parse_encrypt: Don't let e.g. "*.ext" match files in subdirs

This matches the behavior before 3.4.0. Silent errors from ls-files to avoid warnings about e.g. directories that aren't readable and also list files that would have been encrypted had they not been tracked in git (#521). Fix the patterns written to info/exclude so that they match the same files as are encrypted (e.g. *.key should only match .key files in the topdir, not in subdirs).
2026-03-02 03:49:29 +00:00 · 2025-02-10 20:58:01 +01:00
parent 5648f8b337
commit 6726730701
5 changed files with 87 additions and 36 deletions
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -609,14 +609,14 @@ disable-scdaemon
    env["GNUPGHOME"] = home

    # this pre-populates std files in the GNUPGHOME
-    runner(["gpg", "-k"], env=env)
+    runner(["gpg", "-k"], env=env, report=False)

    def register_gpg_password(password):
        """Publish a new GPG mock password and flush cached passwords"""
        home.join("mock-password").write(password)
-        runner(["gpgconf", "--reload", "gpg-agent"], env=env)
+        runner(["gpgconf", "--reload", "gpg-agent"], env=env, report=False)

    yield data(home, register_gpg_password)

-    runner(["gpgconf", "--kill", "gpg-agent"], env=env)
-    runner(["gpgconf", "--remove-socketdir", "gpg-agent"], env=env)
+    runner(["gpgconf", "--kill", "gpg-agent"], env=env, report=False)
+    runner(["gpgconf", "--remove-socketdir", "gpg-agent"], env=env, report=False)
--- a/test/test_encryption.py
+++ b/test/test_encryption.py
@@ -92,6 +92,7 @@ def encrypt_targets(yadm_cmd, paths):
    paths.work.join("globs dir/globs file2").write("globs file2")
    expected.append("globs dir/globs file2")
    paths.encrypt.write("globs*\n", mode="a")
+    paths.encrypt.write("globs d*/globs*\n", mode="a")

    # blank lines
    paths.encrypt.write("\n        \n\t\n", mode="a")
@@ -404,8 +405,8 @@ def test_encrypt_added_to_exclude(runner, yadm_cmd, paths, gnupg):

    run = runner(yadm_cmd("encrypt"), env=env)

-    assert "test-encrypt-data" in paths.repo.join("info/exclude").read()
-    assert "original-data" in paths.repo.join("info/exclude").read()
+    assert "test-encrypt-data" in exclude_file.read()
+    assert "original-data" in exclude_file.read()
    assert run.success
    assert run.err == ""

--- a/test/test_unit_exclude_encrypted.py
+++ b/test/test_unit_exclude_encrypted.py
@@ -24,7 +24,7 @@ def test_exclude_encrypted(runner, tmpdir, yadm, encrypt_exists, auto_exclude, e
    if exclude == "outdated":
        exclude_file.write(f"original-exclude\n{header}outdated\n", ensure=True)
    elif exclude == "up-to-date":
-        exclude_file.write(f"original-exclude\n{header}test-encrypt-data\n", ensure=True)
+        exclude_file.write(f"original-exclude\n{header}/test-encrypt-data\n", ensure=True)

    script = f"""
        YADM_TEST=1 source {yadm}
@@ -42,9 +42,9 @@ def test_exclude_encrypted(runner, tmpdir, yadm, encrypt_exists, auto_exclude, e
        if encrypt_exists:
            assert exclude_file.exists()
            if exclude == "missing":
-                assert exclude_file.read() == f"{header}test-encrypt-data\n"
+                assert exclude_file.read() == f"{header}/test-encrypt-data\n"
            else:
-                assert exclude_file.read() == ("original-exclude\n" f"{header}test-encrypt-data\n")
+                assert exclude_file.read() == ("original-exclude\n" f"{header}/test-encrypt-data\n")
            if exclude != "up-to-date":
                assert f"Updating {exclude_file}" in run.out
            else:
--- a/test/test_unit_parse_encrypt.py
+++ b/test/test_unit_parse_encrypt.py
@@ -100,10 +100,11 @@ def create_test_encrypt_data(paths):
    edata += "*card1\n"  # matches same file as the one above
    paths.work.join("wildcard1").write("", ensure=True)
    paths.work.join("wildcard2").write("", ensure=True)
+    paths.work.join("subdir/wildcard1").write("", ensure=True)
    expected.add("wildcard1")
    expected.add("wildcard2")

-    edata += "dirwild*\n"
+    edata += "dirwild*/file*\n"
    paths.work.join("dirwildcard/file1").write("", ensure=True)
    paths.work.join("dirwildcard/file2").write("", ensure=True)
    expected.add("dirwildcard/file1")
@@ -125,6 +126,9 @@ def create_test_encrypt_data(paths):
    expected.add("ex ex/file4")
    expected.add("ex ex/file6.text")

+    paths.work.join("dirwildcard/file7.ex").write("", ensure=True)
+    expected.add("dirwildcard/file7.ex")
+
    # double star
    edata += "doublestar/**/file*\n"
    edata += "!**/file3\n"