diff options
| author | Joey Hess <joeyh@joeyh.name> | 2016-01-03 16:56:00 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2016-01-03 16:56:00 -0400 |
| commit | f86804fa27a2cf5b1972b14ab41e81edb85ad661 (patch) | |
| tree | 11753dde33d0e6dd85feae84a727846fb6a3d088 /src/Propellor/Git/VerifiedBranch.hs | |
| parent | b13e3f8d55c1b74123186c3178922b0809367f76 (diff) | |
refactor into smaller modules to untangle git and gpg modules
Diffstat (limited to 'src/Propellor/Git/VerifiedBranch.hs')
| -rw-r--r-- | src/Propellor/Git/VerifiedBranch.hs | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/src/Propellor/Git/VerifiedBranch.hs b/src/Propellor/Git/VerifiedBranch.hs new file mode 100644 index 00000000..a39bc7e9 --- /dev/null +++ b/src/Propellor/Git/VerifiedBranch.hs @@ -0,0 +1,51 @@ +module Propellor.Git.VerifiedBranch where + +import Propellor.Base +import Propellor.Git +import Propellor.Gpg +import Propellor.PrivData.Paths +import Utility.FileMode + +{- To verify origin branch commit's signature, have to convince gpg + - to use our keyring. + - While running git log. Which has no way to pass options to gpg. + - Argh! + -} +verifyOriginBranch :: String -> IO Bool +verifyOriginBranch originbranch = do + let gpgconf = privDataDir </> "gpg.conf" + writeFile gpgconf $ unlines + [ " keyring " ++ keyring + , "no-auto-check-trustdb" + ] + -- gpg is picky about perms + modifyFileMode privDataDir (removeModes otherGroupModes) + s <- readProcessEnv "git" ["log", "-n", "1", "--format=%G?", originbranch] + (Just [("GNUPGHOME", privDataDir)]) + nukeFile $ privDataDir </> "trustdb.gpg" + nukeFile $ privDataDir </> "pubring.gpg" + nukeFile $ privDataDir </> "gpg.conf" + return (s == "U\n" || s == "G\n") + +-- Returns True if HEAD is changed by fetching and merging from origin. +fetchOrigin :: IO Bool +fetchOrigin = do + branchref <- getCurrentBranch + let originbranch = "origin" </> branchref + + void $ actionMessage "Pull from central git repository" $ + boolSystem "git" [Param "fetch"] + + oldsha <- getCurrentGitSha1 branchref + + whenM (doesFileExist keyring) $ + ifM (verifyOriginBranch originbranch) + ( do + putStrLn $ "git branch " ++ originbranch ++ " gpg signature verified; merging" + hFlush stdout + void $ boolSystem "git" [Param "merge", Param originbranch] + , warningMessage $ "git branch " ++ originbranch ++ " is not signed with a trusted gpg key; refusing to deploy it! (Running with previous configuration instead.)" + ) + + newsha <- getCurrentGitSha1 branchref + return $ oldsha /= newsha |