-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathindex.js
53 lines (48 loc) · 1.31 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
const git = require('nodegit')
const openpgp = require('openpgp')
async function sign({
repo,
author,
committer,
commitMessage,
privateKey,
passphrase
}) {
const index = await repo.refreshIndex()
const oid = await index.writeTreeTo(repo)
const head = await git.Reference.nameToId(repo, 'HEAD')
const parent = await repo.getCommit(head)
const commit = await repo.createCommitWithSignature(
'HEAD',
author,
committer,
commitMessage,
oid,
[parent],
onSignature
)
return commit.toString()
async function onSignature(tosign) {
const privateKeyResult = (await openpgp.key.readArmored(privateKey)).keys[0]
if (!privateKeyResult) throw new Error('unable to read private key')
await privateKeyResult.decrypt(passphrase)
// use binary to preserve line-endings to make signatures match
const buf = new Uint8Array(tosign.length)
for (let i = 0; i < tosign.length; i++) {
buf[i] = tosign.charCodeAt(i)
}
const options = {
message: openpgp.message.fromBinary(buf),
privateKeys: [privateKeyResult],
detached: true
}
const signed = await openpgp.sign(options)
const signature = signed.signature
return {
code: git.Error.CODE.OK,
field: 'gpgsig',
signedData: signature
}
}
}
module.exports = sign