lumarel/toolkit
1
0
Fork 0
forked from sig_core/toolkit
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add checksum combine for close out

Browse Source
This commit is contained in:
Louis Abel 2022-07-04 12:23:04 -07:00
parent 843f412923
commit 340a6a3377
Signed by untrusted user: label
GPG Key ID: B37E62D143879B36
2 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
iso/empanadas/empanadas/templates/README.tmpl
View File

@ -13,15 +13,16 @@ of metadata that we produce for easy consumption.
CHECKSUM Validation: https://github.com/rocky-linux/checksums CHECKSUM Validation: https://github.com/rocky-linux/checksums
Traditionally, we would to "sign" the checksum files with the current GPG key Traditionally, we would "sign" the checksum files with the current GPG key of a
of a major release. However, due to how the new build system operates and for major release. However, due to how the new build system operates and for
ensuring strong security within the build system as it pertains the signing ensuring strong security within the build system as it pertains the signing
keys, this is no longer possible. It was determined by SIG/Core or Release keys, this is no longer possible. It was determined by SIG/Core or Release
Engineering to instead provide verified signed commits using our keys with Engineering to instead provide verified signed commits using our keys with
RESF/Rocky Linux email domain names to a proper git repository. RESF/Rocky Linux email domain names to a proper git repository. Our signing keys
are attached to our GitHub and RESF Git Service profiles.
With that being said, if you are looking for "verification" of the ISO If you are looking for "verification" of the ISO checksums and were expecting a
checksums, it is highly recommended to visit the link above. `CHECKSUM.sig`, it is highly recommended to visit the link above instead.
These are *always* updated with new releases or new images. This includes These are *always* updated with new releases or new images. This includes
live images as we release them. live images as we release them.

11
iso/empanadas/empanadas/util/dnf_utils.py
View File

@ -14,6 +14,7 @@ import shutil
import time import time
import re import re
import json import json
import glob
#import pipes #import pipes
from jinja2 import Environment, FileSystemLoader from jinja2 import Environment, FileSystemLoader
@ -1412,6 +1413,16 @@ class RepoSync:
) )
# Combine all checksums here # Combine all checksums here
for arch in self.arches:
iso_arch_root = os.path.join(sync_iso_root, arch)
iso_arch_checksum = os.path.join(iso_arch_root, 'CHECKSUM')
with open(iso_arch_checksum, 'w+', encoding='utf-8') as fp:
for check in glob.iglob(iso_arch_root + '/*.CHECKSUM'):
with open(check, 'r', encoding='utf-8') as sum:
for line in sum:
fp.write(line)
fp.close()
# Deploy final metadata for a close out # Deploy final metadata for a close out
self.deploy_metadata(sync_root) self.deploy_metadata(sync_root)