From cc60c22c69e6967b732d02f072a9f1e30454e4f6 Mon Sep 17 00:00:00 2001
From: Viacheslav Lotsmanov <lotsmanov89@gmail.com>
Date: Mon, 5 Apr 2021 15:28:36 +0300
Subject: [PATCH] programs.git: make signing key id be optional (#1886)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Git: Make signing key id be optional

Thus by default the signing key is selected by commit’s author.

* Git: Add tests for config with and without signing key id
* Git: Format tests for signing key
* Git: Remove default value (null) for signing key
* Git: Update description for signing key
---
 modules/programs/git.nix                      | 11 +++++++---
 tests/modules/programs/git/default.nix        |  2 ++
 .../git/git-with-signing-key-id-expected.conf | 10 +++++++++
 .../programs/git/git-with-signing-key-id.nix  | 22 +++++++++++++++++++
 .../git-without-signing-key-id-expected.conf  |  9 ++++++++
 .../git/git-without-signing-key-id.nix        | 22 +++++++++++++++++++
 6 files changed, 73 insertions(+), 3 deletions(-)
 create mode 100644 tests/modules/programs/git/git-with-signing-key-id-expected.conf
 create mode 100644 tests/modules/programs/git/git-with-signing-key-id.nix
 create mode 100644 tests/modules/programs/git/git-without-signing-key-id-expected.conf
 create mode 100644 tests/modules/programs/git/git-without-signing-key-id.nix

diff --git a/modules/programs/git.nix b/modules/programs/git.nix
index 4a3217fcb..097fbf4b4 100644
--- a/modules/programs/git.nix
+++ b/modules/programs/git.nix
@@ -61,8 +61,13 @@ let
   signModule = types.submodule {
     options = {
       key = mkOption {
-        type = types.str;
-        description = "The default GPG signing key fingerprint.";
+        type = types.nullOr types.str;
+        description = ''
+          The default GPG signing key fingerprint.
+          </para><para>
+          Set to <literal>null</literal> to let GnuPG decide what signing key
+          to use depending on commit’s author.
+        '';
       };
 
       signByDefault = mkOption {
@@ -303,7 +308,7 @@ in {
 
     (mkIf (cfg.signing != null) {
       programs.git.iniContent = {
-        user.signingKey = cfg.signing.key;
+        user.signingKey = mkIf (cfg.signing.key != null) cfg.signing.key;
         commit.gpgSign = cfg.signing.signByDefault;
         gpg.program = cfg.signing.gpgPath;
       };
diff --git a/tests/modules/programs/git/default.nix b/tests/modules/programs/git/default.nix
index d5a6b4ee1..3d401d8fc 100644
--- a/tests/modules/programs/git/default.nix
+++ b/tests/modules/programs/git/default.nix
@@ -3,4 +3,6 @@
   git-with-most-options = ./git.nix;
   git-with-msmtp = ./git-with-msmtp.nix;
   git-with-str-extra-config = ./git-with-str-extra-config.nix;
+  git-with-signing-key-id = ./git-with-signing-key-id.nix;
+  git-without-signing-key-id = ./git-without-signing-key-id.nix;
 }
diff --git a/tests/modules/programs/git/git-with-signing-key-id-expected.conf b/tests/modules/programs/git/git-with-signing-key-id-expected.conf
new file mode 100644
index 000000000..4a4289902
--- /dev/null
+++ b/tests/modules/programs/git/git-with-signing-key-id-expected.conf
@@ -0,0 +1,10 @@
+[commit]
+	gpgSign = true
+
+[gpg]
+	program = "path-to-gpg"
+
+[user]
+	email = "user@example.org"
+	name = "John Doe"
+	signingKey = "00112233445566778899AABBCCDDEEFF"
diff --git a/tests/modules/programs/git/git-with-signing-key-id.nix b/tests/modules/programs/git/git-with-signing-key-id.nix
new file mode 100644
index 000000000..8d182505f
--- /dev/null
+++ b/tests/modules/programs/git/git-with-signing-key-id.nix
@@ -0,0 +1,22 @@
+{ pkgs, ... }: {
+  config = {
+    programs.git = {
+      enable = true;
+      userName = "John Doe";
+      userEmail = "user@example.org";
+
+      signing = {
+        gpgPath = "path-to-gpg";
+        key = "00112233445566778899AABBCCDDEEFF";
+        signByDefault = true;
+      };
+    };
+
+    nmt.script = ''
+      assertFileExists home-files/.config/git/config
+      assertFileContent home-files/.config/git/config ${
+        ./git-with-signing-key-id-expected.conf
+      }
+    '';
+  };
+}
diff --git a/tests/modules/programs/git/git-without-signing-key-id-expected.conf b/tests/modules/programs/git/git-without-signing-key-id-expected.conf
new file mode 100644
index 000000000..7564b3502
--- /dev/null
+++ b/tests/modules/programs/git/git-without-signing-key-id-expected.conf
@@ -0,0 +1,9 @@
+[commit]
+	gpgSign = true
+
+[gpg]
+	program = "path-to-gpg"
+
+[user]
+	email = "user@example.org"
+	name = "John Doe"
diff --git a/tests/modules/programs/git/git-without-signing-key-id.nix b/tests/modules/programs/git/git-without-signing-key-id.nix
new file mode 100644
index 000000000..3428c40d7
--- /dev/null
+++ b/tests/modules/programs/git/git-without-signing-key-id.nix
@@ -0,0 +1,22 @@
+{ pkgs, ... }: {
+  config = {
+    programs.git = {
+      enable = true;
+      userName = "John Doe";
+      userEmail = "user@example.org";
+
+      signing = {
+        gpgPath = "path-to-gpg";
+        key = null;
+        signByDefault = true;
+      };
+    };
+
+    nmt.script = ''
+      assertFileExists home-files/.config/git/config
+      assertFileContent home-files/.config/git/config ${
+        ./git-without-signing-key-id-expected.conf
+      }
+    '';
+  };
+}