", '>=') or + gpg_version.stdout | version_compare("1.4.16", '>=')) + +- name: clear checkout_dir + file: state=absent path={{ checkout_dir }} diff --git a/test/integration/targets/git/vars/main.yml b/test/integration/targets/git/vars/main.yml new file mode 100644 index 0000000000..1a3b6dbe04 --- /dev/null +++ b/test/integration/targets/git/vars/main.yml @@ -0,0 +1,20 @@ +--- + +checkout_dir: '{{ output_dir }}/git' +repo_dir: '{{ output_dir }}/local_repos' +repo_format1: 'https://github.com/jimi-c/test_role' +repo_format2: 'git@github.com:jimi-c/test_role.git' +repo_format3: 'ssh://git@github.com/jimi-c/test_role.git' +repo_submodules: 'https://github.com/abadger/test_submodules.git' +repo_submodules_newer: 'https://github.com/abadger/test_submodules_newer.git' +repo_submodule1: 'https://github.com/abadger/test_submodules_subm1.git' +repo_submodule1_newer: 'https://github.com/abadger/test_submodules_subm1_newer.git' +repo_submodule2: 'https://github.com/abadger/test_submodules_subm2.git' +repo_update_url_1: 'https://github.com/ansible-test-robinro/git-test-old' +repo_update_url_2: 'https://github.com/ansible-test-robinro/git-test-new' +repo_verify: 'https://github.com/pixelrebel/ansible-git-test.git' +known_host_files: + - "{{ lookup('env','HOME') }}/.ssh/known_hosts" + - '/etc/ssh/ssh_known_hosts' +git_version_supporting_depth: 1.9.1 +git_version_supporting_ls_remote: 1.7.5