]>
Commit | Line | Data |
---|---|---|
3953b166 SW |
1 | # Following the instructions at https://tribut.de/blog/git-commit-signatures-trusted-keys |
2 | ||
3 | self: super: { | |
4 | keyedgit = key: | |
5 | let | |
6 | keyring = super.runCommand "keyedkeyring.gpg" {} '' | |
7 | export GNUPGHOME=$(mktemp -d) | |
8 | ${self.gnupg}/bin/gpg --no-default-keyring --keyring=$out --import ${key} | |
9 | ''; | |
10 | keyedgpg = super.symlinkJoin { | |
11 | name = "keyedgpg"; | |
12 | buildInputs = [ super.makeWrapper ]; | |
13 | paths = [ self.gnupg ]; | |
14 | postBuild = '' | |
15 | wrapProgram "$out/bin/gpg" \ | |
16 | --add-flags '--no-default-keyring --keyring=${keyring}' | |
17 | ''; | |
18 | }; | |
19 | in super.symlinkJoin { | |
20 | name = "keyedgit"; | |
21 | paths = [ self.git ]; | |
22 | buildInputs = [ super.makeWrapper ]; | |
23 | postBuild = '' | |
24 | wrapProgram "$out/bin/git" \ | |
25 | --add-flags '-c gpg.program=${keyedgpg}/bin/gpg' | |
26 | ''; | |
27 | }; | |
28 | } |