[PATCH] Allow the tag signing key to be specified in the config file

[PATCH] Allow the tag signing key to be specified in the config file

[Andy Parkins]

I did this:

  $ git tag -s test-sign
  gpg: skipped "Andy Parkins <andyparkins@gmail.com>": secret key not available
  gpg: signing failed: secret key not available
  failed to sign the tag with GPG.

The problem is that I have used the comment field in my key's UID
definition.

  $ gpg --list-keys andy
  pub   1024D/4F712F6D 2003-08-14
  uid                  Andy Parkins (Google) <andyparkins@gmail.com>

So when git-tag looks for "Andy Parkins <andyparkins@gmail.com>";
obviously it's not going to be found.

There shouldn't be a requirement that I use the same form of my name in
my git repository and my gpg key - I might want to be formal (Andrew) in
my gpg key and informal (Andy) in the repository.  Further I might have
multiple keys in my keyring, and might want to use one that doesn't
match up with the address I use in commit messages.

This patch adds a configuration entry "user.signingkey" which, if
present, will be passed to the "-u" switch for gpg, allowing the tag
signing key to be overridden.  If the entry is not present, the fallback
is the original method, which means existing behaviour will continue
untouched.

Signed-off-by: Andy Parkins <andyparkins@gmail.com>
---
I've mentioned this problem before, but previously my patch was to make
it work in my specific case.  This patch covers every possibility by adding
a configuration variable so users can use whatever key they want for signing.

Personally I think this is better than the git-tag -u switch, because keys
change so rarely that it's being purposely inconvenient to make someone with
special needs use "-u" every time - and they'd probably have to look up their
chosen keyid each time.


 Documentation/config.txt  |    7 +++++++
 Documentation/git-tag.txt |   10 ++++++++++
 git-tag.sh                |    8 ++++++--
 3 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/Documentation/config.txt b/Documentation/config.txt
index 3f2fa09..6ea7c76 100644
--- a/Documentation/config.txt
+++ b/Documentation/config.txt
@@ -469,6 +469,13 @@ user.name::
 	Can be overridden by the 'GIT_AUTHOR_NAME' and 'GIT_COMMITTER_NAME'
 	environment variables.  See gitlink:git-commit-tree[1].
 
+user.signingkey::
+	If gitlink:git-tag[1] is not selecting the key you want it to
+	automatically when creating a signed tag, you can override the
+	default selection with this variable.  This option is passed
+	unchanged to gpg's --local-user parameter, so you may specify a key
+	using any method that gpg supports.
+
 whatchanged.difftree::
 	The default gitlink:git-diff-tree[1] arguments to be used
 	for gitlink:git-whatchanged[1].
diff --git a/Documentation/git-tag.txt b/Documentation/git-tag.txt
index 13c7aef..3f01e0b 100644
--- a/Documentation/git-tag.txt
+++ b/Documentation/git-tag.txt
@@ -70,6 +70,16 @@ OPTIONS
 	Take the tag message from the given file.  Use '-' to
 	read the message from the standard input.
 
+CONFIGURATION
+-------------
+By default, git-tag in sign-with-default mode (-s) will use your
+committer identity (of the form "Your Name <your@email.address>") to
+find a key.  If you want to use a different default key, you can specify
+it in the repository configuration as follows:
+
+[user]
+    signingkey = <gpg-key-id>
+
 Author
 ------
 Written by Linus Torvalds <torvalds@osdl.org>,
diff --git a/git-tag.sh b/git-tag.sh
index 94499c9..01e6526 100755
--- a/git-tag.sh
+++ b/git-tag.sh
@@ -112,7 +112,11 @@ git-check-ref-format "tags/$name" ||
 object=$(git-rev-parse --verify --default HEAD "$@") || exit 1
 type=$(git-cat-file -t $object) || exit 1
 tagger=$(git-var GIT_COMMITTER_IDENT) || exit 1
-: ${username:=$(expr "z$tagger" : 'z\(.*>\)')}
+
+keyid=$(git-repo-config user.signingkey)
+if [ -z "$keyid" ]; then
+	: ${keyid:=$(expr "z$tagger" : 'z\(.*>\)')}
+fi
 
 trap 'rm -f "$GIT_DIR"/TAG_TMP* "$GIT_DIR"/TAG_FINALMSG "$GIT_DIR"/TAG_EDITMSG' 0
 
@@ -139,7 +143,7 @@ if [ "$annotate" ]; then
       cat "$GIT_DIR"/TAG_FINALMSG ) >"$GIT_DIR"/TAG_TMP
     rm -f "$GIT_DIR"/TAG_TMP.asc "$GIT_DIR"/TAG_FINALMSG
     if [ "$signed" ]; then
-	gpg -bsa -u "$username" "$GIT_DIR"/TAG_TMP &&
+	gpg -bsa -u "$keyid" "$GIT_DIR"/TAG_TMP &&
 	cat "$GIT_DIR"/TAG_TMP.asc >>"$GIT_DIR"/TAG_TMP ||
 	die "failed to sign the tag with GPG."
     fi
-- 
1.5.0.rc2.gc3537-dirty

Re: [PATCH] Allow the tag signing key to be specified in the config file

[Linus Torvalds]

On Fri, 26 Jan 2007, Andy Parkins wrote:
> 
> This patch adds a configuration entry "user.signingkey" which, if
> present, will be passed to the "-u" switch for gpg, allowing the tag
> signing key to be overridden.  If the entry is not present, the fallback
> is the original method, which means existing behaviour will continue
> untouched.

FWIW: Ack. This sounds like a good idea, and the patch looks fine too.

		Linus

Re: [PATCH] Allow the tag signing key to be specified in the config file

[Junio C Hamano]

Andy Parkins <andyparkins@gmail.com> writes:

> This patch adds a configuration entry "user.signingkey" which, if
> present, will be passed to the "-u" switch for gpg, allowing the tag
> signing key to be overridden.  If the entry is not present, the fallback
> is the original method, which means existing behaviour will continue
> untouched.


> diff --git a/git-tag.sh b/git-tag.sh
> index 94499c9..01e6526 100755
> --- a/git-tag.sh
> +++ b/git-tag.sh
> @@ -112,7 +112,11 @@ git-check-ref-format "tags/$name" ||
>  object=$(git-rev-parse --verify --default HEAD "$@") || exit 1
>  type=$(git-cat-file -t $object) || exit 1
>  tagger=$(git-var GIT_COMMITTER_IDENT) || exit 1
> -: ${username:=$(expr "z$tagger" : 'z\(.*>\)')}
> +
> +keyid=$(git-repo-config user.signingkey)
> +if [ -z "$keyid" ]; then
> +	: ${keyid:=$(expr "z$tagger" : 'z\(.*>\)')}
> +fi


Why do you use ": ${parameter:=word}" substitution after having
already checked that keyid is empty, I wonder...  Am I missing
something subtle?

Other than that, I think what this patch does makes a lot of
sense.

Re: [PATCH] Allow the tag signing key to be specified in the config file

[Andy Parkins]

On Saturday 2007, January 27 06:37, Junio C Hamano wrote:

> Why do you use ": ${parameter:=word}" substitution after having
> already checked that keyid is empty, I wonder...  Am I missing
> something subtle?

Nope.  Just that I didn't know what the ":"-notation on a bash line 
before and couldn't find documentation covering it, so I played safe 
and left it untouched.

Feel free to drop the enclosing "if".


Andy
-- 
Dr Andrew Parkins, M Eng (Hons), AMIEE
andyparkins@gmail.com

Re: [PATCH] Allow the tag signing key to be specified in the config file

[Simon 'corecode' Schubert]

[-- Attachment #1: Type: text/plain, Size: 628 bytes --]

Junio C Hamano wrote:
>> +	: ${keyid:=$(expr "z$tagger" : 'z\(.*>\)')}

is there a reason to use name + email as keyid and not just the email address?  that would also mitigate the need to specify user.sigingkey if only the names missmatch between gpg and git, but the email addresses are the same.

cheers
  simon

-- 
Serve - BSD     +++  RENT this banner advert  +++    ASCII Ribbon   /"\
Work - Mac      +++  space for low €€€ NOW!1  +++      Campaign     \ /
Party Enjoy Relax   |   http://dragonflybsd.org      Against  HTML   \
Dude 2c 2 the max   !   http://golden-apple.biz       Mail + News   / \


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 252 bytes --]

Re: [PATCH] Allow the tag signing key to be specified in the config file

[Andy Parkins]

On Saturday 2007, January 27 13:37, Simon 'corecode' Schubert wrote:

> is there a reason to use name + email as keyid and not just the email
> address?  that would also mitigate the need to specify user.sigingkey
> if only the names missmatch between gpg and git, but the email
> addresses are the same.

That was my original solution, but it was rejected.

http://www.gelato.unsw.edu.au/archives/git/0610/29733.html



Andy

-- 
Dr Andrew Parkins, M Eng (Hons), AMIEE
andyparkins@gmail.com

Re: [PATCH] Allow the tag signing key to be specified in the config file

[Simon 'corecode' Schubert]

[-- Attachment #1: Type: text/plain, Size: 1265 bytes --]

Andy Parkins wrote:
>> is there a reason to use name + email as keyid and not just the email
>> address?  that would also mitigate the need to specify user.sigingkey
>> if only the names missmatch between gpg and git, but the email
>> addresses are the same.
> That was my original solution, but it was rejected.
> 
> http://www.gelato.unsw.edu.au/archives/git/0610/29733.html

oh well.  I don't think this was discussed properly.  The question for me is, what should be the default:  fail if there is no matching key which also matches the comment field, or choose the default (sub)key even when a different subkey matches (based on the comment field).  First of all, I think the default should be "try not to fail", so that is the second way.  Additionally, people can specify a different keyid if they want to sign with a different key.

Oh well, I don't really care about this.  I just say that I'd expect it not to fail...

cheers
  simon

-- 
Serve - BSD     +++  RENT this banner advert  +++    ASCII Ribbon   /"\
Work - Mac      +++  space for low €€€ NOW!1  +++      Campaign     \ /
Party Enjoy Relax   |   http://dragonflybsd.org      Against  HTML   \
Dude 2c 2 the max   !   http://golden-apple.biz       Mail + News   / \


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 252 bytes --]

Re: [PATCH] Allow the tag signing key to be specified in the config file

[Junio C Hamano]

Thanks.