Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

signing with login shell #5910

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

signing with login shell #5910

wants to merge 3 commits into from
+165 −145

Conversation

Byron
Copy link
Collaborator

@Byron Byron commented Jan 9, 2025
edited
Loading

Use a login shell for spawning the programs to sign a buffer.

Related to #5839 and #5022.

Tasks

  • cleanup
  • use shell for any invocation
  • use login shell
  • additional fix: use gix for all Git configuration

Notes for the Reviewer

  • I did some testing regarding signing, and the UI picking up signing related configuration, but that probably didn't run all the codepaths that changed.
  • Fetching git configuration (one key at a time like the UI does) is now about 25% to 40% slower, at ~120microseconds. Still within the range I think.

Research

Environment variables in a release application

Launching a release application on MacOS (through the finder) yields the following environment variables.

  (
        "TMPDIR",
        "/var/folders/x7/jgy95vjs3v3ffszwn0wg0gz80000gn/T/",
    ),
    (
        "__CFBundleIdentifier",
        "com.apple.Terminal",
    ),
    (
        "XPC_FLAGS",
        "0x0",
    ),
    (
        "TERM",
        "xterm-256color",
    ),
    (
        "SSH_AUTH_SOCK",
        "/Users/byron/.gnupg/S.gpg-agent.ssh",
    ),
    (
        "XPC_SERVICE_NAME",
        "0",
    ),
    (
        "TERM_PROGRAM",
        "Apple_Terminal",
    ),
    (
        "TERM_PROGRAM_VERSION",
        "455",
    ),
    (
        "TERM_SESSION_ID",
        "<redacted>",
    ),
    (
        "SHELL",
        "/bin/zsh",
    ),
    (
        "HOME",
        "/Users/byron",
    ),
    (
        "LOGNAME",
        "byron",
    ),
    (
        "USER",
        "byron",
    ),
    (
        "PATH",
        "<redacted, but looks complete>",
    ),
    (
        "SHLVL",
        "1",
    ),
    (
        "PWD",
        "/Users/byron",
    ),
    (
        "OLDPWD",
        "/Users/byron",
    ),
    (
        "ZSH",
        "/Users/byron/.oh-my-zsh",
    ),
    (
        "PAGER",
        "less",
    ),
    (
        "LESS",
        "-R",
    ),
    (
        "LSCOLORS",
        "Gxfxcxdxbxegedabagacad",
    ),
    (
        "LS_COLORS",
        "di=1;36:ln=35:so=32:pi=33:ex=31:bd=34;46:cd=34;43:su=30;41:sg=30;46:tw=30;42:ow=30;43",
    ),
    (
        "HOMEBREW_PREFIX",
        "/opt/homebrew",
    ),
    (
        "HOMEBREW_CELLAR",
        "/opt/homebrew/Cellar",
    ),
    (
        "HOMEBREW_REPOSITORY",
        "/opt/homebrew",
    ),
    (
        "INFOPATH",
        "/opt/homebrew/share/info:/opt/homebrew/share/info:",
    ),
    (
        "GPG_TTY",
        "/dev/ttys005",
    ),
    (
        "EDITOR",
        "hx",
    ),
    (
        "BAT_THEME",
        "TwoDark",
    ),
    (
        "STARSHIP_SHELL",
        "zsh",
    ),
    (
        "STARSHIP_SESSION_KEY",
    ),
    (
        "HOMEBREW_NO_ANALYTICS",
        "1",
    ),
    (
        "LC_CTYPE",
        "UTF-8",
    ),
    (
        "_",
        "/Users/byron/dev/github.com/gitbutlerapp/gitbutler/target/debug/gitbutler-tauri",
    ),
    (
        "__CF_USER_TEXT_ENCODING",
        "0x1F5:0x0:0x0",
    ),
]

It looks like $SHELL can be used to figure out the login shell at least on MacOS. It's notable how many other additional variables are available, as if it was opened through a login shell already.

It really seems that a lot, but not all, of the login shell environment is picked up. It's unclear why

@vercel Vercel
Copy link

vercel bot commented Jan 9, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
gitbutler-components ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jan 9, 2025 2:33pm

@vercel Vercel
Copy link

vercel bot commented Jan 9, 2025

@Byron is attempting to deploy a commit to the GitButler Team on Vercel.

A member of the Team first needs to authorize it.

@github-actions github-actions bot added the rust Pull requests that update Rust code label Jan 9, 2025
Byron added 2 commits January 9, 2025 15:08
@Byron
Use gix-config to be able to pick up more configuration.
6130797 
Some parts of `git configuration` aren't implemented in `git2`, and it's
the kind of configuration that's typically used to configure signing keys
dynamically.
@Byron
Use the login shell when invoking the signing binary (gitbutlerapp#5839)
64f558b 
That way it should pick up all configuration just as it does
when invoking it from the terminal.
@Byron Byron force-pushed the signing-login-shell branch from 22b230a to 69d4472 Compare January 9, 2025 14:22
@Byron
Use gitoxide for all Git configuration
f4f26dc 
It's a fully fledged implementation that should be able to pick
up additional special cases.

Useful for users who configure things per repository.
@Byron Byron force-pushed the signing-login-shell branch from 69d4472 to f4f26dc Compare January 9, 2025 14:32
@Byron Byron marked this pull request as ready for review January 9, 2025 14:38
Byron
Byron commented Jan 9, 2025
View reviewed changes
Copy link
Collaborator Author

@Byron Byron left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I definitely changed more than originally planned, as I also added gix to read Git configuration. As it fully implements Git configuration, it will pick up more 'special' configuration that users might have to adjust their signing keys based on the repository at hand. git2 doesn't implement hasconfig.

Also note the config.trusted_program() calls which is gitoxides way of assuring no configuration of untrusted users (i.e. all others) is picked up to define which program to execute automatically.

crates/gitbutler-repo/src/repository_ext.rs
pub fn command_with_login_shell(shell_cmd: impl Into<OsString>) -> std::process::Command {
gix::command::prepare(shell_cmd)
.with_shell_disallow_manual_argument_splitting()
.with_shell_program(std::env::var_os("SHELL").unwrap_or("bash".into()))
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is how the hooks crate does it as well and it seems to work for hooks.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Byron Do we need to the same windows bash.exe lookup that the git2_hooks does?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://docs.rs/git2-hooks/latest/src/git2_hooks/hookspath.rs.html#179

slamp
slamp reviewed Jan 9, 2025
View reviewed changes
Copy link

@slamp slamp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't see any basic stuff that seemed wrong or incorrect to me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Caleb-T-Owens Caleb-T-Owens Caleb-T-Owens left review comments

@slamp slamp slamp left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Byron @slamp @Caleb-T-Owens