split out gpg keyring related stuff

author: Joey Hess <joey@kitenet.net> 2014-11-11 12:32:17 -0400
committer: Joey Hess <joey@kitenet.net> 2014-11-11 12:32:17 -0400
commit: 347c02a38e120c973445195b86339ca358a0b50a (patch)
tree: 5fe08d5b7e4c3ca6fff25914dc8af65968fdc0e5 /src/Propellor/Keyring.hs
parent: bd856f7a04859f99c1074b1d2def889b632940d8 (diff)
1 files changed, 46 insertions, 0 deletions
diff --git a/src/Propellor/Keyring.hs b/src/Propellor/Keyring.hs
new file mode 100644
index 00000000..8a9c833c
--- /dev/null
+++ b/src/Propellor/Keyring.hs
@@ -0,0 +1,46 @@
+module Propellor.Keyring where
+
+import Propellor
+import Utility.SafeCommand
+
+addKey :: String -> IO ()
+addKey keyid = exitBool =<< allM id [ gpg, gitadd, gitconfig, gitcommit ]
+  where
+	gpg = do
+		createDirectoryIfMissing True privDataDir
+		boolSystem "sh"
+			[ Param "-c"
+			, Param $ "gpg --export " ++ keyid ++ " | gpg " ++
+				unwords (gpgopts ++ ["--import"])
+			]
+	gitadd = boolSystem "git"
+		[ Param "add"
+		, File keyring
+		]
+
+	gitconfig = boolSystem "git"
+		[ Param "config"
+		, Param "user.signingkey"
+		, Param keyid
+		]
+
+	gitcommit = gitCommit
+		[ File keyring
+		, Param "-m"
+		, Param "propellor addkey"
+		]
+
+{- Automatically sign the commit if there'a a keyring. -}
+gitCommit :: [CommandParam] -> IO Bool
+gitCommit ps = do
+	k <- doesFileExist keyring
+	boolSystem "git" $ catMaybes $
+		[ Just (Param "commit")
+		, if k then Just (Param "--gpg-sign") else Nothing
+		] ++ map Just ps
+
+keyring :: FilePath
+keyring = privDataDir </> "keyring.gpg"
+
+gpgopts :: [String]
+gpgopts = ["--options", "/dev/null", "--no-default-keyring", "--keyring", keyring]
author	Joey Hess <joey@kitenet.net>	2014-11-11 12:32:17 -0400
committer	Joey Hess <joey@kitenet.net>	2014-11-11 12:32:17 -0400
commit	347c02a38e120c973445195b86339ca358a0b50a (patch)
tree	5fe08d5b7e4c3ca6fff25914dc8af65968fdc0e5 /src/Propellor/Keyring.hs
parent	bd856f7a04859f99c1074b1d2def889b632940d8 (diff)