Hello, On Tue 24 Jun 2025 at 05:28pm +01, Ian Jackson wrote:
> Sean Whitton writes ("Bug#1108267: git-debpush should allow selecting the key
> to sign with"):
>> This is a something of a minefield because there are also DEBFULLNAME
>> and DEBEMAIL.
>
> Arguably we should use those for the tagger line in the tag?
I think we should leave it the same as the commit identity.
>> In my ~/.devscripts I have both DEB_SIGN_KEYID and DEBSIGN_KEYID; I have
>> no idea why. Do you have references for these two variables?
>
> Sean, you'll want to read RTFM debsign(1). It actually explains the
> behaviour (!) See in particular its CONFIGURATION VARIABLES section,
> and the description of `-mmaintainer`.
Thanks.
>> It would be better to rely on existing env vars / config rather than
>> adding new git config options.
>
> I agree with this.
>
> Open questions (which may overlap):
>
> Q1. How mkuch do we want to mimic the behaviour of debsign (which in
> turn is trying to mirror the behaviour of dpkg-source but AFAICT
> with extra env vars) ?
If people don't have to reconfigure anything and git-debpush just works,
and we don't make things completely incomprehensible to someone new who
hasn't (and may never) use debsign), that's a win.
> Q3. What is the flow of information/defaults:
> (a) Calculate the tagger line (name and email address) order.
> Then use that as the default for the key username.
> (b) Do the tagger name and email address separately from
> the key username / keyid (so name/email address env vars and
> command line options don't influence key selecction) ?
> (c) Always just use the name/email from git for the tagger line,
> and only allow overriding of the -u option to git-tag.
(d) Always just use the name/email from git for the tagger line *but*
select a keyid intelligently based on DEBFULLNAME/DEBEMAIL ?
--
Sean Whitton
signature.asc
Description: PGP signature
