git: Intercept signing prompt from GPG when committing (#34096)

Closes #30111 - [x] basic implementation - [x] implementation for remote projects - [x] surface error output from GPG if signing fails - [ ] ~~Windows~~ Release Notes: - git: Passphrase prompts from GPG to unlock commit signing keys are now shown in Zed.
2025-07-10 20:38:51 -04:00 · 2025-07-10 20:38:51 -04:00 · 842ac984d5
commit 842ac984d5
parent 87362c602f
9 changed files with 193 additions and 51 deletions
--- a/crates/askpass/Cargo.toml
+++ b/crates/askpass/Cargo.toml
@ -19,5 +19,6 @@ net.workspace = true
 parking_lot.workspace = true
 smol.workspace = true
 tempfile.workspace = true
+unindent.workspace = true
 util.workspace = true
 workspace-hack.workspace = true
--- a/crates/askpass/src/askpass.rs
+++ b/crates/askpass/src/askpass.rs
@ -40,11 +40,21 @@ impl AskPassDelegate {
        self.tx.send((prompt, tx)).await?;
        Ok(rx.await?)
    }
+
+    pub fn new_always_failing() -> Self {
+        let (tx, _rx) = mpsc::unbounded::<(String, oneshot::Sender<String>)>();
+        Self {
+            tx,
+            _task: Task::ready(()),
+        }
+    }
 }

 pub struct AskPassSession {
    #[cfg(not(target_os = "windows"))]
    script_path: std::path::PathBuf,
+    #[cfg(not(target_os = "windows"))]
+    gpg_script_path: std::path::PathBuf,
    #[cfg(target_os = "windows")]
    askpass_helper: String,
    #[cfg(target_os = "windows")]
@ -59,6 +69,9 @@ const ASKPASS_SCRIPT_NAME: &str = "askpass.sh";
 #[cfg(target_os = "windows")]
 const ASKPASS_SCRIPT_NAME: &str = "askpass.ps1";

+#[cfg(not(target_os = "windows"))]
+const GPG_SCRIPT_NAME: &str = "gpg.sh";
+
 impl AskPassSession {
    /// This will create a new AskPassSession.
    /// You must retain this session until the master process exits.
@ -72,6 +85,8 @@ impl AskPassSession {
        let temp_dir = tempfile::Builder::new().prefix("zed-askpass").tempdir()?;
        let askpass_socket = temp_dir.path().join("askpass.sock");
        let askpass_script_path = temp_dir.path().join(ASKPASS_SCRIPT_NAME);
+        #[cfg(not(target_os = "windows"))]
+        let gpg_script_path = temp_dir.path().join(GPG_SCRIPT_NAME);
        let (askpass_opened_tx, askpass_opened_rx) = oneshot::channel::<()>();
        let listener = UnixListener::bind(&askpass_socket).context("creating askpass socket")?;
        #[cfg(not(target_os = "windows"))]
@ -135,9 +150,20 @@ impl AskPassSession {
            askpass_script_path.display()
        );

+        #[cfg(not(target_os = "windows"))]
+        {
+            let gpg_script = generate_gpg_script();
+            fs::write(&gpg_script_path, gpg_script)
+                .await
+                .with_context(|| format!("creating gpg wrapper script at {gpg_script_path:?}"))?;
+            make_file_executable(&gpg_script_path).await?;
+        }
+
        Ok(Self {
            #[cfg(not(target_os = "windows"))]
            script_path: askpass_script_path,
+            #[cfg(not(target_os = "windows"))]
+            gpg_script_path,

            #[cfg(target_os = "windows")]
            secret,
@ -160,6 +186,19 @@ impl AskPassSession {
        &self.askpass_helper
    }

+    #[cfg(not(target_os = "windows"))]
+    pub fn gpg_script_path(&self) -> Option<impl AsRef<OsStr>> {
+        Some(&self.gpg_script_path)
+    }
+
+    #[cfg(target_os = "windows")]
+    pub fn gpg_script_path(&self) -> Option<impl AsRef<OsStr>> {
+        // TODO implement wrapping GPG on Windows. This is more difficult than on Unix
+        // because we can't use --passphrase-fd with a nonstandard FD, and both --passphrase
+        // and --passphrase-file are insecure.
+        None::<std::path::PathBuf>
+    }
+
    // This will run the askpass task forever, resolving as many authentication requests as needed.
    // The caller is responsible for examining the result of their own commands and cancelling this
    // future when this is no longer needed. Note that this can only be called once, but due to the
@ -263,3 +302,23 @@ fn generate_askpass_script(zed_path: &std::path::Path, askpass_socket: &std::pat
        askpass_socket = askpass_socket.display(),
    )
 }
+
+#[inline]
+#[cfg(not(target_os = "windows"))]
+fn generate_gpg_script() -> String {
+    use unindent::Unindent as _;
+
+    r#"
+        #!/bin/sh
+        set -eu
+
+        unset GIT_CONFIG_PARAMETERS
+        GPG_PROGRAM=$(git config gpg.program || echo 'gpg')
+        PROMPT="Enter passphrase to unlock GPG key:"
+        PASSPHRASE=$(${GIT_ASKPASS} "${PROMPT}")
+
+        exec "${GPG_PROGRAM}" --batch --no-tty --yes --passphrase-fd 3 --pinentry-mode loopback "$@" 3<<EOF
+        ${PASSPHRASE}
+        EOF
+    "#.unindent()
+}