aboutsummaryrefslogtreecommitdiff
path: root/contrib/verify-commits/gpg.sh
diff options
context:
space:
mode:
authorMatt Corallo <git@bluematt.me>2014-10-27 00:07:25 -0700
committerMatt Corallo <git@bluematt.me>2014-12-20 00:39:42 -0500
commitadaa568722e59cde510c5fe1997c49cbb9d7db12 (patch)
treed392d4c3467c229e54d19c835c9bd497e6917aff /contrib/verify-commits/gpg.sh
parent13c077c7cfe9f367c721f3d99924b3d568afb4d0 (diff)
downloadbitcoin-adaa568722e59cde510c5fe1997c49cbb9d7db12.tar.xz
Add script to verify all merge commits are signed
Diffstat (limited to 'contrib/verify-commits/gpg.sh')
-rwxr-xr-xcontrib/verify-commits/gpg.sh15
1 files changed, 15 insertions, 0 deletions
diff --git a/contrib/verify-commits/gpg.sh b/contrib/verify-commits/gpg.sh
new file mode 100755
index 0000000000..6b5137e7b5
--- /dev/null
+++ b/contrib/verify-commits/gpg.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+INPUT=$(</dev/stdin)
+VALID=false
+IFS=$'\n'
+for LINE in $(echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null); do
+ case "$LINE" in "[GNUPG:] VALIDSIG"*)
+ while read KEY; do
+ case "$LINE" in "[GNUPG:] VALIDSIG $KEY "*) VALID=true;; esac
+ done < ./contrib/verify-commits/trusted-keys
+ esac
+done
+if ! $VALID; then
+ exit 1
+fi
+echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null
generated by cgit v1.2.3 (git 2.26.2) at 2024-07-15 18:43:22 +0000