Add xdg-app build-sign to sign a single commit

tingping/wmclass
Alexander Larsson 2016-04-13 10:08:59 +02:00
parent 51781b50d2
commit eb3a0df75c
8 changed files with 283 additions and 0 deletions

View File

@ -23,6 +23,7 @@ xdg_app_SOURCES = \
app/xdg-app-builtins-build-finish.c \
app/xdg-app-builtins-build-export.c \
app/xdg-app-builtins-build-bundle.c \
app/xdg-app-builtins-build-sign.c \
app/xdg-app-builtins-repo-update.c \
app/xdg-app-builtins-document.c \
$(xdp_dbus_built_sources) \

View File

@ -0,0 +1,117 @@
/*
* Copyright © 2014 Red Hat, Inc
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
* Authors:
* Alexander Larsson <alexl@redhat.com>
*/
#include "config.h"
#include <locale.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include "libgsystem.h"
#include "libglnx/libglnx.h"
#include "xdg-app-builtins.h"
#include "xdg-app-utils.h"
static char *opt_arch;
static gboolean opt_runtime;
static char **opt_gpg_key_ids;
static char *opt_gpg_homedir;
static GOptionEntry options[] = {
{ "arch", 0, 0, G_OPTION_ARG_STRING, &opt_arch, "Arch to install for", "ARCH" },
{ "runtime", 0, 0, G_OPTION_ARG_NONE, &opt_runtime, "Look for runtime with the specified name", },
{ "gpg-sign", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_gpg_key_ids, "GPG Key ID to sign the commit with", "KEY-ID"},
{ "gpg-homedir", 0, 0, G_OPTION_ARG_STRING, &opt_gpg_homedir, "GPG Homedir to use when looking for keyrings", "HOMEDIR"},
{ NULL }
};
gboolean
xdg_app_builtin_build_sign (int argc, char **argv, GCancellable *cancellable, GError **error)
{
g_autoptr(GOptionContext) context = NULL;
g_autoptr(GFile) repofile = NULL;
g_autoptr(OstreeRepo) repo = NULL;
const char *location;
const char *branch;
const char *id;
g_autofree char *commit_checksum = NULL;
g_autofree char *ref = NULL;
char **iter;
context = g_option_context_new ("LOCATION ID [BRANCH] - Create a repository from a build directory");
if (!xdg_app_option_context_parse (context, options, &argc, &argv, XDG_APP_BUILTIN_FLAG_NO_DIR, NULL, cancellable, error))
return FALSE;
if (argc < 3)
{
usage_error (context, "LOCATION and DIRECTORY must be specified", error);
return FALSE;
}
location = argv[1];
id = argv[2];
if (argc >= 4)
branch = argv[3];
else
branch = "master";
if (!xdg_app_is_valid_name (id))
return xdg_app_fail (error, "'%s' is not a valid name", id);
if (!xdg_app_is_valid_branch (branch))
return xdg_app_fail (error, "'%s' is not a valid branch name", branch);
if (opt_gpg_key_ids == NULL)
return xdg_app_fail (error, "No gpg key ids specified");
if (opt_runtime)
ref = xdg_app_build_runtime_ref (id, branch, opt_arch);
else
ref = xdg_app_build_app_ref (id, branch, opt_arch);
repofile = g_file_new_for_commandline_arg (location);
repo = ostree_repo_new (repofile);
if (!ostree_repo_open (repo, cancellable, error))
return FALSE;
if (!ostree_repo_resolve_rev (repo, ref, TRUE, &commit_checksum, error))
return FALSE;
for (iter = opt_gpg_key_ids; iter && *iter; iter++)
{
const char *keyid = *iter;
if (!ostree_repo_sign_commit (repo,
commit_checksum,
keyid,
opt_gpg_homedir,
cancellable,
error))
return FALSE;
}
return TRUE;
}

View File

@ -65,6 +65,7 @@ BUILTINPROTO(enter);
BUILTINPROTO(build_init);
BUILTINPROTO(build);
BUILTINPROTO(build_finish);
BUILTINPROTO(build_sign);
BUILTINPROTO(build_export);
BUILTINPROTO(build_bundle);
BUILTINPROTO(build_update_repo);

View File

@ -70,6 +70,7 @@ static XdgAppCommand commands[] = {
{ "build-finish", xdg_app_builtin_build_finish, "Finish a build dir for export" },
{ "build-export", xdg_app_builtin_build_export, "Export a build dir to a repository" },
{ "build-bundle", xdg_app_builtin_build_bundle, "Create a bundle file from a build directory" },
{ "build-sign", xdg_app_builtin_build_sign, "Sign an application or runtime" },
{ "build-update-repo", xdg_app_builtin_build_update_repo, "Update the summary file in a repository" },
/* Deprecated old names */

View File

@ -37,6 +37,7 @@ man_MANS = \
xdg-app-build-finish.1 \
xdg-app-build-export.1 \
xdg-app-build-update-repo.1 \
xdg-app-build-sign.1 \
xdg-app-builder.1 \
$(NULL)

View File

@ -215,6 +215,7 @@ Content Bytes Written: 305
<citerefentry><refentrytitle>xdg-app-build-init</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>xdg-app-build</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>xdg-app-build-finish</refentrytitle><manvolnum>1</manvolnum></citerefentry>
<citerefentry><refentrytitle>xdg-app-build-sign</refentrytitle><manvolnum>1</manvolnum></citerefentry>
<citerefentry><refentrytitle>xdg-app-repo-update</refentrytitle><manvolnum>1</manvolnum></citerefentry>
</para>

View File

@ -0,0 +1,154 @@
<?xml version='1.0'?> <!--*-nxml-*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<refentry id="xdg-app-build-export">
<refentryinfo>
<title>xdg-app build-sign</title>
<productname>xdg-app</productname>
<authorgroup>
<author>
<contrib>Developer</contrib>
<firstname>Alexander</firstname>
<surname>Larsson</surname>
<email>alexl@redhat.com</email>
</author>
</authorgroup>
</refentryinfo>
<refmeta>
<refentrytitle>xdg-app build-sign</refentrytitle>
<manvolnum>1</manvolnum>
</refmeta>
<refnamediv>
<refname>xdg-app-build-sign</refname>
<refpurpose>Sign an application or runtime</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>xdg-app build-sign</command>
<arg choice="opt" rep="repeat">OPTION</arg>
<arg choice="plain">LOCATION</arg>
<arg choice="plain">ID</arg>
<arg choice="opt">BRANCH</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para>
Signs the commit for a speficied application or runtime in
a local repository. <arg choice="plain">LOCATION</arg> is
the location of the repository. <arg
choice="plain">ID</arg> is the name of the application, or
runtime if --runtime is specified. If <arg
choice="plain">BRANCH</arg> is not specified, it is
assumed to be "master".
</para>
<para>
Applications can also be signed during build-export, but
it is sometimes useful to add additionaly signatures later.
</para>
</refsect1>
<refsect1>
<title>Options</title>
<para>The following options are understood:</para>
<variablelist>
<varlistentry>
<term><option>-h</option></term>
<term><option>--help</option></term>
<listitem><para>
Show help options and exit.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--gpg-sign=KEYID</option></term>
<listitem><para>
Sign the commit with this GPG key
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--gpg-homedir=PATH</option></term>
<listitem><para>
GPG Homedir to use when looking for keyrings
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--runtime</option></term>
<listitem><para>
Sign a runtime instead of an app.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--arch=ARCH</option></term>
<listitem><para>
The architecture to use.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>-v</option></term>
<term><option>--verbose</option></term>
<listitem><para>
Print debug information during command processing.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--version</option></term>
<listitem><para>
Print version information and exit.
</para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>Examples</title>
<para>
<command>$ xdg-app build-export ~/repos/gnome-calculator/ ~/build/gnome-calculator/ org.gnome.Calculator</command>
</para>
<programlisting>
Commit: 9d0044ea480297114d03aec85c3d7ae3779438f9d2cb69d717fb54237acacb8c
Metadata Total: 605
Metadata Written: 5
Content Total: 1174
Content Written: 1
Content Bytes Written: 305
</programlisting>
</refsect1>
<refsect1>
<title>See also</title>
<para>
<citerefentry><refentrytitle>ostree</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>xdg-app</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>xdg-app-build-export</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>xdg-app-build</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
</para>
</refsect1>
</refentry>

View File

@ -262,6 +262,13 @@
Update the summary file in a repository.
</para></listitem>
</varlistentry>
<varlistentry>
<term><citerefentry><refentrytitle>xdg-app-build-sign</refentrytitle><manvolnum>1</manvolnum></citerefentry></term>
<listitem><para>
Sign an application or runtime after its been exported.
</para></listitem>
</varlistentry>
</variablelist>
</refsect1>