diff options
Diffstat (limited to 'modules/buildsystem/files')
| -rw-r--r-- | modules/buildsystem/files/Mageia.pm | 53 | ||||
| -rwxr-xr-x | modules/buildsystem/files/signbot/mga-signpackage | 31 | ||||
| -rw-r--r-- | modules/buildsystem/files/signbot/sign-check-package | 37 | ||||
| -rw-r--r-- | modules/buildsystem/files/signbot/signbot-rpmmacros | 3 |
4 files changed, 74 insertions, 50 deletions
diff --git a/modules/buildsystem/files/Mageia.pm b/modules/buildsystem/files/Mageia.pm index 109aeb29..443f6cb7 100644 --- a/modules/buildsystem/files/Mageia.pm +++ b/modules/buildsystem/files/Mageia.pm @@ -225,7 +225,7 @@ sub _get_distribution_paths { my $arch = $package->get_arch(); $arch = $translate_arch{$arch} || $arch; if ($arch eq 'noarch') { - map { "$target/$_" } $self->get_extra_arches; + map { "$target/$_" } $self->get_target_arches($target); } elsif ($arch eq 'src') { die "no way to get distribution path using a $arch package"; } else { @@ -264,26 +264,7 @@ sub get_replaced_packages { my @replaced_packages = $self->SUPER::get_replaced_packages($package, $target, $user_context, $app_context); - # mandriva lib policy: - # library package names change with revision, making mandatory to - # duplicate older revisions search with a custom pattern my $name = $package->get_name(); - if ($name =~ /^(lib\w+[a-zA-Z_])[\d_\.]+([-\w]*)$/) { - push(@replaced_packages, - grep { $package->compare($_) > 0 } - map { PACKAGE_CLASS->new(file => $_) } - $self->get_files( - $self->{_install_root}, - $self->get_install_path($package, $target, $user_context, $app_context), - PACKAGE_CLASS->get_pattern( - $1 . '[\d_\.]+' . $2, # custom name pattern - undef, - undef, - $package->get_arch() - ), - ) - ); - } # kernel packages have the version in the name # binary dkms built for old kernels have to be removed too @@ -454,13 +435,14 @@ sub get_upload_newer_revisions { my ($self, $package, $target, $user_context, $app_context) = @_; croak "Not a class method" unless ref $self; my $arch = $package->get_arch(); - my $name = $package->get_full_name; + my $name = $package->as_string(); $name =~ s/^\@\d+://; my $pattern = $self->get_package_class()->get_pattern($package->get_name(), undef, undef, $arch); my $media = $self->_get_media_config($target); my @packages; foreach my $state (@{$self->{_upload_state}}) { foreach my $m (keys %{$media->{$arch}}) { + next if defined($user_context->{section}) and $user_context->{section} ne $m; my $path = "$self->{_upload_root}/$state/$target/$m"; print "Looking for package $package revisions for $target in $path (pattern $pattern)\n" if $self->{_verbose}; find( @@ -498,35 +480,6 @@ sub get_svn_url { $self->{_svn} } -sub get_revisions { - my ($self, $package, $target, $user_context, $app_context, $filter) = @_; - croak "Not a class method" unless ref $self; - print "Looking for package $package revisions for $target\n" if $self->{_verbose} > 0; - - my $arch = $app_context->{arch} || $user_context->{arch} || $package->get_arch(); - my $media_arch = $arch eq 'noarch' ? $self->{_noarch} : $arch; - my $path = $arch eq 'src' ? "$target/SRPMS/" : "$target/$media_arch/media"; - my $media = $self->_get_section($package, $target, $user_context, $app_context); - my $name = $package->get_name(); - my @packages = map { $self->get_package_class()->new(file => $_) } - $self->get_files( - $self->{_install_root}, - "$path/$media", - $self->get_package_class()->get_pattern( - $name, - undef, - undef, - $package->get_arch(), - ) - ); - - @packages = grep { $filter->($_) } @packages if $filter; - - return - sort { $b->compare($a) } # sort by revision order - @packages; -} - sub reject { my ($self, $package, $target, $user_context, $app_context) = @_; croak "Not a class method" unless ref $self; diff --git a/modules/buildsystem/files/signbot/mga-signpackage b/modules/buildsystem/files/signbot/mga-signpackage new file mode 100755 index 00000000..199dbe0e --- /dev/null +++ b/modules/buildsystem/files/signbot/mga-signpackage @@ -0,0 +1,31 @@ +#!/usr/bin/perl -w + +use strict; +use warnings; +use RPM4::Sign; +use File::Spec; + +sub signpackage { + my ($file, $name, $path) = @_; + + # check if parent directory is writable + my $parent = (File::Spec->splitpath($file))[1]; + die "Unsignable package, parent directory is read-only" + unless -w $parent; + + my $sign = RPM4::Sign->new( + name => $name, + path => $path, + passphrase => '', + ); + + $sign->rpmssign($file) +} + +if (@ARGV != 3) { + exit 1; +} + +signpackage(@ARGV); +exit 0 + diff --git a/modules/buildsystem/files/signbot/sign-check-package b/modules/buildsystem/files/signbot/sign-check-package new file mode 100644 index 00000000..fc9704fd --- /dev/null +++ b/modules/buildsystem/files/signbot/sign-check-package @@ -0,0 +1,37 @@ +#!/bin/sh + +if [ $# != 3 ] ; then + echo "missing arguments" + echo "usage : $0 file key_number key_directory" + exit 1 +fi + +file="$1" +key="$2" +keydir="$3" + +tmpdir=`mktemp -d ${TMPDIR:-/tmp}/signbot-XXXXX` +tmpfile="$tmpdir/$(basename $file)" +cp -pf "$file" "$tmpfile" +rpm --delsign "$tmpfile" +/usr/local/bin/mga-signpackage "$tmpfile" "$key" "$keydir" +nbtry=0 +while rpmsign -Kv "$tmpfile" 2>&1 | grep BAD +do + nbtry=$(($nbtry + 1)) + if [ $nbtry -ge 30 ] + then + exit 1 + fi + + # Archive failed file for further analysis + mkdir -p "/tmp/failed-sign/" + failedfile="/tmp/failed-sign/$(basename "$file").$(date +%Y%m%d%H%M%S)" + cp -pf "$file" "$failedfile" + + cp -pf "$file" "$tmpfile" + rpm --delsign "$tmpfile" + /usr/local/bin/mga-signpackage "$tmpfile" "$key" "$keydir" +done +mv -f "$tmpfile" "$file" +rmdir "$tmpdir" diff --git a/modules/buildsystem/files/signbot/signbot-rpmmacros b/modules/buildsystem/files/signbot/signbot-rpmmacros new file mode 100644 index 00000000..aab7e389 --- /dev/null +++ b/modules/buildsystem/files/signbot/signbot-rpmmacros @@ -0,0 +1,3 @@ +%__gpg_sign_cmd %{__gpg} \ + gpg --batch --force-v3-sigs --no-verbose --no-armor --passphrase-fd 3 --no-secmem-warning \ + -u "%{_gpg_name}" -sbo %{__signature_filename} %{__plaintext_filename} |