/brz/remove-bazaar

To get this branch, use:
bzr branch http://gegoxaren.bato24.eu/bzr/brz/remove-bazaar

« back to all changes in this revision

Viewing changes to bzrlib/sign_my_commits.py

  • Committer: John Arbash Meinel
  • Date: 2006-04-25 15:05:42 UTC
  • mfrom: (1185.85.85 bzr-encoding)
  • mto: This revision was merged to the branch mainline in revision 1752.
  • Revision ID: john@arbash-meinel.com-20060425150542-c7b518dca9928691
[merge] the old bzr-encoding changes, reparenting them on bzr.dev

Show diffs side-by-side

added added

removed removed

Lines of Context:
bzrlib/sign_my_commits.py
1
 
# Copyright (C) 2006, 2007, 2009, 2010, 2011 Canonical Ltd
2
 
#
 
1
# Copyright (C) 2005, 2006 Canonical Ltd
 
2
 
3
3
# This program is free software; you can redistribute it and/or modify
4
4
# it under the terms of the GNU General Public License as published by
5
5
# the Free Software Foundation; either version 2 of the License, or
6
6
# (at your option) any later version.
7
 
#
 
7
 
8
8
# This program is distributed in the hope that it will be useful,
9
9
# but WITHOUT ANY WARRANTY; without even the implied warranty of
10
10
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
11
11
# GNU General Public License for more details.
12
 
#
 
12
 
13
13
# You should have received a copy of the GNU General Public License
14
14
# along with this program; if not, write to the Free Software
15
 
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
16
 
 
17
 
"""Command that signs unsigned commits by the current user. """
18
 
 
19
 
from __future__ import absolute_import
20
 
 
21
 
from . import (
22
 
    controldir,
23
 
    errors,
24
 
    gpg,
25
 
    repository as _mod_repository,
26
 
    revision as _mod_revision,
27
 
    )
28
 
from .commands import Command
29
 
from .option import Option
30
 
from .i18n import gettext, ngettext
31
 
from .sixish import text_type
 
15
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 
16
"""Command which looks for unsigned commits by the current user, and signs them.
 
17
"""
 
18
 
 
19
from bzrlib.commands import Command
 
20
import bzrlib.config
 
21
import bzrlib.errors as errors
 
22
import bzrlib.gpg
 
23
from bzrlib.option import Option
32
24
 
33
25
 
34
26
class cmd_sign_my_commits(Command):
35
 
    __doc__ = """Sign all commits by a given committer.
 
27
    """Sign all commits by a given committer.
36
28
 
37
29
    If location is not specified the local tree is used.
38
30
    If committer is not specified the default committer is used.
39
31
 
40
32
    This does not sign commits that already have signatures.
41
33
    """
42
 
    # Note that this signs everything on the branch's ancestry
43
 
    # (both mainline and merged), but not other revisions that may be in the
44
 
    # repository
45
34
 
46
 
    takes_options = [
47
 
        Option('dry-run',
48
 
               help='Don\'t actually sign anything, just print'
49
 
               ' the revisions that would be signed.'),
50
 
        ]
 
35
    takes_options = [Option('dry-run'
 
36
                            , help='Don\'t actually sign anything, just print'
 
37
                                   ' the revisions that would be signed')
 
38
                    ]
51
39
    takes_args = ['location?', 'committer?']
52
40
 
53
41
    def run(self, location=None, committer=None, dry_run=False):
54
42
        if location is None:
55
 
            bzrdir = controldir.ControlDir.open_containing('.')[0]
 
43
            from bzrlib.workingtree import WorkingTree
 
44
            # Open the containing directory
 
45
            wt = WorkingTree.open_containing('.')[0]
 
46
            b = wt.branch
56
47
        else:
57
48
            # Passed in locations should be exact
58
 
            bzrdir = controldir.ControlDir.open(location)
59
 
        branch = bzrdir.open_branch()
60
 
        repo = branch.repository
61
 
        branch_config = branch.get_config_stack()
 
49
            from bzrlib.branch import Branch
 
50
            b = Branch.open(location)
 
51
        repo = getattr(b, 'repository', b)
 
52
 
 
53
        config = bzrlib.config.BranchConfig(b)
62
54
 
63
55
        if committer is None:
64
 
            committer = branch_config.get('email')
65
 
        gpg_strategy = gpg.GPGStrategy(branch_config)
 
56
            committer = config.username()
 
57
 
 
58
        gpg_strategy = bzrlib.gpg.GPGStrategy(config)
66
59
 
67
60
        count = 0
68
 
        with repo.lock_write():
69
 
            graph = repo.get_graph()
70
 
            with _mod_repository.WriteGroup(repo):
71
 
                for rev_id, parents in graph.iter_ancestry(
72
 
                        [branch.last_revision()]):
73
 
                    if _mod_revision.is_null(rev_id):
74
 
                        continue
75
 
                    if parents is None:
76
 
                        # Ignore ghosts
77
 
                        continue
78
 
                    if repo.has_signature_for_revision_id(rev_id):
79
 
                        continue
80
 
                    rev = repo.get_revision(rev_id)
81
 
                    if rev.committer != committer:
82
 
                        continue
83
 
                    # We have a revision without a signature who has a
84
 
                    # matching committer, start signing
85
 
                    self.outf.write("%s\n" % rev_id)
86
 
                    count += 1
87
 
                    if not dry_run:
88
 
                        repo.sign_revision(rev_id, gpg_strategy)
89
 
        self.outf.write(
90
 
            ngettext('Signed %d revision.\n', 'Signed %d revisions.\n',
91
 
                     count) % count)
92
 
 
93
 
 
94
 
class cmd_verify_signatures(Command):
95
 
    __doc__ = """Verify all commit signatures.
96
 
 
97
 
    Verifies that all commits in the branch are signed by known GnuPG keys.
98
 
    """
99
 
 
100
 
    takes_options = [
101
 
        Option('acceptable-keys',
102
 
               help='Comma separated list of GPG key patterns which are'
103
 
               ' acceptable for verification.',
104
 
               short_name='k',
105
 
               type=text_type,),
106
 
        'revision',
107
 
        'verbose',
108
 
        ]
109
 
    takes_args = ['location?']
110
 
 
111
 
    def run(self, acceptable_keys=None, revision=None, verbose=None,
112
 
            location=u'.'):
113
 
        bzrdir = controldir.ControlDir.open_containing(location)[0]
114
 
        branch = bzrdir.open_branch()
115
 
        repo = branch.repository
116
 
        branch_config = branch.get_config_stack()
117
 
        gpg_strategy = gpg.GPGStrategy(branch_config)
118
 
 
119
 
        gpg_strategy.set_acceptable_keys(acceptable_keys)
120
 
 
121
 
        def write(string):
122
 
            self.outf.write(string + "\n")
123
 
 
124
 
        def write_verbose(string):
125
 
            self.outf.write("  " + string + "\n")
126
 
 
127
 
        self.add_cleanup(repo.lock_read().unlock)
128
 
        # get our list of revisions
129
 
        revisions = []
130
 
        if revision is not None:
131
 
            if len(revision) == 1:
132
 
                revno, rev_id = revision[0].in_history(branch)
133
 
                revisions.append(rev_id)
134
 
            elif len(revision) == 2:
135
 
                from_revno, from_revid = revision[0].in_history(branch)
136
 
                to_revno, to_revid = revision[1].in_history(branch)
137
 
                if to_revid is None:
138
 
                    to_revno = branch.revno()
139
 
                if from_revno is None or to_revno is None:
140
 
                    raise errors.BzrCommandError(
141
 
                        gettext('Cannot verify a range of non-revision-history'
142
 
                                ' revisions'))
143
 
                for revno in range(from_revno, to_revno + 1):
144
 
                    revisions.append(branch.get_rev_id(revno))
145
 
        else:
146
 
            # all revisions by default including merges
147
 
            graph = repo.get_graph()
148
 
            revisions = []
149
 
            for rev_id, parents in graph.iter_ancestry(
150
 
                    [branch.last_revision()]):
151
 
                if _mod_revision.is_null(rev_id):
152
 
                    continue
153
 
                if parents is None:
154
 
                    # Ignore ghosts
155
 
                    continue
156
 
                revisions.append(rev_id)
157
 
        count, result, all_verifiable = gpg.bulk_verify_signatures(
158
 
            repo, revisions, gpg_strategy)
159
 
        if all_verifiable:
160
 
            write(gettext("All commits signed with verifiable keys"))
161
 
            if verbose:
162
 
                for message in gpg.verbose_valid_message(result):
163
 
                    write_verbose(message)
164
 
            return 0
165
 
        else:
166
 
            write(gpg.valid_commits_message(count))
167
 
            if verbose:
168
 
                for message in gpg.verbose_valid_message(result):
169
 
                    write_verbose(message)
170
 
            write(gpg.expired_commit_message(count))
171
 
            if verbose:
172
 
                for message in gpg.verbose_expired_key_message(result, repo):
173
 
                    write_verbose(message)
174
 
            write(gpg.unknown_key_message(count))
175
 
            if verbose:
176
 
                for message in gpg.verbose_missing_key_message(result):
177
 
                    write_verbose(message)
178
 
            write(gpg.commit_not_valid_message(count))
179
 
            if verbose:
180
 
                for message in gpg.verbose_not_valid_message(result, repo):
181
 
                    write_verbose(message)
182
 
            write(gpg.commit_not_signed_message(count))
183
 
            if verbose:
184
 
                for message in gpg.verbose_not_signed_message(result, repo):
185
 
                    write_verbose(message)
186
 
            return 1
 
61
        # return in partial topological order for the sake of reproducibility
 
62
        for rev_id in repo.all_revision_ids():
 
63
            if repo.has_signature_for_revision_id(rev_id):
 
64
                continue
 
65
            
 
66
            rev = repo.get_revision(rev_id)
 
67
            if rev.committer != committer:
 
68
                continue
 
69
 
 
70
            # We have a revision without a signature who has a 
 
71
            # matching committer, start signing
 
72
            print rev_id
 
73
            count += 1
 
74
            if not dry_run:
 
75
                repo.sign_revision(rev_id, gpg_strategy)
 
76
        print 'Signed %d revisions' % (count,)
 
77
 
 
78