Simplify the names for the tests, removing the unnecessary
"libgit2-clar" prefix. Make "all" the new default test run, and include
the online tests by default (since HTTPS should always be enabled).
For the CI tests, create an offline-only test, then the various online
tests.
This adds a simple script for backporting pull requests to older
branches. It accepts as parameters a list of pull request numbers which
whose commits are to be cherry-picked. The identification of PRs
currently happens by using the commit message of the merge of the PR,
which should conform to the message "Merge pull request #<PR>".
While the heuristic works in practice, we could instead also use the
direct references from GitHub via "pull/#<PR>/head". This requires the
user to have all these references fetched, though, so we can just use
the current heuristic until we experience any issues with that.
Some tests shall be run against our own SSH server we spin up in Travis.
As those need to be run separate from our previous tests which run
against git-daemon, we have to do this in a separate step. Instead of
bundling all that knowledge in the CI script, move it into the test
build instructions by creating a new test target.
Right now, we test our credential callback code twice, once via SSH on
localhost and once via a non-existent GitHub repository. While the first
URL makes sense to be configurable, it does not make sense to hard-code
the non-existing repository, which requires us to call tests multiple
times. Instead, we can just inline the URL into another set of tests.
We support two types of passing credentials to the proxy, either via the
URL or explicitly by specifying user and password. We test these types
by modifying the proxy URL and executing the tests twice, which is
in fact unnecessary and requires us to maintain the list of environment
variables and test executions across multiple CI infrastructures.
To fix the situation, we can just always pass the host, port, user and
password to the tests. The tests can then assemble the complete URL
either with or without included credentials, allowing us to test both
cases in-process.
By default, CMake will not build our examples directory. As we do not
instruct either the MinGW or MSVC builds on AppVeyor to enable building
these examples, we cannot verify that those examples at least build on
Windows systems.
Fix that by passing `-DBUILD_EXAMPLES=ON` to AppVeyor's CMake
invocation.
Ubuntu trusty has a bug in curl when using NTLM credentials in a proxy,
dereferencing a null pointer and causing segmentation faults. Use a
custom-patched version of libcurl that avoids this issue.
Some tests of ours require to be running against an SSH server.
Currently, we simply run against the SSH server provided and started by
Travis itself. As our Linux tests run in a sudo-less environment, we
have no control over its configuration and startup/shutdown procedure.
While this has been no problem until now, it will become a problem as
soon as we migrate over to newer Precise images, as the SSH server does
not have any host keys set up. Luckily, we can simply set up our own
unpriviledged SSH server. This has the benefit of us being able to
modify its configuration even in a sudo-less environment.
This commit sets up the unpriviledged SSH server on port 2222.
The formulae provided by the homebrew/dupes tap are deprecated since at
least April 4, 2017, with formulae having been migrated to
homebrew/core.
Replace the deprecated reference to "homebrew/dupes/zlib" with only
"zlib".
When running a Coverity build, we have to provide an
authentication token in order to proof that we are actually
allowed to run analysis in the name of a certain project. As this
token should be secret, it is only set on the main repository, so
when we were requested to run the Coverity script on another
repository we do error out. But in fact we do also error out if
the Coverity analysis should _not_ be run if there is no
authentication token provided.
Fix the issue by only checking for the authentication token after
determining if analysis is indeed requested.
We used to only execute Coverity analysis on the 'development'
branch before commit 998f001 (Refine build limitation,
2014-01-15), which refined Coverity build limitations. While we
do not really use the 'development' branch anymore, it does
still make sense to only analyze a single branch, as otherwise
Coverity might get confused.
Re-establish the restriction such that we only analyze libgit2's
'master' branch. Also fix the message announcing why we do not
actually analyze a certain build.
The `git_buf` structure seems to be too complicated to correctly
grasp for Coverity. As such, add simpler models trying to guide
Coverity and remove false positives related to these functions.
The static analysis engine coverity allows for user models
overriding how it treats functions when analyzing code. Like
this, one can greatly reduce the rate of false positives and thus
make it easier to spot actual errors.
Add a user model that overrides function models for `git_buf_len`
and `git_vector_insert`, which together amount for a majority of
false positives.
It takes a bit for the propxy to get ready to accept connections, so
start it before the build so we can be reasonably sure that it's going
to be ready in time.
Curl by default does not report errors by setting the error code.
As the upload can fail through several conditions (e.g. the rate
limit, leading to unauthorized access) we should indicate this
information in Travis CI.
To improve upon the behavior, use `--write-out=%{http_code}` to
write out the HTTP code in addition to the received body and
return an error if the code does not equal 201.
We were missing this test on Windows, which meant we didn't notice that
we never fixed the single authentication attempt it tries, nor its wrong
return code.
Enable this for the unix platforms as well over HTTP. We previously were
doing it locally but disabled it on OS X due to issues with its sshd not
accepting password authentication.
