diff options
| author | Remi Collet <remi@remirepo.net> | 2021-05-03 12:18:39 +0200 |
|---|---|---|
| committer | Remi Collet <remi@remirepo.net> | 2021-05-03 12:18:39 +0200 |
| commit | 439c7ff2058c85475db2566a55f45f1531d67a20 (patch) | |
| tree | a73ab266e7fa04d6a0c7766d4b9f9d9de62b3273 /mkmodular | |
| parent | 5c08e2a1af3a384fe2e189704cb5fe61a879b49a (diff) | |
sign repo metadata gh#175
Diffstat (limited to 'mkmodular')
| -rwxr-xr-x | mkmodular | 27 |
1 files changed, 27 insertions, 0 deletions
@@ -327,7 +327,31 @@ function createRepo($dest, $mod) { $old = getcwd(); chdir($dest); +// Key +[$dis,$ver]=explode("/", $dest); +$GPG_NAME="Remi's RPM repository"; +if ($dis == "fedora") { + if ($ver >= 34) { + $GPG_PATH="/home/remi/.gnupg2021"; + } else if ($ver >= 32) { + $GPG_PATH="/home/remi/.gnupg2020"; + } else { + $GPG_PATH="/home/remi/.gnupg2019"; + } +} else { + if ($ver >= 8) { + $GPG_PATH="/home/remi/.gnupg2018"; + } else { + $GPG_PATH="/home/remi/.gnupgrpm"; + $GPG_NAME="Remi Collet"; + } +} +echo "Metadata, signing with $GPG_PATH, "; + +// Repository content exec("mkrepo nocheck noclean"); + +// Modular data $data = '/tmp/modules.yaml'; file_put_contents($data, $mod); $hash = hash('sha256', $mod); @@ -335,6 +359,9 @@ exec("modifyrepo_c --mdtype=modules $data repodata >/dev/null"); $arch = basename($dest); rename($data, "$data.$arch"); +// Sign +@unlink("repodata/repomd.xml.asc"); +exec("gpg --armor --detach-sign --default-key \"$GPG_NAME\" --homedir \"$GPG_PATH\" repodata/repomd.xml"); chdir($old); } /* |