diff options
Diffstat (limited to 'hooks/git/dotfiles/post-checkout_01gpgsign')
-rwxr-xr-x | hooks/git/dotfiles/post-checkout_01gpgsign | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/hooks/git/dotfiles/post-checkout_01gpgsign b/hooks/git/dotfiles/post-checkout_01gpgsign new file mode 100755 index 00000000..21b007cc --- /dev/null +++ b/hooks/git/dotfiles/post-checkout_01gpgsign @@ -0,0 +1,23 @@ +#!/bin/sh + +branch="$(git symbolic-ref --quiet --short HEAD)" +if ! [ $? = 0 ]; then # detached HEAD + git config commit.gpgsign false + exit 0 +fi + +# Check that signing is likely to succeed before setting +# commit.gpgsign, by looking for presence of a secret key with the +# signing capability. +# +# The reason this is needed is that this post-checkout hook will get +# called during a rebase onto master, and I want to do that on hosts +# which don't have access to my secret key. If commit.gpgsign gets +# set to true on those hosts, the rebase will be interrupted +if [ "$branch" = "master" ] \ + && gpg --list-secret-keys $(git config user.signingKey) 2>/dev/null \ + | grep -Eq '^(ssb|sec)[^#].*\[[A-Z]*S[A-Z]*\]$'; then + git config commit.gpgsign true +else + git config commit.gpgsign false +fi |