kevinveenbirkenbach/pkgmgr
1
0
Fork 0
Code Issues Pull Requests Actions 28 Packages Projects Releases Wiki Activity

feat(repository/pull): improve verification logic and add full unit test suite

Browse Source 
This commit enhances the behaviour of pull_with_verification() and adds a
comprehensive unit test suite covering all control flows.

Changes:
- Added `preview` parameter to fully disable interaction and execution.
- Improved verification logic:
  * Prompt only when not in preview, verification is enabled,
    verification info exists, and verification failed.
  * Skip prompts entirely when --no-verification is set.
- More explicit construction of `git pull` command with optional extra args.
- Improved messaging and formatting for clarity.
- Ensured directory existence is checked before any verification logic.
- Added detailed comments explaining logic and conditions.

Tests:
- New file tests/unit/pkgmgr/actions/repos/test_pull_with_verification.py
- Covers:
  * Preview mode (no input, no subprocess)
  * Verification failure – user rejects
  * Verification failure – user accepts
  * Verification success – immediate git call
  * Missing repository directory – skip silently
  * --no-verification flag bypasses prompts
  * Command formatting with extra args
- Uses systematic mocking for identifier, repo-dir, verify_repository(),
  subprocess.run(), and user input.

This significantly strengthens correctness, UX, and test coverage of the
repository pull workflow.

https://chatgpt.com/share/69384aaa-0c80-800f-b4b4-64e6fbdebd3b
This commit is contained in:
Kevin Veen-Birkenbach
2025-12-09 17:12:23 +01:00
parent 9a149715f6
commit 196f55c58e
2 changed files with 348 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
pkgmgr/actions/repository/pull.py
View File

@@ -1,35 +1,57 @@
import os import os
import subprocess import subprocess
import sys import sys
from pkgmgr.core.repository.identifier import get_repo_identifier from pkgmgr.core.repository.identifier import get_repo_identifier
from pkgmgr.core.repository.dir import get_repo_dir from pkgmgr.core.repository.dir import get_repo_dir
from pkgmgr.core.repository.verify import verify_repository from pkgmgr.core.repository.verify import verify_repository
def pull_with_verification( def pull_with_verification(
selected_repos, selected_repos,
repositories_base_dir, repositories_base_dir,
all_repos, all_repos,
extra_args, extra_args,
no_verification, no_verification,
preview:bool): preview: bool,
) -> None:
""" """
Executes "git pull" for each repository with verification. Execute `git pull` for each repository with verification.
Uses the verify_repository function in "pull" mode. - Uses verify_repository() in "pull" mode.
If verification fails (and verification info is set) and --no-verification is not enabled, - If verification fails (and verification info is set) and
the user is prompted to confirm the pull. --no-verification is not enabled, the user is prompted to confirm
the pull.
- In preview mode, no interactive prompts are performed and no
Git commands are executed; only the would-be command is printed.
""" """
for repo in selected_repos: for repo in selected_repos:
repo_identifier = get_repo_identifier(repo, all_repos) repo_identifier = get_repo_identifier(repo, all_repos)
repo_dir = get_repo_dir(repositories_base_dir, repo) repo_dir = get_repo_dir(repositories_base_dir, repo)
if not os.path.exists(repo_dir): if not os.path.exists(repo_dir):
print(f"Repository directory '{repo_dir}' not found for {repo_identifier}.") print(f"Repository directory '{repo_dir}' not found for {repo_identifier}.")
continue continue
verified_info = repo.get("verified") verified_info = repo.get("verified")
verified_ok, errors, commit_hash, signing_key = verify_repository(repo, repo_dir, mode="pull", no_verification=no_verification) verified_ok, errors, commit_hash, signing_key = verify_repository(
repo,
repo_dir,
mode="pull",
no_verification=no_verification,
)
if not no_verification and verified_info and not verified_ok: # Only prompt the user if:
# - we are NOT in preview mode
# - verification is enabled
# - the repo has verification info configured
# - verification failed
if (
not preview
and not no_verification
and verified_info
and not verified_ok
):
print(f"Warning: Verification failed for {repo_identifier}:") print(f"Warning: Verification failed for {repo_identifier}:")
for err in errors: for err in errors:
print(f" - {err}") print(f" - {err}")
@@ -37,12 +59,19 @@ def pull_with_verification(
if choice != "y": if choice != "y":
continue continue
full_cmd = f"git pull {' '.join(extra_args)}" # Build the git pull command (include extra args if present)
args_part = " ".join(extra_args) if extra_args else ""
full_cmd = f"git pull{(' ' + args_part) if args_part else ''}"
if preview: if preview:
# Preview mode: only show the command, do not execute or prompt.
print(f"[Preview] In '{repo_dir}': {full_cmd}") print(f"[Preview] In '{repo_dir}': {full_cmd}")
else: else:
print(f"Running in '{repo_dir}': {full_cmd}") print(f"Running in '{repo_dir}': {full_cmd}")
result = subprocess.run(full_cmd, cwd=repo_dir, shell=True) result = subprocess.run(full_cmd, cwd=repo_dir, shell=True)
if result.returncode != 0: if result.returncode != 0:
print(f"'git pull' for {repo_identifier} failed with exit code {result.returncode}.") print(
f"'git pull' for {repo_identifier} failed "
f"with exit code {result.returncode}."
)
sys.exit(result.returncode) sys.exit(result.returncode)

309
tests/unit/pkgmgr/actions/repos/test_pull_with_verification.py Normal file
View File

@@ -0,0 +1,309 @@
import io
import unittest
from unittest.mock import patch, MagicMock
from pkgmgr.actions.repository.pull import pull_with_verification
class TestPullWithVerification(unittest.TestCase):
"""
Comprehensive unit tests for pull_with_verification().
These tests verify:
- Preview mode behaviour
- Verification logic (prompting, bypassing, skipping)
- subprocess.run invocation
- Repository directory existence checks
- Handling of extra git pull arguments
"""
def _setup_mocks(self, mock_exists, mock_get_repo_id, mock_get_repo_dir,
mock_verify, exists=True, verified_ok=True,
errors=None, verified_info=True):
"""Helper to configure repetitive mock behavior."""
repo = {
"name": "pkgmgr",
"verified": {"gpg_keys": ["ABCDEF"]} if verified_info else None,
}
mock_exists.return_value = exists
mock_get_repo_id.return_value = "pkgmgr"
mock_get_repo_dir.return_value = "/fake/base/pkgmgr"
mock_verify.return_value = (
verified_ok,
errors or [],
"deadbeef", # commit hash
"ABCDEF", # signing key
)
return repo
# ---------------------------------------------------------------------
@patch("pkgmgr.actions.repository.pull.subprocess.run")
@patch("pkgmgr.actions.repository.pull.verify_repository")
@patch("pkgmgr.actions.repository.pull.get_repo_dir")
@patch("pkgmgr.actions.repository.pull.get_repo_identifier")
@patch("pkgmgr.actions.repository.pull.os.path.exists")
@patch("builtins.input")
def test_preview_mode_non_interactive(
self,
mock_input,
mock_exists,
mock_get_repo_id,
mock_get_repo_dir,
mock_verify,
mock_subprocess,
):
"""
Preview mode must NEVER request user input and must NEVER execute git.
It must only print the preview command.
"""
repo = self._setup_mocks(
mock_exists,
mock_get_repo_id,
mock_get_repo_dir,
mock_verify,
exists=True,
verified_ok=False,
errors=["bad signature"],
verified_info=True,
)
buf = io.StringIO()
with patch("sys.stdout", new=buf):
pull_with_verification(
selected_repos=[repo],
repositories_base_dir="/fake/base",
all_repos=[repo],
extra_args=["--ff-only"],
no_verification=False,
preview=True,
)
output = buf.getvalue()
self.assertIn(
"[Preview] In '/fake/base/pkgmgr': git pull --ff-only",
output,
)
mock_input.assert_not_called()
mock_subprocess.assert_not_called()
# ---------------------------------------------------------------------
@patch("pkgmgr.actions.repository.pull.subprocess.run")
@patch("pkgmgr.actions.repository.pull.verify_repository")
@patch("pkgmgr.actions.repository.pull.get_repo_dir")
@patch("pkgmgr.actions.repository.pull.get_repo_identifier")
@patch("pkgmgr.actions.repository.pull.os.path.exists")
@patch("builtins.input")
def test_verification_failure_user_declines(
self,
mock_input,
mock_exists,
mock_get_repo_id,
mock_get_repo_dir,
mock_verify,
mock_subprocess,
):
"""
If verification fails and preview=False, the user is prompted.
If the user declines ('n'), no git command is executed.
"""
repo = self._setup_mocks(
mock_exists,
mock_get_repo_id,
mock_get_repo_dir,
mock_verify,
verified_ok=False,
errors=["signature invalid"],
)
mock_input.return_value = "n"
buf = io.StringIO()
with patch("sys.stdout", new=buf):
pull_with_verification(
selected_repos=[repo],
repositories_base_dir="/fake/base",
all_repos=[repo],
extra_args=[],
no_verification=False,
preview=False,
)
mock_input.assert_called_once()
mock_subprocess.assert_not_called()
# ---------------------------------------------------------------------
@patch("pkgmgr.actions.repository.pull.subprocess.run")
@patch("pkgmgr.actions.repository.pull.verify_repository")
@patch("pkgmgr.actions.repository.pull.get_repo_dir")
@patch("pkgmgr.actions.repository.pull.get_repo_identifier")
@patch("pkgmgr.actions.repository.pull.os.path.exists")
@patch("builtins.input")
def test_verification_failure_user_accepts_runs_git(
self,
mock_input,
mock_exists,
mock_get_repo_id,
mock_get_repo_dir,
mock_verify,
mock_subprocess,
):
"""
If verification fails and the user accepts ('y'),
then the git pull should be executed.
"""
repo = self._setup_mocks(
mock_exists,
mock_get_repo_id,
mock_get_repo_dir,
mock_verify,
verified_ok=False,
errors=["invalid"],
)
mock_input.return_value = "y"
mock_subprocess.return_value = MagicMock(returncode=0)
pull_with_verification(
selected_repos=[repo],
repositories_base_dir="/fake/base",
all_repos=[repo],
extra_args=[],
no_verification=False,
preview=False,
)
mock_subprocess.assert_called_once()
mock_input.assert_called_once()
# ---------------------------------------------------------------------
@patch("pkgmgr.actions.repository.pull.subprocess.run")
@patch("pkgmgr.actions.repository.pull.verify_repository")
@patch("pkgmgr.actions.repository.pull.get_repo_dir")
@patch("pkgmgr.actions.repository.pull.get_repo_identifier")
@patch("pkgmgr.actions.repository.pull.os.path.exists")
@patch("builtins.input")
def test_verification_success_no_prompt(
self,
mock_input,
mock_exists,
mock_get_repo_id,
mock_get_repo_dir,
mock_verify,
mock_subprocess,
):
"""
If verification is successful, the user should NOT be prompted,
and git pull should run immediately.
"""
repo = self._setup_mocks(
mock_exists,
mock_get_repo_id,
mock_get_repo_dir,
mock_verify,
verified_ok=True,
)
mock_subprocess.return_value = MagicMock(returncode=0)
pull_with_verification(
selected_repos=[repo],
repositories_base_dir="/fake/base",
all_repos=[repo],
extra_args=["--rebase"],
no_verification=False,
preview=False,
)
mock_input.assert_not_called()
mock_subprocess.assert_called_once()
cmd = mock_subprocess.call_args[0][0]
self.assertIn("git pull --rebase", cmd)
# ---------------------------------------------------------------------
@patch("pkgmgr.actions.repository.pull.subprocess.run")
@patch("pkgmgr.actions.repository.pull.verify_repository")
@patch("pkgmgr.actions.repository.pull.get_repo_dir")
@patch("pkgmgr.actions.repository.pull.get_repo_identifier")
@patch("pkgmgr.actions.repository.pull.os.path.exists")
@patch("builtins.input")
def test_directory_missing_skips_repo(
self,
mock_input,
mock_exists,
mock_get_repo_id,
mock_get_repo_dir,
mock_verify,
mock_subprocess,
):
"""
If the repository directory does not exist, the repo must be skipped
silently and no git command executed.
"""
repo = self._setup_mocks(
mock_exists,
mock_get_repo_id,
mock_get_repo_dir,
mock_verify,
exists=False,
)
buf = io.StringIO()
with patch("sys.stdout", new=buf):
pull_with_verification(
selected_repos=[repo],
repositories_base_dir="/fake/base",
all_repos=[repo],
extra_args=[],
no_verification=False,
preview=False,
)
output = buf.getvalue()
self.assertIn("not found", output)
mock_input.assert_not_called()
mock_subprocess.assert_not_called()
# ---------------------------------------------------------------------
@patch("pkgmgr.actions.repository.pull.subprocess.run")
@patch("pkgmgr.actions.repository.pull.verify_repository")
@patch("pkgmgr.actions.repository.pull.get_repo_dir")
@patch("pkgmgr.actions.repository.pull.get_repo_identifier")
@patch("pkgmgr.actions.repository.pull.os.path.exists")
@patch("builtins.input")
def test_no_verification_flag_skips_prompt(
self,
mock_input,
mock_exists,
mock_get_repo_id,
mock_get_repo_dir,
mock_verify,
mock_subprocess,
):
"""
If no_verification=True, verification failures must NOT prompt.
Git pull should run directly.
"""
repo = self._setup_mocks(
mock_exists,
mock_get_repo_id,
mock_get_repo_dir,
mock_verify,
verified_ok=False,
errors=["invalid"],
)
mock_subprocess.return_value = MagicMock(returncode=0)
pull_with_verification(
selected_repos=[repo],
repositories_base_dir="/fake/base",
all_repos=[repo],
extra_args=[],
no_verification=True,
preview=False,
)
mock_input.assert_not_called()
mock_subprocess.assert_called_once()