bye-bye, Travisno_more_travis

11 files changed, 228 insertions, 0 deletions

diff --git a/.ci/docker/.dockerignore b/.ci/docker/.dockerignore
new file mode 100644
index 0000000..c0cb0ce
--- /dev/null
+++ b/.ci/docker/.dockerignore
@@ -0,0 +1,5 @@
+*
+
+!/server/**
+/server/Dockerfile
+!/ssh/**
diff --git a/.ci/docker/client/etc/my_repos.py b/.ci/docker/client/etc/my_repos.py
new file mode 100644
index 0000000..9d90f21
--- /dev/null
+++ b/.ci/docker/client/etc/my_repos.py
@@ -0,0 +1,6 @@
+from cgit.repos.repo import Repo
+
+
+MY_REPOS = (
+    Repo('test_repo', clone_url='root@server:~/test_repo'),
+)
diff --git a/.ci/docker/client/var/output/.gitignore b/.ci/docker/client/var/output/.gitignore
new file mode 100644
index 0000000..355164c
--- /dev/null
+++ b/.ci/docker/client/var/output/.gitignore
@@ -0,0 +1 @@
+*/
diff --git a/.ci/docker/docker-compose.yml b/.ci/docker/docker-compose.yml
new file mode 100644
index 0000000..2b27bdd
--- /dev/null
+++ b/.ci/docker/docker-compose.yml
@@ -0,0 +1,16 @@
+version: '3'
+services:
+  server:
+    build:
+      context: .
+      dockerfile: server/Dockerfile
+    image: server
+  client:
+    build:
+      context: ../..
+      dockerfile: Dockerfile
+    image: client
+    volumes:
+      - ./client/etc/:/etc/cgit-repos:ro
+      - "$SSH_AUTH_SOCK:/var/run/cgit-repos/ssh-agent.sock"
+      - ./client/var/output:/var/tmp/cgit-repos/output
diff --git a/.ci/docker/server/Dockerfile b/.ci/docker/server/Dockerfile
new file mode 100644
index 0000000..a6283d0
--- /dev/null
+++ b/.ci/docker/server/Dockerfile
@@ -0,0 +1,22 @@
+FROM alpine:3.11
+
+RUN apk --no-cache add bash git openssh-server && \
+    echo 'root:root' | chpasswd && \
+    git config --global user.name 'John Doe' && \
+    git config --global user.email 'John.Doe@example.com' && \
+    sed -ri 's/^#?PermitRootLogin\s+.*/PermitRootLogin yes/' /etc/ssh/sshd_config
+
+WORKDIR /root
+
+COPY ["ssh/server_key", "/etc/ssh/ssh_host_ed25519_key"]
+COPY ["ssh/server_key.pub", "/etc/ssh/ssh_host_ed25519_key.pub"]
+COPY ["ssh/client_key.pub", "./.ssh/authorized_keys"]
+
+RUN chmod 0600 -- /etc/ssh/ssh_host_ed25519_key && \
+    chmod 0700 -- ./.ssh/ && \
+    chmod 0600 -- ./.ssh/authorized_keys
+
+COPY ["server/setup_repo.sh", "./"]
+RUN ./setup_repo.sh
+
+CMD ["/usr/sbin/sshd", "-D"]
diff --git a/.ci/docker/server/setup_repo.sh b/.ci/docker/server/setup_repo.sh
new file mode 100755
index 0000000..82ae711
--- /dev/null
+++ b/.ci/docker/server/setup_repo.sh
@@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+
+set -o errexit -o nounset -o pipefail
+
+readonly local_repo_path="$HOME/test_repo"
+
+setup_local_repo() {
+    echo
+    echo ----------------------------------------------------------------------
+    echo Setting up upstream repository
+    echo ----------------------------------------------------------------------
+
+    mkdir -p -- "$local_repo_path"
+    pushd -- "$local_repo_path" > /dev/null
+    git init
+    echo '1' > 1.txt
+    git add .
+    git commit -m 'first commit'
+    echo '2' > 2.txt
+    git add .
+    git commit -m 'second commit'
+    popd > /dev/null
+}
+
+main() {
+    setup_local_repo
+}
+
+main
diff --git a/.ci/docker/ssh/client_key b/.ci/docker/ssh/client_key
new file mode 100644
index 0000000..7502c82
--- /dev/null
+++ b/.ci/docker/ssh/client_key
@@ -0,0 +1,8 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABC0VWjnPC
+6+rVnkkogRW2onAAAAZAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIDkpIMideN05ni89
+cmRjdbff6fj4qyukThD2X/gINlVMAAAAkOVOKvBjvIbIoc9JA2q8ui62PqP6dQwwsR94Vr
+/czMBQah5jFKdH9vDiI2JLaGjoH4VvT9mzuPBoE0Vchk6MEpud2dNXWMdb2ubG1d9yTWfV
+XhMXMeNd6UEjY7ypsldhR2X55dvIFeNr9B6A8dMy1Qpeyd62maBOwNdumbsG6MalXOFuv7
+srvnjlwUdHKZV9wg==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/.ci/docker/ssh/client_key.pub b/.ci/docker/ssh/client_key.pub
new file mode 100644
index 0000000..6b0e3e9
--- /dev/null
+++ b/.ci/docker/ssh/client_key.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDkpIMideN05ni89cmRjdbff6fj4qyukThD2X/gINlVM root@client
diff --git a/.ci/docker/ssh/server_key b/.ci/docker/ssh/server_key
new file mode 100644
index 0000000..07774eb
--- /dev/null
+++ b/.ci/docker/ssh/server_key
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACCXhJs2H7dvamDdK51mhWEAGuXnBsCVEKdWxyPjWYNgigAAAJDx95CI8feQ
+iAAAAAtzc2gtZWQyNTUxOQAAACCXhJs2H7dvamDdK51mhWEAGuXnBsCVEKdWxyPjWYNgig
+AAAEBkubMLhAF/0hCKnq2l3BuexD4UIQ+qcXW5ke+DWhQ8DJeEmzYft29qYN0rnWaFYQAa
+5ecGwJUQp1bHI+NZg2CKAAAAC3Jvb3RAc2VydmVyAQI=
+-----END OPENSSH PRIVATE KEY-----
diff --git a/.ci/docker/ssh/server_key.pub b/.ci/docker/ssh/server_key.pub
new file mode 100644
index 0000000..601277f
--- /dev/null
+++ b/.ci/docker/ssh/server_key.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJeEmzYft29qYN0rnWaFYQAa5ecGwJUQp1bHI+NZg2CK root@server
diff --git a/.ci/docker/test.sh b/.ci/docker/test.sh
new file mode 100755
index 0000000..464ec3d
--- /dev/null
+++ b/.ci/docker/test.sh
@@ -0,0 +1,132 @@
+#!/usr/bin/env bash
+
+set -o errexit -o nounset -o pipefail
+
+script_dir="$( dirname -- "${BASH_SOURCE[0]}" )"
+script_dir="$( cd -- "$script_dir" && pwd )"
+readonly script_dir
+script_name="$( basename -- "${BASH_SOURCE[0]}" )"
+readonly script_name
+
+dump() {
+    local prefix="${FUNCNAME[0]}"
+    [ "${#FUNCNAME[@]}" -gt 1 ] && prefix="${FUNCNAME[1]}"
+
+    local msg
+    for msg; do
+        echo "$script_name: $prefix: $msg"
+    done
+}
+
+kill_ssh_agent() {
+    [ -n "${SSH_AGENT_PID:+x}" ] || return 0
+    dump "killing ssh-agent with PID $SSH_AGENT_PID"
+    kill "$SSH_AGENT_PID"
+}
+
+spawn_ssh_agent() {
+    [ -n "${SSH_AGENT_PID:+x}" ] && return 0
+    if ! command -v ssh-agent > /dev/null 2>&1; then
+        dump "could not find ssh-agent" >&2
+        return 1
+    fi
+    local output
+    output="$( ssh-agent -s )"
+    eval "$output"
+    if [ -z "${SSH_AGENT_PID:+x}" ]; then
+        dump "could not start ssh-agent" >&2
+        return 1
+    fi
+    trap kill_ssh_agent EXIT
+}
+
+setup_ssh_agent() {
+    echo
+    echo ----------------------------------------------------------------------
+    echo Setting up ssh-agent
+    echo ----------------------------------------------------------------------
+
+    spawn_ssh_agent
+
+    local key='ssh/client_key'
+    chmod 0600 -- "$key"
+    local password='password'
+
+    local askpass_path
+    askpass_path="$( mktemp --tmpdir="$script_dir" )"
+
+    local askpass_rm
+    askpass_rm="$( printf -- 'rm -- %q; trap - RETURN' "$askpass_path" )"
+    trap "$askpass_rm" RETURN
+
+    chmod 0700 -- "$askpass_path"
+
+    local echo_password
+    echo_password="$( printf -- 'echo %q' "$password" )"
+    echo "$echo_password" > "$askpass_path"
+
+    SSH_ASKPASS="$askpass_path" DISPLAY= ssh-add "$key" > /dev/null 2>&1 < /dev/null
+}
+
+docker_build() {
+    echo
+    echo ----------------------------------------------------------------------
+    echo Building Docker images
+    echo ----------------------------------------------------------------------
+
+    docker-compose build
+}
+
+setup() {
+    setup_ssh_agent
+    docker_build
+}
+
+run_server() {
+    echo
+    echo ----------------------------------------------------------------------
+    echo Running the server
+    echo ----------------------------------------------------------------------
+
+    docker-compose up -d server
+}
+
+run_client() {
+    echo
+    echo ----------------------------------------------------------------------
+    echo Running the client
+    echo ----------------------------------------------------------------------
+
+    if [ -z "${SSH_AUTH_SOCK:+x}" ]; then
+        dump 'SSH_AUTH_SOCK is not defined' >&2
+        return 1
+    fi
+    dump "SSH_AUTH_SOCK: $SSH_AUTH_SOCK"
+    docker-compose run --rm client
+}
+
+run() {
+    run_server
+    run_client
+}
+
+verify() {
+    echo
+    echo ----------------------------------------------------------------------
+    echo Checking the pulled repository
+    echo ----------------------------------------------------------------------
+
+    pushd -- "$script_dir/client/var/output/test_repo" > /dev/null
+    git log --oneline
+    popd > /dev/null
+}
+
+main() {
+    pushd -- "$script_dir" > /dev/null
+    setup
+    run
+    verify
+    popd > /dev/null
+}
+
+main