with actual push

add signing key
2022-09-12 22:05:06 +02:00 · 2022-09-12 14:38:40 +02:00
8 changed files with 278 additions and 29 deletions
--- a/example/testkey.private.pgp
+++ b/example/testkey.private.pgp
@ -0,0 +1,17 @@
+-----BEGIN PGP PRIVATE KEY BLOCK-----
+
+lIYEYx8kxRYJKwYBBAHaRw8BAQdAwlYhGGWpLSSxZoHUmzvl6iJeZgtfKu/8/cjt
+LLQ8Swf+BwMCGPF3fdZbweT7+Y/bMMnelXmhYsTgEk30h+FeXOnGy/ZvJgnqoBed
+eRPRO5VDN4xq30D8zp04em8tgPXXS50yXvf7PUIKcx4u0IDteTC/Q7QjS3Jha2Vu
+IDxrcmFrZW5Aa2FzcGVyaGVybWFuc2VuLmNvbT6IkwQTFgoAOxYhBKh3AMKI2yc/
+qX90YXHawJCw+EZkBQJjHyTFAhsDBQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheA
+AAoJEHHawJCw+EZkJMQA/AgeMkam18RasuPcl9kiiFkE2EA2TvO25IieZesbCEf5
+APwLjuXkMNYrPSAGPk0VZY7Eq8hWQd3qh9GHV9vDEUvND5yLBGMfJMUSCisGAQQB
+l1UBBQEBB0D4pGbjQW+s2aYO3DZX7M0yyq4JkZ+Wana3v2BuAXXYEwMBCAf+BwMC
+7hV7XuPdNrP7q1BylZe5GKz0TP0LSRbVjPgnetTyDqOaWEtdRzc996rBR0WcvUJO
+xN7oRR8XNMp1v6Up2LcvUs6XDpJ4f1MBGh3npytF7oh4BBgWCgAgFiEEqHcAwojb
+Jz+pf3RhcdrAkLD4RmQFAmMfJMUCGwwACgkQcdrAkLD4RmTvQgEAqGhqQuiZQskW
+Zbr27HBpQIukcIOVFle+wNXNyhKTJlkBAKoM/wTrQNIyS2gnGPQ1IE/AtDhMvwsV
+hCIzhb/ybLMH
+=9Nw9
+-----END PGP PRIVATE KEY BLOCK-----
--- a/go.mod
+++ b/go.mod
@ -4,6 +4,9 @@ go 1.19

 require (
 	git.front.kjuulh.io/kjuulh/curre v1.2.2
+	github.com/ProtonMail/go-crypto v0.0.0-20220822140716-1678d6eb0cbe
+	github.com/ProtonMail/gopenpgp/v2 v2.4.10
+	github.com/gin-contrib/zap v0.0.2
 	github.com/gin-gonic/gin v1.8.1
 	github.com/go-git/go-git/v5 v5.4.2
 	github.com/google/uuid v1.3.0
@ -15,12 +18,12 @@ require (

 require (
 	github.com/Microsoft/go-winio v0.5.2 // indirect
-	github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7 // indirect
+	github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f // indirect
 	github.com/acomagu/bufpipe v1.0.3 // indirect
+	github.com/cloudflare/circl v1.1.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
-	github.com/gin-contrib/zap v0.0.2 // indirect
 	github.com/go-git/gcfg v1.5.0 // indirect
 	github.com/go-git/go-billy/v5 v5.3.1 // indirect
 	github.com/go-playground/locales v0.14.0 // indirect
@ -38,8 +41,10 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pelletier/go-toml/v2 v2.0.1 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/sergi/go-diff v1.2.0 // indirect
+	github.com/sirupsen/logrus v1.7.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/ugorji/go/codec v1.2.7 // indirect
 	github.com/xanzy/ssh-agent v0.3.2 // indirect
--- a/go.sum
+++ b/go.sum
@ -1,11 +1,17 @@
 git.front.kjuulh.io/kjuulh/curre v1.2.2 h1:0OwWIfekrMykdQg9bdmG80I+Mjc2k4i+sy903phuDWs=
 git.front.kjuulh.io/kjuulh/curre v1.2.2/go.mod h1:m7WpSehONLqPh/XF3F0BI0UOpLOfGuDmDEFI1XsM6fE=
+github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA=
 github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0=
 github.com/Microsoft/go-winio v0.5.2 h1:a9IhgEQBCUEk6QCdml9CiJGhAws+YwffDHEMp1VMrpA=
 github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
-github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7 h1:YoJbenK9C67SkzkDfmQuVln04ygHj3vjZfd9FL+GmQQ=
 github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo=
+github.com/ProtonMail/go-crypto v0.0.0-20220822140716-1678d6eb0cbe h1:R2HeCk7SG/XpoYZlEeI1v7sId7w2AMWwzOaVqXn45FE=
+github.com/ProtonMail/go-crypto v0.0.0-20220822140716-1678d6eb0cbe/go.mod h1:UBYPn8k0D56RtnR8RFQMjmh4KrZzWJ5o7Z9SYjossQ8=
+github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f h1:CGq7OieOz3wyQJ1fO8S0eO9TCW1JyvLrf8fhzz1i8ko=
+github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f/go.mod h1:NYt+V3/4rEeDuaev/zw1zCq8uqVEuPHzDPo3OZrlGJ4=
+github.com/ProtonMail/gopenpgp/v2 v2.4.10 h1:EYgkxzwmQvsa6kxxkgP1AwzkFqKHscF2UINxaSn6rdI=
+github.com/ProtonMail/gopenpgp/v2 v2.4.10/go.mod h1:CTRA7/toc/4DxDy5Du4hPDnIZnJvXSeQ8LsRTOUJoyc=
 github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk=
 github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4=
 github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA=
@ -14,6 +20,9 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
 github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
 github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
+github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0=
+github.com/cloudflare/circl v1.1.0 h1:bZgT/A+cikZnKIwn7xL2OBj012Bmvho/o6RpRvv3GKY=
+github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I=
 github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@ -116,6 +125,8 @@ github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNX
 github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ=
 github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
 github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
+github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
+github.com/sirupsen/logrus v1.7.0 h1:ShrD1U9pZB12TX0cVy0DtePoCH97K8EtX+mg7ZARUtM=
 github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
 github.com/spf13/cobra v1.5.0 h1:X+jTBEBqF0bHN+9cSMgmfuvv2VHJ9ezmFNf9Y/XstYU=
 github.com/spf13/cobra v1.5.0/go.mod h1:dWXEIy2H428czQCjInthrTRUg7yKbok+2Qi/yBIJoUM=
@ -154,15 +165,25 @@ go.uber.org/zap v1.23.0 h1:OjGQ5KQDEUawVHxNwQgPpiypGHOxo2mNZsOqTak4fFY=
 go.uber.org/zap v1.23.0/go.mod h1:D+nX8jyLsMHMYrln8A0rJjFt/T/9/bGgIhAqxv5URuY=
 golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
 golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
 golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 h1:Y/gsMcFOcR+6S6f3YeMKl5g+dZMEWqcz5Czj/GWYbkM=
 golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/exp v0.0.0-20190731235908-ec7cb31e5a56/go.mod h1:JhuoJpWY28nO4Vef9tZUw9qufEGTyX1+7lmHxV5q5G4=
+golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
+golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
+golang.org/x/mobile v0.0.0-20200801112145-973feb4309de/go.mod h1:skQtrUTUwhdJvXM/2KKJzY8pDgNr9I/FOMqDVRPBUS4=
+golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
+golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/mod v0.1.1-0.20191209134235-331c550502dd/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
@ -178,6 +199,7 @@ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@ -194,6 +216,7 @@ golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220909162455-aba9fc2a8ff2 h1:wM1k/lXfpc5HdkJJyW9GELpd8ERGdnh8sMGL6Gzq3Ho=
 golang.org/x/sys v0.0.0-20220909162455-aba9fc2a8ff2/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@ -207,12 +230,14 @@ golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200117012304-6edc0a871e69/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw=
--- a/internal/commands/process_repos.go
+++ b/internal/commands/process_repos.go
@ -78,6 +78,13 @@ func (pr *ProcessRepos) Process(ctx context.Context, repositoryUrls []string) er
 				return
 			}

+			err = pr.git.CreateBranch(ctx, repo)
+			if err != nil {
+				pr.logger.Error("could not create branch", zap.Error(err))
+				errChan <- err
+				return
+			}
+
 			err = pr.action.Run(
 				ctx,
 				area,
@ -109,20 +116,26 @@ func (pr *ProcessRepos) Process(ctx context.Context, repositoryUrls []string) er
 						return fmt.Errorf("could not add file: %w", err)
 					}

-					_, err = pr.git.Commit(ctx, repo)
+					err = pr.git.Commit(ctx, repo)
 					if err != nil {
 						return fmt.Errorf("could not get diff: %w", err)
 					}

 					return nil
 				}, false)
-
 			if err != nil {
 				pr.logger.Error("could not run action", zap.Error(err))
 				errChan <- err
 				return
 			}

+			err = pr.git.Push(ctx, repo)
+			if err != nil {
+				pr.logger.Error("could not push to repo", zap.Error(err))
+				errChan <- err
+				return
+			}
+
 			pr.logger.Debug("processing done", zap.String("path", area.Path), zap.String("repoUrl", repoUrl))
 		}(ctx, repoUrl)
 	}
--- a/internal/server/server.go
+++ b/internal/server/server.go
@ -5,6 +5,7 @@ import (

 	"git.front.kjuulh.io/kjuulh/curre"
 	"git.front.kjuulh.io/kjuulh/kraken/internal/serverdeps"
+	"git.front.kjuulh.io/kjuulh/kraken/internal/services/signer"
 	"go.uber.org/zap"
 )

@ -16,5 +17,6 @@ func Start(logger *zap.Logger) error {
 	return curre.NewManager().
 		Register(NewGinHttpServer(logger.With(zap.Namespace("ginHttpServer")), deps)).
 		Register(NewStorageServer(logger.With(zap.Namespace("storageServer")), deps)).
+		Register(signer.NewOpenPGPApp(deps.GetOpenPGP())).
 		Run(ctx)
 }
--- a/internal/serverdeps/server_deps.go
+++ b/internal/serverdeps/server_deps.go
@ -3,14 +3,18 @@ package serverdeps
 import (
 	"git.front.kjuulh.io/kjuulh/kraken/internal/services/actions"
 	"git.front.kjuulh.io/kjuulh/kraken/internal/services/providers"
+	"git.front.kjuulh.io/kjuulh/kraken/internal/services/signer"
 	"git.front.kjuulh.io/kjuulh/kraken/internal/services/storage"
 	"go.uber.org/zap"
 )

 type ServerDeps struct {
-	logger        *zap.Logger
+	logger *zap.Logger
+
 	storageConfig *storage.StorageConfig
 	gitCfg        *providers.GitConfig
+
+	openPGP *signer.OpenPGP
 }

 func NewServerDeps(logger *zap.Logger) *ServerDeps {
@ -33,6 +37,13 @@ func NewServerDeps(logger *zap.Logger) *ServerDeps {
 		SshPrivateKeyPassword: "",
 	}

+	openPGPConfig := &signer.OpenPgpConfig{
+		PrivateKeyFilePath: "./example/testkey.private.pgp",
+		PrivateKeyPassword: "somepassword",
+		PrivateKeyIdentity: "kraken@kasperhermansen.com",
+	}
+	deps.openPGP = signer.NewOpenPGP(logger.With(zap.Namespace("openpgp")), openPGPConfig)
+
 	return deps
 }

@ -41,9 +52,13 @@ func (deps *ServerDeps) GetStorageService() *storage.Service {
 }

 func (deps *ServerDeps) GetGitProvider() *providers.Git {
-	return providers.NewGit(deps.logger.With(zap.Namespace("gitProvider")), deps.gitCfg)
+	return providers.NewGit(deps.logger.With(zap.Namespace("gitProvider")), deps.gitCfg, deps.openPGP)
 }

 func (deps *ServerDeps) GetAction() *actions.Action {
 	return actions.NewAction(deps.logger.With(zap.Namespace("action")))
 }
+
+func (deps *ServerDeps) GetOpenPGP() *signer.OpenPGP {
+	return deps.openPGP
+}
--- a/internal/services/providers/git.go
+++ b/internal/services/providers/git.go
@ -2,10 +2,14 @@ package providers

 import (
 	"context"
+	"fmt"
 	"time"

+	"git.front.kjuulh.io/kjuulh/kraken/internal/services/signer"
 	"git.front.kjuulh.io/kjuulh/kraken/internal/services/storage"
 	"github.com/go-git/go-git/v5"
+	"github.com/go-git/go-git/v5/config"
+	"github.com/go-git/go-git/v5/plumbing"
 	"github.com/go-git/go-git/v5/plumbing/object"
 	"github.com/go-git/go-git/v5/plumbing/transport"
 	"github.com/go-git/go-git/v5/plumbing/transport/http"
@ -19,6 +23,7 @@ import (
 type Git struct {
 	logger    *zap.Logger
 	gitConfig *GitConfig
+	openPGP   *signer.OpenPGP
 }

 type GitRepo struct {
@ -44,8 +49,8 @@ type GitConfig struct {
 	SshPrivateKeyPassword string
 }

-func NewGit(logger *zap.Logger, gitConfig *GitConfig) *Git {
-	return &Git{logger: logger, gitConfig: gitConfig}
+func NewGit(logger *zap.Logger, gitConfig *GitConfig, openPGP *signer.OpenPGP) *Git {
+	return &Git{logger: logger, gitConfig: gitConfig, openPGP: openPGP}
 }

 func (g *Git) Clone(ctx context.Context, storageArea *storage.Area, repoUrl string) (*GitRepo, error) {
@ -69,13 +74,10 @@ func (g *Git) Clone(ctx context.Context, storageArea *storage.Area, repoUrl stri
 		NoCheckout:        false,
 		Depth:             1,
 		RecurseSubmodules: 1,
-		Progress: &zapio.Writer{
-			Log:   g.logger.With(zap.String("process", "go-git")),
-			Level: zap.DebugLevel,
-		},
-		Tags:            0,
-		InsecureSkipTLS: false,
-		CABundle:        []byte{},
+		Progress:          g.getProgressWriter(),
+		Tags:              0,
+		InsecureSkipTLS:   false,
+		CABundle:          []byte{},
 	}

 	repo, err := git.PlainCloneContext(ctx, storageArea.Path, false, &cloneOptions)
@ -88,6 +90,13 @@ func (g *Git) Clone(ctx context.Context, storageArea *storage.Area, repoUrl stri
 	return &GitRepo{repo: repo}, nil
 }

+func (g *Git) getProgressWriter() *zapio.Writer {
+	return &zapio.Writer{
+		Log:   g.logger.With(zap.String("process", "go-git")),
+		Level: zap.DebugLevel,
+	}
+}
+
 func (g *Git) Add(ctx context.Context, storageArea *storage.Area, gitRepo *GitRepo) (*git.Worktree, error) {
 	worktree, err := gitRepo.repo.Worktree()
 	if err != nil {
@ -106,11 +115,71 @@ func (g *Git) Add(ctx context.Context, storageArea *storage.Area, gitRepo *GitRe
 		return nil, err
 	}

-	g.logger.Info("git status", zap.String("status", status.String()))
+	g.logger.Debug("git status", zap.String("status", status.String()))

 	return worktree, nil
 }

+func (g *Git) CreateBranch(ctx context.Context, gitRepo *GitRepo) error {
+	worktree, err := gitRepo.repo.Worktree()
+	if err != nil {
+		return err
+	}
+
+	refSpec := plumbing.NewBranchReferenceName("kraken-apply")
+	err = gitRepo.repo.CreateBranch(&config.Branch{
+		Name:   "kraken-apply",
+		Remote: "origin",
+		Merge:  refSpec,
+		Rebase: "",
+	})
+	if err != nil {
+		return fmt.Errorf("could not create branch: %w", err)
+	}
+
+	err = worktree.Checkout(&git.CheckoutOptions{
+		Branch: plumbing.ReferenceName(refSpec.String()),
+		Create: true,
+		Force:  false,
+		Keep:   false,
+	})
+	if err != nil {
+		return fmt.Errorf("could not checkout branch: %w", err)
+	}
+
+	remoteRef := plumbing.NewRemoteReferenceName("origin", "kraken-apply")
+	ref := plumbing.NewSymbolicReference(refSpec, remoteRef)
+	err = gitRepo.repo.Storer.SetReference(ref)
+	if err != nil {
+		return fmt.Errorf("could not set reference: %w", err)
+	}
+
+	auth, err := g.GetAuth()
+	if err != nil {
+		return err
+	}
+
+	err = worktree.PullContext(ctx, &git.PullOptions{
+		RemoteName:        "origin",
+		ReferenceName:     "refs/heads/main",
+		SingleBranch:      true,
+		Depth:             1,
+		Auth:              auth,
+		RecurseSubmodules: 1,
+		Progress:          g.getProgressWriter(),
+		Force:             true,
+		InsecureSkipTLS:   false,
+		CABundle:          []byte{},
+	})
+	if err != nil {
+		return fmt.Errorf("could not pull from origin: %w", err)
+	}
+
+	g.logger.Debug("done creating branches")
+
+	return nil
+}
+
 func (g *Git) Commit(ctx context.Context, gitRepo *GitRepo) error {
 	worktree, err := gitRepo.repo.Worktree()
 	if err != nil {
@ -118,22 +187,44 @@ func (g *Git) Commit(ctx context.Context, gitRepo *GitRepo) error {
 	}

 	_, err = worktree.Commit("some-commit", &git.CommitOptions{
-		All: true,
-		Author: &object.Signature{
-			Name:  "kraken",
-			Email: "kraken@kasperhermansen.com",
-			When:  time.Now(),
-		},
-		Committer: &object.Signature{
-			Name:  "kraken",
-			Email: "kraken@kasperhermansen.com",
-			When:  time.Now(),
-		},
+		All:       true,
+		Author:    &object.Signature{Name: "kraken", Email: "kraken@kasperhermansen.com", When: time.Now()},
+		Committer: &object.Signature{Name: "kraken", Email: "kraken@kasperhermansen.com", When: time.Now()},
+		SignKey:   g.openPGP.SigningKey,
 	})
 	if err != nil {
 		return err
 	}

+	g.logger.Debug("done commiting objects")
+
+	return nil
+}
+
+func (g *Git) Push(ctx context.Context, gitRepo *GitRepo) error {
+	auth, err := g.GetAuth()
+	if err != nil {
+		return err
+	}
+
+	err = gitRepo.repo.PushContext(ctx, &git.PushOptions{
+		RemoteName:        "origin",
+		RefSpecs:          []config.RefSpec{},
+		Auth:              auth,
+		Progress:          g.getProgressWriter(),
+		Prune:             false,
+		Force:             false,
+		InsecureSkipTLS:   false,
+		CABundle:          []byte{},
+		RequireRemoteRefs: []config.RefSpec{},
+	})
+
+	if err != nil {
+		return err
+	}
+
+	g.logger.Debug("done pushing branch")
+
 	return nil
 }

--- a/internal/services/signer/openpgp.go
+++ b/internal/services/signer/openpgp.go
@ -0,0 +1,81 @@
+package signer
+
+import (
+	"context"
+	"errors"
+	"os"
+	"strings"
+
+	"git.front.kjuulh.io/kjuulh/curre"
+	"github.com/ProtonMail/go-crypto/openpgp"
+	"go.uber.org/zap"
+)
+
+type OpenPGP struct {
+	logger     *zap.Logger
+	SigningKey *openpgp.Entity
+	config     *OpenPgpConfig
+}
+
+type OpenPgpConfig struct {
+	PrivateKeyFilePath string
+	PrivateKeyPassword string
+	PrivateKeyIdentity string
+}
+
+func NewOpenPGP(logger *zap.Logger, config *OpenPgpConfig) *OpenPGP {
+	return &OpenPGP{
+		logger: logger,
+		config: config,
+	}
+}
+
+func NewOpenPGPApp(openPGP *OpenPGP) curre.Component {
+	return curre.NewFunctionalComponent(&curre.FunctionalComponent{
+		InitFunc: func(_ *curre.FunctionalComponent, ctx context.Context) error {
+			keyring, err := buildKeyring(ctx, openPGP)
+			if err != nil {
+				openPGP.logger.Panic("could not build keyring", zap.Error(err))
+				return err
+			}
+
+			openPGP.SigningKey = keyring
+
+			return nil
+		},
+		StartFunc: func(fc *curre.FunctionalComponent, ctx context.Context) error {
+			return nil
+		},
+		StopFunc: func(fc *curre.FunctionalComponent, ctx context.Context) error {
+			return nil
+		},
+	})
+}
+
+func buildKeyring(_ context.Context, openPGP *OpenPGP) (*openpgp.Entity, error) {
+	content, err := os.ReadFile(openPGP.config.PrivateKeyFilePath)
+	if err != nil {
+		return nil, err
+	}
+	reader := strings.NewReader(string(content))
+
+	es, err := openpgp.ReadArmoredKeyRing(reader)
+	if err != nil {
+		return nil, err
+	}
+
+	for _, key := range es {
+		for k := range key.Identities {
+			if strings.Contains(k, openPGP.config.PrivateKeyIdentity) {
+				err = key.PrivateKey.Decrypt([]byte(openPGP.config.PrivateKeyPassword))
+				if err != nil {
+					return nil, err
+				}
+				return key, nil
+			}
+		}
+	}
+
+	return nil, errors.New("could not find key matching identity")
+
+}
Author	SHA1	Message	Date
kjuulh	b1094294b5	with actual push	2022-09-12 22:05:06 +02:00
kjuulh	56bfba5c17	add signing key	2022-09-12 14:38:40 +02:00