From 45848bf530651e0273978408099c43c5f4e5a419 Mon Sep 17 00:00:00 2001 From: nazunalika Date: Sun, 12 Jun 2022 02:55:32 -0700 Subject: [PATCH] simply gpg checking --- iso/py/sync-from-peridot-test | 4 ++-- iso/py/templates/repoconfig.tmpl | 6 +++--- iso/py/templates/reposync-src.tmpl | 8 +------- iso/py/templates/reposync.tmpl | 8 +------- iso/py/util/dnf_utils.py | 25 ++++++++++--------------- 5 files changed, 17 insertions(+), 34 deletions(-) diff --git a/iso/py/sync-from-peridot-test b/iso/py/sync-from-peridot-test index b8db670..1166376 100755 --- a/iso/py/sync-from-peridot-test +++ b/iso/py/sync-from-peridot-test @@ -12,5 +12,5 @@ r = Checks(rlvars, config['arch']) r.check_valid_arch() #a = RepoSync(rlvars, config, major="9", repo="ResilientStorage", parallel=True, ignore_debug=False, ignore_source=False) -a = RepoSync(rlvars, config, major="9", repo="ResilientStorage", parallel=True, ignore_debug=False, ignore_source=False, hashed=True) -#a.run() +a = RepoSync(rlvars, config, major="9", repo="BaseOS", parallel=True, ignore_debug=False, ignore_source=False, hashed=True) +a.run() diff --git a/iso/py/templates/repoconfig.tmpl b/iso/py/templates/repoconfig.tmpl index 04da1d8..ce57623 100644 --- a/iso/py/templates/repoconfig.tmpl +++ b/iso/py/templates/repoconfig.tmpl @@ -3,18 +3,18 @@ name={{repo.name}} baseurl={{ repo.baseurl }} enabled=1 -gpgcheck=0 +gpgcheck=1 [{{ repo.name }}-debug] name={{repo.name}} baseurl={{ repo.baseurl }}-debug enabled=1 -gpgcheck=0 +gpgcheck=1 [{{ repo.name }}-source] name={{repo.name}} baseurl={{ repo.srcbaseurl }} enabled=1 -gpgcheck=0 +gpgcheck=1 {% endfor %} diff --git a/iso/py/templates/reposync-src.tmpl b/iso/py/templates/reposync-src.tmpl index dc10fab..88836a3 100644 --- a/iso/py/templates/reposync-src.tmpl +++ b/iso/py/templates/reposync-src.tmpl @@ -3,11 +3,5 @@ set -o pipefail {{ import_gpg_cmd }} | tee -a {{ sync_log }} {{ dnf_plugin_cmd }} | tee -a {{ sync_log }} {{ sync_cmd }} | tee -a {{ sync_log }} -{{ check_cmd }} | tee -a {{ sync_log }} -ret_val=$? -if [ "$ret_val" -eq 1 ]; then - exit 0 -else - exit 1 -fi +# {{ check_cmd }} | tee -a {{ sync_log }} diff --git a/iso/py/templates/reposync.tmpl b/iso/py/templates/reposync.tmpl index 282340f..22f71b4 100644 --- a/iso/py/templates/reposync.tmpl +++ b/iso/py/templates/reposync.tmpl @@ -4,11 +4,5 @@ set -o pipefail {{ arch_force_cp }} | tee -a {{ sync_log }} {{ dnf_plugin_cmd }} | tee -a {{ sync_log }} {{ sync_cmd }} | tee -a {{ sync_log }} -{{ check_cmd }} | tee -a {{ sync_log }} -ket_val=$? -if [ "$ret_val" -eq 1 ]; then - exit 0 -else - exit 1 -fi +# {{ check_cmd }} | tee -a {{ sync_log }} diff --git a/iso/py/util/dnf_utils.py b/iso/py/util/dnf_utils.py index 5969be0..7221e72 100644 --- a/iso/py/util/dnf_utils.py +++ b/iso/py/util/dnf_utils.py @@ -327,7 +327,8 @@ class RepoSync: ) sync_cmd = ("/usr/bin/dnf reposync -c {}.{} --download-metadata " - "--repoid={} -p {} --forcearch {} --norepopath 2>&1").format( + "--repoid={} -p {} --forcearch {} --norepopath " + "--gpgcheck 2>&1").format( self.dnf_config, a, r, @@ -337,7 +338,7 @@ class RepoSync: debug_sync_cmd = ("/usr/bin/dnf reposync -c {}.{} " "--download-metadata --repoid={}-debug -p {} --forcearch {} " - "--norepopath 2>&1").format( + "--gpgcheck --norepopath 2>&1").format( self.dnf_config, a, r, @@ -346,10 +347,6 @@ class RepoSync: ) dnf_plugin_cmd = "/usr/bin/dnf install dnf-plugins-core -y" - check_cmd = ("/usr/bin/rpm -K $(find {} -name '*.rpm') " - "| grep -v 'signatures OK'").format(os_sync_path) - debug_check_cmd = ("/usr/bin/rpm -K $(find {} -name '*.rpm') " - "| grep -v 'signatures OK'").format(debug_sync_path) sync_template = self.tmplenv.get_template('reposync.tmpl') sync_output = sync_template.render( @@ -357,7 +354,6 @@ class RepoSync: arch_force_cp=arch_force_cp, dnf_plugin_cmd=dnf_plugin_cmd, sync_cmd=sync_cmd, - check_cmd=check_cmd, sync_log=sync_log ) @@ -367,7 +363,6 @@ class RepoSync: arch_force_cp=arch_force_cp, dnf_plugin_cmd=dnf_plugin_cmd, sync_cmd=debug_sync_cmd, - check_cmd=debug_check_cmd, sync_log=debug_sync_log ) @@ -407,21 +402,17 @@ class RepoSync: source_sync_cmd = ("/usr/bin/dnf reposync -c {} " "--download-metadata --repoid={}-source -p {} " - "--norepopath 2>&1").format( + "--gpgcheck --norepopath 2>&1").format( self.dnf_config, r, source_sync_path ) - source_check_cmd = ("/usr/bin/rpm -K $(find {} -name '*.rpm') " - "| grep -v 'signatures OK'").format(source_sync_path) - source_sync_template = self.tmplenv.get_template('reposync-src.tmpl') source_sync_output = source_sync_template.render( import_gpg_cmd=import_gpg_cmd, dnf_plugin_cmd=dnf_plugin_cmd, sync_cmd=source_sync_cmd, - check_cmd=source_check_cmd, sync_log=source_sync_log ) @@ -487,7 +478,9 @@ class RepoSync: output, errors = podcheck.communicate() if 'Exited (0)' not in output.decode(): - self.log.error('[%s%sFAIL%s] %s' % Color.BOLD, Color.RED, pod, Color.END) + self.log.error( + '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' + pod + ) bad_exit_list.append(pod) rmcmd = '{} rm {}'.format( @@ -765,7 +758,9 @@ class RepoSync: output, errors = podcheck.communicate() if 'Exited (0)' not in output.decode(): - self.log.error('[%s%sFAIL%s] %s' % Color.BOLD, Color.RED, pod, Color.END) + self.log.error( + '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' + pod + ) bad_exit_list.append(pod) rmcmd = '{} rm {}'.format(