summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2015-12-30 15:02:19 -0400
committerJoey Hess2015-12-30 15:02:19 -0400
commiteb3523f87d5898b92ae981cee5a0c799e964d8d0 (patch)
treecad7ba021009e78b20bca5aa25cd465da39a2208
parent69349798d86d8ce85e7768e9bae9b53b13529519 (diff)
parent1c46f5c6b1c9b8eb50237f2ad2d20b9c8e377db5 (diff)
Merge branch 'joeyconfig'
-rw-r--r--debian/changelog8
-rw-r--r--src/Propellor/Gpg.hs61
2 files changed, 45 insertions, 24 deletions
diff --git a/debian/changelog b/debian/changelog
index 0f5fb1e4..d3c84858 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+propellor (2.15.2) UNRELEASED; urgency=medium
+
+ * Added GNUPGBIN environment variable to control the command run for gpg.
+ Allows eg, GNUPGBIN=gpg2
+ Thanks, FĂ©lix Sipma.
+
+ -- Joey Hess <id@joeyh.name> Wed, 30 Dec 2015 15:01:19 -0400
+
propellor (2.15.1) unstable; urgency=medium
* Added git configs propellor.spin-branch and propellor.forbid-dirty-spin.
diff --git a/src/Propellor/Gpg.hs b/src/Propellor/Gpg.hs
index 5043782b..4c7ccc9c 100644
--- a/src/Propellor/Gpg.hs
+++ b/src/Propellor/Gpg.hs
@@ -19,6 +19,10 @@ import Utility.Monad
import Utility.Misc
import Utility.Tmp
import Utility.FileSystemEncoding
+import Utility.Env
+
+getGpgBin :: IO String
+getGpgBin = getEnvDefault "GNUPGBIN" "gpg"
type KeyId = String
@@ -27,7 +31,9 @@ keyring = privDataDir </> "keyring.gpg"
-- Lists the keys in propellor's keyring.
listPubKeys :: IO [KeyId]
-listPubKeys = parse . lines <$> readProcess "gpg" listopts
+listPubKeys = do
+ gpgbin <- getGpgBin
+ parse . lines <$> readProcess gpgbin listopts
where
listopts = useKeyringOpts ++ ["--with-colons", "--list-public-keys"]
parse = mapMaybe (keyIdField . split ":")
@@ -43,23 +49,25 @@ useKeyringOpts =
]
addKey :: KeyId -> IO ()
-addKey keyid = exitBool =<< allM (uncurry actionMessage)
- [ ("adding key to propellor's keyring", addkeyring)
- , ("staging propellor's keyring", gitAdd keyring)
- , ("updating encryption of any privdata", reencryptPrivData)
- , ("configuring git commit signing to use key", gitconfig)
- , ("committing changes", gitCommitKeyRing "add-key")
- ]
+addKey keyid = do
+ gpgbin <- getGpgBin
+ exitBool =<< allM (uncurry actionMessage)
+ [ ("adding key to propellor's keyring", addkeyring gpgbin)
+ , ("staging propellor's keyring", gitAdd keyring)
+ , ("updating encryption of any privdata", reencryptPrivData)
+ , ("configuring git commit signing to use key", gitconfig gpgbin)
+ , ("committing changes", gitCommitKeyRing "add-key")
+ ]
where
- addkeyring = do
+ addkeyring gpgbin' = do
createDirectoryIfMissing True privDataDir
boolSystem "sh"
[ Param "-c"
- , Param $ "gpg --export " ++ keyid ++ " | gpg " ++
+ , Param $ gpgbin' ++ " --export " ++ keyid ++ " | gpg " ++
unwords (useKeyringOpts ++ ["--import"])
]
- gitconfig = ifM (snd <$> processTranscript "gpg" ["--list-secret-keys", keyid] Nothing)
+ gitconfig gpgbin' = ifM (snd <$> processTranscript gpgbin' ["--list-secret-keys", keyid] Nothing)
( boolSystem "git"
[ Param "config"
, Param "user.signingkey"
@@ -71,15 +79,17 @@ addKey keyid = exitBool =<< allM (uncurry actionMessage)
)
rmKey :: KeyId -> IO ()
-rmKey keyid = exitBool =<< allM (uncurry actionMessage)
- [ ("removing key from propellor's keyring", rmkeyring)
- , ("staging propellor's keyring", gitAdd keyring)
- , ("updating encryption of any privdata", reencryptPrivData)
- , ("configuring git commit signing to not use key", gitconfig)
- , ("committing changes", gitCommitKeyRing "rm-key")
- ]
+rmKey keyid = do
+ gpgbin <- getGpgBin
+ exitBool =<< allM (uncurry actionMessage)
+ [ ("removing key from propellor's keyring", rmkeyring gpgbin)
+ , ("staging propellor's keyring", gitAdd keyring)
+ , ("updating encryption of any privdata", reencryptPrivData)
+ , ("configuring git commit signing to not use key", gitconfig)
+ , ("committing changes", gitCommitKeyRing "rm-key")
+ ]
where
- rmkeyring = boolSystem "gpg" $
+ rmkeyring gpgbin' = boolSystem gpgbin' $
(map Param useKeyringOpts) ++
[ Param "--batch"
, Param "--yes"
@@ -137,14 +147,17 @@ gitCommit msg ps = do
else boolSystem "git" ps''
gpgDecrypt :: FilePath -> IO String
-gpgDecrypt f = ifM (doesFileExist f)
- ( writeReadProcessEnv "gpg" ["--decrypt", f] Nothing Nothing (Just fileEncoding)
- , return ""
- )
+gpgDecrypt f = do
+ gpgbin <- getGpgBin
+ ifM (doesFileExist f)
+ ( writeReadProcessEnv gpgbin ["--decrypt", f] Nothing Nothing (Just fileEncoding)
+ , return ""
+ )
-- Encrypt file to all keys in propellor's keyring.
gpgEncrypt :: FilePath -> String -> IO ()
gpgEncrypt f s = do
+ gpgbin <- getGpgBin
keyids <- listPubKeys
let opts =
[ "--default-recipient-self"
@@ -152,7 +165,7 @@ gpgEncrypt f s = do
, "--encrypt"
, "--trust-model", "always"
] ++ concatMap (\k -> ["--recipient", k]) keyids
- encrypted <- writeReadProcessEnv "gpg" opts Nothing (Just writer) Nothing
+ encrypted <- writeReadProcessEnv gpgbin opts Nothing (Just writer) Nothing
viaTmp writeFile f encrypted
where
writer h = do