Bug#872864: Checkout upstream signatures as well when using pristine-tar

Sat, 28 Oct 2017 09:45:25 -0700 

Hi,

I got signature file integration working with the orig tarball with the
attached patch.

This implementation is somewhat simple and does not check if
pristine-tar has the signature feature (and thus require pristine-tar 1.41)

I think the check for the presence of a signature file in the
pristine-tar branch might be better, especially for component tarballs
which I'm not sure it will work.

Tell me if you want it as a github PR.

Thanks :)

-- 
Alexis Murzeau
PGP: B7E6 0EBB 9293 7B06 BDBC  2787 E7BD 1904 F480 937F

From b40ecb07f8734cbe29f28a2e26a44175dd7379d5 Mon Sep 17 00:00:00 2001
From: Alexis Murzeau <amub...@gmail.com>
Date: Sat, 28 Oct 2017 18:30:11 +0200
Subject: [PATCH] pristine-tar: handle orig tar signature (.asc)

This require pristine-tar version 1.41.

When commiting a orig tarball, check the existence of a .asc signature.
If present, add it to the pristine-tar commit.

When checkouting a orig tarball, check the presence of a asc signature
in the pristine-tar banch. If present, checkout it along with the tarball.
---
 gbp/pkg/pristinetar.py | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/gbp/pkg/pristinetar.py b/gbp/pkg/pristinetar.py
index 1da72bf..25ced9c 100644
--- a/gbp/pkg/pristinetar.py
+++ b/gbp/pkg/pristinetar.py
@@ -86,7 +86,13 @@ class PristineTar(Command):
         @type archive: C{str}
         """
         self.run_error = 'Pristine-tar couldn\'t checkout "%s": {stderr_or_reason}' % os.path.basename(archive)
-        self.__call__(['checkout', archive], quiet=quiet)
+        signature_file = "%s.asc" % (archive)
+        if self.repo.list_tree(self.branch, paths=[os.path.basename(signature_file)]):
+            call_options = ['--signature-file', signature_file, 'checkout', archive]
+        else:
+            call_options = ['checkout', archive]
+
+        self.__call__(call_options, quiet=quiet)
 
     def commit(self, archive, upstream, quiet=False):
         """
@@ -100,7 +106,13 @@ class PristineTar(Command):
         """
         self.run_error = ("Couldn't commit to '%s' with upstream '%s': {stderr_or_reason}" %
                           (self.branch, upstream))
-        self.__call__(['commit', archive, upstream], quiet=quiet)
+        signature_file = "%s.asc" % (archive)
+        if os.path.isfile(signature_file):
+            call_options = ['--signature-file', signature_file, 'commit', archive, upstream]
+        else:
+            call_options = ['commit', archive, upstream]
+
+        self.__call__(call_options, quiet=quiet)
 
     def verify(self, archive, quiet=False):
         """Verify an archive's I{archive} checksum using to the pristine tar branch"""
-- 
2.15.0.rc2

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to