From 025c7c4b8e0b7aa3ba3ff8c077c5fbef3c8fa63d Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kitenet.net>
Date: Wed, 19 Nov 2014 21:00:14 -0400
Subject: avoid double-build in --spin

It was fetching from the central repo, then building that, and then running
the client-to-client git update, and the building after that.

Remove the first build, as all that linking does take time.
---
 src/Propellor/Git.hs | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'src/Propellor/Git.hs')

diff --git a/src/Propellor/Git.hs b/src/Propellor/Git.hs
index 51ed3df2..88d5c3ab 100644
--- a/src/Propellor/Git.hs
+++ b/src/Propellor/Git.hs
@@ -62,3 +62,25 @@ verifyOriginBranch originbranch = do
 	nukeFile $ privDataDir </> "pubring.gpg"
 	nukeFile $ privDataDir </> "gpg.conf"
 	return (s == "U\n" || s == "G\n")
+
+-- Returns True if HEAD is changed by fetching and merging from origin.
+fetchOrigin :: IO Bool
+fetchOrigin = do
+	branchref <- getCurrentBranch
+	let originbranch = "origin" </> branchref
+
+	void $ actionMessage "Git fetch" $ boolSystem "git" [Param "fetch"]
+	
+	oldsha <- getCurrentGitSha1 branchref
+	
+	whenM (doesFileExist keyring) $
+		ifM (verifyOriginBranch originbranch)
+			( do
+				putStrLn $ "git branch " ++ originbranch ++ " gpg signature verified; merging"
+				hFlush stdout
+				void $ boolSystem "git" [Param "merge", Param originbranch]
+			, warningMessage $ "git branch " ++ originbranch ++ " is not signed with a trusted gpg key; refusing to deploy it! (Running with previous configuration instead.)"
+			)
+	
+	newsha <- getCurrentGitSha1 branchref
+	return $ oldsha /= newsha
-- 
cgit v1.3-2-g0d8e