comments, reorder functions

This commit is contained in:
Lance Vick 2020-12-03 02:32:11 -08:00
parent efe88005e9
commit 37520941a1
Signed by: lrvick
GPG Key ID: 8E47A1EC35A1551D
1 changed files with 38 additions and 29 deletions

67
sig
View File

@ -316,6 +316,7 @@ verify_git(){
fi fi
} }
## Get temporary dir reliably across different mktemp implementations
get_temp(){ get_temp(){
echo "$( echo "$(
mktemp \ mktemp \
@ -328,6 +329,8 @@ get_temp(){
)" )"
} }
## Verify specified branch and show diff between that and current HEAD
verify_git_diff(){ verify_git_diff(){
[ $# -eq 4 ] \ [ $# -eq 4 ] \
|| die "Usage: verify_git_diff <ref> <threshold> <group> <method>" || die "Usage: verify_git_diff <ref> <threshold> <group> <method>"
@ -352,6 +355,7 @@ verify_git_diff(){
set +x set +x
} }
## Verify current folder/repo with specified signing rules
verify(){ verify(){
[ $# -eq 3 ] || die "Usage: verify <threshold> <group> <method>" [ $# -eq 3 ] || die "Usage: verify <threshold> <group> <method>"
local -r threshold=${1} local -r threshold=${1}
@ -380,6 +384,40 @@ verify(){
fi fi
} }
## Add detached signature for contents of this folder
sign_detached(){
cmd_manifest
gpg --armor --detach-sig ."${PROGRAM}"/manifest.txt >/dev/null 2>&1
local -r fp=$( \
gpg --list-packets ."${PROGRAM}"/manifest.txt.asc \
| grep "issuer key ID" \
| sed 's/.*\([A-Z0-9]\{16\}\).*/\1/g' \
)
mv ."${PROGRAM}"/manifest.{"txt.asc","${fp}.asc"}
}
## Add signed tag pointing at this commit.
## Optionally push to origin.
sign_tag(){
[ -d '.git' ] \
|| die "Not a git repository"
command -v git >/dev/null \
|| die "Git not installed"
git config --get user.signingKey >/dev/null \
|| die "Git user.signingKey not set"
local -r push="${1}"
local -r short_hash=$(git rev-parse --short HEAD)
local -r signing_fp=$( \
git config --get user.signingKey \
| sed 's/.*\([A-Z0-9]\{16\}\).*/\1/g' \
)
local -r name="sig-${short_hash}-${signing_fp}"
git tag -fsm "$name" "$name"
[[ $push -eq 1 ]] && git push --tags
}
## Public Commands ## Public Commands
cmd_manifest() { cmd_manifest() {
@ -455,35 +493,6 @@ cmd_fetch() {
done done
} }
sign_detached(){
cmd_manifest
gpg --armor --detach-sig ."${PROGRAM}"/manifest.txt >/dev/null 2>&1
local -r fp=$( \
gpg --list-packets ."${PROGRAM}"/manifest.txt.asc \
| grep "issuer key ID" \
| sed 's/.*\([A-Z0-9]\{16\}\).*/\1/g' \
)
mv ."${PROGRAM}"/manifest.{"txt.asc","${fp}.asc"}
}
sign_tag(){
[ -d '.git' ] \
|| die "Not a git repository"
command -v git >/dev/null \
|| die "Git not installed"
git config --get user.signingKey >/dev/null \
|| die "Git user.signingKey not set"
local -r push="${1}"
local -r short_hash=$(git rev-parse --short HEAD)
local -r signing_fp=$( \
git config --get user.signingKey \
| sed 's/.*\([A-Z0-9]\{16\}\).*/\1/g' \
)
local -r name="sig-${short_hash}-${signing_fp}"
git tag -fsm "$name" "$name"
[[ $push -eq 1 ]] && git push --tags
}
cmd_add(){ cmd_add(){
local opts method="default" push=0 local opts method="default" push=0
local -r args="$@" local -r args="$@"