diff options
author | Galen Guyer <galen@galenguyer.com> | 2023-01-14 01:38:27 -0500 |
---|---|---|
committer | Galen Guyer <galen@galenguyer.com> | 2023-01-14 01:38:27 -0500 |
commit | f2522ad354792715d99b8345bbd84ec0d8266ecf (patch) | |
tree | 11c0b4e1a28661c4499f5a84aefcbfc557b7bbd0 | |
parent | a6d0a78b4adc3abec6e6c980ae027f4a749b85bb (diff) |
sign packages
-rw-r--r-- | pacman.conf | 2 | ||||
-rw-r--r-- | src/bin/build-pkg.rs | 43 |
2 files changed, 42 insertions, 3 deletions
diff --git a/pacman.conf b/pacman.conf index 85cf4a4..10af4be 100644 --- a/pacman.conf +++ b/pacman.conf @@ -92,5 +92,5 @@ Include = /etc/pacman.d/mirrorlist #Server = file:///home/custompkgs [pkgbuild] -SigLevel = Optional TrustAll +SigLevel = Never Server = file:///mnt/pkgbuild diff --git a/src/bin/build-pkg.rs b/src/bin/build-pkg.rs index 44d91c2..2f57777 100644 --- a/src/bin/build-pkg.rs +++ b/src/bin/build-pkg.rs @@ -75,6 +75,7 @@ fn build_pkg(package_name: &str, package_list: &[PackageMeta], handle: &Alpm) { .map(String::from) .collect::<Vec<String>>(); println!("{:?}", package_list); + if package_list .iter() .all(|p| dbg!(std::path::Path::new(dbg!(&p)).exists())) @@ -114,6 +115,27 @@ fn build_pkg(package_name: &str, package_list: &[PackageMeta], handle: &Alpm) { print_status(command.spawn()); } + if let Ok(gpg_sign) = std::env::var("PKGBUILD_GPG_SIGN") { + if gpg_sign == "true" || gpg_sign == "1" { + for package in &package_list { + let mut command = Command::new("gpg"); + if let Ok(gpg_key) = std::env::var("PKGBUILD_GPG_KEY") { + command.arg("--key").arg(gpg_key); + } + command + .arg("--detach-sign") + .arg("--use-agent") + .arg("--batch") + .arg("--yes") + .arg("--output") + .arg(format!("{}.sig", package)) + .arg(package); + dbg!(&command); + print_status(command.spawn()); + } + } + } + let mut command = Command::new("repo-add"); if let Ok(gpg_sign) = std::env::var("PKGBUILD_GPG_SIGN") { if gpg_sign == "true" || gpg_sign == "1" { @@ -144,11 +166,28 @@ fn build_pkg(package_name: &str, package_list: &[PackageMeta], handle: &Alpm) { std::env::var("PKGBUILD_REPO_ROOT") .expect("PKGBUILD_REPO_ROOT not set") .trim_end_matches('/'), - std::path::Path::new(&package).file_name().unwrap().to_string_lossy() + std::path::Path::new(&package) + .file_name() + .unwrap() + .to_string_lossy() ), ) .expect("Failed to copy package"); - // TODO: Don't forget to copy sigs! + let sig = format!("{}.sig", package); + std::fs::copy( + &sig, + format!( + "{}/{}", + std::env::var("PKGBUILD_REPO_ROOT") + .expect("PKGBUILD_REPO_ROOT not set") + .trim_end_matches('/'), + std::path::Path::new(&sig) + .file_name() + .unwrap() + .to_string_lossy() + ), + ) + .expect("Failed to copy signature"); } } |