gpg_sign.py: fix signing of rpm files using gpg
This means a) calling rpmkeys and rpmsign instead of rpm b) instructing gpg to run non-interactively; otherwise on my machine it pops up windows requesting a key passphrase (From OE-Core rev: f82f270df2da59702026721612563aea57cd77eb) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
f72bc777fa
commit
5a3e1290cb
|
@ -11,7 +11,7 @@ class LocalSigner(object):
|
|||
bb.utils.which(os.getenv('PATH'), 'gpg')
|
||||
self.gpg_path = d.getVar('GPG_PATH')
|
||||
self.gpg_version = self.get_gpg_version()
|
||||
self.rpm_bin = bb.utils.which(os.getenv('PATH'), "rpm")
|
||||
self.rpm_bin = bb.utils.which(os.getenv('PATH'), "rpmsign")
|
||||
|
||||
def export_pubkey(self, output_file, keyid, armor=True):
|
||||
"""Export GPG public key to a file"""
|
||||
|
@ -31,9 +31,10 @@ class LocalSigner(object):
|
|||
"""Sign RPM files"""
|
||||
|
||||
cmd = self.rpm_bin + " --addsign --define '_gpg_name %s' " % keyid
|
||||
cmd += "--define '_gpg_passphrase %s' " % passphrase
|
||||
gpg_args = '--batch --passphrase=%s' % passphrase
|
||||
if self.gpg_version > (2,1,):
|
||||
cmd += "--define '_gpg_sign_cmd_extra_args --pinentry-mode=loopback' "
|
||||
gpg_args += ' --pinentry-mode=loopback'
|
||||
cmd += "--define '_gpg_sign_cmd_extra_args %s' " % gpg_args
|
||||
if self.gpg_bin:
|
||||
cmd += "--define '%%__gpg %s' " % self.gpg_bin
|
||||
if self.gpg_path:
|
||||
|
|
|
@ -27,7 +27,7 @@ class Signing(oeSelfTest):
|
|||
cls.pub_key_path = os.path.join(cls.testlayer_path, 'files', 'signing', "key.pub")
|
||||
cls.secret_key_path = os.path.join(cls.testlayer_path, 'files', 'signing', "key.secret")
|
||||
|
||||
runCmd('gpg --homedir %s --import %s %s' % (cls.gpg_dir, cls.pub_key_path, cls.secret_key_path))
|
||||
runCmd('gpg --batch --homedir %s --import %s %s' % (cls.gpg_dir, cls.pub_key_path, cls.secret_key_path))
|
||||
|
||||
@testcase(1362)
|
||||
def test_signing_packages(self):
|
||||
|
@ -76,13 +76,13 @@ class Signing(oeSelfTest):
|
|||
# Use a temporary rpmdb
|
||||
rpmdb = tempfile.mkdtemp(prefix='oeqa-rpmdb')
|
||||
|
||||
runCmd('%s/rpm --define "_dbpath %s" --import %s' %
|
||||
runCmd('%s/rpmkeys --define "_dbpath %s" --import %s' %
|
||||
(staging_bindir_native, rpmdb, self.pub_key_path))
|
||||
|
||||
ret = runCmd('%s/rpm --define "_dbpath %s" --checksig %s' %
|
||||
ret = runCmd('%s/rpmkeys --define "_dbpath %s" --checksig %s' %
|
||||
(staging_bindir_native, rpmdb, pkg_deploy))
|
||||
# tmp/deploy/rpm/i586/ed-1.9-r0.i586.rpm: rsa sha1 md5 OK
|
||||
self.assertIn('rsa sha1 md5 OK', ret.output, 'Package signed incorrectly.')
|
||||
self.assertIn('rsa sha1 (md5) pgp md5 OK', ret.output, 'Package signed incorrectly.')
|
||||
shutil.rmtree(rpmdb)
|
||||
|
||||
@testcase(1382)
|
||||
|
|
Loading…
Reference in New Issue