feat: add git_set_identity script

Signed-off-by: Sebastian Davids <[email protected]>

Author: sdavids

docs/user-guide/modules/ROOT/pages/scripts/git/git-set-identity.adoc

@@ -0,0 +1,183 @@
+// SPDX-FileCopyrightText: © 2025 Sebastian Davids <[email protected]>
+// SPDX-License-Identifier: Apache-2.0
+= git_set_identity
+:script_url: https://github.com/sdavids/sdavids-shell-misc/blob/main/scripts/git/git_set_identity.sh.sh
+
+{script_url}[This script^] will set the identity (`user.name`, `user.email`, and `user.signingKey`) in the Git repositories of the given directory.
+
+The following parameters are required:
+
+`e` :: the email to be used for the identity and GPG secret key retrieval; can be omitted if `git config get user.email` is set, and you want to use its value
+`n` :: the name to be used for the identity; can be omitted if `git config get user.name` is set, and you want to use its value
+
+The following parameter is optional:
+
+`d` :: the directory (`$PWD` if not given) containing the Git repositories
+
+[NOTE]
+====
+This script will not recursively search the given directory for Git repositories--only direct child directories are considered.
+====
+
+[NOTE]
+====
+This script will set up https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work[GPG signing] under the following conditions:
+
+. `git config get gpg.program` or `gpg`/`gpg2` is installed
+. a GPG secret key for the given email exists
+
+In that case, the following Git configuration will be applied in addition to `user.email` and `user.name`:
+
+commit.gpgSign :: set to `true`
+tag.forceSignAnnotated :: set to `true`
+tag.gpgSign :: set to `true`
+user.signingKey :: set to the first secret key returned by `--list-secret-keys` for the given email
+====
+
+[TIP]
+====
+This script is useful if you do not use the same identity in all the projects you work on.
+
+See: <<example>>
+====
+
+== Usage
+
+[,shell]
+----
+$ scripts/git/git_set_identity.sh -e [email protected]
+$ scripts/git/git_set_identity.sh \
+-d ~/workspaces/mutiny \
+-e [email protected]
+$ scripts/git/git_set_identity.sh \
+-d ~/workspaces/cardiff-electric \
+-e [email protected] \
+-n 'Catherine Howe'
+----
+
+== Example
+
+Cameron works for two companies and also has personal projects:
+
+[,shell]
+----
+$ tree --noreport ~/workspaces
+/Users/example/workspaces
+├── cardiff-electric
+│   ├── backend
+│   └── frontend
+├── mutiny
+│   └── giant
+└── personal
+    ├── sandbox
+    └── secret-project
+----
+
+She has three GPG secret keys--one for each company and one personal:
+
+[,shell]
+----
+$ gpg --list-secret-keys
+/Users/example/.gnupg/pubring.kbx
+-----------------------------------------
+
+sec   rsa4096/49F1A380A5660737 2025-02-02 [SC] [expires: 2029-02-02]
+      Key fingerprint = 3956 4B7A A0B5 1F88 A8F8  BCBC 49F1 A380 A566 0737
+uid                 [ultimate] Cameron Howe <[email protected]>
+ssb   rsa4096/8B68480DE279CA88 2025-02-02 [E] [expires: 2029-02-02]
+
+sec   rsa4096/EC073F7EFD23C1FA 2025-02-02 [SC] [expires: 2029-02-02]
+      Key fingerprint = 2DAF 54C7 67F3 FD24 EACF  A1B5 EC07 3F7E FD23 C1FA
+uid                 [ultimate] Cameron Howe <[email protected]>
+ssb   rsa4096/6363EEBF938865CF 2025-02-02 [E] [expires: 2029-02-02]
+
+sec   rsa4096/77254FBC1027F48D 2025-02-02 [SC] [expires: 2029-02-02]
+      Key fingerprint = C09B 7924 274A 9865 545C  6512 7725 4FBC 1027 F48D
+uid                 [ultimate] Catherine Howe <[email protected]>
+ssb   rsa4096/6C2E4F6CB45DD27E 2025-02-02 [E] [expires: 2029-02-02]
+----
+
+She has configured her personal GPG key in her global Git configuration and signs commits and tags by default:
+
+[,shell]
+----
+$ cat ~/.gitconfig
+[user]
+  name = Cameron Howe
+  email = [email protected]
+  signingkey = 2DAF54C767F3FD24EACFA1B5EC073F7EFD23C1FA
+[commit]
+  gpgsign = true
+[tag]
+  forceSignAnnotated = true
+  gpgsign = true
+----
+
+With this configuration the following identities will be used for commits and tags:
+
+[,shell]
+----
+$ find ~/workspaces/cardiff-electric -mindepth 1 -maxdepth 1 -type d -exec sh -c '(cd {} && echo "$PWD" && echo "  $(git config get user.name) <$(git config get user.email)> $(git config get user.signingkey)")' \;
+/Users/example/workspaces/cardiff-electric/frontend
+  Cameron Howe <[email protected]> 2DAF54C767F3FD24EACFA1B5EC073F7EFD23C1FA
+/Users/example/workspaces/cardiff-electric/backend
+  Cameron Howe <[email protected]> 2DAF54C767F3FD24EACFA1B5EC073F7EFD23C1FA
+
+$ find ~/workspaces/mutiny -mindepth 1 -maxdepth 1 -type d -exec sh -c '(cd {} && echo "$PWD" && echo "  $(git config get user.name) <$(git config get user.email)> $(git config get user.signingkey)")' \;
+/Users/example/workspaces/mutiny/giant
+  Cameron Howe <[email protected]> 2DAF54C767F3FD24EACFA1B5EC073F7EFD23C1FA
+
+$ find ~/workspaces/personal -mindepth 1 -maxdepth 1 -type d -exec sh -c '(cd {} && echo "$PWD" && echo "  $(git config get user.name) <$(git config get user.email)> $(git config get user.signingkey)")' \;
+/Users/example/workspaces/personal/secret-project
+  Cameron Howe <[email protected]> 2DAF54C767F3FD24EACFA1B5EC073F7EFD23C1FA
+/Users/example/workspaces/personal/sandbox
+  Cameron Howe <[email protected]> 2DAF54C767F3FD24EACFA1B5EC073F7EFD23C1FA
+----
+
+She now uses this script to configure the identities for the companies' projects:
+
+[,shell]
+----
+$ scripts/git/git_set_identity.sh \
+-d ~/workspaces/cardiff-electric \
+-e [email protected] \
+-n 'Catherine Howe'
+Catherine Howe <[email protected]> C09B7924274A9865545C651277254FBC1027F48D - /Users/example/workspaces/cardiff-electric/backend
+Catherine Howe <[email protected]> C09B7924274A9865545C651277254FBC1027F48D - /Users/example/workspaces/cardiff-electric/frontend
+
+$ scripts/git/git_set_identity.sh \
+-d ~/workspaces/mutiny \
+-e [email protected]
+Cameron Howe <[email protected]> 39564B7AA0B51F88A8F8BCBC49F1A380A5660737 - /Users/example/workspaces/mutiny/giant
+----
+
+The following identities will be used for commits and tags now:
+
+[,shell]
+----
+$ find ~/workspaces/cardiff-electric -mindepth 1 -maxdepth 1 -type d -exec sh -c '(cd {} && echo "$PWD" && echo "  $(git config get user.name) <$(git config get user.email)> $(git config get user.signingkey)")' \;
+/Users/example/workspaces/cardiff-electric/frontend
+  Catherine Howe <[email protected]> C09B7924274A9865545C651277254FBC1027F48D
+/Users/example/workspaces/cardiff-electric/backend
+  Catherine Howe <[email protected]> C09B7924274A9865545C651277254FBC1027F48D
+
+$ find ~/workspaces/mutiny -mindepth 1 -maxdepth 1 -type d -exec sh -c '(cd {} && echo "$PWD" && echo "  $(git config get user.name) <$(git config get user.email)> $(git config get user.signingkey)")' \;
+/Users/example/workspaces/mutiny/giant
+  Cameron Howe <[email protected]> 39564B7AA0B51F88A8F8BCBC49F1A380A5660737
+
+$ find ~/workspaces/personal -mindepth 1 -maxdepth 1 -type d -exec sh -c '(cd {} && echo "$PWD" && echo "  $(git config get user.name) <$(git config get user.email)> $(git config get user.signingkey)")' \;
+/Users/example/workspaces/personal/secret-project
+  Cameron Howe <[email protected]> 2DAF54C767F3FD24EACFA1B5EC073F7EFD23C1FA
+/Users/example/workspaces/personal/sandbox
+  Cameron Howe <[email protected]> 2DAF54C767F3FD24EACFA1B5EC073F7EFD23C1FA
+----
+
+== More Information
+
+* https://git-scm.com/docs/git-config#Documentation/git-config.txt-authorname[Git user.name & user.email]
+* https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work[GPG signing]
+* https://git-scm.com/docs/git-config#Documentation/git-config.txt-usersigningKey[user.signingKey]
+* https://git-scm.com/docs/git-config#Documentation/git-config.txt-commitgpgSign[commit.gpgSign]
+* https://git-scm.com/docs/git-config#Documentation/git-config.txt-taggpgSign[tag.gpgSign]
+* https://git-scm.com/docs/git-config#Documentation/git-config.txt-tagforceSignAnnotated[tag.forceSignAnnotated]
+* https://man.archlinux.org/man/core/gnupg/gpg.1.en[gpg]

docs/user-guide/modules/ROOT/pages/scripts/git/git.adoc

@@ -13,5 +13,6 @@ xref:scripts/git/git-get-hash.adoc[]:: return the hash of the HEAD commit
 xref:scripts/git/git-get-short-hash.adoc[]:: return the short hash of the HEAD commit
 xref:scripts/git/git-ignore-all.adoc[]:: create a `.gitignore` file ignoring everything for a given repository
 xref:scripts/git/git-is-working-tree-clean.adoc[]:: check whether the Git working tree is clean
+xref:scripts/git/git-set-identity.adoc[]:: set the identity (`user.name`, `user.email`, and `user.signingKey`) in the Git repositories of the given directory
 
 Related: xref:functions/git/git.adoc[Git Functions]

scripts/git/git_set_identity.sh

@@ -0,0 +1,121 @@
+#!/usr/bin/env sh
+
+# SPDX-FileCopyrightText: © 2025 Sebastian Davids <[email protected]>
+# SPDX-License-Identifier: Apache-2.0
+
+set -u
+
+name="$(git config get user.name)"
+# shellcheck disable=SC2181
+if [ $? -ne 0 ]; then
+  name=''
+fi
+email="$(git config get user.email)"
+# shellcheck disable=SC2181
+if [ $? -ne 0 ]; then
+  email=''
+fi
+gpg_program="$(git config get gpg.program)"
+# shellcheck disable=SC2181
+if [ $? -ne 0 ]; then
+  gpg_program='gpg'
+fi
+
+set -e
+
+while getopts ':d:e:n:' opt; do
+  case "${opt}" in
+    d)
+      base_dir="${OPTARG}"
+      ;;
+    e)
+      email="${OPTARG}"
+      ;;
+    n)
+      name="${OPTARG}"
+      ;;
+    ?)
+      echo "Usage: $0 [-d <base_dir>] [-e <email>] [-n <name>]" >&2
+      exit 1
+      ;;
+  esac
+done
+
+readonly base_dir="${base_dir:-$PWD}"
+readonly email
+readonly name
+
+if [ ! -d "${base_dir}" ]; then
+  printf "The directory '%s' does not exist.\n" "${base_dir}" >&2
+  exit 2
+fi
+
+if [ -z "${email}" ]; then
+  echo '-e <email> is required because user.email is not set in your global Git configuration' >&2
+  exit 3
+fi
+
+if [ -z "${name}" ]; then
+  echo '-n <name> is required because user.name is not set in your global Git configuration' >&2
+  exit 4
+fi
+
+if [ -z "$(ls -A "${base_dir}")" ]; then
+  # base_dir empty nothing to do
+  exit 0
+fi
+
+if command -v "${gpg_program}" >/dev/null 2>&1; then
+  cmd="${gpg_program} --list-secret-keys --with-colons \"${email}\" 2>&1 | sed -E -n -e 's/^fpr:::::::::([0-9A-F]+):$/\1/p' | head -n 1"
+  key="$(eval "${cmd}")"
+  if [ -z "${key}" ]; then
+    printf "GPG key for '%s' does not exists--disabling GPG signing.\n\n" "${email}" >&2
+  fi
+else
+  if [ "${gpg_program}" = 'gpg' ] && command -v gpg2 >/dev/null 2>&1; then
+    key="$(gpg2 --list-secret-keys --with-colons "${email}" 2>&1 | sed -E -n -e 's/^fpr:::::::::([0-9A-F]+):$/\1/p' | head -n 1)"
+    if [ -z "${key}" ]; then
+      printf "GPG key for '%s' does not exists--disabling GPG signing.\n\n" "${email}" >&2
+    fi
+  else
+    key=''
+    printf "gpg.program '%s' does not exists--disabling GPG signing.\n\n" "${gpg_program}" >&2
+  fi
+fi
+
+unset gpg_program
+readonly key
+
+cd "${base_dir}"
+
+if [ -n "${key}" ]; then
+  for dir in ./*/; do
+    cd "${dir}"
+    if [ "$(git rev-parse --is-inside-work-tree 2>/dev/null)" = 'true' ]; then
+      # https://git-scm.com/docs/git-config#_variables
+      git config set user.name "${name}"
+      git config set user.email "${email}"
+      git config set user.signingkey "${key}"
+      git config set --bool commit.gpgsign true
+      git config set --bool tag.gpgsign true
+      git config set --bool tag.forcesignannotated true
+      echo "$(git config get user.name) <$(git config get user.email)> $(git config get user.signingkey) - $PWD"
+    fi
+    cd ..
+  done
+else
+  for dir in ./*/; do
+    cd "${dir}"
+    if [ "$(git rev-parse --is-inside-work-tree 2>/dev/null)" = 'true' ]; then
+      # https://git-scm.com/docs/git-config#_variables
+      git config set user.name "${name}"
+      git config set user.email "${email}"
+      git config set user.signingkey ''
+      git config set --bool commit.gpgsign false
+      git config set --bool tag.gpgsign false
+      git config set --bool tag.forcesignannotated false
+      echo "$(git config get user.name) <$(git config get user.email)> - $PWD"
+    fi
+    cd ..
+  done
+fi