Record imported public key in commit message

When the user chooses to import a public key during the autospec run display information on that key in the commit message. Signed-off-by: Matthew Johnson <[email protected]>
clearlinux · Jan 18, 2018 · 02c63d8 · 02c63d8
1 parent 6593bfb
commit 02c63d8
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 4 deletions.
diff --git a/autospec/autospec.py b/autospec/autospec.py
@@ -347,7 +347,7 @@ def package(args, url, name, archives, workingdir, infile_dict):
     # record logcheck output
     logcheck(build.download_path)
 
-    commitmessage.guess_commit_message()
+    commitmessage.guess_commit_message(pkg_integrity.IMPORTED)
 
     if args.git:
         git.commit_to_git(build.download_path)

diff --git a/autospec/commitmessage.py b/autospec/commitmessage.py
@@ -218,7 +218,7 @@ def process_git(giturl, oldversion, newversion):
         return shortlog
 
 
-def guess_commit_message():
+def guess_commit_message(keyinfo):
     """
     guess_commit_message() parses newsfiles and determines a sane commit
     message. The commit message defaults to the following for an updated
@@ -277,6 +277,9 @@ def guess_commit_message():
         commitmessage.extend(sorted(list(cves)))
         commitmessage.append("")
 
+    if keyinfo:
+        commitmessage.append("Key imported:\n{}".format(keyinfo))
+
     util.write_out(os.path.join(build.download_path, "commitmsg"),
                    "\n".join(commitmessage) + "\n")
 

diff --git a/autospec/pkg_integrity.py b/autospec/pkg_integrity.py
@@ -45,6 +45,7 @@
 PYPIORG_API = "https://pypi.python.org/pypi/{}/json"
 KEYID_TRY = ""
 KEYID = ""
+IMPORTED = ""
 EMAIL = ""
 GNUPGCONF = """keyserver keys.gnupg.net"""
 CMD_TIMEOUT = 20
@@ -606,6 +607,7 @@ def get_answer(self):
 
 
 def attempt_key_import(keyid, key_fullpath):
+    global IMPORTED
     print(SEPT)
     ig = InputGetter('\nDo you want to attempt to import keyid {}: (y/N) '.format(keyid))
     import_key_answer = ig.get_answer()
@@ -630,6 +632,7 @@ def attempt_key_import(keyid, key_fullpath):
         print("\n", content)
         ig = InputGetter(message='\nDo you want to keep this key: (Y/n) ', default='y')
         if ig.get_answer() is True:
+            IMPORTED = content
             return True
         else:
             os.unlink(key_fullpath)

diff --git a/tests/test_commitmessage.py b/tests/test_commitmessage.py
@@ -129,7 +129,7 @@ def mock_process_NEWS(newsfile):
         open_name = 'util.open'
         with mock.patch(open_name, create=True) as mock_open:
             mock_open.return_value = mock.MagicMock()
-            commitmessage.guess_commit_message()
+            commitmessage.guess_commit_message("")
             # reset mocks before asserting so a failure doesn't cascade to
             # other tests
             commitmessage.process_NEWS = process_NEWS_backup
@@ -159,7 +159,7 @@ def mock_process_NEWS(newsfile):
         open_name = 'util.open'
         with mock.patch(open_name, create=True) as mock_open:
             mock_open.return_value = mock.MagicMock()
-            commitmessage.guess_commit_message()
+            commitmessage.guess_commit_message("")
             # reset mocks before asserting so a failure doesn't cascade to
             # other tests
             commitmessage.process_NEWS = process_NEWS_backup
@@ -170,6 +170,38 @@ def mock_process_NEWS(newsfile):
                 'cves\n\n\ncommit\nmessage\nwith\ncves\n\nCVEs fixed in this '
                 'build:\nCVE-1234-5678\ncve1\ncve2\n\n')
 
+    def test_guess_commit_message_imported_key(self):
+        """
+        Test guess_commit_message() with mocked internal functions and both
+        commitmessage information and cves available from newsfile. A cve is
+        also available from config, which changes the first line of the commmit
+        message. Additionally there is imported key info that will be displayed
+        at the end of the message.
+        """
+        process_NEWS_backup = commitmessage.process_NEWS
+
+        def mock_process_NEWS(newsfile):
+            return (['', 'commit', 'message', 'with', 'cves', ''],
+                    set(['cve1', 'cve2']))
+
+        commitmessage.process_NEWS = mock_process_NEWS
+        commitmessage.config.cves = set(['CVE-1234-5678'])
+        commitmessage.config.old_version = None  # Allow cve title to be set
+        open_name = 'util.open'
+        with mock.patch(open_name, create=True) as mock_open:
+            mock_open.return_value = mock.MagicMock()
+            commitmessage.guess_commit_message("keyinfo content")
+            # reset mocks before asserting so a failure doesn't cascade to
+            # other tests
+            commitmessage.process_NEWS = process_NEWS_backup
+            commitmessage.config.cves = set()
+            fh = mock_open.return_value.__enter__.return_value
+            fh.write.assert_called_with(
+                'testball: Fix for CVE-1234-5678\n\n\ncommit\nmessage\nwith\n'
+                'cves\n\n\ncommit\nmessage\nwith\ncves\n\nCVEs fixed in this '
+                'build:\nCVE-1234-5678\ncve1\ncve2\n\nKey imported:\nkeyinfo '
+                'content\n')
+
     def test_scan_for_changes(self):
         """
         Tests scan_for_changes using temporary directories