automatic import of copr-backend

author: CoprDistGit <infra@openeuler.org> 2025-03-21 17:37:41 +0000
committer: CoprDistGit <infra@openeuler.org> 2025-03-21 17:37:41 +0000
commit: bed3ab1ed2c9a92b20bae1d0f11f17d9051bfff9 (patch)
tree: 76779ef5ca00cab259eb516c4c44eef0b3048cc9 /signatrust_bin.patch
parent: 2132b310609fdedcd5427676a98f1174869b3a82 (diff)
1 files changed, 105 insertions, 0 deletions
diff --git a/signatrust_bin.patch b/signatrust_bin.patch
new file mode 100644
index 0000000..fcba220
--- /dev/null
+++ b/signatrust_bin.patch
@@ -0,0 +1,105 @@
+diff --git a/run/copr_fix_gpg.py b/run/copr_fix_gpg.py
+index 24edf74e..bfa70c05 100755
+--- a/run/copr_fix_gpg.py
++++ b/run/copr_fix_gpg.py
+@@ -9,7 +9,7 @@ from urllib.parse import urlparse
+ import pwd
+ 
+ from copr_backend.helpers import BackendConfigReader, call_copr_repo, run_cmd
+-from copr_backend.sign import get_pubkey, unsign_rpms_in_dir, sign_rpms_in_dir, create_user_keys, create_gpg_email
++from copr_backend.sign import new_signer, create_gpg_email
+ 
+ logging.basicConfig(
+     filename="/var/log/copr-backend/fix_gpg.log",
+@@ -69,12 +69,14 @@ def fix_copr(args, opts, copr_full_name):
+         log.info('Ignoring %s. Directory does not exist.', copr_path)
+         return
+ 
++    signer = new_signer(opts)
++
+     log.info("Generate key-pair on copr-keygen (if not generated) for email %s",
+              create_gpg_email(owner, coprname, opts.sign_domain))
+-    create_user_keys(owner, coprname, opts)
++    signer.create_user_keys(owner, coprname, opts)
+ 
+     log.info("Regenerate pubkey.gpg in copr %s", copr_path)
+-    get_pubkey(owner, coprname, log, opts.sign_domain, os.path.join(copr_path, 'pubkey.gpg'))
++    signer.get_pubkey(owner, coprname, log, opts.sign_domain, os.path.join(copr_path, 'pubkey.gpg'))
+ 
+     # Match the "00001231-anycharacer" directory names.  Compile once, use many.
+     builddir_matcher = re.compile(r"\d{8,}-")
+@@ -111,8 +113,8 @@ def fix_copr(args, opts, copr_full_name):
+ 
+             log.info("Processing rpms in builddir %s", builddir_path)
+             try:
+-                unsign_rpms_in_dir(builddir_path, opts, log) # first we need to unsign by using rpm-sign before we sign with obs-sign
+-                sign_rpms_in_dir(owner, coprname, builddir_path, chroot, opts, log)
++                signer.unsign_rpms_in_dir(builddir_path, opts, log) # first we need to unsign by using rpm-sign before we sign with obs-sign
++                signer.sign_rpms_in_dir(owner, coprname, builddir_path, chroot, opts, log)
+             except Exception as e:
+                 log.exception(str(e))
+                 continue
+diff --git a/run/copr_sign_unsigned.py b/run/copr_sign_unsigned.py
+index 33eaeae3..e17e65bb 100755
+--- a/run/copr_sign_unsigned.py
++++ b/run/copr_sign_unsigned.py
+@@ -12,7 +12,7 @@ import pwd
+ 
+ from copr_backend.helpers import (BackendConfigReader, create_file_logger,
+                              uses_devel_repo, call_copr_repo)
+-from copr_backend.sign import get_pubkey, sign_rpms_in_dir, create_user_keys
++from copr_backend.sign import new_signer
+ from copr_backend.exceptions import CoprSignNoKeyError
+ 
+ 
+@@ -26,10 +26,11 @@ log = logging.getLogger(__name__)
+ def check_signed_rpms_in_pkg_dir(pkg_dir, user, project, opts, chroot_dir, devel):
+     success = True
+ 
++    signer = new_signer(opts)
+     logger = create_file_logger("run.check_signed_rpms_in_pkg_dir",
+                                 "/tmp/copr_check_signed_rpms.log")
+     try:
+-        sign_rpms_in_dir(user, project, pkg_dir, chroot_dir, opts, log=logger)
++        signer.sign_rpms_in_dir(user, project, pkg_dir, chroot_dir, opts, log=logger)
+         log.info("running createrepo for %s", pkg_dir)
+         call_copr_repo(directory=chroot_dir, devel=devel, logger=log)
+     except Exception as err:
+@@ -80,9 +81,10 @@ def check_pubkey(pubkey_path, user, project, opts):
+         log.info("Pubkey for %s/%s exists: %s", user, project, pubkey_path)
+         return True
+     else:
++        signer = new_signer(opts)
+         log.info("Missing pubkey for %s/%s", user, project)
+         try:
+-            get_pubkey(user, project, log, opts.sign_domain, pubkey_path)
++            signer.get_pubkey(user, project, log, opts.sign_domain, pubkey_path)
+             return True
+         except Exception as err:
+             log.exception(err)
+@@ -102,6 +104,8 @@ def main():
+     opts = BackendConfigReader().read()
+     log.info("Starting pubkey fill, destdir: %s", opts.destdir)
+ 
++    signer = new_signer(opts)
++
+     log.debug("list dir: %s", os.listdir(opts.destdir))
+     for user_name in os.listdir(opts.destdir):
+         if user_name in users_done_old:
+@@ -116,13 +120,13 @@ def main():
+             log.info("Checking project dir: %s", project_name)
+ 
+             try:
+-                get_pubkey(user_name, project_name, log, opts.sign_domain)
++                signer.get_pubkey(user_name, project_name, log, opts.sign_domain)
+                 log.info("Key-pair exists for %s/%s", user_name, project_name)
+             except CoprSignNoKeyError:
+-                create_user_keys(user_name, project_name, opts)
++                signer.create_user_keys(user_name, project_name, opts)
+                 log.info("Created new key-pair for %s/%s", user_name, project_name)
+             except Exception as err:
+-                log.error("Failed to get pubkey for {}/{}, mark as failed, skipping")
++                log.error("Failed to get pubkey for {}/{}, mark as failed, skipping".format(user_name, project_name))
+                 log.exception(err)
+                 failed = True
+                 continue
author	CoprDistGit <infra@openeuler.org>	2025-03-21 17:37:41 +0000
committer	CoprDistGit <infra@openeuler.org>	2025-03-21 17:37:41 +0000
commit	bed3ab1ed2c9a92b20bae1d0f11f17d9051bfff9 (patch)
tree	76779ef5ca00cab259eb516c4c44eef0b3048cc9 /signatrust_bin.patch
parent	2132b310609fdedcd5427676a98f1174869b3a82 (diff)