#!/bin/bash
# (c) 2018 Michał Górny
# Released under the terms of 2-clause BSD license.

set -e

if [ -z "${GV_BINDIR}" ] || [ -z "${GV_CACHEDIR}" ]; then
	echo "GV_BINDIR or GV_CACHEDIR is not set" >&2
	echo "Please run this script via gvgit" >&2
	exit 1
fi

COMMITFILE=$(mktemp -p "${GNUPGHOME}")
cat - > "${COMMITFILE}"

KEY_ARGS=()

while read -r; do
	case ${REPLY} in
		committer*)
			EMAIL=${REPLY##*<}
			EMAIL=${EMAIL%%>*}
			KEY_ARGS+=( --keyring "${EMAIL}.gpg" )
			# create the user keyring from the main keyring
			if [[ ! -f ${GNUPGHOME}/${EMAIL}.gpg ]]; then
				KEYS=()
				LAST_KEYID=
				LAST_FPR=
				while read -r LINE; do
					case ${LINE} in
						pub:*:*:*:*:*)
							LAST_KEYID=${LINE#pub:*:*:*:}
							LAST_KEYID=${LAST_KEYID%%:*}
							;;
						fpr:*)
							LAST_FPR=${LINE#fpr:::::::::}
							LAST_FPR=${LAST_FPR%%:*}
							if [[ ${LAST_FPR} != *${LAST_KEYID} ]]; then
								LAST_KEYID=
								LAST_FPR=
							fi
							;;
						uid:f:*)
							THIS_UID=${LINE#uid:f:*:*:*:*:*:*:*:*<}
							THIS_UID=${THIS_UID%%>*}
							if [[ ${THIS_UID} == "${EMAIL}" && -n ${LAST_FPR} ]]
							then
								KEYS+=( "${LAST_FPR}" )
							fi
							;;
					esac
				done < <(gpg --with-colons --list-keys "${EMAIL}")
				gpg -q --export "${KEYS[@]}" | gpg -q --no-default-keyring "${KEY_ARGS[@]}" --import
			fi
			break
			;;
	esac
done < "${COMMITFILE}"

cat "${COMMITFILE}" | gpg --trust-model=always --no-default-keyring "${KEY_ARGS[@]}" "${@}"
