| Message ID | 20210829092536.2582899-1-szeder.dev@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 614c3d8f2e330baedfdb09fc90803a4c360d39cb |
| Headers | show |
| Series | [v2] test-lib: set GIT_CEILING_DIRECTORIES to protect the surrounding repository | expand |
On Sun, Aug 29 2021, SZEDER Gábor wrote: > Every once in a while a test somehow manages to escape from its trash > directory and modifies the surrounding repository, whether because of > a bug in git itself, a bug in a test [1], or e.g. when trying to run > tests with a shell that is, in general, unable to run our tests [2]. > > Set GIT_CEILING_DIRECTORIES="$TRASH_DIRECTORY/.." as an additional > safety measure to protect the surrounding repository at least from > modifications by git commands executed in the tests (assuming that > handling of ceiling directories during repository discovery is not > broken, and, of course, it won't save us from regular shell commands, > e.g. 'cd .. && rm -f ...'). > > [1] e.g. https://public-inbox.org/git/20210423051255.GD2947267@szeder.dev > [2] $ git symbolic-ref HEAD > refs/heads/master > $ ksh ./t2011-checkout-invalid-head.sh > [... a lot of "not ok" ...] > $ git symbolic-ref HEAD > refs/heads/other > > (In short: 'ksh' doesn't support the 'local' builtin command, > which is used by 'test_oid', causing it to return with error > whenever it's called, leaving ZERO_OID set to empty, so when the > test 'checkout main from invalid HEAD' runs 'echo $ZERO_OID > >.git/HEAD' it writes a corrupt (not invalid) HEAD, and subsequent > git commands don't recognize the repository in the trash directory > anymore, but operate on the surrounding repo.) > > Signed-off-by: SZEDER Gábor <szeder.dev@gmail.com> > --- > Changes since v1: > - Set "$TRASH_DIRECTORY/.." instead of $GIT_BUILD_DIR. > - Minor commit message tweaks. > > t/test-lib.sh | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/t/test-lib.sh b/t/test-lib.sh > index abcfbed6d6..fc1e521519 100644 > --- a/t/test-lib.sh > +++ b/t/test-lib.sh > @@ -1343,7 +1343,8 @@ fi > GIT_TEMPLATE_DIR="$GIT_BUILD_DIR"/templates/blt > GIT_CONFIG_NOSYSTEM=1 > GIT_ATTR_NOSYSTEM=1 > -export PATH GIT_EXEC_PATH GIT_TEMPLATE_DIR GIT_CONFIG_NOSYSTEM GIT_ATTR_NOSYSTEM > +GIT_CEILING_DIRECTORIES="$TRASH_DIRECTORY/.." > +export PATH GIT_EXEC_PATH GIT_TEMPLATE_DIR GIT_CONFIG_NOSYSTEM GIT_ATTR_NOSYSTEM GIT_CEILING_DIRECTORIES > > if test -z "$GIT_TEST_CMP" > then For what it's worth I'm very happy with this, and have been running this in my own daily build of git, I've occasionally ran into e.g. needing to manually clean up my own git.git's config file because some test escaped its trash directory.
On Tue, Aug 31, 2021 at 04:40:39PM +0200, Ævar Arnfjörð Bjarmason wrote: > > On Sun, Aug 29 2021, SZEDER Gábor wrote: > > > Every once in a while a test somehow manages to escape from its trash > > directory and modifies the surrounding repository, whether because of > > a bug in git itself, a bug in a test [1], or e.g. when trying to run > > tests with a shell that is, in general, unable to run our tests [2]. > > > > Set GIT_CEILING_DIRECTORIES="$TRASH_DIRECTORY/.." as an additional > > safety measure to protect the surrounding repository at least from > > modifications by git commands executed in the tests (assuming that > > handling of ceiling directories during repository discovery is not > > broken, and, of course, it won't save us from regular shell commands, > > e.g. 'cd .. && rm -f ...'). > For what it's worth I'm very happy with this, and have been running this > in my own daily build of git, I've occasionally ran into e.g. needing to > manually clean up my own git.git's config file because some test escaped > its trash directory. Thanks, that's a good point. After a test escapes from its trash directory I routinely check the content of the work tree and look for stray refs, but it never occured to me that I should look at the config, too. And indeed, at the bottom of .git/config there are two config variables that I don't remember setting (actually don't even know what they do).
diff --git a/t/test-lib.sh b/t/test-lib.sh index abcfbed6d6..fc1e521519 100644 --- a/t/test-lib.sh +++ b/t/test-lib.sh @@ -1343,7 +1343,8 @@ fi GIT_TEMPLATE_DIR="$GIT_BUILD_DIR"/templates/blt GIT_CONFIG_NOSYSTEM=1 GIT_ATTR_NOSYSTEM=1 -export PATH GIT_EXEC_PATH GIT_TEMPLATE_DIR GIT_CONFIG_NOSYSTEM GIT_ATTR_NOSYSTEM +GIT_CEILING_DIRECTORIES="$TRASH_DIRECTORY/.." +export PATH GIT_EXEC_PATH GIT_TEMPLATE_DIR GIT_CONFIG_NOSYSTEM GIT_ATTR_NOSYSTEM GIT_CEILING_DIRECTORIES if test -z "$GIT_TEST_CMP" then
Every once in a while a test somehow manages to escape from its trash directory and modifies the surrounding repository, whether because of a bug in git itself, a bug in a test [1], or e.g. when trying to run tests with a shell that is, in general, unable to run our tests [2]. Set GIT_CEILING_DIRECTORIES="$TRASH_DIRECTORY/.." as an additional safety measure to protect the surrounding repository at least from modifications by git commands executed in the tests (assuming that handling of ceiling directories during repository discovery is not broken, and, of course, it won't save us from regular shell commands, e.g. 'cd .. && rm -f ...'). [1] e.g. https://public-inbox.org/git/20210423051255.GD2947267@szeder.dev [2] $ git symbolic-ref HEAD refs/heads/master $ ksh ./t2011-checkout-invalid-head.sh [... a lot of "not ok" ...] $ git symbolic-ref HEAD refs/heads/other (In short: 'ksh' doesn't support the 'local' builtin command, which is used by 'test_oid', causing it to return with error whenever it's called, leaving ZERO_OID set to empty, so when the test 'checkout main from invalid HEAD' runs 'echo $ZERO_OID >.git/HEAD' it writes a corrupt (not invalid) HEAD, and subsequent git commands don't recognize the repository in the trash directory anymore, but operate on the surrounding repo.) Signed-off-by: SZEDER Gábor <szeder.dev@gmail.com> --- Changes since v1: - Set "$TRASH_DIRECTORY/.." instead of $GIT_BUILD_DIR. - Minor commit message tweaks. t/test-lib.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)