| 1 | #!/usr/bin/env bash |
| 2 | # Finds and verifies signatures of git repositories in specified dir |
| 3 | # Usage: bk-find-git-verify [DIR] |
| 4 | # Depends: GNU parallel 20210822, sort (GNU coreutils) 8.32 |
| 5 | # Version: 0.0.1 |
| 6 | |
| 7 | # Define functions |
| 8 | yell() { echo "$0: $*" >&2; } # print script path and all args to stderr |
| 9 | die() { yell "$*"; exit 111; } # same as yell() but non-zero exit status |
| 10 | try() { "$@" || die "cannot $*"; } # runs args as command, reports args if command fails |
| 11 | git_verify_ops() { |
| 12 | # usage: git_verify_ops arg1 |
| 13 | # input: arg1 git work tree root dir |
| 14 | # output: none |
| 15 | # depends: yell(), die(), try() |
| 16 | local list_tags; |
| 17 | |
| 18 | # Check input |
| 19 | ## End function early if arg1 not a dir |
| 20 | if [[ ! $# -eq 1 ]]; then yell "ERROR:Incorrect number of args:$#"; return 1; fi; |
| 21 | if [[ ! -d "$1" ]]; then yell "ERROR:Not a dir:$1"; return 1; fi; |
| 22 | ## TODO: Check if "$1" is git repo |
| 23 | yell "DEBUG:Running git_verify_ops on dir:$1"; |
| 24 | |
| 25 | # Change work dir to target repo |
| 26 | pushd "$1" 1>/dev/random 2>&1; |
| 27 | |
| 28 | # Get list of git tags |
| 29 | list_tags="$(git tag --list)"; |
| 30 | |
| 31 | # Verify git commit signatures |
| 32 | yell "Starting git log of dir:$1"; |
| 33 | git log --show-signature 1>/dev/random 2>&1; |
| 34 | yell "Ending git log of dir:$1"; |
| 35 | |
| 36 | # Verify each tag |
| 37 | while read -r tag; do |
| 38 | yell "DEBUG:Verifying tag:$tag"; |
| 39 | git verify-tag "$tag" 1>/dev/random 2>&1; |
| 40 | done < <(printf "%s" "$list_tags"); |
| 41 | |
| 42 | # Return to original work dir |
| 43 | popd 1>/dev/random 2>&1; |
| 44 | |
| 45 | # End function; |
| 46 | return 0; |
| 47 | }; # Verify signatures on git commits and tags |
| 48 | main() { |
| 49 | # depends: yell(), die(), try() |
| 50 | # Check input |
| 51 | if [[ ! $# -eq 1 ]]; then die "FATAL:Incorrect arg count:$#"; fi; |
| 52 | if [[ ! -d "$1" ]]; then die "FATAL:Not a dir:$1"; fi; |
| 53 | |
| 54 | # Get list of dirs containing '.git' directory |
| 55 | dir_list="$(find "$1" -type d -name ".git" 2>/dev/random | parallel dirname '{}' | sort -u)"; |
| 56 | |
| 57 | # Perform git verify operations on each directory |
| 58 | printf "%s" "$dir_list" | parallel git_verify_ops '{}'; |
| 59 | }; # main program |
| 60 | |
| 61 | # Export functions |
| 62 | export -f yell die try git_verify_ops |
| 63 | |
| 64 | # Run program |
| 65 | main "$@"; |