[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Reliance on cached credentials in the test suite [Was: Subversion 1.4.4 tarballs up for testing/signing]

From: Paul Burba <pburba_at_collab.net>
Date: 2007-05-18 17:08:44 CEST

> -----Original Message-----
> From: Lieven Govaerts [mailto:svnlgo@mobsol.be]
> Sent: Thursday, May 17, 2007 7:35 PM
> To: Paul Burba
> Cc: David Glasser; D.J. Heap; David Anderson; SVN Dev
> Subject: Re: Subversion 1.4.4 tarballs up for testing/signing
> On trunk the pristine repository is now created at the start
> of each testsuite, so in this case at the beginning of
> svnadmin_tests.py. While importing the greek tree in the
> pristine repository the credentials are used and cached. See
> svntest/actions.py setup_pristine_repository().
> On the 1.4.x branch, the pristine repository is created in
> svntest/actions.py guarantee_greek_repository(), but only for
> the first test case in the suite that's needing it.
> guarantee_greek_repository() is called in sbox.build(), which
> in svnadmin_tests.py is only called in the 5th test.

Thanks Lieven, appreciate the explanation. I knew you'd know!
> I don't think it's a good idea to trust on cached credentials
> while running tests, so I support any fix which explicitly
> adds user & pwd to calls to svn.exe or svnadmin.exe.

What's the harm in relying on the cached credentials in
local_tmp/config/auth? The spurious failure of svnadmin test 4 on 1.4.4
is a fluke no? I'm trying to see the danger here. Was there a specific
scenario you had in mind that could cause us problems?

Already most of the svntest.actions.run_and_verify_* methods which may
contact the repos, with the notable exception of run_and_verify_svn,
explicitly pass "'--username', main.wc_author, '--password',
main.wc_passwd,", caching them in local_tmp/config/auth. That's the
good news. The bad news is that a fix to explicitly add user & pwd
still means looking at the 1400+ calls to actions.run_and_verify_svn().
A brief look shows that many of these implicitly rely on cached
credentials. But since the trunk tests do work right now, we'd be
performing a lot of grunt work to fix...what exactly?

Note: The ubiquitous sbox.build() caches the credentials at the start of
practically every test:

  main.Sandbox.build() -->
  actions.make_repo_and_wc() -->
  actions.run_and_verify_checkout() -->
  actions.run_and_verify_svn() explicitly passing username and password.

Which is why this isn't a problem on trunk today, we'd need the first
test of a suite to not call sbox.build() and have it's first repos
accessing svn command be executed via run_and_verify_svn().

So, is there really a problem here? Thoughts?

Paul B.

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri May 18 17:08:58 2007

This is an archived mail posted to the Subversion Dev mailing list.