1 # This test checks that VCS information is stamped into Go binaries even when
2 # the current commit is signed and the use has configured git to display commit
3 # signatures.
4
5 [!exec:git] skip
6 [!exec:gpg] skip
7 [short] skip
8 env GOBIN=$GOPATH/bin
9 env GNUPGHOME=$WORK/.gpupg
10 mkdir $GNUPGHOME
11 chmod 0700 $GNUPGHOME
12
13 # Create GPG key
14 exec gpg --batch --passphrase '' --quick-generate-key gopher@golang.org
15 exec gpg --list-secret-keys --with-colons gopher@golang.org
16 cp stdout keyinfo.txt
17 go run extract_key_id.go keyinfo.txt
18 cp stdout keyid.txt
19
20 # Initialize repo
21 cd repo/
22 exec git init
23 exec git config user.email gopher@golang.org
24 exec git config user.name 'J.R. Gopher'
25 exec git config --add log.showSignature true
26 go run ../configure_signing_key.go ../keyid.txt
27
28 # Create signed commit
29 cd a
30 exec git add -A
31 exec git commit -m 'initial commit' --gpg-sign
32 exec git log
33
34 # Verify commit signature does not interfere with versioning
35 go install
36 go version -m $GOBIN/a
37 stdout '^\tbuild\tvcs\.revision='
38 stdout '^\tbuild\tvcs\.time='
39 stdout '^\tbuild\tvcs\.modified=false$'
40
41 -- repo/README --
42 Far out in the uncharted backwaters of the unfashionable end of the western
43 spiral arm of the Galaxy lies a small, unregarded yellow sun.
44 -- repo/a/go.mod --
45 module example.com/a
46
47 go 1.18
48 -- repo/a/a.go --
49 package main
50
51 func main() {}
52
53 -- extract_key_id.go --
54 package main
55
56 import "fmt"
57 import "io/ioutil"
58 import "os"
59 import "strings"
60
61 func main() {
62 err := run(os.Args[1])
63 if err != nil {
64 panic(err)
65 }
66 }
67
68 func run(keyInfoFilePath string) error {
69 contents, err := ioutil.ReadFile(keyInfoFilePath)
70 if err != nil {
71 return err
72 }
73 lines := strings.Split(string(contents), "\n")
74 for _, line := range lines {
75 fields := strings.Split(line, ":")
76 if fields[0] == "sec" {
77 fmt.Print(fields[4])
78 return nil
79 }
80 }
81 return fmt.Errorf("key ID not found in: %s", keyInfoFilePath)
82 }
83
84 -- configure_signing_key.go --
85 package main
86
87 import "io/ioutil"
88 import "os"
89 import "os/exec"
90
91 func main() {
92 err := run(os.Args[1])
93 if err != nil {
94 panic(err)
95 }
96 }
97
98 func run(keyIdFilePath string) error {
99 keyId, err := ioutil.ReadFile(keyIdFilePath)
100 if err != nil {
101 return err
102 }
103 gitCmd := exec.Command("git", "config", "user.signingKey", string(keyId))
104 return gitCmd.Run()
105 }
106
View as plain text