Verify signature regardless of signing status

We get "corrupted"/non-correctly signed RPMs from time to time and added a mechanism to verify signatures and resign if invalid. Unfortunately sometimes rpm --addsign can return a zero exit code regardless of actual error status. Because of this we should always verify signature after signing, this way if it's invalid, we can resign it.
This commit is contained in:
Mustafa Gezen 2022-07-27 08:28:37 +02:00
parent 5917a94c9f
commit 1703798d0e
Signed by untrusted user who does not match committer: mustafa
GPG Key ID: DCDF010D946438C1

View File

@ -213,7 +213,7 @@ func (s *Server) SignArtifactActivity(ctx context.Context, artifactId string, ke
if err2 != nil { if err2 != nil {
s.log.Errorf("failed to add error details to status: %v", err2) s.log.Errorf("failed to add error details to status: %v", err2)
} }
return nil, fmt.Errorf("failed to sign artifact %s: %v\nlogs: %s", artifact.Name, err, outBuf.String()) return nil, statusErr
} }
_, err = s.storage.PutObject(newObjectKey, localPath) _, err = s.storage.PutObject(newObjectKey, localPath)
if err != nil { if err != nil {
@ -251,6 +251,8 @@ func (s *Server) SignArtifactActivity(ctx context.Context, artifactId string, ke
"--checksig", localPath, "--checksig", localPath,
} }
cmd := gpgCmdEnv(exec.Command("rpm", opts...)) cmd := gpgCmdEnv(exec.Command("rpm", opts...))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
err := cmd.Run() err := cmd.Run()
if err != nil { if err != nil {
s.log.Errorf("failed to verify artifact %s: %v", artifact.Name, err) s.log.Errorf("failed to verify artifact %s: %v", artifact.Name, err)
@ -260,11 +262,8 @@ func (s *Server) SignArtifactActivity(ctx context.Context, artifactId string, ke
} }
var tries int var tries int
for { for {
res, err := rpmSign() res, _ := rpmSign()
if err == nil { err := verifySig()
return res, nil
}
err = verifySig()
if err == nil { if err == nil {
return res, nil return res, nil
} }