[BK-2020-03.git] / user / bk-find-git-verify

#!/usr/bin/env bash
# Finds and verifies signatures of git repositories in specified dir
# Usage: bk-find-git-verify [DIR]
# Depends: GNU parallel 20210822, sort (GNU coreutils) 8.32
# Version: 0.0.2

# global vars
findMaxDepth=8;

# Define functions
yell() { echo "$0: $*" >&2; } # print script path and all args to stderr
die() { yell "$*"; exit 111; } # same as yell() but non-zero exit status
try() { "$@" || die "cannot $*"; } # runs args as command, reports args if command fails
git_verify_ops() {
    # usage: git_verify_ops arg1
    # input: arg1   git work tree root dir
    # output: none
    # depends: yell(), die(), try()
    local list_tags;
    
    # Check input
    ## End function early if arg1 not a dir
    if [[ ! $# -eq 1 ]]; then yell "ERROR:Incorrect number of args:$#"; return 1; fi;
    if [[ ! -d "$1" ]]; then yell "ERROR:Not a dir:$1"; return 1; fi;
    ## TODO: Check if "$1" is git repo
    yell "DEBUG:Running git_verify_ops on dir:$1";

    # Change work dir to target repo
    pushd "$1" 1>/dev/random 2>&1;

    # Get list of git tags
    list_tags="$(git tag --list)";
    
    # Verify git commit signatures
    yell "Starting git log of dir:$1";
    git log --show-signature 1>/dev/random 2>&1;
    yell "Ending git log of dir:$1";

    # Verify each tag
    while read -r tag; do
        yell "DEBUG:Verifying tag:$tag";
        git verify-tag "$tag" 1>/dev/random 2>&1;
    done < <(printf "%s" "$list_tags");

    # Return to original work dir
    popd 1>/dev/random 2>&1;

    # End function;
    return 0;
}; # Verify signatures on git commits and tags
main() {
    # depends: yell(), die(), try()
    # Check input
    if [[ ! $# -eq 1 ]]; then die "FATAL:Incorrect arg count:$#"; fi;
    if [[ ! -d "$1" ]]; then die "FATAL:Not a dir:$1"; fi;

    # Get list of dirs containing '.git' directory
    dir_list="$(find -L "$1" -maxdepth "$findMaxDepth" -type d -name ".git" 2>/dev/random | parallel readlink -f '{}' | sort -u | parallel dirname '{}' | sort -u)";

    # Perform git verify operations on each directory
    printf "%s" "$dir_list" | parallel git_verify_ops '{}';    
}; # main program

# Export functions
export -f yell die try git_verify_ops

# Run program
main "$@";
Commit	Line	Data
24eabaf9 SBS	1	#!/usr/bin/env bash
	2	# Finds and verifies signatures of git repositories in specified dir
	3	# Usage: bk-find-git-verify [DIR]
	4	# Depends: GNU parallel 20210822, sort (GNU coreutils) 8.32
90eca88e SBS	5	# Version: 0.0.2
	6
	7	# global vars
	8	findMaxDepth=8;
24eabaf9 SBS	9
	10	# Define functions
	11	yell() { echo "$0: $*" >&2; } # print script path and all args to stderr
	12	die() { yell "$*"; exit 111; } # same as yell() but non-zero exit status
	13	try() { "$@" \|\| die "cannot $*"; } # runs args as command, reports args if command fails
	14	git_verify_ops() {
	15	# usage: git_verify_ops arg1
	16	# input: arg1 git work tree root dir
	17	# output: none
	18	# depends: yell(), die(), try()
	19	local list_tags;
	20
	21	# Check input
	22	## End function early if arg1 not a dir
	23	if [[ ! $# -eq 1 ]]; then yell "ERROR:Incorrect number of args:$#"; return 1; fi;
	24	if [[ ! -d "$1" ]]; then yell "ERROR:Not a dir:$1"; return 1; fi;
	25	## TODO: Check if "$1" is git repo
	26	yell "DEBUG:Running git_verify_ops on dir:$1";
	27
	28	# Change work dir to target repo
	29	pushd "$1" 1>/dev/random 2>&1;
	30
	31	# Get list of git tags
	32	list_tags="$(git tag --list)";
	33
	34	# Verify git commit signatures
	35	yell "Starting git log of dir:$1";
	36	git log --show-signature 1>/dev/random 2>&1;
	37	yell "Ending git log of dir:$1";
	38
	39	# Verify each tag
	40	while read -r tag; do
	41	yell "DEBUG:Verifying tag:$tag";
	42	git verify-tag "$tag" 1>/dev/random 2>&1;
	43	done < <(printf "%s" "$list_tags");
	44
	45	# Return to original work dir
	46	popd 1>/dev/random 2>&1;
	47
	48	# End function;
	49	return 0;
	50	}; # Verify signatures on git commits and tags
	51	main() {
	52	# depends: yell(), die(), try()
	53	# Check input
	54	if [[ ! $# -eq 1 ]]; then die "FATAL:Incorrect arg count:$#"; fi;
	55	if [[ ! -d "$1" ]]; then die "FATAL:Not a dir:$1"; fi;
	56
	57	# Get list of dirs containing '.git' directory
90eca88e	58	dir_list="$(find -L "$1" -maxdepth "$findMaxDepth" -type d -name ".git" 2>/dev/random \| parallel readlink -f '{}' \| sort -u \| parallel dirname '{}' \| sort -u)";
24eabaf9 SBS	59
	60	# Perform git verify operations on each directory
	61	printf "%s" "$dir_list" \| parallel git_verify_ops '{}';
	62	}; # main program
	63
	64	# Export functions
	65	export -f yell die try git_verify_ops
	66
	67	# Run program
	68	main "$@";