mirror of
https://github.com/fluxcd/flux2.git
synced 2025-11-03 03:12:00 +08:00
Use proper GPG terminology
Signed-off-by: Hidde Beydals <hello@hidde.co>
This commit is contained in:
Hidde Beydals
@ -68,7 +68,7 @@ type bootstrapFlags struct {
|
||||
authorName string
|
||||
authorEmail string
|
||||
|
||||
gpgKeyPath string
|
||||
gpgKeyRingPath string
|
||||
gpgPassphrase string
|
||||
gpgKeyID string
|
||||
|
||||
@ -123,8 +123,8 @@ func init() {
|
||||
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.authorName, "author-name", "Flux", "author name for Git commits")
|
||||
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.authorEmail, "author-email", "", "author email for Git commits")
|
||||
|
||||
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.gpgKeyPath, "gpg-key", "", "path to secret gpg key for signing commits")
|
||||
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.gpgPassphrase, "gpg-passphrase", "", "passphrase for decrypting secret gpg key")
|
||||
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.gpgKeyRingPath, "gpg-key-ring", "", "path to GPG key ring for signing commits")
|
||||
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.gpgPassphrase, "gpg-passphrase", "", "passphrase for decrypting GPG private key")
|
||||
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.gpgKeyID, "gpg-key-id", "", "key id for selecting a particular key")
|
||||
|
||||
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.commitMessageAppendix, "commit-message-appendix", "", "string to add to the commit messages, e.g. '[ci skip]'")
|
||||
|
||||
@ -224,7 +224,7 @@ func bootstrapGitCmdRun(cmd *cobra.Command, args []string) error {
|
||||
bootstrap.WithPostGenerateSecretFunc(promptPublicKey),
|
||||
bootstrap.WithLogger(logger),
|
||||
bootstrap.WithCABundle(caBundle),
|
||||
bootstrap.WithGitCommitSigning(bootstrapArgs.gpgKeyPath, bootstrapArgs.gpgPassphrase, bootstrapArgs.gpgKeyID),
|
||||
bootstrap.WithGitCommitSigning(bootstrapArgs.gpgKeyRingPath, bootstrapArgs.gpgPassphrase, bootstrapArgs.gpgKeyID),
|
||||
}
|
||||
|
||||
// Setup bootstrapper with constructed configs
|
||||
|
||||
@ -53,7 +53,7 @@ type PlainGitBootstrapper struct {
|
||||
author git.Author
|
||||
commitMessageAppendix string
|
||||
|
||||
gpgKeyPath string
|
||||
gpgKeyRingPath string
|
||||
gpgPassphrase string
|
||||
gpgKeyID string
|
||||
|
||||
@ -146,7 +146,7 @@ func (b *PlainGitBootstrapper) ReconcileComponents(ctx context.Context, manifest
|
||||
}
|
||||
|
||||
// Git commit generated
|
||||
gpgOpts := git.WithGpgSigningOption(b.gpgKeyPath, b.gpgPassphrase, b.gpgKeyID)
|
||||
gpgOpts := git.WithGpgSigningOption(b.gpgKeyRingPath, b.gpgPassphrase, b.gpgKeyID)
|
||||
commitMsg := fmt.Sprintf("Add Flux %s component manifests", options.Version)
|
||||
if b.commitMessageAppendix != "" {
|
||||
commitMsg = commitMsg + "\n\n" + b.commitMessageAppendix
|
||||
@ -311,7 +311,7 @@ func (b *PlainGitBootstrapper) ReconcileSyncConfig(ctx context.Context, options
|
||||
b.logger.Successf("generated sync manifests")
|
||||
|
||||
// Git commit generated
|
||||
gpgOpts := git.WithGpgSigningOption(b.gpgKeyPath, b.gpgPassphrase, b.gpgKeyID)
|
||||
gpgOpts := git.WithGpgSigningOption(b.gpgKeyRingPath, b.gpgPassphrase, b.gpgKeyID)
|
||||
commitMsg := fmt.Sprintf("Add Flux sync manifests")
|
||||
if b.commitMessageAppendix != "" {
|
||||
commitMsg = commitMsg + "\n\n" + b.commitMessageAppendix
|
||||
|
||||
@ -13,7 +13,7 @@ type CommitOptions struct {
|
||||
|
||||
// GPGSigningInfo contains information for signing a commit.
|
||||
type GPGSigningInfo struct {
|
||||
PrivateKeyPath string
|
||||
KeyRingPath string
|
||||
Passphrase string
|
||||
KeyID string
|
||||
}
|
||||
@ -27,14 +27,14 @@ func (w GpgSigningOption) ApplyToCommit(in *CommitOptions) {
|
||||
}
|
||||
|
||||
func WithGpgSigningOption(path, passphrase, keyID string) Option {
|
||||
// return nil info if no path is set
|
||||
// Return nil if no path is set, even if other options are configured.
|
||||
if path == "" {
|
||||
return GpgSigningOption{}
|
||||
}
|
||||
|
||||
return GpgSigningOption{
|
||||
GPGSigningInfo: &GPGSigningInfo{
|
||||
PrivateKeyPath: path,
|
||||
KeyRingPath: path,
|
||||
Passphrase: passphrase,
|
||||
KeyID: keyID,
|
||||
},
|
||||
|
||||
@ -258,9 +258,9 @@ func isRemoteBranchNotFoundErr(err error, ref string) bool {
|
||||
}
|
||||
|
||||
func getOpenPgpEntity(info git.GPGSigningInfo) (*openpgp.Entity, error) {
|
||||
r, err := os.Open(info.PrivateKeyPath)
|
||||
r, err := os.Open(info.KeyRingPath)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to open gpg private key %s", err)
|
||||
return nil, fmt.Errorf("unable to open GPG key ring: %w", err)
|
||||
}
|
||||
|
||||
entityList, err := openpgp.ReadKeyRing(r)
|
||||
@ -269,7 +269,7 @@ func getOpenPgpEntity(info git.GPGSigningInfo) (*openpgp.Entity, error) {
|
||||
}
|
||||
|
||||
if len(entityList) == 0 {
|
||||
return nil, fmt.Errorf("no GPP entity formed")
|
||||
return nil, fmt.Errorf("empty GPG key ring")
|
||||
}
|
||||
|
||||
var entity *openpgp.Entity
|
||||
@ -281,7 +281,7 @@ func getOpenPgpEntity(info git.GPGSigningInfo) (*openpgp.Entity, error) {
|
||||
}
|
||||
|
||||
if entity == nil {
|
||||
return nil, fmt.Errorf("no gpg private key matching the key id was found")
|
||||
return nil, fmt.Errorf("no GPG private key matching key id '%s' found", info.KeyID)
|
||||
}
|
||||
} else {
|
||||
entity = entityList[0]
|
||||
@ -289,7 +289,7 @@ func getOpenPgpEntity(info git.GPGSigningInfo) (*openpgp.Entity, error) {
|
||||
|
||||
err = entity.PrivateKey.Decrypt([]byte(info.Passphrase))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to decrypt private key: %s", err)
|
||||
return nil, fmt.Errorf("unable to decrypt GPG private key: %w", err)
|
||||
}
|
||||
|
||||
return entity, nil
|
||||
|
||||
@ -49,7 +49,7 @@ func TestGetOpenPgpEntity(t *testing.T) {
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
gpgInfo := git.GPGSigningInfo{
|
||||
PrivateKeyPath: tt.keyPath,
|
||||
KeyRingPath: tt.keyPath,
|
||||
Passphrase: tt.passphrase,
|
||||
KeyID: tt.id,
|
||||
}
|
||||
|
||||
@ -115,21 +115,21 @@ func (o loggerOption) applyGitProvider(b *GitProviderBootstrapper) {
|
||||
|
||||
func WithGitCommitSigning(path, passphrase, keyID string) Option {
|
||||
return gitCommitSigningOption{
|
||||
gpgKeyPath: path,
|
||||
gpgKeyRingPath: path,
|
||||
gpgPassphrase: passphrase,
|
||||
gpgKeyID: keyID,
|
||||
}
|
||||
}
|
||||
|
||||
type gitCommitSigningOption struct {
|
||||
gpgKeyPath string
|
||||
gpgKeyRingPath string
|
||||
gpgPassphrase string
|
||||
gpgKeyID string
|
||||
}
|
||||
|
||||
func (o gitCommitSigningOption) applyGit(b *PlainGitBootstrapper) {
|
||||
b.gpgKeyRingPath = o.gpgKeyRingPath
|
||||
b.gpgPassphrase = o.gpgPassphrase
|
||||
b.gpgKeyPath = o.gpgKeyPath
|
||||
b.gpgKeyID = o.gpgKeyID
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user