Hi, I got signature file integration working with the orig tarball with the attached patch.
This implementation is somewhat simple and does not check if pristine-tar has the signature feature (and thus require pristine-tar 1.41) I think the check for the presence of a signature file in the pristine-tar branch might be better, especially for component tarballs which I'm not sure it will work. Tell me if you want it as a github PR. Thanks :) -- Alexis Murzeau PGP: B7E6 0EBB 9293 7B06 BDBC 2787 E7BD 1904 F480 937F
From b40ecb07f8734cbe29f28a2e26a44175dd7379d5 Mon Sep 17 00:00:00 2001 From: Alexis Murzeau <amub...@gmail.com> Date: Sat, 28 Oct 2017 18:30:11 +0200 Subject: [PATCH] pristine-tar: handle orig tar signature (.asc) This require pristine-tar version 1.41. When commiting a orig tarball, check the existence of a .asc signature. If present, add it to the pristine-tar commit. When checkouting a orig tarball, check the presence of a asc signature in the pristine-tar banch. If present, checkout it along with the tarball. --- gbp/pkg/pristinetar.py | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/gbp/pkg/pristinetar.py b/gbp/pkg/pristinetar.py index 1da72bf..25ced9c 100644 --- a/gbp/pkg/pristinetar.py +++ b/gbp/pkg/pristinetar.py @@ -86,7 +86,13 @@ class PristineTar(Command): @type archive: C{str} """ self.run_error = 'Pristine-tar couldn\'t checkout "%s": {stderr_or_reason}' % os.path.basename(archive) - self.__call__(['checkout', archive], quiet=quiet) + signature_file = "%s.asc" % (archive) + if self.repo.list_tree(self.branch, paths=[os.path.basename(signature_file)]): + call_options = ['--signature-file', signature_file, 'checkout', archive] + else: + call_options = ['checkout', archive] + + self.__call__(call_options, quiet=quiet) def commit(self, archive, upstream, quiet=False): """ @@ -100,7 +106,13 @@ class PristineTar(Command): """ self.run_error = ("Couldn't commit to '%s' with upstream '%s': {stderr_or_reason}" % (self.branch, upstream)) - self.__call__(['commit', archive, upstream], quiet=quiet) + signature_file = "%s.asc" % (archive) + if os.path.isfile(signature_file): + call_options = ['--signature-file', signature_file, 'commit', archive, upstream] + else: + call_options = ['commit', archive, upstream] + + self.__call__(call_options, quiet=quiet) def verify(self, archive, quiet=False): """Verify an archive's I{archive} checksum using to the pristine tar branch""" -- 2.15.0.rc2
signature.asc
Description: OpenPGP digital signature