workflows: add git-sync

improve performance

.gitea/workflows/git-sync.yaml

@@ -0,0 +1,40 @@
+name: git-sync-with-mirror
+
+on:
+  push:
+    branches: [ master ]
+  workflow_dispatch:
+
+jobs:
+  git-sync:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: git-sync
+        env:
+          git_sync_source_repo: git@git.fridu.us:heckyel/git-snapsign.git
+          git_sync_destination_repo: ssh://git@c.fridu.us/software/git-snapsign.git
+        if: env.git_sync_source_repo && env.git_sync_destination_repo
+        uses: astounds/git-sync@v1
+        with:
+          source_repo: git@git.fridu.us:heckyel/git-snapsign.git
+          source_branch: "master"
+          destination_repo: ssh://git@c.fridu.us/software/git-snapsign.git
+          destination_branch: "master"
+          source_ssh_private_key: ${{ secrets.GIT_SYNC_SOURCE_SSH_PRIVATE_KEY }}
+          destination_ssh_private_key:  ${{ secrets.GIT_SYNC_DESTINATION_SSH_PRIVATE_KEY }}
+
+      - name: git-sync-sourcehut
+        env:
+          git_sync_source_repo: git@git.fridu.us:heckyel/git-snapsign.git
+          git_sync_destination_repo: git@git.sr.ht:~heckyel/git-snapsign
+        if: env.git_sync_source_repo && env.git_sync_destination_repo
+        uses: astounds/git-sync@v1
+        with:
+          source_repo: git@git.fridu.us:heckyel/git-snapsign.git
+          source_branch: "master"
+          destination_repo: git@git.sr.ht:~heckyel/git-snapsign
+          destination_branch: "master"
+          source_ssh_private_key: ${{ secrets.GIT_SYNC_SOURCE_SSH_PRIVATE_KEY }}
+          destination_ssh_private_key:  ${{ secrets.GIT_SYNC_DESTINATION_SSH_PRIVATE_KEY }}
+        continue-on-error: true

Makefile

@@ -47,7 +47,7 @@ install: info
 
 info:
 	@cd docs && makeinfo git-snapsign.texi
-	@cd docs && makeinfo --html git-snapsign.texi
+	@cd docs && makeinfo --html --output=$(PROJECT_NAME) git-snapsign.texi
 
 tar.gz:
 	@tar -czf $(PROJECT_NAME)-$(VERSION).tar.gz --transform "s|^|$(PROJECT_NAME)-$(VERSION)/|" --owner 0 --group 0 \

README.md

@@ -4,7 +4,9 @@ A small git-integrated script to sign a repository archive tarball for use with
 
 ## Usage
 
-    git-snapsign [--dry-run] [--force] [-s <key-id>] [-F <fmt>] [-p <pfx>] -t <tag>
+```console
+$ git-snapsign [--dry-run] [--force] [-s <key-id>] [-F <fmt>] [-p <pfx>] -t <tag>
+```
 
 `git-snapsign` will create a detached signature for archive output from
 `git-archive(1)` for `<tag>` and add it to the tag's notes in the
@@ -49,18 +51,32 @@ the snapshots it offers on the repository's summary page.
 
 Create a signature for the archive tarball at tag v1.0.0.
 
-    git-snapsign -t v1.0.0
+```console
+$ git-snapsign -t v1.0.0
+```
 
 Same as above but use the zip format.
 
-    git-snapsign -F zip -t v1.0.0
+```console
+$ git-snapsign -F zip -t v1.0.0
+```
 
 Create a signature with the key corresponding to heckyel@hyperbola.info
 
-    git-snapsign -s 4DF21B6A7C1021B25C360914F6EE7BC59A315766 -t v1.0.0
+```console
+$ git-snapsign -s 4DF21B6A7C1021B25C360914F6EE7BC59A315766 -t v1.0.0
+```
 
 Use "linux-libre-lts" to create the archive prefix. Useful for when the repository
 basename is not the canonical name of the project. For example, the
 linux-libre-lts project may wish to set the prefix this way.
 
-    git-snapsign -p linux-libre-lts -t v5.4.96
+```console
+$ git-snapsign -p linux-libre-lts -t v5.4.96
+```
+
+## GPG Public Key
+
+```console
+72CFB264DFC43F63E098F926E607CE7149F4D71C
+```

git-snapsign

@@ -15,7 +15,7 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 #
-VERSION='1.0.0'
+VERSION='1.0.2'
 
 HELP_MESSAGE="\
 usage: $(basename "$0") [--dry-run] [--force] [-s <key-id>] [-F <fmt>] [-p <pfx>] -t <tag>
@@ -90,6 +90,17 @@ check_format() {
     fi
 }
 
+check_notes() {
+    mapfile -d '\0' signatures < <(find .git/refs/notes -type f 2>/dev/null)
+    if [[ $(echo ${#signatures[@]}) != 0 ]]; then
+        git fetch >/dev/null 2>&1
+    else
+        git config --add remote.origin.fetch "+refs/notes/*:refs/notes/*" >/dev/null 2>&1
+        git fetch origin refs/notes/*:refs/notes/* >/dev/null 2>&1
+    fi
+    unset signatures
+}
+
 #---------
 #  core
 #---------
@@ -135,6 +146,7 @@ while getopts ":dfPhvF:s:p:t:" opt; do
             keyid="$OPTARG"
             ;;
         t)
+            check_notes "$@"
             if ! git rev-parse --verify "${OPTARG}" >/dev/null 2>&1; then
                 echo -e "fatal: failed to verify tag: ${OPTARG}"
                 exit 1
@@ -162,16 +174,20 @@ trap 'rm -rf "${tmpdir}"' EXIT HUP INT QUIT TERM
 if [[ -n "${tag}" ]]; then
     archive="${tmpdir}/${prefix}-${tag#v}.${format}"
 
-    if [ "$format" == "tar.lz" ]; then
+    case "${format}" in
-        git archive --format=tar --prefix "${prefix}-${tag#v}/" \
+        tar.lz)
-            "${tag}" | lzip -c > "${archive}"
+            git archive --format=tar --prefix "${prefix}-${tag#v}/" \
-    elif [ "$format" == "tar.xz" ]; then
+                "${tag}" | lzip -c > "${archive}"
-        git archive --format=tar --prefix "${prefix}-${tag#v}/" \
+            ;;
-            "${tag}" | xz -c > "${archive}"
+        tar.xz)
-    else
+            git archive --format=tar --prefix "${prefix}-${tag#v}/" \
-        git archive --format "${format}" --prefix "${prefix}-${tag#v}/" \
+                "${tag}" | xz -c > "${archive}"
-            --output "${archive}" "${tag}"
+            ;;
-    fi
+        *)
+            git archive --format "${format}" --prefix "${prefix}-${tag#v}/" \
+                --output "${archive}" "${tag}"
+            ;;
+    esac
 
     if ! "${gpg:-gpg}" --output "${archive}.asc" --armor \
          --sign-with "${keyid}" --detach-sign <"${archive}"