On Mon, Mar 04, 2024 at 08:00:00AM +0000, M Hickford wrote: > > It definitely makes sense in principle. Though the concern perhaps > > will be that any new features added to the credential helpers and > > thus its test suite would need adding to each credential helper > > simultaneously to avoid failing CI. Ideally we would do exactly > > that, though that requires knowledge on each of the keystore APIs > > used in each of the credential helpers. > > Good point. I think we suffer from that somewhat already. You cannot run t0303 successfully against credential-store anymore, as of 0ce02e2fec (credential/libsecret: store new attributes, 2023-06-16). There is some prior art in the GIT_TEST_CREDENTIAL_HELPER_TIMEOUT variable, as time is not a concept to every helper (like store, for example). Other new tests like the password-expiry and oauth features could be gated on similar variables. That would help non-CI users testing helpers manually, and then CI jobs could set the appropriate switches for each helper that they cover. All that said, I'd be surprised if testing osxkeychain in the CI environment worked. Back when I worked on it in 2011, I found that I had to actually run the tests in a local terminal; even a remote ssh login could not access the keychain. It's possible that things have changed since then, though, or perhaps I was imply ignorant of how to configure things correctly. -Peff