aboutsummaryrefslogtreecommitdiffstats
path: root/modules/buildsystem
diff options
context:
space:
mode:
Diffstat (limited to 'modules/buildsystem')
-rw-r--r--modules/buildsystem/manifests/init.pp8
-rw-r--r--modules/buildsystem/templates/sign-check-package16
-rw-r--r--modules/buildsystem/templates/sudoers.signpackage1
3 files changed, 25 insertions, 0 deletions
diff --git a/modules/buildsystem/manifests/init.pp b/modules/buildsystem/manifests/init.pp
index 7df10179..b17c12c2 100644
--- a/modules/buildsystem/manifests/init.pp
+++ b/modules/buildsystem/manifests/init.pp
@@ -88,6 +88,14 @@ class buildsystem {
mode => 644,
content => template("buildsystem/signbot-rpmmacros")
}
+
+ file { "/usr/local/bin/sign-check-package":
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 755,
+ content => template("buildsystem/sign-check-package")
+ }
}
class scheduler {
diff --git a/modules/buildsystem/templates/sign-check-package b/modules/buildsystem/templates/sign-check-package
new file mode 100644
index 00000000..de397f02
--- /dev/null
+++ b/modules/buildsystem/templates/sign-check-package
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+file="$1"
+key="$2"
+keydir="$3"
+
+tmpfile=`/tmp/tmp.fMzaAHPDgM`
+cp -p "$file" "$tmpfile"
+rpm --delsign "$tmpfile"
+/usr/bin/mga-signpackage "$tmpfile" "$key" "$keydir"
+while rpmsign -Kv "$tmpfile" 2>&1 | grep BAD
+do
+ cp -p "$file" "$tmpfile"
+ /usr/bin/mga-signpackage "$tmpfile" "$key" "$keydir"
+done
+mv -f "$tmpfile" "$file"
diff --git a/modules/buildsystem/templates/sudoers.signpackage b/modules/buildsystem/templates/sudoers.signpackage
index 094b83f5..2322c186 100644
--- a/modules/buildsystem/templates/sudoers.signpackage
+++ b/modules/buildsystem/templates/sudoers.signpackage
@@ -1 +1,2 @@
<%= sched_login %> ALL =(<%= sign_login %>) NOPASSWD: /usr/bin/mga-signpackage
+<%= sched_login %> ALL =(<%= sign_login %>) NOPASSWD: /usr/local/bin/sign-check-package
generated by cgit v1.2.1 (git 2.21.0) at 2025-05-18 02:53:12 +0000