Add --sign option to `luarocks pack`

* Introduce a new module, `luarocks.signing` * Add `--sign` option to `luarocks pack`, which produces a detached GPG signature * Includes a basic test, along with some fixtures with a password-less GPG key
author: Hisham Muhammad <hisham@gobolinux.org> 2019-03-19 10:33:25 -0400
committer: Hisham Muhammad <hisham@gobolinux.org> 2019-04-01 17:32:53 -0400
commit: 655eacf345a108247ba6ea506721395571108912 (patch)
tree: 01c5658eb2d221a49ecd9d47c2d7e7b6094a69af
parent: 4e97804fc1b8b47667ec1d8b8f3c473d31c8bb29 (diff)
download: luarocks-655eacf345a108247ba6ea506721395571108912.tar.gz
luarocks-655eacf345a108247ba6ea506721395571108912.tar.bz2
luarocks-655eacf345a108247ba6ea506721395571108912.zip
11 files changed, 53 insertions, 2 deletions
diff --git a/.travis.yml b/.travis.yml
index 67eec990..70fe9ee6 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -22,8 +22,8 @@ integration_script: &integration_script
  - if [ "$TRAVIS_OS_NAME" = "linux" ]; then shellcheck ./configure; fi
  - ./configure --with-lua=lua_install
  - ./makedist dev
-  - busted -o gtest --exclude-tags=git,unit --verbose -Xhelper "lua_dir=$PWD/lua_install,travis"
+  - busted -o gtest --exclude-tags=gpg,git,unit --verbose -Xhelper "lua_dir=$PWD/lua_install,travis"
-  - busted -o gtest --exclude-tags=git,unit --verbose -Xhelper "lua_dir=$PWD/lua_install,travis,env=full"
+  - busted -o gtest --exclude-tags=gpg,git,unit --verbose -Xhelper "lua_dir=$PWD/lua_install,travis,env=full"
          
 jobs:
  include:
diff --git a/spec/fixtures/gpg/private-keys-v1.d/5D2D3F97B88B18604D819EA9DF5B730C75D71B60.key b/spec/fixtures/gpg/private-keys-v1.d/5D2D3F97B88B18604D819EA9DF5B730C75D71B60.key
new file mode 100644
index 00000000..26240f5a
--- /dev/null
+++ b/spec/fixtures/gpg/private-keys-v1.d/5D2D3F97B88B18604D819EA9DF5B730C75D71B60.key
Binary files differ
diff --git a/spec/fixtures/gpg/private-keys-v1.d/B71C36B4EDEB72A047FED1C01BCFF4D08837E3B1.key b/spec/fixtures/gpg/private-keys-v1.d/B71C36B4EDEB72A047FED1C01BCFF4D08837E3B1.key
new file mode 100644
index 00000000..e75a2eb4
--- /dev/null
+++ b/spec/fixtures/gpg/private-keys-v1.d/B71C36B4EDEB72A047FED1C01BCFF4D08837E3B1.key
Binary files differ
diff --git a/spec/fixtures/gpg/pubring.kbx b/spec/fixtures/gpg/pubring.kbx
new file mode 100644
index 00000000..fc63cbc6
--- /dev/null
+++ b/spec/fixtures/gpg/pubring.kbx
Binary files differ
diff --git a/spec/fixtures/gpg/trustdb.gpg b/spec/fixtures/gpg/trustdb.gpg
new file mode 100644
index 00000000..cabca669
--- /dev/null
+++ b/spec/fixtures/gpg/trustdb.gpg
Binary files differ
diff --git a/spec/pack_spec.lua b/spec/pack_spec.lua
index 08647cfb..8b3612db 100644
--- a/spec/pack_spec.lua
+++ b/spec/pack_spec.lua
@@ -50,6 +50,16 @@ describe("LuaRocks pack #integration", function()
      assert(test_env.remove_files(lfs.currentdir(), "say%-"))
   end)
+   pending("#gpg --sign", function()
+      assert(run.luarocks_bool("install say 1.2"))
+      assert(run.luarocks_bool("install luassert"))
+      assert(run.luarocks_bool("install say 1.0"))
+      assert(run.luarocks_bool("pack say --sign"))
+      assert.is_truthy(lfs.attributes("say-1.2-1.all.rock"))
+      assert.is_truthy(lfs.attributes("say-1.2-1.all.rock.asc"))
+      assert(test_env.remove_files(lfs.currentdir(), "say%-"))
+   end)
   describe("#mock", function()
      setup(function()
diff --git a/spec/util/test_env.lua b/spec/util/test_env.lua
index 6850214f..9337c396 100644
--- a/spec/util/test_env.lua
+++ b/spec/util/test_env.lua
@@ -436,6 +436,7 @@ local function create_env(testing_paths)
   end
   
   local env_variables = {}
+   env_variables.GNUPGHOME = testing_paths.gpg_dir
   env_variables.LUA_VERSION = luaversion_short
   env_variables.LUAROCKS_CONFIG = testing_paths.testrun_dir .. "/testing_config.lua"
   if test_env.TEST_TARGET_OS == "windows" then
@@ -593,6 +594,7 @@ local function create_paths(luaversion_full)
   end
   testing_paths.fixtures_dir = base_dir .. "/spec/fixtures"
+   testing_paths.gpg_dir = testing_paths.fixtures_dir .. "/gpg"
   testing_paths.fixtures_repo_dir = base_dir .. "/spec/fixtures/a_repo"
   testing_paths.util_dir = base_dir .. "/spec/util"
   testing_paths.testrun_dir = base_dir .. "/testrun"
diff --git a/src/luarocks/cmd/pack.lua b/src/luarocks/cmd/pack.lua
index 52b2fbca..02e554d9 100644
--- a/src/luarocks/cmd/pack.lua
+++ b/src/luarocks/cmd/pack.lua
@@ -5,11 +5,14 @@ local cmd_pack = {}
 local util = require("luarocks.util")
 local pack = require("luarocks.pack")
+local signing = require("luarocks.signing")
 local queries = require("luarocks.queries")
 cmd_pack.help_summary = "Create a rock, packing sources or binaries."
 cmd_pack.help_arguments = "{<rockspec>|<name> [<version>]}"
 cmd_pack.help = [[
+--sign     Produce a signature file as well.
 Argument may be a rockspec file, for creating a source rock,
 or the name of an installed package, for creating a binary rock.
 In the latter case, the app version may be given as a second
@@ -40,7 +43,18 @@ function cmd_pack.command(flags, arg, version)
   if err then
      return nil, err
   else
+      local sigfile
+      if flags["sign"] then
+         sigfile, err = signing.sign_file(file)
+         util.printout()
+      end
      util.printout("Packed: "..file)
+      if sigfile then
+         util.printout("Sigature stored in: "..sigfile)
+      end
+      if err then
+         return nil, err
+      end
      return true
   end
 end
diff --git a/src/luarocks/core/cfg.lua b/src/luarocks/core/cfg.lua
index 5b9dec2f..c6824153 100644
--- a/src/luarocks/core/cfg.lua
+++ b/src/luarocks/core/cfg.lua
@@ -230,6 +230,8 @@ local function make_defaults(lua_version, target_cpu, platforms, home)
         SVN = "svn",
         HG = "hg",
+         GPG = "gpg",
         RSYNC = "rsync",
         WGET = "wget",
         SCP = "scp",
diff --git a/src/luarocks/signing.lua b/src/luarocks/signing.lua
new file mode 100644
index 00000000..7503768e
--- /dev/null
+++ b/src/luarocks/signing.lua
@@ -0,0 +1,22 @@
+local signing = {}
+local cfg = require("luarocks.core.cfg")
+local fs = require("luarocks.fs")
+function signing.sign_file(file)
+   local vars = cfg.variables
+   local gpg_ok, err = fs.is_tool_available(vars.GPG, "gpg")
+   if not gpg_ok then
+      return nil, err
+   end
+   local gpg = vars.GPG
+   
+   local sigfile = file .. ".asc"
+   if fs.execute(gpg, "--armor", "--output", sigfile, "--detach-sign", file) then
+      return sigfile
+   else
+      return nil, "failed running " .. gpg .. " to sign " .. file
+   end
+end
+return signing
diff --git a/src/luarocks/util.lua b/src/luarocks/util.lua
index 25c521ea..bba39457 100644
--- a/src/luarocks/util.lua
+++ b/src/luarocks/util.lua
@@ -149,6 +149,7 @@ local supported_flags = {
   ["rockspec"] = true,
   ["rockspec-format"] = "<ver>",
   ["server"] = "<server>",
+   ["sign"] = true,
   ["skip-pack"] = true,
   ["source"] = true,
   ["summary"] = "\"<text>\"",
author	Hisham Muhammad <hisham@gobolinux.org>	2019-03-19 10:33:25 -0400
committer	Hisham Muhammad <hisham@gobolinux.org>	2019-04-01 17:32:53 -0400
commit	655eacf345a108247ba6ea506721395571108912 (patch)
tree	01c5658eb2d221a49ecd9d47c2d7e7b6094a69af
parent	4e97804fc1b8b47667ec1d8b8f3c473d31c8bb29 (diff)
download	luarocks-655eacf345a108247ba6ea506721395571108912.tar.gz luarocks-655eacf345a108247ba6ea506721395571108912.tar.bz2 luarocks-655eacf345a108247ba6ea506721395571108912.zip