simply gpg checking

This commit is contained in:
Louis Abel 2022-06-12 02:55:32 -07:00
parent 41f77b1d4c
commit 45848bf530
Signed by untrusted user: label
GPG key ID: B37E62D143879B36
5 changed files with 17 additions and 34 deletions

View file

@ -12,5 +12,5 @@ r = Checks(rlvars, config['arch'])
r.check_valid_arch()
#a = RepoSync(rlvars, config, major="9", repo="ResilientStorage", parallel=True, ignore_debug=False, ignore_source=False)
a = RepoSync(rlvars, config, major="9", repo="ResilientStorage", parallel=True, ignore_debug=False, ignore_source=False, hashed=True)
#a.run()
a = RepoSync(rlvars, config, major="9", repo="BaseOS", parallel=True, ignore_debug=False, ignore_source=False, hashed=True)
a.run()

View file

@ -3,18 +3,18 @@
name={{repo.name}}
baseurl={{ repo.baseurl }}
enabled=1
gpgcheck=0
gpgcheck=1
[{{ repo.name }}-debug]
name={{repo.name}}
baseurl={{ repo.baseurl }}-debug
enabled=1
gpgcheck=0
gpgcheck=1
[{{ repo.name }}-source]
name={{repo.name}}
baseurl={{ repo.srcbaseurl }}
enabled=1
gpgcheck=0
gpgcheck=1
{% endfor %}

View file

@ -3,11 +3,5 @@ set -o pipefail
{{ import_gpg_cmd }} | tee -a {{ sync_log }}
{{ dnf_plugin_cmd }} | tee -a {{ sync_log }}
{{ sync_cmd }} | tee -a {{ sync_log }}
{{ check_cmd }} | tee -a {{ sync_log }}
ret_val=$?
if [ "$ret_val" -eq 1 ]; then
exit 0
else
exit 1
fi
# {{ check_cmd }} | tee -a {{ sync_log }}

View file

@ -4,11 +4,5 @@ set -o pipefail
{{ arch_force_cp }} | tee -a {{ sync_log }}
{{ dnf_plugin_cmd }} | tee -a {{ sync_log }}
{{ sync_cmd }} | tee -a {{ sync_log }}
{{ check_cmd }} | tee -a {{ sync_log }}
ket_val=$?
if [ "$ret_val" -eq 1 ]; then
exit 0
else
exit 1
fi
# {{ check_cmd }} | tee -a {{ sync_log }}

View file

@ -327,7 +327,8 @@ class RepoSync:
)
sync_cmd = ("/usr/bin/dnf reposync -c {}.{} --download-metadata "
"--repoid={} -p {} --forcearch {} --norepopath 2>&1").format(
"--repoid={} -p {} --forcearch {} --norepopath "
"--gpgcheck 2>&1").format(
self.dnf_config,
a,
r,
@ -337,7 +338,7 @@ class RepoSync:
debug_sync_cmd = ("/usr/bin/dnf reposync -c {}.{} "
"--download-metadata --repoid={}-debug -p {} --forcearch {} "
"--norepopath 2>&1").format(
"--gpgcheck --norepopath 2>&1").format(
self.dnf_config,
a,
r,
@ -346,10 +347,6 @@ class RepoSync:
)
dnf_plugin_cmd = "/usr/bin/dnf install dnf-plugins-core -y"
check_cmd = ("/usr/bin/rpm -K $(find {} -name '*.rpm') "
"| grep -v 'signatures OK'").format(os_sync_path)
debug_check_cmd = ("/usr/bin/rpm -K $(find {} -name '*.rpm') "
"| grep -v 'signatures OK'").format(debug_sync_path)
sync_template = self.tmplenv.get_template('reposync.tmpl')
sync_output = sync_template.render(
@ -357,7 +354,6 @@ class RepoSync:
arch_force_cp=arch_force_cp,
dnf_plugin_cmd=dnf_plugin_cmd,
sync_cmd=sync_cmd,
check_cmd=check_cmd,
sync_log=sync_log
)
@ -367,7 +363,6 @@ class RepoSync:
arch_force_cp=arch_force_cp,
dnf_plugin_cmd=dnf_plugin_cmd,
sync_cmd=debug_sync_cmd,
check_cmd=debug_check_cmd,
sync_log=debug_sync_log
)
@ -407,21 +402,17 @@ class RepoSync:
source_sync_cmd = ("/usr/bin/dnf reposync -c {} "
"--download-metadata --repoid={}-source -p {} "
"--norepopath 2>&1").format(
"--gpgcheck --norepopath 2>&1").format(
self.dnf_config,
r,
source_sync_path
)
source_check_cmd = ("/usr/bin/rpm -K $(find {} -name '*.rpm') "
"| grep -v 'signatures OK'").format(source_sync_path)
source_sync_template = self.tmplenv.get_template('reposync-src.tmpl')
source_sync_output = source_sync_template.render(
import_gpg_cmd=import_gpg_cmd,
dnf_plugin_cmd=dnf_plugin_cmd,
sync_cmd=source_sync_cmd,
check_cmd=source_check_cmd,
sync_log=source_sync_log
)
@ -487,7 +478,9 @@ class RepoSync:
output, errors = podcheck.communicate()
if 'Exited (0)' not in output.decode():
self.log.error('[%s%sFAIL%s] %s' % Color.BOLD, Color.RED, pod, Color.END)
self.log.error(
'[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' + pod
)
bad_exit_list.append(pod)
rmcmd = '{} rm {}'.format(
@ -765,7 +758,9 @@ class RepoSync:
output, errors = podcheck.communicate()
if 'Exited (0)' not in output.decode():
self.log.error('[%s%sFAIL%s] %s' % Color.BOLD, Color.RED, pod, Color.END)
self.log.error(
'[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' + pod
)
bad_exit_list.append(pod)
rmcmd = '{} rm {}'.format(