| 1 |
commit: 1d6850f3ac839326c5596db5a570bc7832bb394e |
| 2 |
Author: Zac Medico <zmedico <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Sat Feb 4 14:26:12 2012 +0000 |
| 4 |
Commit: Zac Medico <zmedico <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sat Feb 4 14:38:32 2012 +0000 |
| 6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/portage.git;a=commit;h=1d6850f3 |
| 7 |
|
| 8 |
repoman: support git commit --gpg-sign |
| 9 |
|
| 10 |
In order to sign commits with git, you will need Git >=1.7.9 and your |
| 11 |
key will have to be configured by `git config user.signingkey key_id`. |
| 12 |
Also, the repository will need to have "sign-commits = true" in |
| 13 |
metadata/layout.conf. This will fix bug #333687. |
| 14 |
|
| 15 |
--- |
| 16 |
bin/repoman | 7 +++++++ |
| 17 |
man/make.conf.5 | 4 +++- |
| 18 |
man/portage.5 | 3 +++ |
| 19 |
pym/portage/repository/config.py | 10 ++++++++-- |
| 20 |
4 files changed, 21 insertions(+), 3 deletions(-) |
| 21 |
|
| 22 |
diff --git a/bin/repoman b/bin/repoman |
| 23 |
index 6e91254..bee6661 100755 |
| 24 |
--- a/bin/repoman |
| 25 |
+++ b/bin/repoman |
| 26 |
@@ -582,6 +582,13 @@ repo_config = repoman_settings.repositories.get_repo_for_location(repodir) |
| 27 |
portdb.porttrees = list(repo_config.eclass_db.porttrees) |
| 28 |
portdir = portdb.porttrees[0] |
| 29 |
|
| 30 |
+if repo_config.sign_commit: |
| 31 |
+ if vcs == 'git': |
| 32 |
+ # NOTE: It's possible to use --gpg-sign=key_id to specify the key in |
| 33 |
+ # the commit arguments. If key_id is unspecified, then it must be |
| 34 |
+ # configured by `git config user.signingkey key_id`. |
| 35 |
+ vcs_local_opts.append("--gpg-sign") |
| 36 |
+ |
| 37 |
# In order to disable manifest signatures, repos may set |
| 38 |
# "sign-manifests = false" in metadata/layout.conf. This |
| 39 |
# can be used to prevent merge conflicts like those that |
| 40 |
|
| 41 |
diff --git a/man/make.conf.5 b/man/make.conf.5 |
| 42 |
index e5a9ae1..e8777c8 100644 |
| 43 |
--- a/man/make.conf.5 |
| 44 |
+++ b/man/make.conf.5 |
| 45 |
@@ -722,7 +722,9 @@ Defaults to $HOME/.gnupg. |
| 46 |
.TP |
| 47 |
.B PORTAGE_GPG_KEY |
| 48 |
The \fBgpg\fR(1) key used by \fBrepoman\fR(1) to sign manifests |
| 49 |
-when \fBsign\fR is in \fBFEATURES\fR. |
| 50 |
+when \fBsign\fR is in \fBFEATURES\fR. In order to sign commits with |
| 51 |
+\fBgit\fR(1), you will need Git >=1.7.9 and your commit key will have |
| 52 |
+to be configured by \fI`git config user.signingkey key_id`\fR. |
| 53 |
.TP |
| 54 |
.B PORTAGE_GPG_SIGNING_COMMAND |
| 55 |
The command used by \fBrepoman\fR(1) to sign manifests when \fBsign\fR is |
| 56 |
|
| 57 |
diff --git a/man/portage.5 b/man/portage.5 |
| 58 |
index e2ed754..dd94a79 100644 |
| 59 |
--- a/man/portage.5 |
| 60 |
+++ b/man/portage.5 |
| 61 |
@@ -785,6 +785,9 @@ precedence over settings in \fBlayout.conf\fR, except tools such as |
| 62 |
masters = gentoo java-overlay |
| 63 |
# indicate that this repo can be used as a substitute for foo-overlay |
| 64 |
aliases = foo-overlay |
| 65 |
+# sign commits in this repo, which requires Git >=1.7.9, and |
| 66 |
+# key configured by `git config user.signingkey key_id` |
| 67 |
+sign\-commits = true |
| 68 |
# do not sign manifests in this repo |
| 69 |
sign\-manifests = false |
| 70 |
# thin\-manifests only contain DIST entries |
| 71 |
|
| 72 |
diff --git a/pym/portage/repository/config.py b/pym/portage/repository/config.py |
| 73 |
index ebee234..84d9741 100644 |
| 74 |
--- a/pym/portage/repository/config.py |
| 75 |
+++ b/pym/portage/repository/config.py |
| 76 |
@@ -49,7 +49,7 @@ class RepoConfig(object): |
| 77 |
'cache_formats', 'create_manifest', 'disable_manifest', 'eapi', |
| 78 |
'eclass_db', 'eclass_locations', 'eclass_overrides', 'format', 'location', |
| 79 |
'main_repo', 'manifest_hashes', 'masters', 'missing_repo_name', |
| 80 |
- 'name', 'priority', 'sign_manifest', 'sync', 'thin_manifest', |
| 81 |
+ 'name', 'priority', 'sign_commit', 'sign_manifest', 'sync', 'thin_manifest', |
| 82 |
'update_changelog', 'user_location', 'portage1_profiles', |
| 83 |
'portage1_profiles_compat') |
| 84 |
|
| 85 |
@@ -117,6 +117,9 @@ class RepoConfig(object): |
| 86 |
self.eapi = eapi |
| 87 |
self.name = name |
| 88 |
self.missing_repo_name = missing |
| 89 |
+ # sign_commit is disabled by default, since it requires Git >=1.7.9, |
| 90 |
+ # and key_id configured by `git config user.signingkey key_id` |
| 91 |
+ self.sign_commit = False |
| 92 |
self.sign_manifest = True |
| 93 |
self.thin_manifest = False |
| 94 |
self.allow_missing_manifest = False |
| 95 |
@@ -148,7 +151,7 @@ class RepoConfig(object): |
| 96 |
|
| 97 |
for value in ('allow-missing-manifest', 'cache-formats', |
| 98 |
'create-manifest', 'disable-manifest', 'manifest-hashes', |
| 99 |
- 'sign-manifest', 'thin-manifest', 'update-changelog'): |
| 100 |
+ 'sign-commit', 'sign-manifest', 'thin-manifest', 'update-changelog'): |
| 101 |
setattr(self, value.lower().replace("-", "_"), layout_data[value]) |
| 102 |
|
| 103 |
self.portage1_profiles = any(x.startswith("portage-1") \ |
| 104 |
@@ -688,6 +691,9 @@ def parse_layout_conf(repo_location, repo_name=None): |
| 105 |
data['masters'] = masters |
| 106 |
data['aliases'] = tuple(layout_data.get('aliases', '').split()) |
| 107 |
|
| 108 |
+ data['sign-commit'] = layout_data.get('sign-commits', 'false').lower() \ |
| 109 |
+ == 'true' |
| 110 |
+ |
| 111 |
data['sign-manifest'] = layout_data.get('sign-manifests', 'true').lower() \ |
| 112 |
== 'true' |
Archives