Skip to content

Commit

Permalink
fix(plugins/npm-post): performance improvements and bug-fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@dalisoft
dalisoft committed Apr 26, 2024
1 parent db76036 commit 1e010f1
Showing 1 changed file with 30 additions and 26 deletions.
56 changes: 30 additions & 26 deletions plugins/npm-post.sh
View file
Original file line number Diff line number Diff line change
@@ -1,37 +1,31 @@
#!/bin/sh
set -eu

# Global variables
export GPG_TTY=
export GNUPGHOME=

prepare() {
unset GIT_CONFIG

GPG_TTY=$(tty)
GNUPGHOME=$(mktemp -d)

if [ -n "${GIT_USERNAME-}" ] && [ -n "${GIT_EMAIL-}" ]; then
git config --local user.email "$GIT_EMAIL"
git config --local user.name "$GIT_USERNAME"
log_verbose "Git username [$GIT_USERNAME] and Git e-mail [$GIT_EMAIL] set"
fi

if [ -z "${GPG_NO_SIGN-}" ] && [ -n "${GPG_KEY_ID-}" ]; then
echo "$GPG_KEY" | base64 --decode | gpg --homedir "$GNUPGHOME" --quiet --batch --import

git config --local commit.gpgsign true
git config --local user.signingkey "$GPG_KEY_ID"
git config --local tag.forceSignAnnotated true
git config --local gpg.program gpg
log_verbose "Git GPG sign and key ID [$GPG_KEY_ID] are set"

echo "allow-loopback-pinentry" >>"$GNUPGHOME/gpg-agent.conf"
echo "pinentry-mode loopback" >>"$GNUPGHOME/gpg.conf"
gpg-connect-agent --homedir "$GNUPGHOME" reloadagent /bye
if ! gpg --list-keys | grep -q "${GPG_KEY_ID-}"; then
echo "$GPG_KEY" | base64 --decode | gpg --quiet --batch --import
log_verbose "Git GPG key import loaded"
else
log_verbose "Git GPG key import skipped"
fi

if [ -n "${GPG_PASSPHRASE}" ]; then
echo "" | gpg --homedir "$GNUPGHOME" --quiet --passphrase "$GPG_PASSPHRASE" --batch --pinentry-mode loopback --sign >/dev/null
echo "$GPG_PASSPHRASE" | gpg --quiet --batch --yes --pinentry-mode loopback --sign --local-user "${GPG_KEY_ID-}" --passphrase-fd 0 >/dev/null
log_verbose "Git GPG passphrase set"
fi
fi
Expand All @@ -49,45 +43,55 @@ cleanup() {
git config --local --unset user.signingkey
git config --local --unset tag.forceSignAnnotated
git config --local --unset gpg.program
log_verbose "Git GPG sign unset"

if [ -n "${GPG_PASSPHRASE}" ]; then
gpg --homedir "$GNUPGHOME" --quiet --passphrase "$GPG_PASSPHRASE" --batch --yes --delete-secret-and-public-key "$GPG_KEY_ID"
log_verbose "Git GPG sign and key ID [$GPG_KEY_ID] are unset"

if gpg --list-keys | grep -q "${GPG_KEY_ID-}"; then
if [ -n "${GPG_PASSPHRASE}" ]; then
echo "$GPG_PASSPHRASE" | gpg --quiet --batch --yes --passphrase-fd 0 --delete-secret-and-public-key "$GPG_KEY_ID" >/dev/null
else
gpg --quiet --batch --yes --delete-secret-and-public-key "$GPG_KEY_ID"
fi
log_verbose "Git GPG key deleted"
else
log_verbose "Git GPG key delete skipped"
fi

rm -rf "$GNUPGHOME"
log_verbose "Git GPG config cleanup"
fi

log_verbose "Git config cleanup"
}

release() {
# Commiting a `npm` tag
# Committing a `npm` tag
log "Committing npm tag..."
log_verbose "Git hash: $CHECKOUT_SHA!"

if ! $IS_DRY_RUN; then
if [ -z "$(git diff --name-only package.json 2>dev/null)" ]; then
return
fi

prepare

git add package.json

if $IS_WORKSPACE; then
if [ -z "${GPG_NO_SIGN-}" ] && [ -n "${GPG_KEY_ID-}" ] && [ -n "${GPG_PASSPHRASE-}" ]; then
git commit --sign -m "Bump project ${PKG_NAME} version to ${NEXT_RELEASE_VERSION}"
if [ -z "${GPG_NO_SIGN-}" ] && [ -n "${GPG_KEY_ID-}" ]; then
git commit --sign -m "chore(${PKG_NAME}): update \`package.json\` version to ${NEXT_RELEASE_VERSION}"
else
git commit --no-gpg-sign -m "Bump project ${PKG_NAME} version to ${NEXT_RELEASE_VERSION}"
git commit --no-gpg-sign -m "chore(${PKG_NAME}): update \`package.json\` version to ${NEXT_RELEASE_VERSION}"
fi
else
if [ -z "${GPG_NO_SIGN-}" ] && [ -n "${GPG_KEY_ID-}" ] && [ -n "${GPG_PASSPHRASE-}" ]; then
git commit --sign -m "Bump package.json version to ${NEXT_RELEASE_VERSION}"
if [ -z "${GPG_NO_SIGN-}" ] && [ -n "${GPG_KEY_ID-}" ]; then
git commit --sign -m "chore: update \`package.json\` version to ${NEXT_RELEASE_VERSION}"
else
git commit --no-gpg-sign -m "Bump package.json version to ${NEXT_RELEASE_VERSION}"
git commit --no-gpg-sign -m "chore: update \`package.json\` version to ${NEXT_RELEASE_VERSION}"
fi
fi

CHECKOUT_SHA=$(git rev-parse HEAD)

if [ -n "$GIT_REMOTE_ORIGIN" ]; then
git push
log_verbose "Pushed update to remote"
Expand All @@ -97,6 +101,6 @@ release() {

cleanup
else
log "Skipped commiting npm [$NEXT_RELEASE_TAG] tag in DRY-RUN mode."
log "Skipped committing npm [$NEXT_RELEASE_TAG] tag in DRY-RUN mode."
fi
}

0 comments on commit 1e010f1

Please sign in to comment.