Move REFS_GPG_KEYS to PublicKeyStore
This is in the set of things that we hope to upstream into JGit eventually, so move it out of this Gerrit-specific class. Change-Id: Id9c7fb5e3d8b27e4578f66f6f8d1451beceececa
This commit is contained in:
parent
ff2438976b
commit
26afaa45db
@ -17,6 +17,7 @@ package com.google.gerrit.acceptance.api.accounts;
|
||||
import static com.google.common.base.Preconditions.checkNotNull;
|
||||
import static com.google.common.truth.Truth.assertThat;
|
||||
import static com.google.common.truth.Truth.assert_;
|
||||
import static com.google.gerrit.gpg.PublicKeyStore.REFS_GPG_KEYS;
|
||||
import static com.google.gerrit.gpg.PublicKeyStore.keyToString;
|
||||
import static java.nio.charset.StandardCharsets.UTF_8;
|
||||
|
||||
@ -39,7 +40,6 @@ import com.google.gerrit.gpg.server.GpgKeys;
|
||||
import com.google.gerrit.gpg.testutil.TestKey;
|
||||
import com.google.gerrit.reviewdb.client.Account;
|
||||
import com.google.gerrit.reviewdb.client.AccountExternalId;
|
||||
import com.google.gerrit.reviewdb.client.RefNames;
|
||||
import com.google.gerrit.server.IdentifiedUser;
|
||||
import com.google.gerrit.server.config.AllUsersName;
|
||||
import com.google.gerrit.testutil.ConfigSuite;
|
||||
@ -99,9 +99,9 @@ public class AccountIT extends AbstractDaemonTest {
|
||||
@After
|
||||
public void clearPublicKeyStore() throws Exception {
|
||||
try (Repository repo = repoManager.openRepository(allUsers)) {
|
||||
Ref ref = repo.getRef(RefNames.REFS_GPG_KEYS);
|
||||
Ref ref = repo.getRef(REFS_GPG_KEYS);
|
||||
if (ref != null) {
|
||||
RefUpdate ru = repo.updateRef(RefNames.REFS_GPG_KEYS);
|
||||
RefUpdate ru = repo.updateRef(REFS_GPG_KEYS);
|
||||
ru.setForceUpdate(true);
|
||||
assertThat(ru.delete()).isEqualTo(RefUpdate.Result.FORCED);
|
||||
}
|
||||
@ -115,7 +115,7 @@ public class AccountIT extends AbstractDaemonTest {
|
||||
|
||||
@After
|
||||
public void deleteGpgKeys() throws Exception {
|
||||
String ref = RefNames.REFS_GPG_KEYS;
|
||||
String ref = REFS_GPG_KEYS;
|
||||
try (Repository repo = repoManager.openRepository(allUsers)) {
|
||||
if (repo.getRefDatabase().exactRef(ref) != null) {
|
||||
RefUpdate ru = repo.updateRef(ref);
|
||||
|
@ -17,8 +17,6 @@ package com.google.gerrit.gpg;
|
||||
import static com.google.common.base.Preconditions.checkState;
|
||||
import static org.eclipse.jgit.lib.Constants.OBJ_BLOB;
|
||||
|
||||
import com.google.gerrit.reviewdb.client.RefNames;
|
||||
|
||||
import org.bouncycastle.bcpg.ArmoredInputStream;
|
||||
import org.bouncycastle.bcpg.ArmoredOutputStream;
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
@ -73,6 +71,9 @@ public class PublicKeyStore implements AutoCloseable {
|
||||
private static final ObjectId EMPTY_TREE =
|
||||
ObjectId.fromString("4b825dc642cb6eb9a060e54bf8d69288fbee4904");
|
||||
|
||||
/** Ref where GPG public keys are stored. */
|
||||
public static final String REFS_GPG_KEYS = "refs/meta/gpg-keys";
|
||||
|
||||
private final Repository repo;
|
||||
private ObjectReader reader;
|
||||
private RevCommit tip;
|
||||
@ -104,7 +105,7 @@ public class PublicKeyStore implements AutoCloseable {
|
||||
reset();
|
||||
reader = repo.newObjectReader();
|
||||
|
||||
Ref ref = repo.getRefDatabase().exactRef(RefNames.REFS_GPG_KEYS);
|
||||
Ref ref = repo.getRefDatabase().exactRef(REFS_GPG_KEYS);
|
||||
if (ref == null) {
|
||||
return;
|
||||
}
|
||||
@ -249,7 +250,7 @@ public class PublicKeyStore implements AutoCloseable {
|
||||
ins.flush();
|
||||
}
|
||||
|
||||
RefUpdate ru = repo.updateRef(RefNames.REFS_GPG_KEYS);
|
||||
RefUpdate ru = repo.updateRef(PublicKeyStore.REFS_GPG_KEYS);
|
||||
ru.setExpectedOldObjectId(tip);
|
||||
ru.setNewObjectId(newTip);
|
||||
ru.setRefLogIdent(cb.getCommitter());
|
||||
|
@ -14,6 +14,7 @@
|
||||
|
||||
package com.google.gerrit.gpg;
|
||||
|
||||
import static com.google.gerrit.gpg.PublicKeyStore.REFS_GPG_KEYS;
|
||||
import static com.google.gerrit.gpg.PublicKeyStore.keyIdToString;
|
||||
import static com.google.gerrit.gpg.PublicKeyStore.keyObjectId;
|
||||
import static com.google.gerrit.gpg.PublicKeyStore.keyToString;
|
||||
@ -23,7 +24,6 @@ import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
||||
import com.google.gerrit.gpg.testutil.TestKey;
|
||||
import com.google.gerrit.reviewdb.client.RefNames;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPPublicKey;
|
||||
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||
@ -84,13 +84,13 @@ public class PublicKeyStoreTest {
|
||||
@Test
|
||||
public void testGet() throws Exception {
|
||||
TestKey key1 = TestKey.key1();
|
||||
tr.branch(RefNames.REFS_GPG_KEYS)
|
||||
tr.branch(REFS_GPG_KEYS)
|
||||
.commit()
|
||||
.add(keyObjectId(key1.getKeyId()).name(),
|
||||
key1.getPublicKeyArmored())
|
||||
.create();
|
||||
TestKey key2 = TestKey.key2();
|
||||
tr.branch(RefNames.REFS_GPG_KEYS)
|
||||
tr.branch(REFS_GPG_KEYS)
|
||||
.commit()
|
||||
.add(keyObjectId(key2.getKeyId()).name(),
|
||||
key2.getPublicKeyArmored())
|
||||
@ -104,7 +104,7 @@ public class PublicKeyStoreTest {
|
||||
public void testGetMultiple() throws Exception {
|
||||
TestKey key1 = TestKey.key1();
|
||||
TestKey key2 = TestKey.key2();
|
||||
tr.branch(RefNames.REFS_GPG_KEYS)
|
||||
tr.branch(REFS_GPG_KEYS)
|
||||
.commit()
|
||||
.add(keyObjectId(key1.getKeyId()).name(),
|
||||
key1.getPublicKeyArmored()
|
||||
@ -131,7 +131,7 @@ public class PublicKeyStoreTest {
|
||||
public void saveAppendsToExistingList() throws Exception {
|
||||
TestKey key1 = TestKey.key1();
|
||||
TestKey key2 = TestKey.key2();
|
||||
tr.branch(RefNames.REFS_GPG_KEYS)
|
||||
tr.branch(REFS_GPG_KEYS)
|
||||
.commit()
|
||||
// Mismatched for this key ID, but we can still read it out.
|
||||
.add(keyObjectId(key1.getKeyId()).name(), key2.getPublicKeyArmored())
|
||||
@ -146,7 +146,7 @@ public class PublicKeyStoreTest {
|
||||
RevWalk rw = new RevWalk(reader)) {
|
||||
NoteMap notes = NoteMap.read(
|
||||
reader, tr.getRevWalk().parseCommit(
|
||||
tr.getRepository().getRef(RefNames.REFS_GPG_KEYS).getObjectId()));
|
||||
tr.getRepository().getRef(REFS_GPG_KEYS).getObjectId()));
|
||||
String contents = new String(
|
||||
reader.open(notes.get(keyObjectId(key1.getKeyId()))).getBytes(),
|
||||
UTF_8);
|
||||
|
@ -14,13 +14,13 @@
|
||||
|
||||
package com.google.gerrit.gpg;
|
||||
|
||||
import static com.google.gerrit.gpg.PublicKeyStore.REFS_GPG_KEYS;
|
||||
import static com.google.gerrit.gpg.PublicKeyStore.keyIdToString;
|
||||
import static com.google.gerrit.gpg.PublicKeyStore.keyToString;
|
||||
import static java.nio.charset.StandardCharsets.UTF_8;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import com.google.gerrit.gpg.testutil.TestKey;
|
||||
import com.google.gerrit.reviewdb.client.RefNames;
|
||||
|
||||
import org.bouncycastle.bcpg.ArmoredOutputStream;
|
||||
import org.bouncycastle.bcpg.BCPGOutputStream;
|
||||
@ -56,7 +56,7 @@ public class PushCertificateCheckerTest {
|
||||
TestKey key3 = TestKey.key3();
|
||||
tr = new TestRepository<>(new InMemoryRepository(
|
||||
new DfsRepositoryDescription("repo")));
|
||||
tr.branch(RefNames.REFS_GPG_KEYS).commit()
|
||||
tr.branch(REFS_GPG_KEYS).commit()
|
||||
.add(PublicKeyStore.keyObjectId(key1.getPublicKey().getKeyID()).name(),
|
||||
key1.getPublicKeyArmored())
|
||||
.add(PublicKeyStore.keyObjectId(key3.getPublicKey().getKeyID()).name(),
|
||||
|
@ -57,12 +57,6 @@ public class RefNames {
|
||||
|
||||
public static final String EDIT_PREFIX = "edit-";
|
||||
|
||||
/**
|
||||
* Special ref for GPG public keys used by {@link
|
||||
* com.google.gerrit.gpg.SignedPushPreReceiveHook}.
|
||||
*/
|
||||
public static final String REFS_GPG_KEYS = "refs/meta/gpg-keys";
|
||||
|
||||
public static String fullName(String ref) {
|
||||
return ref.startsWith(REFS) ? ref : REFS_HEADS + ref;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user