dn42
/
registry
mirror of https://git.dn42.dev/dn42/registry.git
1
Fork 0
Code Releases Activity

Update .drone.yml and sign-my-commit script ahead of pipeline updates.

This commit is contained in:
Simon Marsh 2021-07-10 15:08:27 +01:00
parent e415f7146c
commit 659469c1b8
No known key found for this signature in database
GPG Key ID: 0FCCD13AE1CF7ED8
2 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.drone.yml
View File

@ -10,7 +10,7 @@ steps:
SQUASHBOT_TOKEN: SQUASHBOT_TOKEN:
from_secret: SQUASHBOT_TOKEN from_secret: SQUASHBOT_TOKEN
commands: commands:
- /scripts/squashbot - /scripts/wrapper
trigger: trigger:
event: event:

16
sign-my-commit
View File

@ -20,6 +20,7 @@ usage()
echo ' --ssh, sign using your ssh key' echo ' --ssh, sign using your ssh key'
echo ' --push, force push result' echo ' --push, force push result'
echo ' --verify, check existing signature is correct' echo ' --verify, check existing signature is correct'
echo ' --commit, verify this specific commit'
echo ' --help, display this message' echo ' --help, display this message'
echo 'SSH specific options:' echo 'SSH specific options:'
echo ' --key, (required for signing) specify SSH private key file to use' echo ' --key, (required for signing) specify SSH private key file to use'
@ -33,6 +34,7 @@ AUTH_METHOD=''
MNTNER='' MNTNER=''
SSH_KEYFILE='' SSH_KEYFILE=''
VERIFY_ONLY=0 VERIFY_ONLY=0
COMMIT_SHA=''
########################################################################## ##########################################################################
# parse arguments # parse arguments
@ -57,6 +59,10 @@ do
--verify) --verify)
VERIFY_ONLY=1 VERIFY_ONLY=1
;; ;;
--commit)
shift
COMMIT_SHA="$1"
;;
--help) --help)
usage usage
exit 0 exit 0
@ -85,7 +91,7 @@ if [ "$VERIFY_ONLY" -eq 1 ]
then then
if [ -z "$MNTNER" ] if [ -z "$MNTNER" ]
then then
MNTNER=$(git log -n 1 --format=format:%B | \ MNTNER=$(git log ${COMMIT_SHA} -n 1 --format=format:%B | \
grep '^### mntner:' | \ grep '^### mntner:' | \
cut -d':' -f2 | tr -d ' ') cut -d':' -f2 | tr -d ' ')
if [ -n "$MNTNER" ] if [ -n "$MNTNER" ]
@ -96,7 +102,7 @@ then
if [ -z "$AUTH_METHOD" ] if [ -z "$AUTH_METHOD" ]
then then
AUTH_METHOD=$(git log -n 1 --format=format:%B | \ AUTH_METHOD=$(git log ${COMMIT_SHA} -n 1 --format=format:%B | \
grep '^### method:' | \ grep '^### method:' | \
cut -d':' -f2 | tr -d ' ') cut -d':' -f2 | tr -d ' ')
if [ -n "$AUTH_METHOD" ] if [ -n "$AUTH_METHOD" ]
@ -234,7 +240,7 @@ verify_pgp()
echo "Verifying PGP signature" echo "Verifying PGP signature"
# find the current commit hash # find the current commit hash
hash=$(git log -n 1 --format=format:%H) hash=$(git log ${COMMIT_SHA} -n 1 --format=format:%H)
# requires git 2.5 # requires git 2.5
git verify-commit "$hash" git verify-commit "$hash"
@ -321,13 +327,13 @@ verify_ssh()
grep '^ssh-' | sed "s/^/${MNTNER} /" > "$afile" grep '^ssh-' | sed "s/^/${MNTNER} /" > "$afile"
# extract the signed text from the git comment # extract the signed text from the git comment
text=$(git log -n 1 --format=format:%B | grep '^### text:' | text=$(git log ${COMMIT_SHA} -n 1 --format=format:%B | grep '^### text:' |
cut -d':' -f2 | tr -d ' ') cut -d':' -f2 | tr -d ' ')
# extract the SSH signature from the comment # extract the SSH signature from the comment
begin="-----BEGIN SSH SIGNATURE-----" begin="-----BEGIN SSH SIGNATURE-----"
end="-----END SSH SIGNATURE-----" end="-----END SSH SIGNATURE-----"
git log -n 1 --format=format:%B | \ git log ${COMMIT_SHA} -n 1 --format=format:%B | \
sed "/^$begin\$/,/^$end\$/!d" > "$sfile" sed "/^$begin\$/,/^$end\$/!d" > "$sfile"
# and finally verify # and finally verify