17
17
"""Command which looks for unsigned commits by the current user, and signs them.
20
from bzrlib.lazy_import import lazy_import
21
lazy_import(globals(), """
20
from __future__ import absolute_import
26
revision as _mod_revision,
26
from bzrlib.bzrdir import BzrDir
28
from bzrlib.commands import Command
29
from bzrlib.option import Option
28
from .commands import Command
29
from .option import Option
30
from .i18n import gettext, ngettext
31
from .sixish import text_type
32
34
class cmd_sign_my_commits(Command):
51
53
def run(self, location=None, committer=None, dry_run=False):
52
54
if location is None:
53
bzrdir = BzrDir.open_containing('.')[0]
55
bzrdir = controldir.ControlDir.open_containing('.')[0]
55
57
# Passed in locations should be exact
56
bzrdir = BzrDir.open(location)
58
bzrdir = controldir.ControlDir.open(location)
57
59
branch = bzrdir.open_branch()
58
60
repo = branch.repository
59
branch_config = branch.get_config()
61
branch_config = branch.get_config_stack()
61
63
if committer is None:
62
committer = branch_config.username()
64
committer = branch_config.get('email')
63
65
gpg_strategy = gpg.GPGStrategy(branch_config)
68
with repo.lock_write():
69
graph = repo.get_graph()
68
70
repo.start_write_group()
70
for rev_id in repo.get_ancestry(branch.last_revision())[1:]:
72
for rev_id, parents in graph.iter_ancestry(
73
[branch.last_revision()]):
74
if _mod_revision.is_null(rev_id):
71
79
if repo.has_signature_for_revision_id(rev_id):
73
81
rev = repo.get_revision(rev_id)
86
94
repo.commit_write_group()
89
print 'Signed %d revisions' % (count,)
96
ngettext('Signed %d revision.\n', 'Signed %d revisions.\n', count) %
100
class cmd_verify_signatures(Command):
101
__doc__ = """Verify all commit signatures.
103
Verifies that all commits in the branch are signed by known GnuPG keys.
107
Option('acceptable-keys',
108
help='Comma separated list of GPG key patterns which are'
109
' acceptable for verification.',
115
takes_args = ['location?']
117
def run(self, acceptable_keys=None, revision=None, verbose=None,
119
bzrdir = controldir.ControlDir.open_containing(location)[0]
120
branch = bzrdir.open_branch()
121
repo = branch.repository
122
branch_config = branch.get_config_stack()
123
gpg_strategy = gpg.GPGStrategy(branch_config)
125
gpg_strategy.set_acceptable_keys(acceptable_keys)
128
self.outf.write(string + "\n")
129
def write_verbose(string):
130
self.outf.write(" " + string + "\n")
132
self.add_cleanup(repo.lock_read().unlock)
133
#get our list of revisions
135
if revision is not None:
136
if len(revision) == 1:
137
revno, rev_id = revision[0].in_history(branch)
138
revisions.append(rev_id)
139
elif len(revision) == 2:
140
from_revno, from_revid = revision[0].in_history(branch)
141
to_revno, to_revid = revision[1].in_history(branch)
143
to_revno = branch.revno()
144
if from_revno is None or to_revno is None:
145
raise errors.BzrCommandError(gettext(
146
'Cannot verify a range of non-revision-history revisions'))
147
for revno in range(from_revno, to_revno + 1):
148
revisions.append(branch.get_rev_id(revno))
150
#all revisions by default including merges
151
graph = repo.get_graph()
153
for rev_id, parents in graph.iter_ancestry(
154
[branch.last_revision()]):
155
if _mod_revision.is_null(rev_id):
160
revisions.append(rev_id)
161
count, result, all_verifiable = gpg.bulk_verify_signatures(
162
repo, revisions, gpg_strategy)
164
write(gettext("All commits signed with verifiable keys"))
166
for message in gpg.verbose_valid_message(result):
167
write_verbose(message)
170
write(gpg.valid_commits_message(count))
172
for message in gpg.verbose_valid_message(result):
173
write_verbose(message)
174
write(gpg.expired_commit_message(count))
176
for message in gpg.verbose_expired_key_message(result, repo):
177
write_verbose(message)
178
write(gpg.unknown_key_message(count))
180
for message in gpg.verbose_missing_key_message(result):
181
write_verbose(message)
182
write(gpg.commit_not_valid_message(count))
184
for message in gpg.verbose_not_valid_message(result, repo):
185
write_verbose(message)
186
write(gpg.commit_not_signed_message(count))
188
for message in gpg.verbose_not_signed_message(result, repo):
189
write_verbose(message)