gitui-org · grantbdev · Jul 29, 2020 · Jul 30, 2020 · Jul 30, 2020 · Jul 30, 2020
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -31,6 +31,23 @@ jobs:
         profile: minimal
         components: clippy
 
+    - name: Install GnuPG on Ubuntu
+      if: matrix.os == 'ubuntu-latest'
+      run: sudo apt-get -qq install libgpg-error-dev libgpgme11-dev
+
+    - name: Install GnuPG on MacOS
+      if: matrix.os == 'macos-latest'
+      run: brew install gpgme
+
+    - name: Install GnuPG on Windows
+      if: matrix.os == 'windows-latest'
+      run: |
+        $path = [Environment]::GetEnvironmentVariable("path", "machine")
+        $newPath = ($path.Split(';') | Where-Object { $_ -eq 'C:\ProgramData\chocolatey\bin' }) -join ';'
+        [Environment]::SetEnvironmentVariable("path", $newPath, "machine")
+        choco install gpg4win
+        refreshenv
+
     - name: Build Debug
       run: |
         rustc --version
@@ -58,6 +75,9 @@ jobs:
         profile: minimal
         target: x86_64-unknown-linux-musl
 
+    - name: Install GnuPG
+      run: sudo apt-get -qq install libgpg-error-dev libgpgme11-dev
+
     - name: Setup MUSL
       run: |
         sudo apt-get -qq install musl-tools

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/asyncgit/Cargo.toml b/asyncgit/Cargo.toml
@@ -18,6 +18,8 @@ rayon-core = "1.7"
 crossbeam-channel = "0.4"
 log = "0.4"
 thiserror = "1.0"
+gpg-error = "0.5.1"
+gpgme = "0.9.2"
 
 [dev-dependencies]
 tempfile = "3.1"

diff --git a/asyncgit/src/error.rs b/asyncgit/src/error.rs
@@ -13,6 +13,9 @@ pub enum Error {
 
     #[error("git error:{0}")]
     Git(#[from] git2::Error),
+
+    #[error("gpg error:#{0}")]
+    Gpg(#[from] gpg_error::Error),
 }
 
 pub type Result<T> = std::result::Result<T, Error>;

diff --git a/asyncgit/src/sync/commit.rs b/asyncgit/src/sync/commit.rs
@@ -1,6 +1,7 @@
 use super::{get_head, utils::repo, CommitId};
 use crate::error::Result;
 use git2::{ErrorCode, ObjectType, Repository, Signature};
+use gpgme::{Context, Protocol};
 use scopetime::scope_time;
 
 ///
@@ -54,6 +55,7 @@ pub fn commit(repo_path: &str, msg: &str) -> Result<CommitId> {
     scope_time!("commit");
 
     let repo = repo(repo_path)?;
+    let config = repo.config()?;
 
     let signature = signature_allow_undefined_name(&repo)?;
     let mut index = repo.index()?;
@@ -68,16 +70,78 @@ pub fn commit(repo_path: &str, msg: &str) -> Result<CommitId> {
 
     let parents = parents.iter().collect::<Vec<_>>();
 
-    Ok(repo
-        .commit(
+    let commit_oid = if config
+        .get_bool("commit.gpgsign")
+        .unwrap_or(false)
+    {
+        // Generate commit content
+        let commit_bufffer = repo.commit_create_buffer(
+            &signature,
+            &signature,
+            msg,
+            &tree,
+            parents.as_slice(),
+        )?;
+        let commit_content = commit_bufffer
+            .as_str()
+            .expect("Buffer was not valid UTF-8");
+
+        // Prepare to sign using the designated key in the user's git config
+        let mut gpg_ctx = Context::from_protocol(Protocol::OpenPgp)?;
+        if let Ok(key_id) = config.get_string("user.signingkey") {
+            let key = gpg_ctx.get_key(key_id)?;
+            gpg_ctx.add_signer(&key)?;
+        }
+        gpg_ctx.set_armor(true);
+
+        // Create GPG signature for commit content
+        let mut signature_buffer = Vec::new();
+        gpg_ctx
+            .sign_detached(&*commit_bufffer, &mut signature_buffer)?;
+        let gpg_signature = std::str::from_utf8(&signature_buffer)
+            .expect("Buffer was not valid UTF-8");
+
+        let commit_oid = repo.commit_signed(
+            &commit_content,
+            &gpg_signature,
+            None,
+        )?;
+
+        match repo.head() {
+            // If HEAD reference is returned, simply update the target.
+            Ok(mut head) => {
+                head.set_target(commit_oid, msg)?;
+            }
+            // If there is an error getting HEAD, likely it is a new repo
+            // and a reference to a default branch needs to be created.
+            Err(_) => {
+                // Default branch name behavior as of git 2.28.
+                let default_branch_name = config
+                    .get_str("init.defaultBranch")
+                    .unwrap_or("master");
+
+                repo.reference(
+                    &format!("refs/heads/{}", default_branch_name),
+                    commit_oid,
+                    true,
+                    msg,
+                )?;
+            }
+        }
+
+        commit_oid
+    } else {
+        repo.commit(
             Some("HEAD"),
             &signature,
             &signature,
             msg,
             &tree,
             parents.as_slice(),
         )?
-        .into())
+    };
+
+    Ok(commit_oid.into())
 }
 
 /// Tag a commit.