CreateProject: Provide signed push option on project creation
Also add acceptance test that non-signed push to project that required signed push is rejected. Bug: Issue 7750 Change-Id: I28fa94ad08fb7f21e1af37c251e64421d2e443c2
This commit is contained in:
David Ostrovsky
@@ -3187,6 +3187,12 @@ Whether content merge should be enabled for the project (`TRUE`,
|
|||||||
|`require_change_id` |`INHERIT` if not set|
|
|`require_change_id` |`INHERIT` if not set|
|
||||||
Whether the usage of Change-Ids is required for the project (`TRUE`,
|
Whether the usage of Change-Ids is required for the project (`TRUE`,
|
||||||
`FALSE`, `INHERIT`).
|
`FALSE`, `INHERIT`).
|
||||||
|
|`enable_signed_push` |`INHERIT` if not set|
|
||||||
|
Whether signed push validation is enabled on the project (`TRUE`,
|
||||||
|
`FALSE`, `INHERIT`).
|
||||||
|
|`require_signed_push` |`INHERIT` if not set|
|
||||||
|
Whether signed push validation is required on the project (`TRUE`,
|
||||||
|
`FALSE`, `INHERIT`).
|
||||||
|`max_object_size_limit` |optional|
|
|`max_object_size_limit` |optional|
|
||||||
Max allowed Git object size for this project.
|
Max allowed Git object size for this project.
|
||||||
Common unit suffixes of 'k', 'm', or 'g' are supported.
|
Common unit suffixes of 'k', 'm', or 'g' are supported.
|
||||||
|
|||||||
@@ -402,6 +402,8 @@ public abstract class AbstractDaemonTest {
|
|||||||
in.useContentMerge = ann.useContributorAgreements();
|
in.useContentMerge = ann.useContributorAgreements();
|
||||||
in.useSignedOffBy = ann.useSignedOffBy();
|
in.useSignedOffBy = ann.useSignedOffBy();
|
||||||
in.useContentMerge = ann.useContentMerge();
|
in.useContentMerge = ann.useContentMerge();
|
||||||
|
in.enableSignedPush = ann.enableSignedPush();
|
||||||
|
in.requireSignedPush = ann.requireSignedPush();
|
||||||
} else {
|
} else {
|
||||||
// Defaults should match TestProjectConfig, omitting nullable values.
|
// Defaults should match TestProjectConfig, omitting nullable values.
|
||||||
in.createEmptyCommit = true;
|
in.createEmptyCommit = true;
|
||||||
|
|||||||
@@ -45,6 +45,10 @@ public @interface TestProjectInput {
|
|||||||
|
|
||||||
InheritableBoolean requireChangeId() default InheritableBoolean.INHERIT;
|
InheritableBoolean requireChangeId() default InheritableBoolean.INHERIT;
|
||||||
|
|
||||||
|
InheritableBoolean enableSignedPush() default InheritableBoolean.INHERIT;
|
||||||
|
|
||||||
|
InheritableBoolean requireSignedPush() default InheritableBoolean.INHERIT;
|
||||||
|
|
||||||
// Fields specific to acceptance test behavior.
|
// Fields specific to acceptance test behavior.
|
||||||
|
|
||||||
/** Username to use for initial clone, passed to {@link AccountCreator}. */
|
/** Username to use for initial clone, passed to {@link AccountCreator}. */
|
||||||
|
|||||||
@@ -196,6 +196,15 @@ public abstract class AbstractPushForReview extends AbstractDaemonTest {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@GerritConfig(name = "receive.enableSignedPush", value = "true")
|
||||||
|
@TestProjectInput(
|
||||||
|
enableSignedPush = InheritableBoolean.TRUE,
|
||||||
|
requireSignedPush = InheritableBoolean.TRUE)
|
||||||
|
public void nonSignedPushRejectedWhenSignPushRequired() throws Exception {
|
||||||
|
pushTo("refs/for/master").assertErrorStatus("push cert error");
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void pushInitialCommitForRefsMetaConfigBranch() throws Exception {
|
public void pushInitialCommitForRefsMetaConfigBranch() throws Exception {
|
||||||
// delete refs/meta/config
|
// delete refs/meta/config
|
||||||
|
|||||||
@@ -33,6 +33,8 @@ public class ProjectInput {
|
|||||||
public InheritableBoolean useContentMerge;
|
public InheritableBoolean useContentMerge;
|
||||||
public InheritableBoolean requireChangeId;
|
public InheritableBoolean requireChangeId;
|
||||||
public InheritableBoolean createNewChangeForAllNotInTarget;
|
public InheritableBoolean createNewChangeForAllNotInTarget;
|
||||||
|
public InheritableBoolean enableSignedPush;
|
||||||
|
public InheritableBoolean requireSignedPush;
|
||||||
public String maxObjectSizeLimit;
|
public String maxObjectSizeLimit;
|
||||||
public Map<String, Map<String, ConfigValue>> pluginConfigValues;
|
public Map<String, Map<String, ConfigValue>> pluginConfigValues;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -186,6 +186,10 @@ public class CreateProject implements RestModifyView<TopLevelResource, ProjectIn
|
|||||||
input.createNewChangeForAllNotInTarget, InheritableBoolean.INHERIT);
|
input.createNewChangeForAllNotInTarget, InheritableBoolean.INHERIT);
|
||||||
args.changeIdRequired =
|
args.changeIdRequired =
|
||||||
MoreObjects.firstNonNull(input.requireChangeId, InheritableBoolean.INHERIT);
|
MoreObjects.firstNonNull(input.requireChangeId, InheritableBoolean.INHERIT);
|
||||||
|
args.enableSignedPush =
|
||||||
|
MoreObjects.firstNonNull(input.enableSignedPush, InheritableBoolean.INHERIT);
|
||||||
|
args.requireSignedPush =
|
||||||
|
MoreObjects.firstNonNull(input.requireSignedPush, InheritableBoolean.INHERIT);
|
||||||
try {
|
try {
|
||||||
args.maxObjectSizeLimit = ProjectConfig.validMaxObjectSizeLimit(input.maxObjectSizeLimit);
|
args.maxObjectSizeLimit = ProjectConfig.validMaxObjectSizeLimit(input.maxObjectSizeLimit);
|
||||||
} catch (ConfigInvalidException e) {
|
} catch (ConfigInvalidException e) {
|
||||||
@@ -269,6 +273,8 @@ public class CreateProject implements RestModifyView<TopLevelResource, ProjectIn
|
|||||||
newProject.setCreateNewChangeForAllNotInTarget(args.newChangeForAllNotInTarget);
|
newProject.setCreateNewChangeForAllNotInTarget(args.newChangeForAllNotInTarget);
|
||||||
newProject.setRequireChangeID(args.changeIdRequired);
|
newProject.setRequireChangeID(args.changeIdRequired);
|
||||||
newProject.setMaxObjectSizeLimit(args.maxObjectSizeLimit);
|
newProject.setMaxObjectSizeLimit(args.maxObjectSizeLimit);
|
||||||
|
newProject.setEnableSignedPush(args.enableSignedPush);
|
||||||
|
newProject.setRequireSignedPush(args.requireSignedPush);
|
||||||
if (args.newParent != null) {
|
if (args.newParent != null) {
|
||||||
newProject.setParentName(args.newParent);
|
newProject.setParentName(args.newParent);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -34,6 +34,8 @@ public class CreateProjectArgs {
|
|||||||
public InheritableBoolean contentMerge;
|
public InheritableBoolean contentMerge;
|
||||||
public InheritableBoolean newChangeForAllNotInTarget;
|
public InheritableBoolean newChangeForAllNotInTarget;
|
||||||
public InheritableBoolean changeIdRequired;
|
public InheritableBoolean changeIdRequired;
|
||||||
|
public InheritableBoolean enableSignedPush;
|
||||||
|
public InheritableBoolean requireSignedPush;
|
||||||
public boolean createEmptyCommit;
|
public boolean createEmptyCommit;
|
||||||
public String maxObjectSizeLimit;
|
public String maxObjectSizeLimit;
|
||||||
|
|
||||||
@@ -43,6 +45,8 @@ public class CreateProjectArgs {
|
|||||||
contentMerge = InheritableBoolean.INHERIT;
|
contentMerge = InheritableBoolean.INHERIT;
|
||||||
changeIdRequired = InheritableBoolean.INHERIT;
|
changeIdRequired = InheritableBoolean.INHERIT;
|
||||||
newChangeForAllNotInTarget = InheritableBoolean.INHERIT;
|
newChangeForAllNotInTarget = InheritableBoolean.INHERIT;
|
||||||
|
enableSignedPush = InheritableBoolean.INHERIT;
|
||||||
|
requireSignedPush = InheritableBoolean.INHERIT;
|
||||||
submitType = SubmitType.MERGE_IF_NECESSARY;
|
submitType = SubmitType.MERGE_IF_NECESSARY;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user