package admin import ( "bytes" "errors" "fmt" "io" "io/fs" "os" "path/filepath" "strings" "testing" "github.com/go-git/go-billy/v5/osfs" "github.com/go-git/go-billy/v5/util" "github.com/go-git/go-git/v5" "github.com/go-git/go-git/v5/plumbing/object" "github.com/go-git/go-git/v5/storage/filesystem" "gopkg.in/ini.v1" "sigs.k8s.io/yaml" ) func configDefaultTestRepo(repoPath string, defaultConfigBytes []byte) error { gitFs := osfs.New(repoPath) strg := filesystem.NewStorage(gitFs, nil) repo, _ := git.Init(strg, gitFs) // add file fileToCommit := "gitserver.yaml" // src err := util.WriteFile(gitFs, fileToCommit, defaultConfigBytes, os.FileMode(int(0644))) if err != nil { return err } wt, err := repo.Worktree() if err != nil { return err } if _, err := wt.Add(fileToCommit); err != nil { return err } _, err = wt.Commit(fileToCommit, &git.CommitOptions{ Author: &object.Signature{ Name: "go git server", Email: "go-git-server@go-git-server", }, }, ) if err != nil { return err } return nil } //nolint:cyclop func TestCasbinPolicies(t *testing.T) { roleName := "myrole" repoName := "myrepo" pRO := &Permission{ Role: roleName, Mode: 0, } pW := &Permission{ Role: "admin", Mode: 1, } t.Run("test read only policies", func(t *testing.T) { roPolicies := readOnlyPaths(roleName, repoName) for _, v := range roPolicies { if v[0] != roleName { t.Fatalf("Missing rolename in policy %s %s", v[0], v[1]) } } if roPolicies[0][1] != fmt.Sprintf("/%s/info/refs", repoName) { t.Fatal("missing info/refs policy") } if roPolicies[1][1] != fmt.Sprintf("/%s/git-upload-pack", repoName) { t.Fatal("missing git-upload-pack policy") } if roPolicies[0][2] != "GET" { t.Fatal("missing info/refs policy") } if roPolicies[1][2] != "POST" { t.Fatal("missing git-upload-pack policy") } }) t.Run("testing write policies", func(t *testing.T) { wPolicies := writePaths(roleName, repoName) if wPolicies[0][0] != roleName { t.Fatal("Role name doesn't match") } if wPolicies[0][1] != fmt.Sprintf("/%s/git-receive-pack", repoName) { t.Fatal("Policy missing write path") } }) t.Run("testing mode build policies", func(t *testing.T) { rOPolicy := pRO.Policy(roleName) wPolicy := pW.Policy(roleName) if len(rOPolicy) != 2 { t.Fatal("Didn't provide correct number of read policies") } if len(wPolicy) != 3 { t.Fatal("Didn't provide correct number of write policies") } }) t.Run("testing repo level policies", func(t *testing.T) { repo := &GitRepo{ Permissions: []*Permission{pRO, pW}, } policies := repo.CasbinPolicies() if len(policies) != 5 { t.Fatal("Repo was expected to have 5 policies generated") } }) } func TestLoadServerConfig(t *testing.T) { t.Run("testing server config from file", func(t *testing.T) { localDir := t.TempDir() // TODO Refactor next touch localFile := filepath.Join(localDir, "stuff.yaml") srcFile, err := os.Open(filepath.Clean("../../tests/test_gitserver.yaml")) if err != nil { t.Fatalf("Error opening base config %s", err) } defer srcFile.Close() // dest destFile, err := os.OpenFile(localFile, os.O_RDWR|os.O_CREATE, 0755) if err != nil { t.Fatalf("failed to open destination in git repo %s", err) } defer destFile.Close() // copy if _, err := io.Copy(destFile, srcFile); err != nil { t.Fatalf("Error copying file %s", err) } // end copy file loadedFile, err := loadServerConfig(false, localDir, filepath.Join(localDir, "stuff.yaml")) if err != nil { t.Fatal(err) } if len(loadedFile.Repos) != 2 { t.Fatalf("expected to find 2 repos found %d", len(loadedFile.Repos)) } }) t.Run("testing server config from git", func(t *testing.T) { gitDir := t.TempDir() if err := setupGit(gitDir); err != nil { t.Fatal(err) } loadedFile, err := loadServerConfig(true, gitDir, "gitserver.yaml") if err != nil { t.Fatal(err) } // "go-git-server" if loadedFile.basePath != gitDir { t.Fatal(err) } }) } func setupGit(gitDir string) error { // init git repo repoPath := filepath.Join(gitDir, mgmtRepoName) defaultConfigBytes, err := yaml.Marshal(defaultServerConfig) if err != nil { return err } if err := configDefaultTestRepo(repoPath, defaultConfigBytes); err != nil { return err } return nil } func TestLocalFile(t *testing.T) { localDir := t.TempDir() localFile := filepath.Join(localDir, "stuff.yaml") //nolint:gosec if err := os.WriteFile(localFile, []byte("stuff"), 0500); err != nil { t.Fatal(err) } loadedFile, err := loadLocalFile(localFile) if err != nil { t.Fatal(err) } if !bytes.Contains(loadedFile, []byte("stuff")) { t.Fatal("failed to find expected contents in localfile") } _, err = loadLocalFile("dne.txt") if err == nil { t.Fatal("Expected to find and error and didn't") } } //nolint:cyclop func TestMgmtGitConfig(t *testing.T) { // setup tempdir gitDir := t.TempDir() // init git repo repoPath := filepath.Join(gitDir, mgmtRepoName) defaultConfigBytes, err := yaml.Marshal(defaultServerConfig) if err != nil { t.Fatal(err) } if err := configDefaultTestRepo(repoPath, defaultConfigBytes); err != nil { t.Fatal(err) } // run load func content, err := loadConfigFromGit(gitDir, "gitserver.yaml") if err != nil { t.Fatal(err) } // "go-git-server" if !bytes.Equal(content, defaultConfigBytes) { t.Fatal("config missing expected") } // check couldnt clone err _, err = loadConfigFromGit("/dne/bar", "gitserver.yaml") if err == nil { t.Fatal("expected an cloning repo didn't find one") } if !errors.Is(err, ErrMgmtRepoNotFound) { t.Fatalf("expected ErrMgmtRepoNotFound, got %v", err) } // check couldnt open file err _, err = loadConfigFromGit(gitDir, "dne.yaml") if err == nil { t.Fatal("expected an error opening config file didn't find one") } } //nolint:cyclop func TestConfigReconcile(t *testing.T) { tempDir := "" defer os.RemoveAll(tempDir) // make "fake" repo testRepo := "" testConf := "" repo := &GitRepo{} configure := func() { tempDir = t.TempDir() testRepo = filepath.Join(tempDir, "testrepo.git") testConf = filepath.Join(testRepo, "config") if err := os.Mkdir(testRepo, 0750); err != nil { t.Fatal(err) } f, err := os.Create(filepath.Join(testRepo, "config")) if err != nil { t.Fatalf("couldn't create testdir, %s", err) } f.Close() repo = &GitRepo{ Name: "testrepo", } } t.Run("test add gitweb section and remove it", func(t *testing.T) { defer os.RemoveAll(tempDir) // make "fake" repo configure() gw := &GitWeb{ "owner", "description", "category", "url", } gw.ReconcileGitConf(testRepo) cfg, err := ini.Load(testConf) if err != nil { t.Fatalf("an error occured loading config %s", err) } if !cfg.HasSection("gitweb") { t.Fatalf("reconciler conf didn't have a section `gitweb`") } section := cfg.Section("gitweb") for _, v := range []string{"owner", "description", "category", "url"} { val := section.Key(v).Value() if val != v { t.Fatalf("expected %s found %s", v, val) } } // flip public repo status emptyGitWeb := &GitWeb{} emptyGitWeb.ReconcileGitConf(testRepo) emptyCfg, err := ini.Load(testConf) if err != nil { t.Fatalf("error couldn't load %s", testConf) } if emptyCfg.HasSection("gitweb") { t.Fatalf("reconciler conf didn't remove section `gitweb`") } }) t.Run("test magic export file is created", func(t *testing.T) { defer os.RemoveAll(tempDir) configure() repo.Public = true exportPath := filepath.Join(testRepo, GitWebExportMagic) repo.ConfigureExport(testRepo) _, err := os.Stat(exportPath) if errors.Is(err, fs.ErrNotExist) { t.Fatal("expected export file to exist, but does not exist") } if err != nil { t.Fatalf("encountered an error %s", err) } }) t.Run("test magic export file is not created", func(t *testing.T) { defer os.RemoveAll(tempDir) configure() exportPath := filepath.Join(testRepo, GitWebExportMagic) repo.Public = false repo.ConfigureExport(testRepo) _, err := os.Stat(exportPath) if os.IsNotExist(err) { return } else if err != nil { t.Fatalf("encountered an error %s", err) return } t.Fatal("expected file to not exist, but does exist") }) } func TestRepoReconcile(t *testing.T) { tempDir := t.TempDir() print(tempDir) // defer os.RemoveAll(tempDir) repo := &GitRepo{ Name: "TestMeRepo", GitWebConfig: &GitWeb{ "owner", "description", "category", "url", }, Public: true, } repoPath := filepath.Join(tempDir, fmt.Sprintf("%s.git", repo.Name)) _ = repo.ReconcileRepo(tempDir) if _, err := os.Stat(repoPath); errors.Is(err, fs.ErrNotExist) { t.Fatal("expected repo to be created, but does not exist") } defaultFile := []byte(` [core] bare = true `) // write the base config to repo tempConfigFile := filepath.Join(repoPath, "config") //nolint:gosec if err := os.WriteFile(tempConfigFile, defaultFile, 0500); err != nil { t.Fatal(err) } // re-reconcile _ = repo.ReconcileRepo(tempDir) content, err := os.ReadFile(tempConfigFile) if err != nil { t.Fatal(err) } // check if description is in the file if !strings.Contains(string(content), "description") { t.Fatal("expected to find 'description' in config, didn't found", string(content)) } gitExportMagicPath := filepath.Join(tempDir, fmt.Sprintf("%s.git", repo.Name), GitWebExportMagic) if _, err := os.Stat(gitExportMagicPath); errors.Is(err, fs.ErrNotExist) { t.Fatal("expected git export magic to be created, but does not exist") } } func TestSetupPolicyFile(t *testing.T) { tempDir := t.TempDir() fOrig, err := os.Create(filepath.Join(tempDir, "origpolicy.csv")) if err != nil { t.Fatal(err) } testContents := []byte("stuff") _, err = fOrig.Write(testContents) if err != nil { t.Fatal(err) } fOrig.Close() workingPolicy, err := setupPolicyFile(fOrig.Name()) if err != nil { t.Fatal(err) } contentBytes, err := os.ReadFile(workingPolicy) if err != nil { t.Fatal(err) } if !bytes.Equal(contentBytes, testContents) { t.Fatalf("found %s expected %s", contentBytes, testContents) } }