Make it possible to get per repository signing-keys

go-gitea · zeripath · Oct 16, 2019 · Jul 26, 2019 · Aug 1, 2019 · Aug 7, 2019
commit 52740e60556f4834a0ed6e11a45c6253d7aa3a06
diff --git a/models/repo_sign.go b/models/repo_sign.go
@@ -8,6 +8,8 @@ import (
 	"strings"
 
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/process"
 	"code.gitea.io/gitea/modules/setting"
 )
 
@@ -73,6 +75,22 @@ func signingKey(repoPath string) string {
 	return setting.Repository.Signing.SigningKey
 }
 
+// PublicSigningKey gets the public signing key within a provided repository directory
+func PublicSigningKey(repoPath string) (string, error) {
+	signingKey := signingKey(repoPath)
+	if signingKey == "" {
+		return "", nil
+	}
+
+	content, stderr, err := process.GetManager().ExecDir(-1, repoPath,
+		"gpg --export -a", "gpg", "--export", "-a", signingKey)
+	if err != nil {
+		log.Error("Unable to get default signing key in %s: %s, %s, %v", repoPath, signingKey, stderr, err)
+		return "", err
+	}
+	return content, nil
+}
+
 // SignInitialCommit determines if we should sign the initial commit to this repository
 func SignInitialCommit(repoPath string, u *User) (bool, string) {
 	rules := signingModeFromStrings(setting.Repository.Signing.InitialCommit)

diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go
@@ -776,6 +776,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 						m.Delete("", bind(api.DeleteFileOptions{}), repo.DeleteFile)
 					}, reqRepoWriter(models.UnitTypeCode), reqToken())
 				}, reqRepoReader(models.UnitTypeCode))
+				m.Get("/signing-key.gpg", misc.SigningKey)
 			}, repoAssignment())
 		})
 

diff --git a/routers/api/v1/misc/signing.go b/routers/api/v1/misc/signing.go
@@ -3,31 +3,21 @@ package misc
 import (
 	"fmt"
 	"net/http"
-	"strings"
 
+	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/context"
-	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/process"
 )
 
 // SigningKey returns the public key of the default signing key if it exists
 func SigningKey(ctx *context.Context) {
-	signingKey, _ := git.NewCommand("config", "--get", "user.signingkey").Run()
-	signingKey = strings.TrimSpace(signingKey)
-	if len(signingKey) == 0 {
-		_, err := ctx.Write([]byte{})
-		if err != nil {
-			log.Error("Error Writing empty string %v", err)
-			ctx.Error(http.StatusInternalServerError, fmt.Sprintf("%v", err))
-		}
-		return
+	path := ""
+	if ctx.Repo != nil && ctx.Repo.Repository != nil {
+		path = ctx.Repo.Repository.RepoPath()
 	}
 
-	content, stderr, err := process.GetManager().Exec(
-		"gpg --export -a", "gpg", "--export", "-a", signingKey)
+	content, err := models.PublicSigningKey(path)
 	if err != nil {
-		log.Error("Unable to get default signing key: %s, %s, %v", signingKey, stderr, err)
 		ctx.ServerError("gpg export", err)
 		return
 	}