feat: sl pr support for GPG signatures
#218
Comments
|
This is a good point: I'll investigate! |
|
I'd be happy to take a stab at this as well if that would help any. I had a really hard time locating where in the code base the actual git commits were being created. I was able to find the relevant code for ghstack, but the other path eluded me. A pointer to the relevant code might help me be able to produce a patch or at least start to dig into the things that might need to change. Additionally, if you know of any sharp corners in the relevant parts of the code base that I'd need to keep an eye out for that could also be helpful. If this is something that you think would be fairly quick to crank-out with minimal fuss, feel free to keep this on your TODO stack. |
|
I suspect this is the right function: sapling/eden/scm/edenscm/localrepo.py Line 2654 in 5bf764c |
|
Here are the appropriate Git docs on the subject: https://git-scm.com/docs/signature-format Though I don't see the option to specify a signature in https://libgit2.org/libgit2/#HEAD/group/commit/git_commit_create. but maybe I'm missing something? We probably need to look at Git's actual |
|
Ah, in libgit2, it looks like you have to use: https://libgit2.org/libgit2/#v1.0.0/group/callback/git_commit_signing_cb though it is declared in a file named https://github.com/libgit2/libgit2/blob/HEAD/include/git2/deprecated.h#L276-280 |
|
Oh, I guess this is the non-deprecated API? https://libgit2.org/libgit2/#v1.0.0/group/commit/git_commit_create_with_signature |
|
I found someone who wrote a unit test that demonstrates how this API is meant to be used: |
|
I checked with @quark-zju and a few things of note. Here is the place in sapling/eden/scm/edenscm/localrepo.py Lines 2800 to 2810 in 5bf764c We are using a Rust crate that wraps libgit2, https://docs.rs/git2/0.15.0/git2/struct.Repository.html#method.commit_signed It looks like as well as a config option to automatically auto-sign commits: On our end, I think we have to:
|
|
By the time we hit our Rust code, we have the raw bytes for the commit object, so inserting the signature must occur upstream of that. I believe this is the right place to add the signing option: sapling/eden/scm/edenscm/changelog.py Lines 295 to 316 in 5bf764c Or maybe call sapling/eden/scm/edenscm/changelog2.py Lines 391 to 392 in 5bf764c |
|
Incidentally, here is the commit that added support for GPG signing within Git itself: The |
That was a quick hack that uses hg's commit serialization as the way to represent commit data. It seems in this case it'd be beneficial to have a more structured commit struct. I think if we continue using this hack the hg's "extras" dict might be a reasonable place for passing the extra sign information. Otherwise we might want to refactor related logic so a more structured commit object (defined in Rust) is used. |
I am close to having something working with this architecture, though! I'll put up a diff soon. |
|
@nairb774 I just put up #311 to demonstrate that I am working on this, but it's a bit tricky. What is there "works," but we're still hashing out:
|
|
Really appreciate the preview, I'm building it locally to play with it and see how workable it is. It looks like it ended up being a bit more complicated than I initially guessed, so thank you for continuing to poke at this - it is really appreciated. Learning a lot about the code following along here as well. |
|
Incidentally, I have another commit stacked on top that ensures we use this under the hood when we use |
|
I can confirm #311 works: Sorry about the small snip, but internal code. I'll run with this for now, and I'll drop any notes here if I stumble across edge cases. Super excited! |
Summary: This was requested for `sl pr` in #218, though this diff adds support for signing commits in general, in Sapling. Here's how it works: - `sl config --local gpg.key <KEY>` to specify your key - Now `gitcommittext()` takes an optional `str` for the `gpgsigningkey` if `gpg.key` is set and `gpg.enabled` is `true` (which is the default). - The text of the unsigned commit object is constructed and then signed using `gpg --status-fd=2 -bsau <KEY>` with the text passed via stdin. - The resulting signature is embedded into the original text to sign it. Note that the original PGP key goes through some minor formatting (`\r` is removed; lines must start with a space to avoid a `\n\n` sequence) before it is embedded. I documented things to the best of my knowledge in `eden/website/docs/git/signing.md`. Follow-up items: - Show signed status in smartlog? - Update `sl ghstack` to honor signing configuration when running `git commit-tree`. - Update `sl pr` to honor signing configuration when running `git commit-tree`. Reviewed By: quark-zju Differential Revision: D41778874 fbshipit-source-id: 5018a0d8bea1b5e9293c05954db65f35dd3c7aff
|
FYI, I just used the release candidate https://github.com/facebook/sapling/releases/tag/0.1.20221212-142634-r7ae28228 to create #323, and as you can see, it is signed and verified! |
|
Fix is now in the latest release! Docs are here: https://sapling-scm.com/docs/git/signing. |
Testing out sapling for the first time, and it seems like the
sl prcommand doesn't sign commits. Would it be possible to add gpg signing tosl pr? Signed commits are a requirement for the internal repos that I work with so this is currently a blocker on further exploration. My git config has bothuser.signingkeyset andcommit.gpgsign=true. I'm open to adjusting configurations, but a quick grep through the code doesn't seem to show any implementation of GPG signing for thesl prcommand that I could locate.I'd consider using
sl ghstackwhich does seem to sign the commits, but the way it sets the base branch of PRs interacts poorly with our CI setup. It seems like ezyang/ghstack#122 might open up this path to being a little less problematic for our setup.The text was updated successfully, but these errors were encountered: