test(commands): stores gpg keyring in a temporary directory

GNUPGHOME must be less than 104 characters in order for the gpg-agent to run.

Author: bhelgs

tests/conftest.py

@@ -1,5 +1,7 @@
 import os
+import pathlib
 import re
+import shutil
 
 import pytest
 
@@ -24,36 +26,45 @@ def tmp_commitizen_project(tmp_git_project):
         yield tmp_git_project
 
 
-@pytest.fixture(scope="function")
-def tmp_commitizen_project_with_gpg(tmp_commitizen_project):
-    _gpg_file = tmp_commitizen_project.join("gpg_setup")
-    _signer_mail = "action@github.com"
-    with open(_gpg_file, "w", newline="") as f:
-        f.write("Key-Type: RSA" + os.linesep)
-        f.write("Key-Length: 2048" + os.linesep)
-        f.write("Subkey-Type: RSA" + os.linesep)
-        f.write("Subkey-Length: 2048" + os.linesep)
-        f.write("Name-Real: GitHub Action" + os.linesep)
-        f.write("Name-Comment: with stupid passphrase" + os.linesep)
-        f.write(f"Name-Email: {_signer_mail}" + os.linesep)
-        f.write("Expire-Date: 1" + os.linesep)
-
-    cmd.run(
-        f"gpg --batch --passphrase '' --pinentry-mode loopback --generate-key {_gpg_file}"
-    )
-
-    _new_key = cmd.run(f"gpg --list-secret-keys {_signer_mail}")
+def _get_gpg_keyid(signer_mail):
+    _new_key = cmd.run(f"gpg --list-secret-keys {signer_mail}")
     _m = re.search(
         rf"[a-zA-Z0-9 \[\]-_]*{os.linesep}[ ]*([0-9A-Za-z]*){os.linesep}[{os.linesep}a-zA-Z0-9 \[\]-_<>@]*",
         _new_key.out,
     )
+    return _m.group(1) if _m else None
+
+
+@pytest.fixture(scope="function")
+def tmp_commitizen_project_with_gpg(tmp_commitizen_project):
+    _signer = "GitHub Action"
+    _signer_mail = "action@github.com"
+
+    # create a temporary GPGHOME to store a temporary keyring.
+    # Home path must be less than 104 characters
+    gpg_home = pathlib.Path.home() / f".gnupg-commitizen-unittest-{os.getpid()}"
+    try:
+        gpg_home.mkdir(mode=0o700, exist_ok=True)
+        os.environ["GNUPGHOME"] = str(gpg_home)  # tempdir = temp keyring
+        key_id = _get_gpg_keyid(_signer_mail)
+        if not key_id:
+            c = cmd.run(
+                f"gpg --batch --yes --debug-quick-random --passphrase '' --quick-gen-key '{_signer} {_signer_mail}'"
+            )
+            if c.return_code != 0:
+                raise Exception(f"gpg keygen failed with err: '{c.err}'")
+            key_id = _get_gpg_keyid(_signer_mail)
+
+        assert key_id
 
-    if _m:
-        _key_id = _m.group(1)
         cmd.run("git config commit.gpgsign true")
-        cmd.run(f"git config user.signingkey {_key_id}")
+        cmd.run(f"git config user.name {_signer}")
+        cmd.run(f"git config user.email {_signer_mail}")
+        cmd.run(f"git config user.signingkey {key_id}")
 
-    yield tmp_commitizen_project
+        yield tmp_commitizen_project
+    finally:
+        shutil.rmtree(gpg_home)
 
 
 @pytest.fixture()

tests/utils.py

@@ -3,7 +3,7 @@
 from pathlib import Path
 from typing import Optional
 
-from commitizen import cmd, git
+from commitizen import cmd, exceptions, git
 
 
 class FakeCommand:
@@ -18,8 +18,12 @@ def create_file_and_commit(message: str, filename: Optional[str] = None):
         filename = str(uuid.uuid4())
 
     Path(f"./{filename}").touch()
-    cmd.run("git add .")
-    git.commit(message)
+    c = cmd.run("git add .")
+    if c.return_code != 0:
+        raise exceptions.CommitError(c.err)
+    c = git.commit(message)
+    if c.return_code != 0:
+        raise exceptions.CommitError(c.err)
 
 
 def wait_for_tag():