feat: add a gix commit sign prototype

Author: cruessler

gitoxide-core/src/repository/commit.rs

@@ -1,6 +1,14 @@
-use std::{io::Write, process::Stdio};
+use std::{
+    borrow::Cow,
+    io::{Read, Write},
+    process::Stdio,
+};
 
 use anyhow::{anyhow, bail, Context, Result};
+use gix::{
+    bstr::{BStr, BString},
+    objs::commit::SIGNATURE_FIELD_NAME,
+};
 
 /// Note that this is a quick implementation of commit signature verification that ignores a lot of what
 /// git does and can do, while focussing on the gist of it.
@@ -39,6 +47,61 @@ pub fn verify(repo: gix::Repository, rev_spec: Option<&str>) -> Result<()> {
     Ok(())
 }
 
+/// Note that this is a quick first prototype that lacks some of the features provided by `git
+/// verify-commit`.
+pub fn sign(repo: gix::Repository, rev_spec: Option<&str>, mut out: impl std::io::Write) -> Result<()> {
+    let rev_spec = rev_spec.unwrap_or("HEAD");
+    let object = repo
+        .rev_parse_single(format!("{rev_spec}^{{commit}}").as_str())?
+        .object()?;
+    let mut commit_ref = object.to_commit_ref();
+
+    let mut cmd: std::process::Command = gix::command::prepare("gpg").into();
+    cmd.args([
+        "--keyid-format=long",
+        "--status-fd=2",
+        "--detach-sign",
+        "--sign",
+        "--armor",
+    ])
+    .stdin(Stdio::piped())
+    .stdout(Stdio::piped());
+    gix::trace::debug!("About to execute {cmd:?}");
+    let mut child = cmd.spawn()?;
+    child.stdin.take().expect("to be present").write_all(&object.data)?;
+
+    if !child.wait()?.success() {
+        bail!("Command {cmd:?} failed");
+    }
+
+    let mut signed_data = Vec::new();
+    child
+        .stdout
+        .take()
+        .expect("to be present")
+        .read_to_end(&mut signed_data)?;
+
+    let extra_header: Cow<'_, BStr> = Cow::Owned(BString::new(signed_data));
+
+    assert!(
+        !commit_ref
+            .extra_headers
+            .iter()
+            .any(|(header_name, _)| *header_name == BStr::new(SIGNATURE_FIELD_NAME)),
+        "Commit is already signed, doing nothing"
+    );
+
+    commit_ref
+        .extra_headers
+        .push((BStr::new(SIGNATURE_FIELD_NAME), extra_header));
+
+    let signed_id = repo.write_object(&commit_ref)?;
+
+    writeln!(&mut out, "{signed_id}")?;
+
+    Ok(())
+}
+
 pub fn describe(
     mut repo: gix::Repository,
     rev_spec: Option<&str>,

src/plumbing/main.rs

@@ -1287,6 +1287,17 @@ pub fn main() -> Result<()> {
                     core::repository::commit::verify(repository(Mode::Lenient)?, rev_spec.as_deref())
                 },
             ),
+            commit::Subcommands::Sign { rev_spec } => prepare_and_run(
+                "commit-sign",
+                trace,
+                auto_verbose,
+                progress,
+                progress_keep_open,
+                None,
+                move |_progress, out, _err| {
+                    core::repository::commit::sign(repository(Mode::Lenient)?, rev_spec.as_deref(), out)
+                },
+            ),
             commit::Subcommands::Describe {
                 annotated_tags,
                 all_refs,

src/plumbing/options/mod.rs

@@ -912,6 +912,12 @@ pub mod commit {
             /// A specification of the revision to verify, or the current `HEAD` if unset.
             rev_spec: Option<String>,
         },
+        /// Sign a commit and print the signed commit's id to stdout. This command does not change
+        /// symbolic refs.
+        Sign {
+            /// A specification of the revision to sign, or the current `HEAD` if unset.
+            rev_spec: Option<String>,
+        },
         /// Describe the current commit or the given one using the name of the closest annotated tag in its ancestry.
         Describe {
             /// Use annotated tag references only, not all tags.