Skip to content

Commit

Permalink
If trusted key file is present - enforce signature check on pull
Browse files Browse the repository at this point in the history
  • Loading branch information
@antontsv
antontsv committed Mar 16, 2020
1 parent 6df3cc2 commit c643eb9
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions lib/commands/pull.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,10 @@ function pull {
# verify signature
local vout
# shellcheck disable=SC2154
if ! vout=$($verify_tool sigcheck -k "$trusted_keys_file" -p "$repo" -r FETCH_HEAD 2>&1);then
err "$EX_SOFTWARE" "Verify signature on fetched data, stopping pull for $repo. Signature check says:" "$vout"
if [ -r "$trusted_keys_file" ];then
if ! vout=$($verify_tool sigcheck -k "$trusted_keys_file" -p "$repo" -r FETCH_HEAD 2>&1);then
err "$EX_SOFTWARE" "Verify signature on fetched data, stopping pull for $repo. Signature check says:" "$vout"
fi;
fi;

if ! git_out=$(cd "$repo" && git merge FETCH_HEAD 2>&1);then
Expand Down

0 comments on commit c643eb9

Please sign in to comment.