Merge pull request #2208 from cruessler/add-commit-signing

Add `gix commit sign`

Author: Byron

gitoxide-core/src/repository/commit.rs

@@ -1,6 +1,14 @@
-use std::{io::Write, process::Stdio};
+use std::{
+    borrow::Cow,
+    io::{Read, Write},
+    process::Stdio,
+};
 
 use anyhow::{anyhow, bail, Context, Result};
+use gix::{
+    bstr::{BStr, BString},
+    objs::commit::SIGNATURE_FIELD_NAME,
+};
 
 /// Note that this is a quick implementation of commit signature verification that ignores a lot of what
 /// git does and can do, while focussing on the gist of it.
@@ -39,6 +47,51 @@ pub fn verify(repo: gix::Repository, rev_spec: Option<&str>) -> Result<()> {
     Ok(())
 }
 
+/// Note that this is a quick first prototype that lacks some of the features provided by `git verify-commit`.
+pub fn sign(repo: gix::Repository, rev_spec: Option<&str>, mut out: impl std::io::Write) -> Result<()> {
+    let rev_spec = rev_spec.unwrap_or("HEAD");
+    let object = repo
+        .rev_parse_single(format!("{rev_spec}^{{commit}}").as_str())?
+        .object()?;
+    let mut commit_ref = object.to_commit_ref();
+    if commit_ref.extra_headers().pgp_signature().is_some() {
+        gix::trace::info!("The commit {id} is already signed, did nothing", id = object.id);
+        writeln!(out, "{id}", id = object.id)?;
+        return Ok(());
+    }
+
+    let mut cmd: std::process::Command = gix::command::prepare("gpg").into();
+    cmd.args([
+        "--keyid-format=long",
+        "--status-fd=2",
+        "--detach-sign",
+        "--sign",
+        "--armor",
+    ])
+    .stdin(Stdio::piped())
+    .stdout(Stdio::piped());
+
+    gix::trace::debug!("About to execute {cmd:?}");
+    let mut child = cmd.spawn()?;
+    child.stdin.take().expect("to be present").write_all(&object.data)?;
+
+    if !child.wait()?.success() {
+        bail!("Command {cmd:?} failed");
+    }
+
+    let mut signed_data = Vec::new();
+    child.stdout.expect("to be present").read_to_end(&mut signed_data)?;
+
+    commit_ref
+        .extra_headers
+        .push((BStr::new(SIGNATURE_FIELD_NAME), Cow::Owned(BString::new(signed_data))));
+
+    let signed_id = repo.write_object(&commit_ref)?;
+    writeln!(&mut out, "{signed_id}")?;
+
+    Ok(())
+}
+
 pub fn describe(
     mut repo: gix::Repository,
     rev_spec: Option<&str>,

gix-object/src/commit/ref_iter.rs

@@ -11,9 +11,8 @@ use winnow::{
 
 use crate::{
     bstr::ByteSlice,
-    commit::{decode, SignedData},
-    parse,
-    parse::NL,
+    commit::{decode, SignedData, SIGNATURE_FIELD_NAME},
+    parse::{self, NL},
     CommitRefIter,
 };
 
@@ -65,7 +64,7 @@ impl<'a> CommitRefIter<'a> {
         for token in raw_tokens {
             let token = token?;
             if let Token::ExtraHeader((name, value)) = &token.token {
-                if *name == "gpgsig" {
+                if *name == SIGNATURE_FIELD_NAME {
                     // keep track of the signature range alongside the signature data,
                     // because all but the signature is the signed data.
                     signature_and_range = Some((value.clone(), token.token_range));

src/plumbing/main.rs

@@ -1287,6 +1287,17 @@ pub fn main() -> Result<()> {
                     core::repository::commit::verify(repository(Mode::Lenient)?, rev_spec.as_deref())
                 },
             ),
+            commit::Subcommands::Sign { rev_spec } => prepare_and_run(
+                "commit-sign",
+                trace,
+                auto_verbose,
+                progress,
+                progress_keep_open,
+                None,
+                move |_progress, out, _err| {
+                    core::repository::commit::sign(repository(Mode::Lenient)?, rev_spec.as_deref(), out)
+                },
+            ),
             commit::Subcommands::Describe {
                 annotated_tags,
                 all_refs,

src/plumbing/options/mod.rs

@@ -912,6 +912,13 @@ pub mod commit {
             /// A specification of the revision to verify, or the current `HEAD` if unset.
             rev_spec: Option<String>,
         },
+        /// Sign a commit and print the signed commit's id to stdout.
+        ///
+        /// This command does not change symbolic refs.
+        Sign {
+            /// A specification of the revision to sign, or the current `HEAD` if unset.
+            rev_spec: Option<String>,
+        },
         /// Describe the current commit or the given one using the name of the closest annotated tag in its ancestry.
         Describe {
             /// Use annotated tag references only, not all tags.