You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

sign_pages.py 2.3KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374
  1. #!/usr/bin/env python3
  2. import getpass
  3. import gitconfig
  4. import os
  5. import subprocess
  6. import sys
  7. # Find full path to an executable
  8. # From https://stackoverflow.com/questions/377017/test-if-executable-exists-in-python
  9. def which(program):
  10. import os
  11. def is_exe(fpath):
  12. return os.path.isfile(fpath) and os.access(fpath, os.X_OK)
  13. fpath, fname = os.path.split(program)
  14. if fpath:
  15. if is_exe(program):
  16. return program
  17. else:
  18. for path in os.environ["PATH"].split(os.pathsep):
  19. exe_file = os.path.join(path, program)
  20. if is_exe(exe_file):
  21. return exe_file
  22. return None
  23. # Figure out which gpg is in use (gpg2 on older Ubuntu systems, gpg == gpg2 on newer Ubuntu installs)
  24. gpg_exe = which('gpg2')
  25. if gpg_exe is None:
  26. gpg_exe = which('gpg')
  27. if gpg_exe is None:
  28. print('GPG executable not found!')
  29. sys.exit(1)
  30. # Figure out which GPG signing key has been configured
  31. # Fallback to main CI / Jenkins signing key if none configured
  32. ci_key = '068317E0E1364A02'
  33. signing_key = None
  34. config = gitconfig.GitConfig()
  35. try:
  36. signing_key = config['user.signingkey']
  37. except:
  38. signing_key = ci_key
  39. print('Usinging signing key: %s' % signing_key)
  40. # Get password for signing key to avoid excessive prompts
  41. key_pw = getpass.getpass('Please enter the signing key password: ')
  42. # Walk the content directory (where our site files live) looking for files to sign
  43. rootDir = './content'
  44. outDir = './static/gpg/sigs'
  45. excludes = []
  46. for dirName, subdirList, fileList in os.walk(rootDir):
  47. print('Processing: %s' % dirName)
  48. sigDir = os.path.abspath(os.path.join(outDir, dirName))
  49. if not os.path.isdir(sigDir):
  50. print('\tCreating sigDir: %s' % sigDir)
  51. os.makedirs(sigDir)
  52. for fname in fileList:
  53. if fname in excludes:
  54. continue
  55. print('\tSigning: %s' % fname)
  56. p = subprocess.Popen([gpg_exe,
  57. '--batch',
  58. '--passphrase-fd', '0',
  59. '--pinentry-mode', 'loopback',
  60. '--local-user', signing_key,
  61. '--clear-sign', '--armor',
  62. '--output', os.path.abspath(os.path.join(sigDir, fname + '.asc')),
  63. os.path.abspath(os.path.join(dirName, fname))
  64. ], stdin=subprocess.PIPE)
  65. p.communicate(input=str.encode(key_pw))