Harness the power of signify(1) to sign arbitrary git objects
add rev-lookup cmd
+40
+14
src/main.rs
+14
src/main.rs
···
3
3
mod pull;
4
4
mod push;
5
5
mod raw;
6
+
mod rev_lookup;
6
7
mod sign;
7
8
mod utils;
8
9
mod verify;
···
67
68
#[arg(long)]
68
69
json: bool,
69
70
},
71
+
/// Look-up a signature revision
72
+
RevLookup {
73
+
/// Path to the base64 encoded public key that signed the rev
74
+
#[arg(short = 'k', long, env = "GIT_KEY_PUB")]
75
+
public_key: PathBuf,
76
+
77
+
/// Revision whose signature will be looked up
78
+
git_rev: String,
79
+
},
70
80
}
71
81
72
82
#[derive(Subcommand)]
···
120
130
Action::Push { remote } => push::command(&remote.unwrap_or(Cow::Borrowed("origin"))),
121
131
Action::Pull { remote } => pull::command(&remote.unwrap_or(Cow::Borrowed("origin"))),
122
132
Action::ListSignatures { json } => list_signatures::command(json),
133
+
Action::RevLookup {
134
+
public_key,
135
+
git_rev: rev,
136
+
} => rev_lookup::command(public_key, rev),
123
137
}
124
138
}
+26
src/rev_lookup.rs
+26
src/rev_lookup.rs
···
1
+
//! Look-up the git revision of a signature produced by
2
+
//! `git-signify`.
3
+
4
+
use std::path::PathBuf;
5
+
6
+
use anyhow::{Context, Result};
7
+
8
+
use crate::utils;
9
+
10
+
/// Execute the `rev-lookup` command.
11
+
pub fn command(key_path: PathBuf, rev: String) -> Result<()> {
12
+
let repo = utils::open_repository()?;
13
+
let public_key = utils::get_public_key(key_path)?;
14
+
let tree_rev = {
15
+
let object_oid = repo
16
+
.revparse_single(&rev)
17
+
.context("Failed to look-up git object")?
18
+
.id();
19
+
let key_fingerprint = public_key.fingerprint()?;
20
+
utils::craft_signature_reference(key_fingerprint, object_oid)
21
+
};
22
+
repo.revparse_single(&tree_rev)
23
+
.with_context(|| format!("No signature found for {rev}"))?;
24
+
println!("{tree_rev}");
25
+
Ok(())
26
+
}