diff options
| author | Alexander Larsson <alexl@redhat.com> | 2016-04-13 10:08:59 +0200 |
|---|---|---|
| committer | Alexander Larsson <alexl@redhat.com> | 2016-04-13 10:08:59 +0200 |
| commit | eb3a0df75c869745232daee29e50f9bb0713a5ee (patch) | |
| tree | 5dd027772c95e4e911265d3df72140b74cb93780 | |
| parent | 51781b50d27bed289553b4e562dee41ada9c36b0 (diff) | |
| download | xdg-app-eb3a0df75c869745232daee29e50f9bb0713a5ee.tar.gz | |
Add xdg-app build-sign to sign a single commit
| -rw-r--r-- | app/Makefile.am.inc | 1 | ||||
| -rw-r--r-- | app/xdg-app-builtins-build-sign.c | 117 | ||||
| -rw-r--r-- | app/xdg-app-builtins.h | 1 | ||||
| -rw-r--r-- | app/xdg-app-main.c | 1 | ||||
| -rw-r--r-- | doc/Makefile.am | 1 | ||||
| -rw-r--r-- | doc/xdg-app-build-export.xml | 1 | ||||
| -rw-r--r-- | doc/xdg-app-build-sign.xml | 154 | ||||
| -rw-r--r-- | doc/xdg-app.xml | 7 |
8 files changed, 283 insertions, 0 deletions
diff --git a/app/Makefile.am.inc b/app/Makefile.am.inc index 00e9d5d..146ef18 100644 --- a/app/Makefile.am.inc +++ b/app/Makefile.am.inc @@ -23,6 +23,7 @@ xdg_app_SOURCES = \ app/xdg-app-builtins-build-finish.c \ app/xdg-app-builtins-build-export.c \ app/xdg-app-builtins-build-bundle.c \ + app/xdg-app-builtins-build-sign.c \ app/xdg-app-builtins-repo-update.c \ app/xdg-app-builtins-document.c \ $(xdp_dbus_built_sources) \ diff --git a/app/xdg-app-builtins-build-sign.c b/app/xdg-app-builtins-build-sign.c new file mode 100644 index 0000000..e748e44 --- /dev/null +++ b/app/xdg-app-builtins-build-sign.c @@ -0,0 +1,117 @@ +/* + * Copyright © 2014 Red Hat, Inc + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see <http://www.gnu.org/licenses/>. + * + * Authors: + * Alexander Larsson <alexl@redhat.com> + */ + +#include "config.h" + +#include <locale.h> +#include <stdlib.h> +#include <unistd.h> +#include <string.h> + +#include "libgsystem.h" +#include "libglnx/libglnx.h" + +#include "xdg-app-builtins.h" +#include "xdg-app-utils.h" + +static char *opt_arch; +static gboolean opt_runtime; +static char **opt_gpg_key_ids; +static char *opt_gpg_homedir; + +static GOptionEntry options[] = { + { "arch", 0, 0, G_OPTION_ARG_STRING, &opt_arch, "Arch to install for", "ARCH" }, + { "runtime", 0, 0, G_OPTION_ARG_NONE, &opt_runtime, "Look for runtime with the specified name", }, + { "gpg-sign", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_gpg_key_ids, "GPG Key ID to sign the commit with", "KEY-ID"}, + { "gpg-homedir", 0, 0, G_OPTION_ARG_STRING, &opt_gpg_homedir, "GPG Homedir to use when looking for keyrings", "HOMEDIR"}, + { NULL } +}; + + +gboolean +xdg_app_builtin_build_sign (int argc, char **argv, GCancellable *cancellable, GError **error) +{ + g_autoptr(GOptionContext) context = NULL; + g_autoptr(GFile) repofile = NULL; + g_autoptr(OstreeRepo) repo = NULL; + const char *location; + const char *branch; + const char *id; + g_autofree char *commit_checksum = NULL; + g_autofree char *ref = NULL; + char **iter; + + context = g_option_context_new ("LOCATION ID [BRANCH] - Create a repository from a build directory"); + + if (!xdg_app_option_context_parse (context, options, &argc, &argv, XDG_APP_BUILTIN_FLAG_NO_DIR, NULL, cancellable, error)) + return FALSE; + + if (argc < 3) + { + usage_error (context, "LOCATION and DIRECTORY must be specified", error); + return FALSE; + } + + location = argv[1]; + id = argv[2]; + + if (argc >= 4) + branch = argv[3]; + else + branch = "master"; + + if (!xdg_app_is_valid_name (id)) + return xdg_app_fail (error, "'%s' is not a valid name", id); + + if (!xdg_app_is_valid_branch (branch)) + return xdg_app_fail (error, "'%s' is not a valid branch name", branch); + + if (opt_gpg_key_ids == NULL) + return xdg_app_fail (error, "No gpg key ids specified"); + + if (opt_runtime) + ref = xdg_app_build_runtime_ref (id, branch, opt_arch); + else + ref = xdg_app_build_app_ref (id, branch, opt_arch); + + repofile = g_file_new_for_commandline_arg (location); + repo = ostree_repo_new (repofile); + + if (!ostree_repo_open (repo, cancellable, error)) + return FALSE; + + if (!ostree_repo_resolve_rev (repo, ref, TRUE, &commit_checksum, error)) + return FALSE; + + for (iter = opt_gpg_key_ids; iter && *iter; iter++) + { + const char *keyid = *iter; + + if (!ostree_repo_sign_commit (repo, + commit_checksum, + keyid, + opt_gpg_homedir, + cancellable, + error)) + return FALSE; + } + + return TRUE; +} diff --git a/app/xdg-app-builtins.h b/app/xdg-app-builtins.h index 5e022aa..c71253e 100644 --- a/app/xdg-app-builtins.h +++ b/app/xdg-app-builtins.h @@ -65,6 +65,7 @@ BUILTINPROTO(enter); BUILTINPROTO(build_init); BUILTINPROTO(build); BUILTINPROTO(build_finish); +BUILTINPROTO(build_sign); BUILTINPROTO(build_export); BUILTINPROTO(build_bundle); BUILTINPROTO(build_update_repo); diff --git a/app/xdg-app-main.c b/app/xdg-app-main.c index 2c59406..87edbfb 100644 --- a/app/xdg-app-main.c +++ b/app/xdg-app-main.c @@ -70,6 +70,7 @@ static XdgAppCommand commands[] = { { "build-finish", xdg_app_builtin_build_finish, "Finish a build dir for export" }, { "build-export", xdg_app_builtin_build_export, "Export a build dir to a repository" }, { "build-bundle", xdg_app_builtin_build_bundle, "Create a bundle file from a build directory" }, + { "build-sign", xdg_app_builtin_build_sign, "Sign an application or runtime" }, { "build-update-repo", xdg_app_builtin_build_update_repo, "Update the summary file in a repository" }, /* Deprecated old names */ diff --git a/doc/Makefile.am b/doc/Makefile.am index 01f84be..fa641ea 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -37,6 +37,7 @@ man_MANS = \ xdg-app-build-finish.1 \ xdg-app-build-export.1 \ xdg-app-build-update-repo.1 \ + xdg-app-build-sign.1 \ xdg-app-builder.1 \ $(NULL) diff --git a/doc/xdg-app-build-export.xml b/doc/xdg-app-build-export.xml index 02f0543..155d014 100644 --- a/doc/xdg-app-build-export.xml +++ b/doc/xdg-app-build-export.xml @@ -215,6 +215,7 @@ Content Bytes Written: 305 <citerefentry><refentrytitle>xdg-app-build-init</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>xdg-app-build</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>xdg-app-build-finish</refentrytitle><manvolnum>1</manvolnum></citerefentry> + <citerefentry><refentrytitle>xdg-app-build-sign</refentrytitle><manvolnum>1</manvolnum></citerefentry> <citerefentry><refentrytitle>xdg-app-repo-update</refentrytitle><manvolnum>1</manvolnum></citerefentry> </para> diff --git a/doc/xdg-app-build-sign.xml b/doc/xdg-app-build-sign.xml new file mode 100644 index 0000000..4a6a5e3 --- /dev/null +++ b/doc/xdg-app-build-sign.xml @@ -0,0 +1,154 @@ +<?xml version='1.0'?> <!--*-nxml-*--> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> + +<refentry id="xdg-app-build-export"> + + <refentryinfo> + <title>xdg-app build-sign</title> + <productname>xdg-app</productname> + + <authorgroup> + <author> + <contrib>Developer</contrib> + <firstname>Alexander</firstname> + <surname>Larsson</surname> + <email>alexl@redhat.com</email> + </author> + </authorgroup> + </refentryinfo> + + <refmeta> + <refentrytitle>xdg-app build-sign</refentrytitle> + <manvolnum>1</manvolnum> + </refmeta> + + <refnamediv> + <refname>xdg-app-build-sign</refname> + <refpurpose>Sign an application or runtime</refpurpose> + </refnamediv> + + <refsynopsisdiv> + <cmdsynopsis> + <command>xdg-app build-sign</command> + <arg choice="opt" rep="repeat">OPTION</arg> + <arg choice="plain">LOCATION</arg> + <arg choice="plain">ID</arg> + <arg choice="opt">BRANCH</arg> + </cmdsynopsis> + </refsynopsisdiv> + + <refsect1> + <title>Description</title> + + <para> + Signs the commit for a speficied application or runtime in + a local repository. <arg choice="plain">LOCATION</arg> is + the location of the repository. <arg + choice="plain">ID</arg> is the name of the application, or + runtime if --runtime is specified. If <arg + choice="plain">BRANCH</arg> is not specified, it is + assumed to be "master". + </para> + <para> + Applications can also be signed during build-export, but + it is sometimes useful to add additionaly signatures later. + </para> + </refsect1> + + <refsect1> + <title>Options</title> + + <para>The following options are understood:</para> + + <variablelist> + <varlistentry> + <term><option>-h</option></term> + <term><option>--help</option></term> + + <listitem><para> + Show help options and exit. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><option>--gpg-sign=KEYID</option></term> + + <listitem><para> + Sign the commit with this GPG key + </para></listitem> + </varlistentry> + + <varlistentry> + <term><option>--gpg-homedir=PATH</option></term> + + <listitem><para> + GPG Homedir to use when looking for keyrings + </para></listitem> + </varlistentry> + + <varlistentry> + <term><option>--runtime</option></term> + + <listitem><para> + Sign a runtime instead of an app. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><option>--arch=ARCH</option></term> + + <listitem><para> + The architecture to use. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><option>-v</option></term> + <term><option>--verbose</option></term> + + <listitem><para> + Print debug information during command processing. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><option>--version</option></term> + + <listitem><para> + Print version information and exit. + </para></listitem> + </varlistentry> + </variablelist> + </refsect1> + + <refsect1> + <title>Examples</title> + + <para> + <command>$ xdg-app build-export ~/repos/gnome-calculator/ ~/build/gnome-calculator/ org.gnome.Calculator</command> + </para> +<programlisting> +Commit: 9d0044ea480297114d03aec85c3d7ae3779438f9d2cb69d717fb54237acacb8c +Metadata Total: 605 +Metadata Written: 5 +Content Total: 1174 +Content Written: 1 +Content Bytes Written: 305 +</programlisting> + + </refsect1> + + <refsect1> + <title>See also</title> + + <para> + <citerefentry><refentrytitle>ostree</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + <citerefentry><refentrytitle>xdg-app</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + <citerefentry><refentrytitle>xdg-app-build-export</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + <citerefentry><refentrytitle>xdg-app-build</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + </para> + + </refsect1> + +</refentry> diff --git a/doc/xdg-app.xml b/doc/xdg-app.xml index 48df894..d48613f 100644 --- a/doc/xdg-app.xml +++ b/doc/xdg-app.xml @@ -262,6 +262,13 @@ Update the summary file in a repository. </para></listitem> </varlistentry> + <varlistentry> + <term><citerefentry><refentrytitle>xdg-app-build-sign</refentrytitle><manvolnum>1</manvolnum></citerefentry></term> + + <listitem><para> + Sign an application or runtime after its been exported. + </para></listitem> + </varlistentry> </variablelist> </refsect1> |