feat: add git commit signing support

Signed-off-by: bryans-go <[email protected]>
daytonaio · Sep 29, 2024 · 63060a3 · 63060a3
1 parent 89305ae
commit 63060a3
Show file tree

Hide file tree

Showing 23 changed files with 702 additions and 46 deletions.
diff --git a/cmd/daytona/config/const.go b/cmd/daytona/config/const.go
@@ -89,6 +89,23 @@ func GetDocsLinkFromGitProvider(providerId string) string {
 	}
 }
 
+func GetDocsLinkForCommitSigning(providerId string) string {
+	switch providerId {
+	case "github", "github-enterprise-server":
+		return "https://docs.github.com/en/authentication/managing-commit-signature-verification"
+	case "gitlab", "gitlab-self-managed":
+		return "https://docs.gitlab.com/ee/user/project/repository/signed_commits"
+	case "gitea":
+		return "https://docs.gitea.com/administration/signing"
+	case "azure-devops":
+		return "https://learn.microsoft.com/en-us/azure/devops/repos/git/use-ssh-keys-to-authenticate?view=azure-devops"
+	case "aws-codecommit":
+		return "https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-ssh-unixes.html"
+	default:
+		return ""
+	}
+}
+
 func GetRequiredScopesFromGitProviderId(providerId string) string {
 	switch providerId {
 	case "github":

diff --git a/internal/testing/git/mocks/gitservice.go b/internal/testing/git/mocks/gitservice.go
@@ -31,8 +31,8 @@ func (m *MockGitService) RepositoryExists() (bool, error) {
 	return args.Bool(0), args.Error(1)
 }
 
-func (m *MockGitService) SetGitConfig(userData *gitprovider.GitUser) error {
-	args := m.Called(userData)
+func (m *MockGitService) SetGitConfig(userData *gitprovider.GitUser, providerConfig *gitprovider.GitProviderConfig) error {
+	args := m.Called(userData, providerConfig)
 	return args.Error(0)
 }
 

diff --git a/pkg/agent/agent.go b/pkg/agent/agent.go
@@ -112,7 +112,14 @@ func (a *Agent) startProjectMode() error {
 		}
 	}
 
-	err = a.Git.SetGitConfig(gitUser)
+	var providerConfig *gitprovider.GitProviderConfig
+	if gitProvider != nil {
+		providerConfig = &gitprovider.GitProviderConfig{
+			SigningMethod: (*gitprovider.SigningMethod)(gitProvider.SigningMethod),
+			SigningKey:    gitProvider.SigningKey,
+		}
+	}
+	err = a.Git.SetGitConfig(gitUser, providerConfig)
 	if err != nil {
 		log.Error(fmt.Sprintf("failed to set git config: %s", err))
 	}

diff --git a/pkg/agent/agent_test.go b/pkg/agent/agent_test.go
@@ -75,7 +75,7 @@ func TestAgent(t *testing.T) {
 
 	mockGitService := mock_git.NewMockGitService()
 	mockGitService.On("RepositoryExists").Return(true, nil)
-	mockGitService.On("SetGitConfig", mock.Anything).Return(nil)
+	mockGitService.On("SetGitConfig", mock.Anything, mock.Anything).Return(nil)
 	mockGitService.On("GetGitStatus").Return(gitStatus1, nil)
 
 	mockSshServer := mocks.NewMockSshServer()

diff --git a/pkg/api/controllers/gitprovider/dto/dto.go b/pkg/api/controllers/gitprovider/dto/dto.go
@@ -8,8 +8,10 @@ type RepositoryUrl struct {
 } // @name RepositoryUrl
 
 type SetGitProviderConfig struct {
-	Id         string  `json:"id" validate:"required"`
-	Username   *string `json:"username" validate:"optional"`
-	Token      string  `json:"token" validate:"required"`
-	BaseApiUrl *string `json:"baseApiUrl,omitempty" validate:"optional"`
+	Id            string  `json:"id" validate:"required"`
+	Username      *string `json:"username" validate:"optional"`
+	Token         string  `json:"token" validate:"required"`
+	BaseApiUrl    *string `json:"baseApiUrl,omitempty" validate:"optional"`
+	SigningKey    *string `json:"signingKey" validate:"optional"`
+	SigningMethod *string `json:"signingMethod" validate:"optional"`
 } // @name SetGitProviderConfig
diff --git a/pkg/api/controllers/gitprovider/gitprovider.go b/pkg/api/controllers/gitprovider/gitprovider.go
@@ -132,9 +132,11 @@ func SetGitProvider(ctx *gin.Context) {
 	}
 
 	gitProviderConfig := gitprovider.GitProviderConfig{
-		Id:         setConfigDto.Id,
-		Token:      setConfigDto.Token,
-		BaseApiUrl: setConfigDto.BaseApiUrl,
+		Id:            setConfigDto.Id,
+		Token:         setConfigDto.Token,
+		BaseApiUrl:    setConfigDto.BaseApiUrl,
+		SigningKey:    setConfigDto.SigningKey,
+		SigningMethod: (*gitprovider.SigningMethod)(setConfigDto.SigningMethod),
 	}
 
 	if setConfigDto.Username != nil {

diff --git a/pkg/api/docs/docs.go b/pkg/api/docs/docs.go
@@ -2159,6 +2159,12 @@ const docTemplate = `{
                 "id": {
                     "type": "string"
                 },
+                "signingKey": {
+                    "type": "string"
+                },
+                "signingMethod": {
+                    "$ref": "#/definitions/SigningMethod"
+                },
                 "token": {
                     "type": "string"
                 },
@@ -2689,6 +2695,12 @@ const docTemplate = `{
                 "id": {
                     "type": "string"
                 },
+                "signingKey": {
+                    "type": "string"
+                },
+                "signingMethod": {
+                    "type": "string"
+                },
                 "token": {
                     "type": "string"
                 },
@@ -2711,6 +2723,19 @@ const docTemplate = `{
                 }
             }
         },
+        "SigningMethod": {
+            "type": "string",
+            "enum": [
+                "ssh",
+                "gpg",
+                "none"
+            ],
+            "x-enum-varnames": [
+                "SigningMethodSSH",
+                "SigningMethodGPG",
+                "siginingMethodNone"
+            ]
+        },
         "Status": {
             "type": "string",
             "enum": [

diff --git a/pkg/api/docs/swagger.json b/pkg/api/docs/swagger.json
@@ -2156,6 +2156,12 @@
                 "id": {
                     "type": "string"
                 },
+                "signingKey": {
+                    "type": "string"
+                },
+                "signingMethod": {
+                    "$ref": "#/definitions/SigningMethod"
+                },
                 "token": {
                     "type": "string"
                 },
@@ -2686,6 +2692,12 @@
                 "id": {
                     "type": "string"
                 },
+                "signingKey": {
+                    "type": "string"
+                },
+                "signingMethod": {
+                    "type": "string"
+                },
                 "token": {
                     "type": "string"
                 },
@@ -2708,6 +2720,19 @@
                 }
             }
         },
+        "SigningMethod": {
+            "type": "string",
+            "enum": [
+                "ssh",
+                "gpg",
+                "none"
+            ],
+            "x-enum-varnames": [
+                "SigningMethodSSH",
+                "SigningMethodGPG",
+                "siginingMethodNone"
+            ]
+        },
         "Status": {
             "type": "string",
             "enum": [

diff --git a/pkg/api/docs/swagger.yaml b/pkg/api/docs/swagger.yaml
@@ -284,6 +284,10 @@ definitions:
         type: string
       id:
         type: string
+      signingKey:
+        type: string
+      signingMethod:
+        $ref: '#/definitions/SigningMethod'
       token:
         type: string
       username:
@@ -652,6 +656,10 @@ definitions:
         type: string
       id:
         type: string
+      signingKey:
+        type: string
+      signingMethod:
+        type: string
       token:
         type: string
       username:
@@ -669,6 +677,16 @@ definitions:
     required:
     - uptime
     type: object
+  SigningMethod:
+    enum:
+    - ssh
+    - gpg
+    - none
+    type: string
+    x-enum-varnames:
+    - SigningMethodSSH
+    - SigningMethodGPG
+    - siginingMethodNone
   Status:
     enum:
     - Unmodified

diff --git a/pkg/apiclient/README.md b/pkg/apiclient/README.md
@@ -186,6 +186,7 @@ Class | Method | HTTP request | Description
  - [ServerConfig](docs/ServerConfig.md)
  - [SetGitProviderConfig](docs/SetGitProviderConfig.md)
  - [SetProjectState](docs/SetProjectState.md)
+ - [SigningMethod](docs/SigningMethod.md)
  - [Status](docs/Status.md)
  - [Workspace](docs/Workspace.md)
  - [WorkspaceDTO](docs/WorkspaceDTO.md)

diff --git a/pkg/apiclient/api/openapi.yaml b/pkg/apiclient/api/openapi.yaml
@@ -1713,14 +1713,20 @@ components:
     GitProvider:
       example:
         baseApiUrl: baseApiUrl
+        signingKey: signingKey
         id: id
+        signingMethod: null
         token: token
         username: username
       properties:
         baseApiUrl:
           type: string
         id:
           type: string
+        signingKey:
+          type: string
+        signingMethod:
+          $ref: '#/components/schemas/SigningMethod'
         token:
           type: string
         username:
@@ -2280,14 +2286,20 @@ components:
     SetGitProviderConfig:
       example:
         baseApiUrl: baseApiUrl
+        signingKey: signingKey
         id: id
+        signingMethod: signingMethod
         token: token
         username: username
       properties:
         baseApiUrl:
           type: string
         id:
           type: string
+        signingKey:
+          type: string
+        signingMethod:
+          type: string
         token:
           type: string
         username:
@@ -2321,6 +2333,16 @@ components:
       required:
       - uptime
       type: object
+    SigningMethod:
+      enum:
+      - ssh
+      - gpg
+      - none
+      type: string
+      x-enum-varnames:
+      - SigningMethodSSH
+      - SigningMethodGPG
+      - siginingMethodNone
     Status:
       enum:
       - Unmodified

diff --git a/pkg/apiclient/docs/GitProvider.md b/pkg/apiclient/docs/GitProvider.md
@@ -6,6 +6,8 @@ Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **BaseApiUrl** | Pointer to **string** |  | [optional] 
 **Id** | **string** |  | 
+**SigningKey** | Pointer to **string** |  | [optional] 
+**SigningMethod** | Pointer to [**SigningMethod**](SigningMethod.md) |  | [optional] 
 **Token** | **string** |  | 
 **Username** | **string** |  | 
 
@@ -73,6 +75,56 @@ and a boolean to check if the value has been set.
 SetId sets Id field to given value.
 
 
+### GetSigningKey
+
+`func (o *GitProvider) GetSigningKey() string`
+
+GetSigningKey returns the SigningKey field if non-nil, zero value otherwise.
+
+### GetSigningKeyOk
+
+`func (o *GitProvider) GetSigningKeyOk() (*string, bool)`
+
+GetSigningKeyOk returns a tuple with the SigningKey field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetSigningKey
+
+`func (o *GitProvider) SetSigningKey(v string)`
+
+SetSigningKey sets SigningKey field to given value.
+
+### HasSigningKey
+
+`func (o *GitProvider) HasSigningKey() bool`
+
+HasSigningKey returns a boolean if a field has been set.
+
+### GetSigningMethod
+
+`func (o *GitProvider) GetSigningMethod() SigningMethod`
+
+GetSigningMethod returns the SigningMethod field if non-nil, zero value otherwise.
+
+### GetSigningMethodOk
+
+`func (o *GitProvider) GetSigningMethodOk() (*SigningMethod, bool)`
+
+GetSigningMethodOk returns a tuple with the SigningMethod field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetSigningMethod
+
+`func (o *GitProvider) SetSigningMethod(v SigningMethod)`
+
+SetSigningMethod sets SigningMethod field to given value.
+
+### HasSigningMethod
+
+`func (o *GitProvider) HasSigningMethod() bool`
+
+HasSigningMethod returns a boolean if a field has been set.
+
 ### GetToken
 
 `func (o *GitProvider) GetToken() string`