feat: add git commit signing support

Signed-off-by: bryans-go <[email protected]>

cmd/daytona/config/const.go

@@ -89,6 +89,29 @@ func GetDocsLinkFromGitProvider(providerId string) string {
 	}
 }
 
+func GetDocsLinkForCommitSigning(providerId string) string {
+	switch providerId {
+	case "github", "github-enterprise-server":
+		return "https://docs.github.com/en/authentication/managing-commit-signature-verification"
+	case "gitlab", "gitlab-self-managed":
+		return "https://docs.gitlab.com/ee/user/project/repository/signed_commits"
+	case "bitbucket":
+		return "https://confluence.atlassian.com/bitbucketserver/using-gpg-keys-913477014.html"
+	case "bitbucket-server":
+		return "https://confluence.atlassian.com/bitbucketserver/using-ssh-keys-to-secure-git-operations-776639772.html"
+	case "gitea":
+		return "https://docs.gitea.com/administration/signing"
+	case "gitness":
+		return "https://developer.harness.io/docs/platform/secrets/add-use-ssh-secrets/"
+	case "azure-devops":
+		return "https://learn.microsoft.com/en-us/azure/devops/repos/git/use-ssh-keys-to-authenticate?view=azure-devops"
+	case "aws-codecommit":
+		return "https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-ssh-unixes.html"
+	default:
+		return ""
+	}
+}
+
 func GetRequiredScopesFromGitProviderId(providerId string) string {
 	switch providerId {
 	case "github":

internal/testing/git/mocks/gitservice.go

@@ -31,8 +31,8 @@ func (m *MockGitService) RepositoryExists() (bool, error) {
 	return args.Bool(0), args.Error(1)
 }
 
-func (m *MockGitService) SetGitConfig(userData *gitprovider.GitUser) error {
-	args := m.Called(userData)
+func (m *MockGitService) SetGitConfig(userData *gitprovider.GitUser, providerConfig *gitprovider.GitProviderConfig) error {
+	args := m.Called(userData, providerConfig)
 	return args.Error(0)
 }
 

pkg/agent/agent.go

@@ -112,7 +112,14 @@ func (a *Agent) startProjectMode() error {
 		}
 	}
 
-	err = a.Git.SetGitConfig(gitUser)
+	var providerConfig *gitprovider.GitProviderConfig
+	if gitProvider != nil {
+		providerConfig = &gitprovider.GitProviderConfig{
+			SigningMethod: gitProvider.SigningMethod,
+			SigningKey:    gitProvider.SigningKey,
+		}
+	}
+	err = a.Git.SetGitConfig(gitUser, providerConfig)
 	if err != nil {
 		log.Error(fmt.Sprintf("failed to set git config: %s", err))
 	}

pkg/agent/agent_test.go

@@ -75,7 +75,7 @@ func TestAgent(t *testing.T) {
 
 	mockGitService := mock_git.NewMockGitService()
 	mockGitService.On("RepositoryExists").Return(true, nil)
-	mockGitService.On("SetGitConfig", mock.Anything).Return(nil)
+	mockGitService.On("SetGitConfig", mock.Anything, mock.Anything).Return(nil)
 	mockGitService.On("GetGitStatus").Return(gitStatus1, nil)
 
 	mockSshServer := mocks.NewMockSshServer()

pkg/api/controllers/gitprovider/dto/dto.go

@@ -8,8 +8,10 @@ type RepositoryUrl struct {
 } // @name RepositoryUrl
 
 type SetGitProviderConfig struct {
-	Id         string  `json:"id" validate:"required"`
-	Username   *string `json:"username" validate:"optional"`
-	Token      string  `json:"token" validate:"required"`
-	BaseApiUrl *string `json:"baseApiUrl,omitempty" validate:"optional"`
+	Id            string  `json:"id" validate:"required"`
+	Username      *string `json:"username" validate:"optional"`
+	Token         string  `json:"token" validate:"required"`
+	BaseApiUrl    *string `json:"baseApiUrl,omitempty" validate:"optional"`
+	SigningKey    *string `json:"signingKey" validate:"optional"`
+	SigningMethod *string `json:"signingMethod" validate:"optional"`
 } // @name SetGitProviderConfig

pkg/api/controllers/gitprovider/gitprovider.go

@@ -141,6 +141,14 @@ func SetGitProvider(ctx *gin.Context) {
 		gitProviderConfig.Username = *setConfigDto.Username
 	}
 
+	if setConfigDto.SigningKey != nil {
+		gitProviderConfig.SigningKey = *setConfigDto.SigningKey
+	}
+
+	if setConfigDto.SigningMethod != nil {
+		gitProviderConfig.SigningMethod = *setConfigDto.SigningMethod
+	}
+
 	server := server.GetInstance(nil)
 
 	err = server.GitProviderService.SetGitProviderConfig(&gitProviderConfig)

pkg/api/docs/docs.go

@@ -2149,6 +2149,8 @@ const docTemplate = `{
             "type": "object",
             "required": [
                 "id",
+                "signingKey",
+                "signingMethod",
                 "token",
                 "username"
             ],
@@ -2159,6 +2161,12 @@ const docTemplate = `{
                 "id": {
                     "type": "string"
                 },
+                "signingKey": {
+                    "type": "string"
+                },
+                "signingMethod": {
+                    "type": "string"
+                },
                 "token": {
                     "type": "string"
                 },
@@ -2689,6 +2697,12 @@ const docTemplate = `{
                 "id": {
                     "type": "string"
                 },
+                "signingKey": {
+                    "type": "string"
+                },
+                "signingMethod": {
+                    "type": "string"
+                },
                 "token": {
                     "type": "string"
                 },

pkg/api/docs/swagger.json

@@ -2146,6 +2146,8 @@
             "type": "object",
             "required": [
                 "id",
+                "signingKey",
+                "signingMethod",
                 "token",
                 "username"
             ],
@@ -2156,6 +2158,12 @@
                 "id": {
                     "type": "string"
                 },
+                "signingKey": {
+                    "type": "string"
+                },
+                "signingMethod": {
+                    "type": "string"
+                },
                 "token": {
                     "type": "string"
                 },
@@ -2686,6 +2694,12 @@
                 "id": {
                     "type": "string"
                 },
+                "signingKey": {
+                    "type": "string"
+                },
+                "signingMethod": {
+                    "type": "string"
+                },
                 "token": {
                     "type": "string"
                 },

pkg/api/docs/swagger.yaml

@@ -284,12 +284,18 @@ definitions:
         type: string
       id:
         type: string
+      signingKey:
+        type: string
+      signingMethod:
+        type: string
       token:
         type: string
       username:
         type: string
     required:
     - id
+    - signingKey
+    - signingMethod
     - token
     - username
     type: object
@@ -652,6 +658,10 @@ definitions:
         type: string
       id:
         type: string
+      signingKey:
+        type: string
+      signingMethod:
+        type: string
       token:
         type: string
       username:

pkg/apiclient/api/openapi.yaml

@@ -1713,20 +1713,28 @@ components:
     GitProvider:
       example:
         baseApiUrl: baseApiUrl
+        signingKey: signingKey
         id: id
+        signingMethod: signingMethod
         token: token
         username: username
       properties:
         baseApiUrl:
           type: string
         id:
           type: string
+        signingKey:
+          type: string
+        signingMethod:
+          type: string
         token:
           type: string
         username:
           type: string
       required:
       - id
+      - signingKey
+      - signingMethod
       - token
       - username
       type: object
@@ -2280,14 +2288,20 @@ components:
     SetGitProviderConfig:
       example:
         baseApiUrl: baseApiUrl
+        signingKey: signingKey
         id: id
+        signingMethod: signingMethod
         token: token
         username: username
       properties:
         baseApiUrl:
           type: string
         id:
           type: string
+        signingKey:
+          type: string
+        signingMethod:
+          type: string
         token:
           type: string
         username:

pkg/apiclient/docs/GitProvider.md

@@ -6,14 +6,16 @@ Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **BaseApiUrl** | Pointer to **string** |  | [optional] 
 **Id** | **string** |  | 
+**SigningKey** | **string** |  | 
+**SigningMethod** | **string** |  | 
 **Token** | **string** |  | 
 **Username** | **string** |  | 
 
 ## Methods
 
 ### NewGitProvider
 
-`func NewGitProvider(id string, token string, username string, ) *GitProvider`
+`func NewGitProvider(id string, signingKey string, signingMethod string, token string, username string, ) *GitProvider`
 
 NewGitProvider instantiates a new GitProvider object
 This constructor will assign default values to properties that have it defined,
@@ -73,6 +75,46 @@ and a boolean to check if the value has been set.
 SetId sets Id field to given value.
 
 
+### GetSigningKey
+
+`func (o *GitProvider) GetSigningKey() string`
+
+GetSigningKey returns the SigningKey field if non-nil, zero value otherwise.
+
+### GetSigningKeyOk
+
+`func (o *GitProvider) GetSigningKeyOk() (*string, bool)`
+
+GetSigningKeyOk returns a tuple with the SigningKey field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetSigningKey
+
+`func (o *GitProvider) SetSigningKey(v string)`
+
+SetSigningKey sets SigningKey field to given value.
+
+
+### GetSigningMethod
+
+`func (o *GitProvider) GetSigningMethod() string`
+
+GetSigningMethod returns the SigningMethod field if non-nil, zero value otherwise.
+
+### GetSigningMethodOk
+
+`func (o *GitProvider) GetSigningMethodOk() (*string, bool)`
+
+GetSigningMethodOk returns a tuple with the SigningMethod field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetSigningMethod
+
+`func (o *GitProvider) SetSigningMethod(v string)`
+
+SetSigningMethod sets SigningMethod field to given value.
+
+
 ### GetToken
 
 `func (o *GitProvider) GetToken() string`

pkg/apiclient/docs/SetGitProviderConfig.md

@@ -6,6 +6,8 @@ Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **BaseApiUrl** | Pointer to **string** |  | [optional] 
 **Id** | **string** |  | 
+**SigningKey** | Pointer to **string** |  | [optional] 
+**SigningMethod** | Pointer to **string** |  | [optional] 
 **Token** | **string** |  | 
 **Username** | Pointer to **string** |  | [optional] 
 
@@ -73,6 +75,56 @@ and a boolean to check if the value has been set.
 SetId sets Id field to given value.
 
 
+### GetSigningKey
+
+`func (o *SetGitProviderConfig) GetSigningKey() string`
+
+GetSigningKey returns the SigningKey field if non-nil, zero value otherwise.
+
+### GetSigningKeyOk
+
+`func (o *SetGitProviderConfig) GetSigningKeyOk() (*string, bool)`
+
+GetSigningKeyOk returns a tuple with the SigningKey field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetSigningKey
+
+`func (o *SetGitProviderConfig) SetSigningKey(v string)`
+
+SetSigningKey sets SigningKey field to given value.
+
+### HasSigningKey
+
+`func (o *SetGitProviderConfig) HasSigningKey() bool`
+
+HasSigningKey returns a boolean if a field has been set.
+
+### GetSigningMethod
+
+`func (o *SetGitProviderConfig) GetSigningMethod() string`
+
+GetSigningMethod returns the SigningMethod field if non-nil, zero value otherwise.
+
+### GetSigningMethodOk
+
+`func (o *SetGitProviderConfig) GetSigningMethodOk() (*string, bool)`
+
+GetSigningMethodOk returns a tuple with the SigningMethod field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetSigningMethod
+
+`func (o *SetGitProviderConfig) SetSigningMethod(v string)`
+
+SetSigningMethod sets SigningMethod field to given value.
+
+### HasSigningMethod
+
+`func (o *SetGitProviderConfig) HasSigningMethod() bool`
+
+HasSigningMethod returns a boolean if a field has been set.
+
 ### GetToken
 
 `func (o *SetGitProviderConfig) GetToken() string`