add signing key

2022-09-12 14:38:15 +02:00
parent b5aaaa0195
commit 56bfba5c17
8 changed files with 137 additions and 17 deletions
--- a/internal/commands/process_repos.go
+++ b/internal/commands/process_repos.go
@@ -109,7 +109,7 @@ func (pr *ProcessRepos) Process(ctx context.Context, repositoryUrls []string) er
 						return fmt.Errorf("could not add file: %w", err)
 					}

-					_, err = pr.git.Commit(ctx, repo)
+					err = pr.git.Commit(ctx, repo)
 					if err != nil {
 						return fmt.Errorf("could not get diff: %w", err)
 					}
--- a/internal/server/server.go
+++ b/internal/server/server.go
@@ -5,6 +5,7 @@ import (

 	"git.front.kjuulh.io/kjuulh/curre"
 	"git.front.kjuulh.io/kjuulh/kraken/internal/serverdeps"
+	"git.front.kjuulh.io/kjuulh/kraken/internal/services/signer"
 	"go.uber.org/zap"
 )

@@ -16,5 +17,6 @@ func Start(logger *zap.Logger) error {
 	return curre.NewManager().
 		Register(NewGinHttpServer(logger.With(zap.Namespace("ginHttpServer")), deps)).
 		Register(NewStorageServer(logger.With(zap.Namespace("storageServer")), deps)).
+		Register(signer.NewOpenPGPApp(deps.GetOpenPGP())).
 		Run(ctx)
 }
--- a/internal/serverdeps/server_deps.go
+++ b/internal/serverdeps/server_deps.go
@@ -3,14 +3,18 @@ package serverdeps
 import (
 	"git.front.kjuulh.io/kjuulh/kraken/internal/services/actions"
 	"git.front.kjuulh.io/kjuulh/kraken/internal/services/providers"
+	"git.front.kjuulh.io/kjuulh/kraken/internal/services/signer"
 	"git.front.kjuulh.io/kjuulh/kraken/internal/services/storage"
 	"go.uber.org/zap"
 )

 type ServerDeps struct {
-	logger        *zap.Logger
+	logger *zap.Logger
+
 	storageConfig *storage.StorageConfig
 	gitCfg        *providers.GitConfig
+
+	openPGP *signer.OpenPGP
 }

 func NewServerDeps(logger *zap.Logger) *ServerDeps {
@@ -33,6 +37,12 @@ func NewServerDeps(logger *zap.Logger) *ServerDeps {
 		SshPrivateKeyPassword: "",
 	}

+	openPGPConfig := &signer.OpenPgpConfig{
+		PrivateKeyFilePath: "./examples/private.pgp",
+		PrivateKeyPassword: "somepassword",
+	}
+	deps.openPGP = signer.NewOpenPGP(logger.With(zap.Namespace("openpgp")), openPGPConfig)
+
 	return deps
 }

@@ -47,3 +57,7 @@ func (deps *ServerDeps) GetGitProvider() *providers.Git {
 func (deps *ServerDeps) GetAction() *actions.Action {
 	return actions.NewAction(deps.logger.With(zap.Namespace("action")))
 }
+
+func (deps *ServerDeps) GetOpenPGP() *signer.OpenPGP {
+	return deps.openPGP
+}
--- a/internal/services/providers/git.go
+++ b/internal/services/providers/git.go
@@ -5,6 +5,7 @@ import (
 	"time"

 	"git.front.kjuulh.io/kjuulh/kraken/internal/services/storage"
+	"github.com/ProtonMail/go-crypto/openpgp"
 	"github.com/go-git/go-git/v5"
 	"github.com/go-git/go-git/v5/plumbing/object"
 	"github.com/go-git/go-git/v5/plumbing/transport"
@@ -118,17 +119,10 @@ func (g *Git) Commit(ctx context.Context, gitRepo *GitRepo) error {
 	}

 	_, err = worktree.Commit("some-commit", &git.CommitOptions{
-		All: true,
-		Author: &object.Signature{
-			Name:  "kraken",
-			Email: "kraken@kasperhermansen.com",
-			When:  time.Now(),
-		},
-		Committer: &object.Signature{
-			Name:  "kraken",
-			Email: "kraken@kasperhermansen.com",
-			When:  time.Now(),
-		},
+		All:       true,
+		Author:    &object.Signature{Name: "kraken", Email: "kraken@kasperhermansen.com", When: time.Now()},
+		Committer: &object.Signature{Name: "kraken", Email: "kraken@kasperhermansen.com", When: time.Now()},
+		SignKey:   &openpgp.Entity{},
 	})
 	if err != nil {
 		return err
--- a/internal/services/signer/openpgp.go
+++ b/internal/services/signer/openpgp.go
@@ -0,0 +1,63 @@
+package signer
+
+import (
+	"context"
+	"os"
+
+	"git.front.kjuulh.io/kjuulh/curre"
+	"github.com/ProtonMail/gopenpgp/v2/crypto"
+	"go.uber.org/zap"
+)
+
+type OpenPGP struct {
+	logger         *zap.Logger
+	PrivateKeyRing *crypto.KeyRing
+	config         *OpenPgpConfig
+}
+
+type OpenPgpConfig struct {
+	PrivateKeyFilePath string
+	PrivateKeyPassword string
+}
+
+func NewOpenPGP(logger *zap.Logger, config *OpenPgpConfig) *OpenPGP {
+	return &OpenPGP{
+		logger: logger,
+		config: config,
+	}
+}
+
+func NewOpenPGPApp(openPGP *OpenPGP) curre.Component {
+	return curre.NewFunctionalComponent(&curre.FunctionalComponent{
+		InitFunc: func(fc *curre.FunctionalComponent, ctx context.Context) error {
+
+			content, err := os.ReadFile(openPGP.config.PrivateKeyFilePath)
+			if err != nil {
+				return err
+			}
+			privateKeyObj, err := crypto.NewKeyFromArmored(string(content))
+			if err != nil {
+				return err
+			}
+			unlockedPrivateKeyRing, err := privateKeyObj.Unlock([]byte(openPGP.config.PrivateKeyPassword))
+			if err != nil {
+				return err
+			}
+			privateKeyRing, err := crypto.NewKeyRing(unlockedPrivateKeyRing)
+			if err != nil {
+				return err
+			}
+
+			openPGP.PrivateKeyRing = privateKeyRing
+
+			return nil
+		},
+		StartFunc: func(fc *curre.FunctionalComponent, ctx context.Context) error {
+			return nil
+		},
+		StopFunc: func(fc *curre.FunctionalComponent, ctx context.Context) error {
+			return nil
+		},
+	})
+
+}