config: allow overriding of global and system configuration

In order to have git run in a fully controlled environment without any
misconfiguration, it may be desirable for users or scripts to override
global- and system-level configuration files. We already have a way of
doing this, which is to unset both HOME and XDG_CONFIG_HOME environment
variables and to set `GIT_CONFIG_NOGLOBAL=true`. This is quite kludgy,
and unsetting the first two variables likely has an impact on other
executables spawned by such a script.

The obvious way to fix this would be to introduce `GIT_CONFIG_NOGLOBAL`
as an equivalent to `GIT_CONFIG_NOSYSTEM`. But in the past, it has
turned out that this design is inflexible: we cannot test system-level
parsing of the git configuration in our test harness because there is no
way to change its location, so all tests run with `GIT_CONFIG_NOSYSTEM`
set.

Instead of doing the same mistake with `GIT_CONFIG_NOGLOBAL`, introduce
two new variables `GIT_CONFIG_GLOBAL` and `GIT_CONFIG_SYSTEM`:

    - If unset, git continues to use the usual locations.

    - If set to a specific path, we skip reading the normal
      configuration files and instead take the path. By setting the path
      to `/dev/null`, no configuration will be loaded for the respective
      level.

This implements the usecase where we want to execute code in a sanitized
environment without any potential misconfigurations via `/dev/null`, but
is more flexible and allows for more usecases than simply adding
`GIT_CONFIG_NOGLOBAL`.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/Documentation/git-config.txt b/Documentation/git-config.txt
index 4b4cc5c5e84c462c5bd0ada2fb56068451437696..5cddadafd2ee1853bb83846053302e00d14fca9a 100644 (file)
--- a/Documentation/git-config.txt
+++ b/Documentation/git-config.txt
@@ -340,6 +340,11 @@ GIT_CONFIG::
        Using the "--global" option forces this to ~/.gitconfig. Using the
        "--system" option forces this to $(prefix)/etc/gitconfig.
 
+GIT_CONFIG_GLOBAL::
+GIT_CONFIG_SYSTEM::
+       Take the configuration from the given files instead from global or
+       system-level configuration. See linkgit:git[1] for details.
+
 GIT_CONFIG_NOSYSTEM::
        Whether to skip reading settings from the system-wide
        $(prefix)/etc/gitconfig file. See linkgit:git[1] for details.

diff --git a/Documentation/git.txt b/Documentation/git.txt
index 3a9c44987f998c6a767c4dc19755e4e0c10d9411..380422a6a9e91492e67dbcc603ff24ca7cd22c9e 100644 (file)
--- a/Documentation/git.txt
+++ b/Documentation/git.txt
@@ -670,6 +670,16 @@ for further details.
        If this environment variable is set to `0`, git will not prompt
        on the terminal (e.g., when asking for HTTP authentication).
 
+`GIT_CONFIG_GLOBAL`::
+`GIT_CONFIG_SYSTEM`::
+       Take the configuration from the given files instead from global or
+       system-level configuration files. If `GIT_CONFIG_SYSTEM` is set, the
+       system config file defined at build time (usually `/etc/gitconfig`)
+       will not be read. Likewise, if `GIT_CONFIG_GLOBAL` is set, neither
+       `$HOME/.gitconfig` nor `$XDG_CONFIG_HOME/git/config` will be read. Can
+       be set to `/dev/null` to skip reading configuration files of the
+       respective level.
+
 `GIT_CONFIG_NOSYSTEM`::
        Whether to skip reading settings from the system-wide
        `$(prefix)/etc/gitconfig` file.  This environment variable can

diff --git a/config.c b/config.c
index 8900d96cb63232358bd3f3df869b6356410f5934..8d4dbe1310c295ea9f527fd5baec4bb65beb7e6f 100644 (file)
--- a/config.c
+++ b/config.c
@@ -1846,13 +1846,24 @@ static int git_config_from_blob_ref(config_fn_t fn,
 
 char *git_system_config(void)
 {
+       char *system_config = xstrdup_or_null(getenv("GIT_CONFIG_SYSTEM"));
+       if (system_config)
+               return system_config;
        return system_path(ETC_GITCONFIG);
 }
 
-void git_global_config(char **user_config, char **xdg_config)
+void git_global_config(char **user_out, char **xdg_out)
 {
-       *user_config = expand_user_path("~/.gitconfig", 0);
-       *xdg_config = xdg_config_home("config");
+       char *user_config = xstrdup_or_null(getenv("GIT_CONFIG_GLOBAL"));
+       char *xdg_config = NULL;
+
+       if (!user_config) {
+               user_config = expand_user_path("~/.gitconfig", 0);
+               xdg_config = xdg_config_home("config");
+       }
+
+       *user_out = user_config;
+       *xdg_out = xdg_config;
 }
 
 /*

diff --git a/t/t1300-config.sh b/t/t1300-config.sh
index e0dd5d65cedadbab2a5d4aa9c0697b346374612b..0f92dfe6fbc652d8cdb791f1834b5b75a23abfa8 100755 (executable)
--- a/t/t1300-config.sh
+++ b/t/t1300-config.sh
@@ -2059,6 +2059,92 @@ test_expect_success '--show-scope with --show-origin' '
        test_cmp expect output
 '
 
+test_expect_success 'override global and system config' '
+       test_when_finished rm -f "$HOME"/.config/git &&
+
+       cat >"$HOME"/.gitconfig <<-EOF &&
+       [home]
+               config = true
+       EOF
+       mkdir -p "$HOME"/.config/git &&
+       cat >"$HOME"/.config/git/config <<-EOF &&
+       [xdg]
+               config = true
+       EOF
+       cat >.git/config <<-EOF &&
+       [local]
+               config = true
+       EOF
+       cat >custom-global-config <<-EOF &&
+       [global]
+               config = true
+       EOF
+       cat >custom-system-config <<-EOF &&
+       [system]
+               config = true
+       EOF
+
+       cat >expect <<-EOF &&
+       global  xdg.config=true
+       global  home.config=true
+       local   local.config=true
+       EOF
+       git config --show-scope --list >output &&
+       test_cmp expect output &&
+
+       sane_unset GIT_CONFIG_NOSYSTEM &&
+
+       cat >expect <<-EOF &&
+       system  system.config=true
+       global  global.config=true
+       local   local.config=true
+       EOF
+       GIT_CONFIG_SYSTEM=custom-system-config GIT_CONFIG_GLOBAL=custom-global-config \
+               git config --show-scope --list >output &&
+       test_cmp expect output &&
+
+       cat >expect <<-EOF &&
+       local   local.config=true
+       EOF
+       GIT_CONFIG_SYSTEM=/dev/null GIT_CONFIG_GLOBAL=/dev/null git config --show-scope --list >output &&
+       test_cmp expect output
+'
+
+test_expect_success 'override global and system config with missing file' '
+       test_must_fail env GIT_CONFIG_GLOBAL=does-not-exist GIT_CONFIG_SYSTEM=/dev/null git config --global --list &&
+       test_must_fail env GIT_CONFIG_GLOBAL=/dev/null GIT_CONFIG_SYSTEM=does-not-exist git config --system --list &&
+       GIT_CONFIG_GLOBAL=does-not-exist GIT_CONFIG_SYSTEM=does-not-exist git version
+'
+
+test_expect_success 'system override has no effect with GIT_CONFIG_NOSYSTEM' '
+       # `git config --system` has different semantics compared to other
+       # commands as it ignores GIT_CONFIG_NOSYSTEM. We thus test whether the
+       # variable has an effect via a different proxy.
+       cat >alias-config <<-EOF &&
+       [alias]
+               hello-world = !echo "hello world"
+       EOF
+       test_must_fail env GIT_CONFIG_NOSYSTEM=true GIT_CONFIG_SYSTEM=alias-config \
+               git hello-world &&
+       GIT_CONFIG_NOSYSTEM=false GIT_CONFIG_SYSTEM=alias-config \
+               git hello-world >actual &&
+       echo "hello world" >expect &&
+       test_cmp expect actual
+'
+
+test_expect_success 'write to overridden global and system config' '
+       cat >expect <<EOF &&
+[config]
+       key = value
+EOF
+
+       GIT_CONFIG_GLOBAL=write-to-global git config --global config.key value &&
+       test_cmp expect write-to-global &&
+
+       GIT_CONFIG_SYSTEM=write-to-system git config --system config.key value &&
+       test_cmp expect write-to-system
+'
+
 for opt in --local --worktree
 do
        test_expect_success "$opt requires a repo" '