Add --sign option to `luarocks pack`

* Introduce a new module, `luarocks.signing` * Add `--sign` option to `luarocks pack`, which produces a detached GPG signature * Includes a basic test, along with some fixtures with a password-less GPG key
author: Hisham Muhammad <hisham@gobolinux.org> 2019-03-19 10:33:25 -0400
committer: Hisham Muhammad <hisham@gobolinux.org> 2019-04-01 17:32:53 -0400
commit: 655eacf345a108247ba6ea506721395571108912 (patch)
tree: 01c5658eb2d221a49ecd9d47c2d7e7b6094a69af /src
parent: 4e97804fc1b8b47667ec1d8b8f3c473d31c8bb29 (diff)
download: luarocks-655eacf345a108247ba6ea506721395571108912.tar.gz
luarocks-655eacf345a108247ba6ea506721395571108912.tar.bz2
luarocks-655eacf345a108247ba6ea506721395571108912.zip
4 files changed, 39 insertions, 0 deletions
diff --git a/src/luarocks/cmd/pack.lua b/src/luarocks/cmd/pack.lua
index 52b2fbca..02e554d9 100644
--- a/src/luarocks/cmd/pack.lua
+++ b/src/luarocks/cmd/pack.lua
@@ -5,11 +5,14 @@ local cmd_pack = {}
 local util = require("luarocks.util")
 local pack = require("luarocks.pack")
+local signing = require("luarocks.signing")
 local queries = require("luarocks.queries")
 cmd_pack.help_summary = "Create a rock, packing sources or binaries."
 cmd_pack.help_arguments = "{<rockspec>|<name> [<version>]}"
 cmd_pack.help = [[
+--sign     Produce a signature file as well.
 Argument may be a rockspec file, for creating a source rock,
 or the name of an installed package, for creating a binary rock.
 In the latter case, the app version may be given as a second
@@ -40,7 +43,18 @@ function cmd_pack.command(flags, arg, version)
   if err then
      return nil, err
   else
+      local sigfile
+      if flags["sign"] then
+         sigfile, err = signing.sign_file(file)
+         util.printout()
+      end
      util.printout("Packed: "..file)
+      if sigfile then
+         util.printout("Sigature stored in: "..sigfile)
+      end
+      if err then
+         return nil, err
+      end
      return true
   end
 end
diff --git a/src/luarocks/core/cfg.lua b/src/luarocks/core/cfg.lua
index 5b9dec2f..c6824153 100644
--- a/src/luarocks/core/cfg.lua
+++ b/src/luarocks/core/cfg.lua
@@ -230,6 +230,8 @@ local function make_defaults(lua_version, target_cpu, platforms, home)
         SVN = "svn",
         HG = "hg",
+         GPG = "gpg",
         RSYNC = "rsync",
         WGET = "wget",
         SCP = "scp",
diff --git a/src/luarocks/signing.lua b/src/luarocks/signing.lua
new file mode 100644
index 00000000..7503768e
--- /dev/null
+++ b/src/luarocks/signing.lua
@@ -0,0 +1,22 @@
+local signing = {}
+local cfg = require("luarocks.core.cfg")
+local fs = require("luarocks.fs")
+function signing.sign_file(file)
+   local vars = cfg.variables
+   local gpg_ok, err = fs.is_tool_available(vars.GPG, "gpg")
+   if not gpg_ok then
+      return nil, err
+   end
+   local gpg = vars.GPG
+   
+   local sigfile = file .. ".asc"
+   if fs.execute(gpg, "--armor", "--output", sigfile, "--detach-sign", file) then
+      return sigfile
+   else
+      return nil, "failed running " .. gpg .. " to sign " .. file
+   end
+end
+return signing
diff --git a/src/luarocks/util.lua b/src/luarocks/util.lua
index 25c521ea..bba39457 100644
--- a/src/luarocks/util.lua
+++ b/src/luarocks/util.lua
@@ -149,6 +149,7 @@ local supported_flags = {
   ["rockspec"] = true,
   ["rockspec-format"] = "<ver>",
   ["server"] = "<server>",
+   ["sign"] = true,
   ["skip-pack"] = true,
   ["source"] = true,
   ["summary"] = "\"<text>\"",
author	Hisham Muhammad <hisham@gobolinux.org>	2019-03-19 10:33:25 -0400
committer	Hisham Muhammad <hisham@gobolinux.org>	2019-04-01 17:32:53 -0400
commit	655eacf345a108247ba6ea506721395571108912 (patch)
tree	01c5658eb2d221a49ecd9d47c2d7e7b6094a69af /src
parent	4e97804fc1b8b47667ec1d8b8f3c473d31c8bb29 (diff)
download	luarocks-655eacf345a108247ba6ea506721395571108912.tar.gz luarocks-655eacf345a108247ba6ea506721395571108912.tar.bz2 luarocks-655eacf345a108247ba6ea506721395571108912.zip

diff --git a/src/luarocks/cmd/pack.lua b/src/luarocks/cmd/pack.lua index 52b2fbca..02e554d9 100644 --- a/src/luarocks/cmd/pack.lua +++ b/src/luarocks/cmd/pack.lua
@@ -5,11 +5,14 @@ local cmd_pack = {}
5		5
6	local util = require("luarocks.util")	6	local util = require("luarocks.util")
7	local pack = require("luarocks.pack")	7	local pack = require("luarocks.pack")
		8	local signing = require("luarocks.signing")
8	local queries = require("luarocks.queries")	9	local queries = require("luarocks.queries")
9		10
10	cmd_pack.help_summary = "Create a rock, packing sources or binaries."	11	cmd_pack.help_summary = "Create a rock, packing sources or binaries."
11	cmd_pack.help_arguments = "{<rockspec>\|<name> [<version>]}"	12	cmd_pack.help_arguments = "{<rockspec>\|<name> [<version>]}"
12	cmd_pack.help = [[	13	cmd_pack.help = [[
		14	--sign Produce a signature file as well.
		15
13	Argument may be a rockspec file, for creating a source rock,	16	Argument may be a rockspec file, for creating a source rock,
14	or the name of an installed package, for creating a binary rock.	17	or the name of an installed package, for creating a binary rock.
15	In the latter case, the app version may be given as a second	18	In the latter case, the app version may be given as a second
@@ -40,7 +43,18 @@ function cmd_pack.command(flags, arg, version)
40	if err then	43	if err then
41	return nil, err	44	return nil, err
42	else	45	else
		46	local sigfile
		47	if flags["sign"] then
		48	sigfile, err = signing.sign_file(file)
		49	util.printout()
		50	end
43	util.printout("Packed: "..file)	51	util.printout("Packed: "..file)
		52	if sigfile then
		53	util.printout("Sigature stored in: "..sigfile)
		54	end
		55	if err then
		56	return nil, err
		57	end
44	return true	58	return true
45	end	59	end
46	end	60	end


diff --git a/src/luarocks/core/cfg.lua b/src/luarocks/core/cfg.lua index 5b9dec2f..c6824153 100644 --- a/src/luarocks/core/cfg.lua +++ b/src/luarocks/core/cfg.lua
@@ -230,6 +230,8 @@ local function make_defaults(lua_version, target_cpu, platforms, home)
230	SVN = "svn",	230	SVN = "svn",
231	HG = "hg",	231	HG = "hg",
232		232
		233	GPG = "gpg",
		234
233	RSYNC = "rsync",	235	RSYNC = "rsync",
234	WGET = "wget",	236	WGET = "wget",
235	SCP = "scp",	237	SCP = "scp",


diff --git a/src/luarocks/signing.lua b/src/luarocks/signing.lua new file mode 100644 index 00000000..7503768e --- /dev/null +++ b/src/luarocks/signing.lua
@@ -0,0 +1,22 @@
		1	local signing = {}
		2
		3	local cfg = require("luarocks.core.cfg")
		4	local fs = require("luarocks.fs")
		5
		6	function signing.sign_file(file)
		7	local vars = cfg.variables
		8	local gpg_ok, err = fs.is_tool_available(vars.GPG, "gpg")
		9	if not gpg_ok then
		10	return nil, err
		11	end
		12	local gpg = vars.GPG
		13
		14	local sigfile = file .. ".asc"
		15	if fs.execute(gpg, "--armor", "--output", sigfile, "--detach-sign", file) then
		16	return sigfile
		17	else
		18	return nil, "failed running " .. gpg .. " to sign " .. file
		19	end
		20	end
		21
		22	return signing


diff --git a/src/luarocks/util.lua b/src/luarocks/util.lua index 25c521ea..bba39457 100644 --- a/src/luarocks/util.lua +++ b/src/luarocks/util.lua
@@ -149,6 +149,7 @@ local supported_flags = {
149	["rockspec"] = true,	149	["rockspec"] = true,
150	["rockspec-format"] = "<ver>",	150	["rockspec-format"] = "<ver>",
151	["server"] = "<server>",	151	["server"] = "<server>",
		152	["sign"] = true,
152	["skip-pack"] = true,	153	["skip-pack"] = true,
153	["source"] = true,	154	["source"] = true,
154	["summary"] = "\"<text>\"",	155	["summary"] = "\"<text>\"",