jsha · June 4, 2014 18:29 · djmm787 · Nov 11, 2024
diff --git a/Shell recipe for validating git tags b/Shell recipe for validating git tags
 DOMAIN=com.example    # pre-sanitized
 POLICY_FILE=policy-files/$DOMAIN.json
 git pull
 # retrieve all tags on commits that changed $POLICY_FILE 
 # (with the additional constraint that at least one of the tags on each commit should be 
 # named like example.com.2014.06.01.serial)
 # the git log output looks like: (tag: tagname1, tag: tagname2, headname1, headname2)
 TAGS=`git log --pretty=%d | egrep -o "[( ]tag: $DOMAIN[0-9\.]+" | cut -d":" -f 2`

 for TAG in $TAGS ; do 
  if git tag --verify $TAG | check-for-correct-key-and-success ; then
    git show $TAG:$POLICY_FILE > current-valid-policy-file.json
    return $SUCCESS
  fi
 done
	DOMAIN=com.example # pre-sanitized
	POLICY_FILE=policy-files/$DOMAIN.json
	git pull
	# retrieve all tags on commits that changed $POLICY_FILE
	# (with the additional constraint that at least one of the tags on each commit should be
	# named like example.com.2014.06.01.serial)
	# the git log output looks like: (tag: tagname1, tag: tagname2, headname1, headname2)
	TAGS=`git log --pretty=%d \| egrep -o "[( ]tag: $DOMAIN[0-9\.]+" \| cut -d":" -f 2`

	for TAG in $TAGS ; do
	if git tag --verify $TAG \| check-for-correct-key-and-success ; then
	git show $TAG:$POLICY_FILE > current-valid-policy-file.json
	return $SUCCESS
	fi
	done