forked from rpms/leapp-repository
128 lines
7.3 KiB
Diff
128 lines
7.3 KiB
Diff
From c82153f14d9391c72d914c80d764de0d7ef7ff1e Mon Sep 17 00:00:00 2001
|
|
From: Petr Stodulka <pstodulk@redhat.com>
|
|
Date: Wed, 7 May 2025 22:23:21 +0200
|
|
Subject: [PATCH 34/37] Introduce distro-based rpm-gpg trusted directory
|
|
|
|
The original trusted rpm-gpg directories under
|
|
files/rpm-gpg/
|
|
is not flexible when considering other distributions as well.
|
|
The new path pattern will be:
|
|
files/distro/<DISTRO>/rpm-gpg/
|
|
|
|
Removing files/rpm-gpg directory with the included RHEL GPG keys
|
|
in favor of the new distro based directory.
|
|
|
|
jira: RHEL-80335
|
|
|
|
Signed-off-by: Petr Stodulka <pstodulk@redhat.com>
|
|
---
|
|
.../rpm-gpg/10/RPM-GPG-KEY-redhat-release | 0
|
|
.../rpm-gpg/10beta/RPM-GPG-KEY-redhat-release | 0
|
|
.../rpm-gpg/8/RPM-GPG-KEY-redhat-release | 0
|
|
.../rpm-gpg/8beta/RPM-GPG-KEY-redhat-beta | 0
|
|
.../rpm-gpg/9/RPM-GPG-KEY-redhat-release | 0
|
|
.../rpm-gpg/9beta/RPM-GPG-KEY-redhat-beta | 0
|
|
repos/system_upgrade/common/libraries/gpg.py | 8 ++++++-
|
|
.../common/libraries/tests/test_gpg.py | 21 +++++++++++--------
|
|
8 files changed, 19 insertions(+), 10 deletions(-)
|
|
rename repos/system_upgrade/common/files/{ => distro/rhel}/rpm-gpg/10/RPM-GPG-KEY-redhat-release (100%)
|
|
rename repos/system_upgrade/common/files/{ => distro/rhel}/rpm-gpg/10beta/RPM-GPG-KEY-redhat-release (100%)
|
|
rename repos/system_upgrade/common/files/{ => distro/rhel}/rpm-gpg/8/RPM-GPG-KEY-redhat-release (100%)
|
|
rename repos/system_upgrade/common/files/{ => distro/rhel}/rpm-gpg/8beta/RPM-GPG-KEY-redhat-beta (100%)
|
|
rename repos/system_upgrade/common/files/{ => distro/rhel}/rpm-gpg/9/RPM-GPG-KEY-redhat-release (100%)
|
|
rename repos/system_upgrade/common/files/{ => distro/rhel}/rpm-gpg/9beta/RPM-GPG-KEY-redhat-beta (100%)
|
|
|
|
diff --git a/repos/system_upgrade/common/files/rpm-gpg/10/RPM-GPG-KEY-redhat-release b/repos/system_upgrade/common/files/distro/rhel/rpm-gpg/10/RPM-GPG-KEY-redhat-release
|
|
similarity index 100%
|
|
rename from repos/system_upgrade/common/files/rpm-gpg/10/RPM-GPG-KEY-redhat-release
|
|
rename to repos/system_upgrade/common/files/distro/rhel/rpm-gpg/10/RPM-GPG-KEY-redhat-release
|
|
diff --git a/repos/system_upgrade/common/files/rpm-gpg/10beta/RPM-GPG-KEY-redhat-release b/repos/system_upgrade/common/files/distro/rhel/rpm-gpg/10beta/RPM-GPG-KEY-redhat-release
|
|
similarity index 100%
|
|
rename from repos/system_upgrade/common/files/rpm-gpg/10beta/RPM-GPG-KEY-redhat-release
|
|
rename to repos/system_upgrade/common/files/distro/rhel/rpm-gpg/10beta/RPM-GPG-KEY-redhat-release
|
|
diff --git a/repos/system_upgrade/common/files/rpm-gpg/8/RPM-GPG-KEY-redhat-release b/repos/system_upgrade/common/files/distro/rhel/rpm-gpg/8/RPM-GPG-KEY-redhat-release
|
|
similarity index 100%
|
|
rename from repos/system_upgrade/common/files/rpm-gpg/8/RPM-GPG-KEY-redhat-release
|
|
rename to repos/system_upgrade/common/files/distro/rhel/rpm-gpg/8/RPM-GPG-KEY-redhat-release
|
|
diff --git a/repos/system_upgrade/common/files/rpm-gpg/8beta/RPM-GPG-KEY-redhat-beta b/repos/system_upgrade/common/files/distro/rhel/rpm-gpg/8beta/RPM-GPG-KEY-redhat-beta
|
|
similarity index 100%
|
|
rename from repos/system_upgrade/common/files/rpm-gpg/8beta/RPM-GPG-KEY-redhat-beta
|
|
rename to repos/system_upgrade/common/files/distro/rhel/rpm-gpg/8beta/RPM-GPG-KEY-redhat-beta
|
|
diff --git a/repos/system_upgrade/common/files/rpm-gpg/9/RPM-GPG-KEY-redhat-release b/repos/system_upgrade/common/files/distro/rhel/rpm-gpg/9/RPM-GPG-KEY-redhat-release
|
|
similarity index 100%
|
|
rename from repos/system_upgrade/common/files/rpm-gpg/9/RPM-GPG-KEY-redhat-release
|
|
rename to repos/system_upgrade/common/files/distro/rhel/rpm-gpg/9/RPM-GPG-KEY-redhat-release
|
|
diff --git a/repos/system_upgrade/common/files/rpm-gpg/9beta/RPM-GPG-KEY-redhat-beta b/repos/system_upgrade/common/files/distro/rhel/rpm-gpg/9beta/RPM-GPG-KEY-redhat-beta
|
|
similarity index 100%
|
|
rename from repos/system_upgrade/common/files/rpm-gpg/9beta/RPM-GPG-KEY-redhat-beta
|
|
rename to repos/system_upgrade/common/files/distro/rhel/rpm-gpg/9beta/RPM-GPG-KEY-redhat-beta
|
|
diff --git a/repos/system_upgrade/common/libraries/gpg.py b/repos/system_upgrade/common/libraries/gpg.py
|
|
index a8071329..c9c3f1fc 100644
|
|
--- a/repos/system_upgrade/common/libraries/gpg.py
|
|
+++ b/repos/system_upgrade/common/libraries/gpg.py
|
|
@@ -121,7 +121,13 @@ def get_path_to_gpg_certs():
|
|
# only beta is special in regards to the GPG signing keys
|
|
if target_product_type == 'beta':
|
|
certs_dir = '{}beta'.format(target_major_version)
|
|
- return os.path.join(api.get_common_folder_path(GPG_CERTS_FOLDER), certs_dir)
|
|
+ distro = api.current_actor().configuration.os_release.release_id
|
|
+ return os.path.join(
|
|
+ api.get_common_folder_path('distro'),
|
|
+ distro,
|
|
+ GPG_CERTS_FOLDER,
|
|
+ certs_dir
|
|
+ )
|
|
|
|
|
|
def is_nogpgcheck_set():
|
|
diff --git a/repos/system_upgrade/common/libraries/tests/test_gpg.py b/repos/system_upgrade/common/libraries/tests/test_gpg.py
|
|
index 7cf37fa2..82b51abb 100644
|
|
--- a/repos/system_upgrade/common/libraries/tests/test_gpg.py
|
|
+++ b/repos/system_upgrade/common/libraries/tests/test_gpg.py
|
|
@@ -11,14 +11,16 @@ from leapp.libraries.stdlib import api
|
|
from leapp.models import GpgKey, InstalledRPM, RPM
|
|
|
|
|
|
-@pytest.mark.parametrize('target, product_type, exp', [
|
|
- ('8.6', 'beta', '../../files/rpm-gpg/8beta'),
|
|
- ('8.8', 'htb', '../../files/rpm-gpg/8'),
|
|
- ('9.0', 'beta', '../../files/rpm-gpg/9beta'),
|
|
- ('9.2', 'ga', '../../files/rpm-gpg/9'),
|
|
+@pytest.mark.parametrize('target, product_type, distro, exp', [
|
|
+ ('8.6', 'beta', 'rhel', '../../files/distro/rhel/rpm-gpg/8beta'),
|
|
+ ('8.8', 'htb', 'rhel', '../../files/distro/rhel/rpm-gpg/8'),
|
|
+ ('9.0', 'beta', 'rhel', '../../files/distro/rhel/rpm-gpg/9beta'),
|
|
+ ('9.2', 'ga', 'rhel', '../../files/distro/rhel/rpm-gpg/9'),
|
|
+ ('10.0', 'ga', 'rhel', '../../files/distro/rhel/rpm-gpg/10'),
|
|
+ ('10', 'ga', 'centos', '../../files/distro/centos/rpm-gpg/10'),
|
|
])
|
|
-def test_get_path_to_gpg_certs(monkeypatch, target, product_type, exp):
|
|
- current_actor = CurrentActorMocked(dst_ver=target,
|
|
+def test_get_path_to_gpg_certs(monkeypatch, target, product_type, distro, exp):
|
|
+ current_actor = CurrentActorMocked(dst_ver=target, release_id=distro,
|
|
envars={'LEAPP_DEVEL_TARGET_PRODUCT_TYPE': product_type})
|
|
monkeypatch.setattr(api, 'current_actor', current_actor)
|
|
|
|
@@ -33,7 +35,7 @@ def is_rhel7():
|
|
@pytest.mark.skipif(distro.id() not in ("rhel", "centos"), reason="Requires RHEL or CentOS for valid results.")
|
|
def test_gpg_show_keys(loaded_leapp_repository, monkeypatch):
|
|
src = '7.9' if is_rhel7() else '8.6'
|
|
- current_actor = CurrentActorMocked(src_ver=src)
|
|
+ current_actor = CurrentActorMocked(src_ver=src, release_id='rhel')
|
|
monkeypatch.setattr(api, 'current_actor', current_actor)
|
|
|
|
# python2 compatibility :/
|
|
@@ -78,7 +80,8 @@ def test_gpg_show_keys(loaded_leapp_repository, monkeypatch):
|
|
# with some test data now -- rhel9 release key
|
|
# rhel9_key_path = os.path.join(api.get_common_folder_path('rpm-gpg'), '9')
|
|
cur_dir = os.path.dirname(os.path.abspath(__file__))
|
|
- rhel9_key_path = os.path.join(cur_dir, '..', '..', 'files', 'rpm-gpg', '9',
|
|
+ rhel9_key_path = os.path.join(cur_dir, '..', '..', 'files',
|
|
+ 'distro', 'rhel', 'rpm-gpg', '9',
|
|
'RPM-GPG-KEY-redhat-release')
|
|
res = gpg._gpg_show_keys(rhel9_key_path)
|
|
finally:
|
|
--
|
|
2.49.0
|
|
|