Add new flags for specifying GPG keyring manually when signing.

cmd_publish.go

@@ -16,11 +16,8 @@ func getSigner(cmd *commander.Command) (utils.Signer, error) {
 	}
 
 	signer := &utils.GpgSigner{}
-
-	key := cmd.Flag.Lookup("gpg-key").Value.String()
-	if key != "" {
-		signer.SetKey(key)
-	}
+	signer.SetKey(cmd.Flag.Lookup("gpg-key").Value.String())
+	signer.SetKeyRing(cmd.Flag.Lookup("keyring").Value.String(), cmd.Flag.Lookup("secret-keyring").Value.String())
 
 	err := signer.Init()
 	if err != nil {
@@ -213,6 +210,8 @@ ex.
 	cmd.Flag.String("distribution", "", "distribution name to publish")
 	cmd.Flag.String("component", "", "component name to publish")
 	cmd.Flag.String("gpg-key", "", "GPG key ID to use when signing the release")
+	cmd.Flag.String("keyring", "", "GPG keyring to use (instead of default)")
+	cmd.Flag.String("secret-keyring", "", "GPG secret keyring to use (instead of default)")
 	cmd.Flag.Bool("skip-signing", false, "don't sign Release files with GPG")
 
 	return cmd

debian/publish_test.go

@@ -28,7 +28,9 @@ func (n *NullSigner) Init() error {
 }
 
 func (n *NullSigner) SetKey(keyRef string) {
+}
 
+func (g *NullSigner) SetKeyRing(keyring, secretKeyring string) {
 }
 
 func (n *NullSigner) DetachedSign(source string, destination string) error {

utils/gpg.go

@@ -15,6 +15,7 @@ import (
 type Signer interface {
 	Init() error
 	SetKey(keyRef string)
+	SetKeyRing(keyring, secretKeyring string)
 	DetachedSign(source string, destination string) error
 	ClearSign(source string, destination string) error
 }
@@ -35,7 +36,8 @@ var (
 
 // GpgSigner is implementation of Signer interface using gpg
 type GpgSigner struct {
-	keyRef string
+	keyRef                 string
+	keyring, secretKeyring string
 }
 
 // SetKey sets key ID to use when signing files
@@ -43,6 +45,27 @@ func (g *GpgSigner) SetKey(keyRef string) {
 	g.keyRef = keyRef
 }
 
+// SetKeyring allows to set custom keyring and secretkeyring
+func (g *GpgSigner) SetKeyRing(keyring, secretKeyring string) {
+	g.keyring, g.secretKeyring = keyring, secretKeyring
+}
+
+func (g *GpgSigner) gpgArgs() []string {
+	args := []string{}
+	if g.keyring != "" {
+		args = append(args, "--no-default-keyring", "--keyring", g.keyring)
+	}
+	if g.secretKeyring != "" {
+		args = append(args, "--secret-keyring", g.secretKeyring)
+	}
+
+	if g.keyRef != "" {
+		args = append(args, "-u", g.keyRef)
+	}
+
+	return args
+}
+
 // Init verifies availability of gpg & presence of keys
 func (g *GpgSigner) Init() error {
 	output, err := exec.Command("gpg", "--list-keys").Output()
@@ -62,9 +85,7 @@ func (g *GpgSigner) DetachedSign(source string, destination string) error {
 	fmt.Printf("Signing file '%s' with gpg, please enter your passphrase when prompted:\n", source)
 
 	args := []string{"-o", destination, "--armor", "--yes"}
-	if g.keyRef != "" {
-		args = append(args, "-u", g.keyRef)
-	}
+	args = append(args, g.gpgArgs()...)
 	args = append(args, "--detach-sign", source)
 	cmd := exec.Command("gpg", args...)
 	return cmd.Run()
@@ -74,9 +95,7 @@ func (g *GpgSigner) DetachedSign(source string, destination string) error {
 func (g *GpgSigner) ClearSign(source string, destination string) error {
 	fmt.Printf("Clearsigning file '%s' with gpg, please enter your passphrase when prompted:\n", source)
 	args := []string{"-o", destination, "--yes"}
-	if g.keyRef != "" {
-		args = append(args, "-u", g.keyRef)
-	}
+	args = append(args, g.gpgArgs()...)
 	args = append(args, "--clearsign", source)
 	cmd := exec.Command("gpg", args...)
 	return cmd.Run()