1
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-12-04 14:46:57 -05:00
gitea/tests/integration/git_lfs_ssh_test.go
wxiaoguang 580e21dd2e
Refactor LFS SSH and internal routers (#32473)
Gitea instance keeps reporting a lot of errors like "LFS SSH transfer connection denied, pure SSH protocol is disabled". When starting debugging the problem, there are more problems found. Try to address most of them:

* avoid unnecessary server side error logs (change `fail()` to not log them)
* figure out the broken tests/user2/lfs.git (added comments)
* avoid `migratePushMirrors` failure when a repository doesn't exist (ignore them)
* avoid "Authorization" (internal&lfs) header conflicts, remove the tricky "swapAuth" and use "X-Gitea-Internal-Auth"
* make internal token comparing constant time (it wasn't a serous problem because in a real world it's nearly impossible to timing-attack the token, but good to fix and backport)
* avoid duplicate routers (introduce AddOwnerRepoGitLFSRoutes)
* avoid "internal (private)" routes using session/web context (they should use private context)
* fix incorrect "path" usages (use "filepath")
* fix incorrect mocked route point handling (need to check func nil correctly)
* split some tests from "git general tests" to "git misc tests" (to keep "git_general_test.go" simple)

Still no correct result for Git LFS SSH tests. So the code is kept there
(`tests/integration/git_lfs_ssh_test.go`) and a FIXME explains the details.
2024-11-12 02:38:22 +00:00

62 lines
2.3 KiB
Go

// Copyright 2024 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package integration
import (
"net/url"
"sync"
"testing"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/web"
"code.gitea.io/gitea/routers/private"
"code.gitea.io/gitea/services/context"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestGitLFSSSH(t *testing.T) {
onGiteaRun(t, func(t *testing.T, u *url.URL) {
dstPath := t.TempDir()
apiTestContext := NewAPITestContext(t, "user2", "repo1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
var mu sync.Mutex
var routerCalls []string
web.RouteMock(private.RouterMockPointInternalLFS, func(ctx *context.PrivateContext) {
mu.Lock()
routerCalls = append(routerCalls, ctx.Req.Method+" "+ctx.Req.URL.Path)
mu.Unlock()
})
withKeyFile(t, "my-testing-key", func(keyFile string) {
t.Run("CreateUserKey", doAPICreateUserKey(apiTestContext, "test-key", keyFile))
cloneURL := createSSHUrl(apiTestContext.GitPath(), u)
t.Run("Clone", doGitClone(dstPath, cloneURL))
cfg, err := setting.CfgProvider.PrepareSaving()
require.NoError(t, err)
cfg.Section("server").Key("LFS_ALLOW_PURE_SSH").SetValue("true")
setting.LFS.AllowPureSSH = true
require.NoError(t, cfg.Save())
// do LFS SSH transfer?
lfsCommitAndPushTest(t, dstPath, 10)
})
// FIXME: Here we only see the following calls, but actually there should be calls to "PUT"?
// 0 = {string} "GET /api/internal/repo/user2/repo1.git/info/lfs/locks"
// 1 = {string} "POST /api/internal/repo/user2/repo1.git/info/lfs/objects/batch"
// 2 = {string} "GET /api/internal/repo/user2/repo1.git/info/lfs/locks"
// 3 = {string} "POST /api/internal/repo/user2/repo1.git/info/lfs/locks"
// 4 = {string} "GET /api/internal/repo/user2/repo1.git/info/lfs/locks"
// 5 = {string} "GET /api/internal/repo/user2/repo1.git/info/lfs/locks"
// 6 = {string} "GET /api/internal/repo/user2/repo1.git/info/lfs/locks"
// 7 = {string} "POST /api/internal/repo/user2/repo1.git/info/lfs/locks/24/unlock"
assert.NotEmpty(t, routerCalls)
// assert.Contains(t, routerCalls, "PUT /api/internal/repo/user2/repo1.git/info/lfs/objects/....")
})
}