The Git module now supports SSH and X.509 signing in addition to
OpenPGP/GnuPG, via setting the `programs.git.signing.format` option.
It defaults to `openpgp` for now as a backwards compatibility measure,
but I feel like we shouldn't enforce GPG as the default on everyone,
especially for people who use SSH signing like me.
Accordingly, `programs.git.signing.gpgPath` has been renamed to
`programs.git.signing.signer`, as now the signer binary is not
restricted to GnuPG. Users should only get a warning and everything
should continue to work.
Fixes#4221, supersedes #4235
Co-authored-by: Mario Rodas <marsam@users.noreply.github.com>
Co-authored-by: Sumner Evans <me@sumnerevans.com>
Co-authored-by: Leah Amelia Chen <hi@pluie.me>
Instead of having to manually stub packages that should not be
downloaded we instead automatically stub all packages (except a small
list of whitelisted ones). Tests can re-introduce the real package by
using the `realPkgs` module argument.
* gh: option to enable helper for additional hosts
`gh` can also be used with github enterprise
hosts, for which there exists no easy option
to enable the credential helper except for
directly working with `programs.git.extraConfig`.
Not sure if this is a needed addition since it's
somewhat niche, at the same time it's not very
complex and makes the life of github enterprise
a little easier.
* gh: update credential-helper tests
* gh: refactor credential helper option
this moves from `enableGitCredentialHelper` to
`gitCredentialHelper.enable` and
`gitCredentialHelper.hosts`.
* gh: lib.mkIf -> mkIf
