shithub Public

Watch 1 Fork 0 Star 0

Go · 3421 bytes Raw Blame History

  
        1
        // SPDX-License-Identifier: AGPL-3.0-or-later
      
        2
        
        3
        package protocol
      
        4
        
        5
        import (
      
        6
        	"strings"
      
        7
        	"testing"
      
        8
        
        9
        	reposdb "github.com/tenseleyFlow/shithub/internal/repos/sqlc"
      
        10
        	usersdb "github.com/tenseleyFlow/shithub/internal/users/sqlc"
      
        11
        )
      
        12
        
        13
        // TestBuildSSHEnv_InheritsParentEnv pins the contract that
      
        14
        // buildSSHEnv extends os.Environ() so SHITHUB_DATABASE_URL (and any
      
        15
        // other config var sourced by the git-shell-commands wrapper from
      
        16
        // /etc/shithub/web.env) propagates to the exec'd git binary, which
      
        17
        // in turn forks pre-receive / post-receive hooks that need it.
      
        18
        //
      
        19
        // Pre-fix: the function returned a minimal explicit list, so a
      
        20
        // `git push` over SSH made it through auth + dispatch + perms but
      
        21
        // crashed at the pre-receive hook with "DB URL not set". The HTTPS
      
        22
        // path didn't see this because shithubd-web's systemd unit sources
      
        23
        // web.env and receive-pack inherits it directly.
      
        24
        //
      
        25
        // This test does NOT need a database — buildSSHEnv has no side
      
        26
        // effects beyond constructing an env slice.
      
        27
        func TestBuildSSHEnv_InheritsParentEnv(t *testing.T) {
      
        28
        	t.Setenv("SHITHUB_DATABASE_URL", "postgres://test-marker/x")
      
        29
        	t.Setenv("SHITHUB_STORAGE__REPOS_ROOT", "/tmp/test-marker-repos")
      
        30
        
        31
        	user := usersdb.User{ID: 7, Username: "alice"}
      
        32
        	repo := reposdb.Repo{ID: 42, Name: "rcal"}
      
        33
        	env := buildSSHEnv(user, "tenseleyflow", repo, "127.0.0.1", "req-deadbeef")
      
        34
        	blob := strings.Join(env, "\n")
      
        35
        
        36
        	want := []string{
      
        37
        		// Inherited config (the regression):
      
        38
        		"SHITHUB_DATABASE_URL=postgres://test-marker/x",
      
        39
        		"SHITHUB_STORAGE__REPOS_ROOT=/tmp/test-marker-repos",
      
        40
        		// Push-event metadata appended after inheritance:
      
        41
        		"SHITHUB_USER_ID=7",
      
        42
        		"SHITHUB_USERNAME=alice",
      
        43
        		"SHITHUB_REPO_ID=42",
      
        44
        		"SHITHUB_REPO_FULL_NAME=tenseleyflow/rcal",
      
        45
        		"SHITHUB_PROTOCOL=ssh",
      
        46
        		"SHITHUB_REMOTE_IP=127.0.0.1",
      
        47
        		"SHITHUB_REQUEST_ID=req-deadbeef",
      
        48
        		// safe.directory plumbing intact:
      
        49
        		"GIT_CONFIG_COUNT=1",
      
        50
        		"GIT_CONFIG_KEY_0=safe.directory",
      
        51
        		"GIT_CONFIG_VALUE_0=*",
      
        52
        	}
      
        53
        	for _, w := range want {
      
        54
        		if !strings.Contains(blob, w) {
      
        55
        			t.Errorf("buildSSHEnv missing %q in:\n%s", w, blob)
      
        56
        		}
      
        57
        	}
      
        58
        }
      
        59
        
        60
        // TestBuildSSHEnv_ExplicitOverridesInheritance pins that push-event
      
        61
        // metadata wins over an inherited variable of the same name. This
      
        62
        // matters if the wrapping process happened to set, e.g.,
      
        63
        // SHITHUB_REQUEST_ID — the dispatcher's value (per-push, generated
      
        64
        // here) should take precedence so logs aren't cross-contaminated.
      
        65
        func TestBuildSSHEnv_ExplicitOverridesInheritance(t *testing.T) {
      
        66
        	// Inject a stale SHITHUB_REQUEST_ID into the parent — buildSSHEnv
      
        67
        	// must append the real one AFTER os.Environ so Go's last-wins
      
        68
        	// behavior on duplicate env keys gives us the real value.
      
        69
        	t.Setenv("SHITHUB_REQUEST_ID", "stale-from-parent")
      
        70
        
        71
        	user := usersdb.User{ID: 7, Username: "alice"}
      
        72
        	repo := reposdb.Repo{ID: 42, Name: "rcal"}
      
        73
        	env := buildSSHEnv(user, "tenseleyflow", repo, "127.0.0.1", "real-req-id")
      
        74
        
        75
        	// Find both the stale and real entries; the real one MUST come
      
        76
        	// after the stale one (last-wins semantics in os/exec).
      
        77
        	staleAt, realAt := -1, -1
      
        78
        	for i, kv := range env {
      
        79
        		switch kv {
      
        80
        		case "SHITHUB_REQUEST_ID=stale-from-parent":
      
        81
        			staleAt = i
      
        82
        		case "SHITHUB_REQUEST_ID=real-req-id":
      
        83
        			realAt = i
      
        84
        		}
      
        85
        	}
      
        86
        	if realAt < 0 {
      
        87
        		t.Fatalf("buildSSHEnv missing the real SHITHUB_REQUEST_ID")
      
        88
        	}
      
        89
        	if staleAt >= 0 && realAt < staleAt {
      
        90
        		t.Fatalf("real SHITHUB_REQUEST_ID at idx %d but stale at %d — explicit must win", realAt, staleAt)
      
        91
        	}
      
        92
        }
      
        93

1	// SPDX-License-Identifier: AGPL-3.0-or-later
2
3	package protocol
4
5	import (
6	"strings"
7	"testing"
8
9	reposdb "github.com/tenseleyFlow/shithub/internal/repos/sqlc"
10	usersdb "github.com/tenseleyFlow/shithub/internal/users/sqlc"
11	)
12
13	// TestBuildSSHEnv_InheritsParentEnv pins the contract that
14	// buildSSHEnv extends os.Environ() so SHITHUB_DATABASE_URL (and any
15	// other config var sourced by the git-shell-commands wrapper from
16	// /etc/shithub/web.env) propagates to the exec'd git binary, which
17	// in turn forks pre-receive / post-receive hooks that need it.
18	//
19	// Pre-fix: the function returned a minimal explicit list, so a
20	// `git push` over SSH made it through auth + dispatch + perms but
21	// crashed at the pre-receive hook with "DB URL not set". The HTTPS
22	// path didn't see this because shithubd-web's systemd unit sources
23	// web.env and receive-pack inherits it directly.
24	//
25	// This test does NOT need a database — buildSSHEnv has no side
26	// effects beyond constructing an env slice.
27	func TestBuildSSHEnv_InheritsParentEnv(t *testing.T) {
28	t.Setenv("SHITHUB_DATABASE_URL", "postgres://test-marker/x")
29	t.Setenv("SHITHUB_STORAGE__REPOS_ROOT", "/tmp/test-marker-repos")
30
31	user := usersdb.User{ID: 7, Username: "alice"}
32	repo := reposdb.Repo{ID: 42, Name: "rcal"}
33	env := buildSSHEnv(user, "tenseleyflow", repo, "127.0.0.1", "req-deadbeef")
34	blob := strings.Join(env, "\n")
35
36	want := []string{
37	// Inherited config (the regression):
38	"SHITHUB_DATABASE_URL=postgres://test-marker/x",
39	"SHITHUB_STORAGE__REPOS_ROOT=/tmp/test-marker-repos",
40	// Push-event metadata appended after inheritance:
41	"SHITHUB_USER_ID=7",
42	"SHITHUB_USERNAME=alice",
43	"SHITHUB_REPO_ID=42",
44	"SHITHUB_REPO_FULL_NAME=tenseleyflow/rcal",
45	"SHITHUB_PROTOCOL=ssh",
46	"SHITHUB_REMOTE_IP=127.0.0.1",
47	"SHITHUB_REQUEST_ID=req-deadbeef",
48	// safe.directory plumbing intact:
49	"GIT_CONFIG_COUNT=1",
50	"GIT_CONFIG_KEY_0=safe.directory",
51	"GIT_CONFIG_VALUE_0=*",
52	}
53	for _, w := range want {
54	if !strings.Contains(blob, w) {
55	t.Errorf("buildSSHEnv missing %q in:\n%s", w, blob)
56	}
57	}
58	}
59
60	// TestBuildSSHEnv_ExplicitOverridesInheritance pins that push-event
61	// metadata wins over an inherited variable of the same name. This
62	// matters if the wrapping process happened to set, e.g.,
63	// SHITHUB_REQUEST_ID — the dispatcher's value (per-push, generated
64	// here) should take precedence so logs aren't cross-contaminated.
65	func TestBuildSSHEnv_ExplicitOverridesInheritance(t *testing.T) {
66	// Inject a stale SHITHUB_REQUEST_ID into the parent — buildSSHEnv
67	// must append the real one AFTER os.Environ so Go's last-wins
68	// behavior on duplicate env keys gives us the real value.
69	t.Setenv("SHITHUB_REQUEST_ID", "stale-from-parent")
70
71	user := usersdb.User{ID: 7, Username: "alice"}
72	repo := reposdb.Repo{ID: 42, Name: "rcal"}
73	env := buildSSHEnv(user, "tenseleyflow", repo, "127.0.0.1", "real-req-id")
74
75	// Find both the stale and real entries; the real one MUST come
76	// after the stale one (last-wins semantics in os/exec).
77	staleAt, realAt := -1, -1
78	for i, kv := range env {
79	switch kv {
80	case "SHITHUB_REQUEST_ID=stale-from-parent":
81	staleAt = i
82	case "SHITHUB_REQUEST_ID=real-req-id":
83	realAt = i
84	}
85	}
86	if realAt < 0 {
87	t.Fatalf("buildSSHEnv missing the real SHITHUB_REQUEST_ID")
88	}
89	if staleAt >= 0 && realAt < staleAt {
90	t.Fatalf("real SHITHUB_REQUEST_ID at idx %d but stale at %d — explicit must win", realAt, staleAt)
91	}
92	}
93