blob: 594ba803ea605f6b036e762f05e439b02ee55be1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
#!/bin/sh
# Before using this script, will want to unset all upstreams:
# for head in $(git for-each-ref --format='%(refname)' refs/heads/); do
# branch=$(echo "$head" | cut -d/ -f3)
# git branch --unset-upstream "$branch" 2>/dev/null || true
# done
# Could generalise to a script that reads a git config value for the
# fingerprint to look for, updates branches specified by user and is
# able to handle updating by both merge and rebase
# Could do that propellor does in verifyOriginBranch instead of this
# -- it might be more robust
set -e
. $HOME/.shenv
# To update a shallow clone we would do 'git fetch --depth 1' and then 'git
# reset --hard origin/master'. But that would leave us vulnerable to an
# attacker causing us to check out an older signed commit than the one we have
# now. So require an explicit 'git unshallow' from the user, or get
# Consfigurator to update repo from a snapshot from laptop, or something.
if [ "$(git rev-parse --is-shallow-repository)" = "true" ]; then
echo >&2 "shallow dotfiles clone; refusing to reset to origin/master"
exit 1
fi
git fetch origin
if git verify-commit-by-fp \
8DC2487E51ABDD90B5C4753F0F56D0553B6D411B origin/master; then
# we only fast-forward master, to avoid the possibility of an
# attacker causing us to check out an older signed commit than the
# one we have now
if ! git merge-ff master origin/master; then
echo >&2 "uh oh, dotfiles remote head is not fast-forward of master"
echo >&2 "refusing to rebase; manually apply local commits to origin/master"
exit 1
fi
else
echo >&2 "uh oh, dotfiles remote head is not PGP-signed by Sean"
exit 1
fi
|
