Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] Support GPG-signing commits #966

Draft
wants to merge 3 commits into
base: master
Choose a base branch
from
Draft

[WIP] Support GPG-signing commits #966

wants to merge 3 commits into from

Conversation

tommyip
Copy link

@tommyip tommyip commented Jun 14, 2023
edited
Loading

This is a work in progress, just wanted to publish it early to gather some feedback.

TODO:

  • git record (calls git commit directly so signing already works in master, added new flags to override keyid or disable signing)
  • git amend
  • git move
    • in-memory
    • on-disk
  • git sync
  • git restack
  • git reword
  • git test
    git branchless snapshot create

Also looking in ways to write integration tests for this. Generating keys through gpg and using them in tests seems a bit cumbersome.

Fixes #465

@arxanas
Copy link
Owner

arxanas commented Jun 19, 2023

Thanks for looking into it!

git branchless snapshot create

We shouldn't need/want to sign snapshot commits (although you can if it's easier). These are just meant to store the working copy state to either attach to a real commit later (which would be signed at that time) or to restore the working copy state (which doesn't need to be signed).

Also looking in ways to write integration tests for this. Generating keys through gpg and using them in tests seems a bit cumbersome.

Would you be able to generate a single key ahead of time and commit it to the repo? Although I don't know if that would remove the dependency on gpg at test-time.

arxanas
arxanas reviewed Jun 19, 2023
View reviewed changes
git-branchless-lib/src/git/sign.rs Outdated
(_, Some("") | None) => {
let signer = git2_ext::ops::UserSign::from_config(&repo.inner, &config)
.map_err(RepoError::ReadConfig)?;
Box::new(signer) as Box<dyn git2_ext::ops::Sign>
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Most likely you can ignore the warning about

using a potentially dangerous silent `as` conversion

here. That's meant for numeric types (like u32 <-> u64), but it looks like git2_ext::ops::Sign is not a numeric type, so I don't know why the warning is triggereing here.

@Abhijay
Copy link

Abhijay commented Feb 18, 2025

@arxanas @tommyip Has this been abandoned? I would like to pick this up and finish this PR.

For anyone else looking into this, here's a utility script I have under git sign-branch to fix any unsigned commits from git restack:

#!/bin/bash

# Default parent branch
PARENT_BRANCH="main"

# Parse options
while getopts "p:" opt; do
  case $opt in
    p)
      PARENT_BRANCH=$OPTARG
      ;;
    *)
      echo "Usage: git sign-branch [-p parent_branch]"
      exit 1
      ;;
  esac
done

# Retrieve the current branch name
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD)

# Find the base commit
BASE_COMMIT=$(git merge-base "$CURRENT_BRANCH" "$PARENT_BRANCH")

# Rebase and sign commits
git rebase -i "$BASE_COMMIT" --exec "git commit --amend -S --no-edit"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arxanas arxanas arxanas left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support GPG-signing commits
3 participants
@tommyip @arxanas @Abhijay