diff options
| author | Joey Hess <joey@kitenet.net> | 2014-11-20 00:58:51 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2014-11-20 00:58:51 -0400 |
| commit | 02b8b2dec7c767ba3b7154e424b9c11e6a8d544f (patch) | |
| tree | 84f8394029d0b17de94a47ea59dd29b70d5bab38 /src/Propellor/Git.hs | |
| parent | f1b2df601e0eb2fdd5dbc3bc72df0f0493230046 (diff) | |
| parent | 0d4dd37ee769a6ef1bc80507c8ee8a4b9e882856 (diff) | |
Merge branch 'joeyconfig'
Diffstat (limited to 'src/Propellor/Git.hs')
| -rw-r--r-- | src/Propellor/Git.hs | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/src/Propellor/Git.hs b/src/Propellor/Git.hs index 51ed3df2..73de1def 100644 --- a/src/Propellor/Git.hs +++ b/src/Propellor/Git.hs @@ -62,3 +62,26 @@ verifyOriginBranch originbranch = do nukeFile $ privDataDir </> "pubring.gpg" nukeFile $ privDataDir </> "gpg.conf" return (s == "U\n" || s == "G\n") + +-- Returns True if HEAD is changed by fetching and merging from origin. +fetchOrigin :: IO Bool +fetchOrigin = do + branchref <- getCurrentBranch + let originbranch = "origin" </> branchref + + void $ actionMessage "Pull from central git repository" $ + boolSystem "git" [Param "fetch"] + + oldsha <- getCurrentGitSha1 branchref + + whenM (doesFileExist keyring) $ + ifM (verifyOriginBranch originbranch) + ( do + putStrLn $ "git branch " ++ originbranch ++ " gpg signature verified; merging" + hFlush stdout + void $ boolSystem "git" [Param "merge", Param originbranch] + , warningMessage $ "git branch " ++ originbranch ++ " is not signed with a trusted gpg key; refusing to deploy it! (Running with previous configuration instead.)" + ) + + newsha <- getCurrentGitSha1 branchref + return $ oldsha /= newsha |