arcanis/ahriman
1
0
Fork 0
mirror of https://github.com/arcan1s/ahriman.git synced 2025-04-24 07:17:17 +00:00
Code Issues Projects Releases Wiki Activity

sign by repo* commands

Browse Source
This commit is contained in:
Evgenii Alekseev 2021-03-07 16:12:39 +03:00
parent e4317469d1
commit 0531df3688
5 changed files with 19 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/archlinux/PKGBUILD
View File

@ -16,7 +16,7 @@ source=("https://github.com/arcan1s/ahriman/releases/download/$pkgver/$pkgname-$
'ahriman.sudoers' 'ahriman.sudoers'
'ahriman.sysusers' 'ahriman.sysusers'
'ahriman.tmpfiles') 'ahriman.tmpfiles')
sha512sums=('b2ed7733fc73156edc0ff81db7626a3790a1c63ba89621890526f424c2bea8c4d52a4840702a679bfba80fe28244da86ae676f22b357dfa52ef9f543d2cfbb41' sha512sums=('67a6b6432ca8985491e398b8f2b374cf7cfd40bb69ad844913d9d45d3b510fba2910dfc21fd33a4faf4f2035bb005909cf815523180436c3a30e512757c268e7'
'8c9b5b63ac3f7b4d9debaf801a1e9c060877c33d3ecafe18010fcca778e5fa2f2e46909d3d0ff1b229ff8aa978445d8243fd36e1fc104117ed678d5e21901167' '8c9b5b63ac3f7b4d9debaf801a1e9c060877c33d3ecafe18010fcca778e5fa2f2e46909d3d0ff1b229ff8aa978445d8243fd36e1fc104117ed678d5e21901167'
'13718afec2c6786a18f0b223ef8e58dccf0688bca4cdbe203f14071f5031ed20120eb0ce38b52c76cfd6e8b6581a9c9eaa2743eb11abbaca637451a84c33f075' '13718afec2c6786a18f0b223ef8e58dccf0688bca4cdbe203f14071f5031ed20120eb0ce38b52c76cfd6e8b6581a9c9eaa2743eb11abbaca637451a84c33f075'
'55b20f6da3d66e7bbf2add5d95a3b60632df121717d25a993e56e737d14f51fe063eb6f1b38bd81cc32e05db01c0c1d80aaa720c45cde87f238d8b46cdb8cbc4') '55b20f6da3d66e7bbf2add5d95a3b60632df121717d25a993e56e737d14f51fe063eb6f1b38bd81cc32e05db01c0c1d80aaa720c45cde87f238d8b46cdb8cbc4')

2
src/ahriman/application/application.py
View File

@ -48,7 +48,7 @@ class Application:
if not no_aur: if not no_aur:
updates.extend(self.repository.updates_aur(checked)) updates.extend(self.repository.updates_aur(checked))
if not no_manual: if not no_manual:
updates.extend(self.repository.updates_aur(checked)) updates.extend(self.repository.updates_manual(checked))
for package in updates: for package in updates:
log_fn(f'{package.name} = {package.version}') log_fn(f'{package.name} = {package.version}')

14
src/ahriman/core/repo/repo_wrapper.py
View File

@ -20,6 +20,8 @@
import logging import logging
import os import os
from typing import List, Optional
from ahriman.core.exceptions import BuildFailed from ahriman.core.exceptions import BuildFailed
from ahriman.core.util import check_output from ahriman.core.util import check_output
from ahriman.models.repository_paths import RepositoryPaths from ahriman.models.repository_paths import RepositoryPaths
@ -27,18 +29,23 @@ from ahriman.models.repository_paths import RepositoryPaths
class RepoWrapper: class RepoWrapper:
def __init__(self, name: str, paths: RepositoryPaths) -> None: def __init__(self, name: str, paths: RepositoryPaths, pgp_key: Optional[str]) -> None:
self.logger = logging.getLogger('build_details') self.logger = logging.getLogger('build_details')
self.name = name self.name = name
self.paths = paths self.paths = paths
self.pgp_key = pgp_key
@property @property
def repo_path(self) -> str: def repo_path(self) -> str:
return os.path.join(self.paths.repository, f'{self.name}.db.tar.gz') return os.path.join(self.paths.repository, f'{self.name}.db.tar.gz')
def _with_sign(self, cmd: List[str]) -> List[str]:
return (cmd + ['-s', '-k', self.pgp_key]) if self.pgp_key else cmd
def add(self, path: str) -> None: def add(self, path: str) -> None:
cmd = self._with_sign(['repo-add'])
check_output( check_output(
'repo-add', '-R', self.repo_path, path, *cmd, '-R', self.repo_path, path,
exception=BuildFailed(path), exception=BuildFailed(path),
cwd=self.paths.repository, cwd=self.paths.repository,
logger=self.logger) logger=self.logger)
@ -48,8 +55,9 @@ class RepoWrapper:
sign_path = f'{path}.sig' sign_path = f'{path}.sig'
if os.path.exists(sign_path): if os.path.exists(sign_path):
os.remove(sign_path) os.remove(sign_path)
cmd = self._with_sign(['repo-remove'])
check_output( check_output(
'repo-remove', self.repo_path, package, *cmd, self.repo_path, package,
exception=BuildFailed(path), exception=BuildFailed(path),
cwd=self.paths.repository, cwd=self.paths.repository,
logger=self.logger) logger=self.logger)

4
src/ahriman/core/repository.py
View File

@ -47,7 +47,7 @@ class Repository:
self.paths.create_tree() self.paths.create_tree()
self.sign = GPGWrapper(config) self.sign = GPGWrapper(config)
self.wrapper = RepoWrapper(self.name, self.paths) self.wrapper = RepoWrapper(self.name, self.paths, self.sign.repository_sign_key)
def _clear_build(self) -> None: def _clear_build(self) -> None:
for package in os.listdir(self.paths.sources): for package in os.listdir(self.paths.sources):
@ -114,7 +114,6 @@ class Repository:
self.logger.exception(f'could not load package from {fn}', exc_info=True) self.logger.exception(f'could not load package from {fn}', exc_info=True)
continue continue
self.sign.sign_repository(self.wrapper.repo_path)
return self.wrapper.repo_path return self.wrapper.repo_path
def process_report(self, targets: Optional[List[str]]) -> None: def process_report(self, targets: Optional[List[str]]) -> None:
@ -139,7 +138,6 @@ class Repository:
self.wrapper.add(package_fn) self.wrapper.add(package_fn)
self._clear_packages() self._clear_packages()
self.sign.sign_repository(self.wrapper.repo_path)
return self.wrapper.repo_path return self.wrapper.repo_path
def updates_aur(self, checked: List[str]) -> List[Package]: def updates_aur(self, checked: List[str]) -> List[Package]:

6
src/ahriman/core/sign/gpg_wrapper.py
View File

@ -20,7 +20,7 @@
import logging import logging
import os import os
from typing import List from typing import List, Optional
from ahriman.core.configuration import Configuration from ahriman.core.configuration import Configuration
from ahriman.core.exceptions import BuildFailed from ahriman.core.exceptions import BuildFailed
@ -36,6 +36,10 @@ class GPGWrapper:
self.key = config.get('sign', 'key', fallback=None) self.key = config.get('sign', 'key', fallback=None)
self.sign = SignSettings.from_option(config.get('sign', 'enabled')) self.sign = SignSettings.from_option(config.get('sign', 'enabled'))
@property
def repository_sign_key(self) -> Optional[str]:
return self.key if self.sign == SignSettings.SignRepository else None
def process(self, path: str) -> List[str]: def process(self, path: str) -> List[str]:
check_output( check_output(
*self.sign_cmd(path), *self.sign_cmd(path),