diff options
author | Sean Whitton <spwhitton@spwhitton.name> | 2019-11-28 12:25:34 -0700 |
---|---|---|
committer | Sean Whitton <spwhitton@spwhitton.name> | 2019-11-28 12:25:34 -0700 |
commit | cb3393f71432ffa5e25a4f41747901a6e1485435 (patch) | |
tree | 583a936d0fa57a43efc221ed1d753d9eda6cd0eb /lib | |
parent | d071d7a26dd2698f47407fabec8460282bf01f2b (diff) | |
download | dotfiles-cb3393f71432ffa5e25a4f41747901a6e1485435.tar.gz |
dotfiles post-checkout: check that we're likely to be able to sign
Diffstat (limited to 'lib')
-rwxr-xr-x | lib/hooks/git/dotfiles/post-checkout | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/lib/hooks/git/dotfiles/post-checkout b/lib/hooks/git/dotfiles/post-checkout index 24f733e7..109fe4cc 100755 --- a/lib/hooks/git/dotfiles/post-checkout +++ b/lib/hooks/git/dotfiles/post-checkout @@ -2,7 +2,17 @@ branch="$(git symbolic-ref --short HEAD)" -if [ "$branch" = "master" ]; then +# Check that signing is likely to succeed before setting +# commit.gpgsign, by looking for presence of a secret key with the +# signing capability. +# +# The reason this is needed is that this post-checkout hook will get +# called during a rebase onto master, and I want to do that on hosts +# which don't have access to my secret key. If commit.gpgsign gets +# set to true on those hosts, the rebase will be interrupted +if [ "$branch" = "master" ] \ + && gpg --list-secret-keys $(git config user.signingKey) \ + | grep -Eq '^(ssb|sec)[^#].*\[[A-Z]*S[A-Z]*\]$'; then git config commit.gpgsign true else git config commit.gpgsign false |