66 lines
2.2 KiB
Bash
66 lines
2.2 KiB
Bash
#!/usr/bin/env bats
|
|
# tests/permissions.bats
|
|
# Blinda i permessi del repo, cosi' un `cp`/deploy preserva l'eseguibilita' e non
|
|
# ricapita il "Permission denied" (es. ingest-semantic.py lanciato diretto).
|
|
#
|
|
# Principio:
|
|
# - script con shebang lanciati direttamente -> eseguibili (git mode 100755)
|
|
# - librerie *sourced* (lib/, providers/, registry.sh, globals.env) -> NON eseguibili (100644)
|
|
|
|
REPO="${BATS_TEST_DIRNAME}/.."
|
|
|
|
# Entry-point / script eseguibili (tutti hanno shebang; alcuni anche lanciati a mano per debug)
|
|
EXECUTABLES=(
|
|
skills/ingest/scripts/ingest-semantic.py
|
|
skills/ingest/scripts/run-ingest.sh
|
|
skills/ingest/scripts/scoped-lint.sh
|
|
skills/ingest/scripts/open-pr.sh
|
|
skills/ingest/scripts/log-append.sh
|
|
skills/ingest/scripts/slug.sh
|
|
skills/ingest/scripts/index-append.py
|
|
scripts/add-genome.sh
|
|
scripts/setup.sh
|
|
scripts/setup-genomes.sh
|
|
scripts/setup-master.sh
|
|
scripts/lint-genomes.sh
|
|
scripts/verify-genomes.sh
|
|
)
|
|
|
|
# Librerie sourced: NON devono essere eseguibili.
|
|
LIBRARIES=(
|
|
lib/lint.sh lib/output.sh lib/deps.sh lib/git-crypt.sh lib/scaffold.sh lib/structure.sh
|
|
providers/forgejo.sh providers/github.sh
|
|
registry.sh globals.env
|
|
)
|
|
|
|
git_mode() { git -C "$REPO" ls-files -s -- "$1" | awk '{print $1}'; }
|
|
|
|
@test "executable scripts have the +x bit on disk" {
|
|
for f in "${EXECUTABLES[@]}"; do
|
|
[ -x "${REPO}/${f}" ] || { echo "NON eseguibile su disco: $f"; return 1; }
|
|
done
|
|
}
|
|
|
|
@test "executable scripts are recorded 100755 in git" {
|
|
for f in "${EXECUTABLES[@]}"; do
|
|
mode="$(git_mode "$f")"
|
|
[ -n "$mode" ] || { echo "non tracciato in git: $f"; return 1; }
|
|
[ "$mode" = "100755" ] || { echo "git mode $mode (atteso 100755): $f"; return 1; }
|
|
done
|
|
}
|
|
|
|
@test "sourced libraries are NOT executable in git (100644)" {
|
|
for f in "${LIBRARIES[@]}"; do
|
|
mode="$(git_mode "$f")"
|
|
[ -z "$mode" ] && continue # non tracciato/opzionale -> salta
|
|
[ "$mode" = "100644" ] || { echo "git mode $mode (atteso 100644, e' sourced): $f"; return 1; }
|
|
done
|
|
}
|
|
|
|
@test "executable shell scripts pass bash -n (syntax)" {
|
|
for f in "${EXECUTABLES[@]}"; do
|
|
case "$f" in
|
|
*.sh) bash -n "${REPO}/${f}" || { echo "syntax error: $f"; return 1; } ;;
|
|
esac
|
|
done
|
|
}
|