From 18842a049784cdbba66010fb30f06525e9016600 Mon Sep 17 00:00:00 2001
From: Hisham Muhammad <hisham@gobolinux.org>
Date: Tue, 19 Mar 2019 19:13:05 -0400
Subject: upload: add --sign option
---
spec/upload_spec.lua | 6 +++++-
src/luarocks/cmd/upload.lua | 31 +++++++++++++++++++++++++++++--
2 files changed, 34 insertions(+), 3 deletions(-)
diff --git a/spec/upload_spec.lua b/spec/upload_spec.lua
index 76a27ee3..947147d7 100644
--- a/spec/upload_spec.lua
+++ b/spec/upload_spec.lua
@@ -40,7 +40,11 @@ describe("LuaRocks upload tests #integration", function()
assert.is_true(run.luarocks_bool("upload " .. testing_paths.fixtures_dir .. "/a_rock-1.0-1.rockspec " .. test_env.openssl_dirs .. " --api-key=123", {LUAROCKS_CONFIG = testing_paths.testrun_dir .. "/luarocks_site.lua"}))
end)
- it("LuaRocks upload rockspec with api-key and skip-pack", function()
+ it("#gpg rockspec with --sign", function()
+ print(run.luarocks("upload " .. testing_paths.fixtures_dir .. "/a_rock-1.0-1.rockspec " .. test_env.openssl_dirs .. " --api-key=123 --sign", {LUAROCKS_CONFIG = testing_paths.testrun_dir .. "/luarocks_site.lua"}))
+ end)
+
+ it("rockspec with api-key and skip-pack", function()
assert.is_true(run.luarocks_bool("upload --skip-pack " .. testing_paths.fixtures_dir .. "/a_rock-1.0-1.rockspec " .. test_env.openssl_dirs .. " --api-key=123", {LUAROCKS_CONFIG = testing_paths.testrun_dir .. "/luarocks_site.lua"}))
end)
end)
diff --git a/src/luarocks/cmd/upload.lua b/src/luarocks/cmd/upload.lua
index ffcb1a0a..b052500e 100644
--- a/src/luarocks/cmd/upload.lua
+++ b/src/luarocks/cmd/upload.lua
@@ -1,6 +1,7 @@
local upload = {}
+local signing = require("luarocks.signing")
local util = require("luarocks.util")
local fetch = require("luarocks.fetch")
local pack = require("luarocks.pack")
@@ -12,14 +13,20 @@ upload.help_arguments = "[--skip-pack] [--api-key=<key>] [--force] <rockspec>"
upload.help = [[
<rockspec> Pack a source rock file (.src.rock extension),
upload rockspec and source rock to server.
+
--skip-pack Do not pack and send source rock.
+
--api-key=<key> Give it an API key. It will be stored for subsequent uses.
+
--temp-key=<key> Use the given a temporary API key in this invocation only.
It will not be stored.
+
--force Replace existing rockspec if the same revision of
a module already exists. This should be used only
in case of upload mistakes: when updating a rockspec,
increment the revision number instead.
+
+--sign Upload a signature file alongside each file as well.
]]
local function is_dev_version(version)
@@ -58,6 +65,17 @@ function upload.command(flags, fname)
return nil, "Revision "..rockspec.version.." already exists on the server. "..util.see_help("upload")
end
+ local sigfname
+ local rock_sigfname
+
+ if flags["sign"] then
+ sigfname, err = signing.sign_file(fname)
+ if err then
+ return nil, "Failed signing rockspec: " .. err
+ end
+ util.printout("Signed rockspec: "..sigfname)
+ end
+
local rock_fname
if not flags["skip-pack"] and not is_dev_version(rockspec.version) then
util.printout("Packing " .. tostring(rockspec.package))
@@ -65,12 +83,20 @@ function upload.command(flags, fname)
if not rock_fname then
return nil, err
end
+ if flags["sign"] then
+ rock_sigfname, err = signing.sign_file(rock_fname)
+ if err then
+ return nil, "Failed signing rock: " .. err
+ end
+ util.printout("Signed packed rock: "..rock_sigfname)
+ end
end
local multipart = require("luarocks.upload.multipart")
res, err = api:method("upload", nil, {
- rockspec_file = multipart.new_file(fname)
+ rockspec_file = multipart.new_file(fname),
+ rockspec_sig = sigfname and multipart.new_file(sigfname),
})
if not res then return nil, err end
@@ -86,7 +112,8 @@ function upload.command(flags, fname)
end
util.printout(("Sending " .. tostring(rock_fname) .. " ..."))
res, err = api:method("upload_rock/" .. ("%d"):format(res.version.id), nil, {
- rock_file = multipart.new_file(rock_fname)
+ rock_file = multipart.new_file(rock_fname),
+ rock_sig = rock_sigfname and multipart.new_file(rock_sigfname),
})
if not res then return nil, err end
end
--
cgit v1.2.3-55-g6feb