Refactor object signer registration

Entire-Checkpoint: a70d97c363c8
Entire-Checkpoint: 983194b9963d

Author: pjbgf

cmd/entire/cli/checkpoint/checkpoint_test.go

@@ -545,7 +545,7 @@ func TestWriteCommitted_MergesVercelConfigOnMetadataBranch(t *testing.T) {
 	}
 
 	store := NewGitStore(repo)
-	commitHash, err := store.createCommit(treeHash, plumbing.ZeroHash, "Initialize metadata branch", "Test", "test@test.com")
+	commitHash, err := store.createCommit(context.Background(), treeHash, plumbing.ZeroHash, "Initialize metadata branch", "Test", "test@test.com")
 	if err != nil {
 		t.Fatalf("createCommit() error = %v", err)
 	}

cmd/entire/cli/checkpoint/committed.go

@@ -1641,6 +1641,7 @@ func GetGitAuthorFromRepo(repo *git.Repository) (name, email string) {
 
 	// If not found in local config, try global config
 	if name == "" || email == "" {
+		//nolint:staticcheck // the v6 is not yet released, revisit once it is.
 		globalCfg, err := config.LoadConfig(config.GlobalScope)
 		if err == nil {
 			if name == "" {
@@ -1703,11 +1704,12 @@ func CreateCommit(ctx context.Context, repo *git.Repository, treeHash, parentHas
 // If no signer is registered, signing is disabled via settings, or signing fails,
 // the commit is left unsigned and the error is logged.
 func SignCommitBestEffort(ctx context.Context, commit *object.Commit) {
-	if !settings.IsSignCheckpointCommitsEnabled(ctx) {
+	// Check plugin availability first (in-memory) before hitting disk for settings.
+	if !plugin.Has(plugin.ObjectSigner()) {
 		return
 	}
 
-	if !plugin.Has(plugin.ObjectSigner()) {
+	if !settings.IsSignCheckpointCommitsEnabled(ctx) {
 		return
 	}
 
@@ -1732,6 +1734,7 @@ func SignCommitBestEffort(ctx context.Context, commit *object.Commit) {
 		logging.Warn(ctx, "failed to read encoded commit", slog.String("error", err.Error()))
 		return
 	}
+	defer r.Close()
 
 	sig, err := signer.Sign(r)
 	if err != nil {

cmd/entire/cli/checkpoint/committed_signing_test.go

@@ -0,0 +1,154 @@
+package checkpoint
+
+import (
+	"context"
+	"errors"
+	"io"
+	"os"
+	"path/filepath"
+	"testing"
+	"time"
+
+	"github.com/entireio/cli/cmd/entire/cli/paths"
+
+	"github.com/go-git/go-git/v6/plumbing"
+	"github.com/go-git/go-git/v6/plumbing/object"
+	"github.com/go-git/go-git/v6/x/plugin"
+)
+
+type stubSigner struct {
+	sig []byte
+	err error
+}
+
+func (s *stubSigner) Sign(_ io.Reader) ([]byte, error) {
+	return s.sig, s.err
+}
+
+func setupSigningEnv(t *testing.T, disableSigning bool) {
+	t.Helper()
+
+	dir := t.TempDir()
+
+	// Minimal git repo so paths.WorktreeRoot resolves.
+	if err := os.MkdirAll(filepath.Join(dir, ".git"), 0o755); err != nil {
+		t.Fatal(err)
+	}
+
+	entireDir := filepath.Join(dir, ".entire")
+	if err := os.MkdirAll(entireDir, 0o755); err != nil {
+		t.Fatal(err)
+	}
+
+	if disableSigning {
+		content := `{"sign_checkpoint_commits": false}`
+		if err := os.WriteFile(filepath.Join(entireDir, "settings.json"), []byte(content), 0o644); err != nil {
+			t.Fatal(err)
+		}
+	}
+
+	paths.ClearWorktreeRootCache()
+	t.Chdir(dir)
+	t.Cleanup(func() {
+		resetPluginEntry("object-signer")
+		paths.ClearWorktreeRootCache()
+	})
+}
+
+func newTestCommit() *object.Commit {
+	sig := object.Signature{
+		Name:  "Test",
+		Email: "test@test.com",
+		When:  time.Date(2026, 1, 1, 0, 0, 0, 0, time.UTC),
+	}
+	return &object.Commit{
+		TreeHash:  plumbing.ZeroHash,
+		Author:    sig,
+		Committer: sig,
+		Message:   "test commit",
+	}
+}
+
+func TestSignCommitBestEffort_Signs(t *testing.T) { //nolint:paralleltest // t.Chdir requires non-parallel
+	setupSigningEnv(t, false)
+
+	err := plugin.Register(plugin.ObjectSigner(), func() plugin.Signer {
+		return &stubSigner{sig: []byte("FAKESIG")}
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	commit := newTestCommit()
+	SignCommitBestEffort(context.Background(), commit)
+
+	if commit.Signature != "FAKESIG" {
+		t.Errorf("expected signature %q, got %q", "FAKESIG", commit.Signature)
+	}
+}
+
+func TestSignCommitBestEffort_SkipsWhenDisabled(t *testing.T) { //nolint:paralleltest // t.Chdir requires non-parallel
+	setupSigningEnv(t, true)
+
+	err := plugin.Register(plugin.ObjectSigner(), func() plugin.Signer {
+		t.Fatal("signer should not be called when signing is disabled")
+		return nil
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	commit := newTestCommit()
+	SignCommitBestEffort(context.Background(), commit)
+
+	if commit.Signature != "" {
+		t.Errorf("expected empty signature, got %q", commit.Signature)
+	}
+}
+
+func TestSignCommitBestEffort_ErrorIsBestEffort(t *testing.T) { //nolint:paralleltest // t.Chdir requires non-parallel
+	setupSigningEnv(t, false)
+
+	err := plugin.Register(plugin.ObjectSigner(), func() plugin.Signer {
+		return &stubSigner{err: errors.New("signing failed")}
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	commit := newTestCommit()
+	SignCommitBestEffort(context.Background(), commit)
+
+	if commit.Signature != "" {
+		t.Errorf("expected empty signature after error, got %q", commit.Signature)
+	}
+}
+
+func TestSignCommitBestEffort_NoSignerRegistered(t *testing.T) { //nolint:paralleltest // t.Chdir requires non-parallel
+	setupSigningEnv(t, false)
+
+	commit := newTestCommit()
+	SignCommitBestEffort(context.Background(), commit)
+
+	if commit.Signature != "" {
+		t.Errorf("expected empty signature without signer, got %q", commit.Signature)
+	}
+}
+
+func TestSignCommitBestEffort_NilSigner(t *testing.T) { //nolint:paralleltest // t.Chdir requires non-parallel
+	setupSigningEnv(t, false)
+
+	err := plugin.Register(plugin.ObjectSigner(), func() plugin.Signer {
+		return nil
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	commit := newTestCommit()
+	SignCommitBestEffort(context.Background(), commit)
+
+	if commit.Signature != "" {
+		t.Errorf("expected empty signature with nil signer, got %q", commit.Signature)
+	}
+}

cmd/entire/cli/checkpoint/global_test.go

@@ -15,7 +15,9 @@ func TestMain(m *testing.M) {
 	// For tests, ensure that go-git always gets empty Configs for both
 	// system and global scopes. This way the current environment does not
 	// impact the tests.
-	err := plugin.Register(plugin.ConfigLoader(), config.NewEmpty)
+	err := plugin.Register(plugin.ConfigLoader(), func() plugin.ConfigSource {
+		return config.NewEmpty()
+	})
 	if err != nil {
 		panic(fmt.Errorf("failed to register config storers: %w", err))
 	}

cmd/entire/cli/checkpoint/v2_store_test.go

@@ -908,7 +908,7 @@ func TestV2GitStore_UpdateCommitted_PreservesExistingTaskMetadataInFullCurrent(t
 	require.NoError(t, err)
 
 	authorName, authorEmail := GetGitAuthorFromRepo(repo)
-	commitHash, err := CreateCommit(repo, newRootHash, parentHash,
+	commitHash, err := CreateCommit(ctx, repo, newRootHash, parentHash,
 		fmt.Sprintf("Checkpoint: %s (task metadata)\n", cpID), authorName, authorEmail)
 	require.NoError(t, err)
 	require.NoError(t, repo.Storer.SetReference(plumbing.NewHashReference(refName, commitHash)))

cmd/entire/cli/global_test.go

@@ -15,7 +15,9 @@ func TestMain(m *testing.M) {
 	// Register a default ConfigSource so tests that call ConfigScoped
 	// (directly or indirectly via Commit/CreateTag) don't fail with
 	// "no config loader registered".
-	err := plugin.Register(plugin.ConfigLoader(), config.NewEmpty)
+	err := plugin.Register(plugin.ConfigLoader(), func() plugin.ConfigSource {
+		return config.NewEmpty()
+	})
 	if err != nil {
 		panic(fmt.Errorf("failed to register config storers: %w", err))
 	}

cmd/entire/cli/objectsigner.go

@@ -0,0 +1,93 @@
+package cli
+
+import (
+	"context"
+	"fmt"
+	"net"
+	"os"
+	"sync"
+
+	"github.com/go-git/go-git/v6/config"
+	"github.com/go-git/go-git/v6/x/plugin"
+	"github.com/go-git/x/plugin/objectsigner/auto"
+	"golang.org/x/crypto/ssh/agent"
+)
+
+var registerObjectSignerOnce sync.Once
+
+func RegisterObjectSigner() {
+	registerObjectSignerOnce.Do(func() {
+		//nolint:errcheck,gosec // best-effort; if registration fails, commits are left unsigned
+		plugin.Register(plugin.ObjectSigner(), func() plugin.Signer {
+			cfgSource, err := plugin.Get(plugin.ConfigLoader())
+			if err != nil {
+				// No config loader registered; signing not possible.
+				return nil
+			}
+
+			sysCfg := loadScopedConfig(cfgSource, config.SystemScope)
+			globalCfg := loadScopedConfig(cfgSource, config.GlobalScope)
+
+			// Merge system then global so that global settings take precedence.
+			merged := config.Merge(sysCfg, globalCfg)
+
+			if !merged.Commit.GpgSign.IsTrue() {
+				return nil
+			}
+
+			cfg := auto.Config{
+				SigningKey: merged.User.SigningKey,
+				Format:     auto.Format(merged.GPG.Format),
+				SSHAgent:   connectSSHAgent(),
+			}
+
+			signer, err := auto.FromConfig(cfg)
+			if err != nil {
+				fmt.Fprintf(os.Stderr, "warning: failed to create object signer: %v\n", err)
+				return nil
+			}
+
+			return signer
+		})
+	})
+}
+
+// connectSSHAgent connects to the SSH agent via SSH_AUTH_SOCK.
+// Returns nil if the agent is unavailable.
+func connectSSHAgent() agent.Agent { //nolint:ireturn // must return the ssh agent interface
+	sock := os.Getenv("SSH_AUTH_SOCK")
+	if sock == "" {
+		return nil
+	}
+
+	var d net.Dialer
+	conn, err := d.DialContext(context.Background(), "unix", sock)
+	if err != nil {
+		return nil
+	}
+
+	return agent.NewClient(conn)
+}
+
+var scopeName = map[config.Scope]string{
+	config.GlobalScope: "global",
+	config.SystemScope: "system",
+}
+
+func loadScopedConfig(source plugin.ConfigSource, scope config.Scope) *config.Config {
+	name := scopeName[scope]
+
+	storer, err := source.Load(scope)
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "warning: failed to load %s git config: %v\n", name, err)
+		return config.NewConfig()
+	}
+
+	cfg, err := storer.Config()
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "warning: failed to parse %s git config: %v\n", name, err)
+		return config.NewConfig()
+	}
+
+	return cfg
+}

cmd/entire/cli/root_test.go

@@ -4,9 +4,11 @@ import (
 	"bytes"
 	"runtime"
 	"strings"
+	"sync"
 	"testing"
 
 	"github.com/entireio/cli/cmd/entire/cli/versioninfo"
+	"github.com/go-git/go-git/v6/x/plugin"
 	"github.com/spf13/cobra"
 )
 
@@ -68,6 +70,21 @@ func TestVersionFlag_ContainsExpectedInfo(t *testing.T) {
 	}
 }
 
+func TestRegisterObjectSigner_RegistersPlugin(t *testing.T) {
+	resetPluginEntry("object-signer")
+	registerObjectSignerOnce = sync.Once{}
+	t.Cleanup(func() {
+		resetPluginEntry("object-signer")
+		registerObjectSignerOnce = sync.Once{}
+	})
+
+	RegisterObjectSigner()
+
+	if !plugin.Has(plugin.ObjectSigner()) {
+		t.Fatal("expected object signer plugin to be registered")
+	}
+}
+
 func TestPersistentPostRun_SkipsHiddenParent(t *testing.T) {
 	t.Parallel()