multi-gitter run does not sign commits

[jetersen]

Describe the bug
Should be able to understand signing commits

To Reproduce
Steps to reproduce the behavior:

1. Run multi-gitter run -xxx
2. git verify-commit HEAD

Expected behavior
Commits are signed

Additional context
Changing git-type to cmd does not work

git-type: cmd

[lemeurherve]

AFAIU a SignKey should be added after the Author here, but I didn't found how to declare an openpgp.Entity

[lindell]

@jetersen When running with --git-type=cmd, did you have git configured to always sign commits? (git config --global commit.gpgsign true).

If implemented, I would be happy to merge a PR that adds support for signing natively in both git modes. But that should be behind a flag since it's not the default git behavior. (behind the -S flag).

[jetersen]

@lemeurherve mentioned he already tried: https://gist.github.com/lemeurherve/e2cd5d883ffa93ae21549dc78d4422ae?permalink_comment_id=4236233#gistcomment-4236233

[lindell]

I think I've tried that too.

Can you please confirm that this is actually the case?

When I try to run it I get this:

I don't have gpg set up on in this terminal, so the error is expected, but it tries to sign the commit.

[jetersen]

I can give it a shot :)

[lemeurherve]

I think I've tried that too.

Can you please confirm that this is actually the case?

When I try to run it I get this:

If I remember correctly it's the same error I've got. I'll try again later today (hopefully) and let you know too.

[jetersen]

@lemeurherve it worked for me: jenkinsci/jenkins-infra-test-plugin#40

Question is do you have a password on your key?
Have you enabled gpg agent to store password temporarily.

Perhaps you need to configure for interactivity so you could enter your password? Not sure if git would detect the tty being available.

One trick you can do regarding gpg commit signing is create a subkey without password. If you want to keep to master key secure.
I tried that but decided against it after some issues with other applications.

[jetersen]

While testing though I found conditional logic bug, for some reason it says the feature branch existed even though it was a new fork. This was using git-type: cmd had to change conflict strategy to replace

multi-gitter/internal/multigitter/run.go

Line 294 in eb15db4

} else if featureBranchExist && r.ConflictStrategy == ConflictStrategySkip {

concurrent: 1
git-type: cmd
conflict-strategy: replace
fork: true
fork-owner: jetersen-cloud
log-file: '-'
log-format: text
log-level: debug
repo:
  - jenkinsci/jenkins-infra-test-plugin
branch: test-multi-gitter
commit-message: Testing Multi Gitter
pr-title: Testing multi-gitter
pr-body: |
  Testing out the multi-gitter with gpg signing.

  Sweet 💣

[jetersen]

Although it would be nice to support -S sign and -s signoff as flags in git-type: cmd

[lindell]

@jetersen In regards to the newly created fork and the branch already existing. Could the branch name have existed in the original repo, before the fork? In that case the branch would have been copied to the fork, and it would exist.

[lindell]

Although it would be nice to support -S sign and -s signoff as flags in git-type: cmd

I've been thinking of creating a new flag/setting called something like "--extra-commit-args" that would only work with git-type: cmd. That way it would be possible to use these, and other features before it's implemented for real in multi-gitter, or things that might not ever be implemented.

[jetersen]

--extra-commit-args makes sense :)

[lemeurherve]

I think I've tried that too.

Can you please confirm that this is actually the case?
When I try to run it I get this:

If I remember correctly it's the same error I've got. I'll try again later today (hopefully) and let you know too.

I've made another test today, and it's working as intended, I must have missed the passphrase prompt the first time, sorry for the noise.

NB: +1 for the --extra-commit-args!

[Sam13]

@jetersen When running with --git-type=cmd, did you have git configured to always sign commits? (git config --global commit.gpgsign true).

@lindell I had to remove author-email and author-name from my multi-gitter configuration file to get signed GIT commits although correctly configured via git config.
Probably this section of the GIT configuration is not used when environment variables are set for author and commiter?

multi-gitter/internal/git/cmdgit/git.go

Line 87 in 8334e34

cmd.Env = append(cmd.Env,