summaryrefslogtreecommitdiff
path: root/src/Propellor/Git.hs
diff options
context:
space:
mode:
authorJoey Hess2014-11-19 21:00:14 -0400
committerJoey Hess2014-11-19 21:00:14 -0400
commit025c7c4b8e0b7aa3ba3ff8c077c5fbef3c8fa63d (patch)
tree5968378ee4eb44c45614b58afe1f34304938d14f /src/Propellor/Git.hs
parent2ceace6bd56c51edc0a534d3b692c78664b58b58 (diff)
avoid double-build in --spin
It was fetching from the central repo, then building that, and then running the client-to-client git update, and the building after that. Remove the first build, as all that linking does take time.
Diffstat (limited to 'src/Propellor/Git.hs')
-rw-r--r--src/Propellor/Git.hs22
1 files changed, 22 insertions, 0 deletions
diff --git a/src/Propellor/Git.hs b/src/Propellor/Git.hs
index 51ed3df2..88d5c3ab 100644
--- a/src/Propellor/Git.hs
+++ b/src/Propellor/Git.hs
@@ -62,3 +62,25 @@ verifyOriginBranch originbranch = do
nukeFile $ privDataDir </> "pubring.gpg"
nukeFile $ privDataDir </> "gpg.conf"
return (s == "U\n" || s == "G\n")
+
+-- Returns True if HEAD is changed by fetching and merging from origin.
+fetchOrigin :: IO Bool
+fetchOrigin = do
+ branchref <- getCurrentBranch
+ let originbranch = "origin" </> branchref
+
+ void $ actionMessage "Git fetch" $ boolSystem "git" [Param "fetch"]
+
+ oldsha <- getCurrentGitSha1 branchref
+
+ whenM (doesFileExist keyring) $
+ ifM (verifyOriginBranch originbranch)
+ ( do
+ putStrLn $ "git branch " ++ originbranch ++ " gpg signature verified; merging"
+ hFlush stdout
+ void $ boolSystem "git" [Param "merge", Param originbranch]
+ , warningMessage $ "git branch " ++ originbranch ++ " is not signed with a trusted gpg key; refusing to deploy it! (Running with previous configuration instead.)"
+ )
+
+ newsha <- getCurrentGitSha1 branchref
+ return $ oldsha /= newsha