extras-buildsys/utils/pushscript Utils.py, 1.28, 1.29 Push.py, 1.60, 1.61 PushPackage.py, 1.4, 1.5

Michael Schwendt mschwendt at fedoraproject.org
Sun Mar 22 10:01:18 UTC 2009 

Author: mschwendt

Update of /cvs/fedora/extras-buildsys/utils/pushscript
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv1299

Modified Files:
	Utils.py Push.py PushPackage.py 
Log Message:
Evaluate GPG --homedir arg in rpmsigncmds definitions when checking keys.



Index: Utils.py
===================================================================
RCS file: /cvs/fedora/extras-buildsys/utils/pushscript/Utils.py,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- Utils.py	8 Feb 2009 16:20:11 -0000	1.28
+++ Utils.py	22 Mar 2009 10:01:17 -0000	1.29
@@ -66,14 +66,13 @@
         sys.exit(errno.EPERM)
 
 
-def sign_key_check(keyname):
-    gpgpath = os.popen('rpm --eval %_gpg_path','r').read().rstrip()
-    if (gpgpath != '%_gpg_path'):
-        gpgpath = '--homedir %s'%gpgpath
+def sign_key_check(keyname,gpgpath=None):
+    if gpgpath:
+        homearg = '--homedir %s' % gpgpath
     else:
-        gpgpath = ''
+        homearg = ''
 
-    gpg = os.popen("gpg %s --list-secret-keys --with-colons '%s'" % (gpgpath,keyname))
+    gpg = os.popen("gpg %s --list-secret-keys --with-colons '%s'" % (homearg,keyname))
     gpgout = gpg.readlines()
     seckeys = 0
     for l in gpgout:
@@ -85,6 +84,33 @@
         sys.exit(errno.EPERM)
 
 
+def sign_key_check_all(cfg):
+    # Check old single sign-key, if defined.
+    if hasattr(cfg,'signkeyname'):
+        gpgpath = os.popen('rpm --eval %_gpg_path','r').read().rstrip()
+        if (gpgpath == '%_gpg_path'):
+            gpgpath = None
+        sign_key_check(cfg.signkeyname,gpgpath)
+
+    # Check any sign-keys defined in new config dict.
+    if not hasattr(cfg,'rpmsigncmds'):
+        return
+    for d in cfg.alldists+['DEFAULT']:
+        if d not in cfg.rpmsigncmds.keys():
+            continue
+        _cmdargs = cfg.rpmsigncmds[d].split()
+        gpgpath = None
+        keyname = None
+        for i in range( len(_cmdargs) ):
+            _arg = _cmdargs[i]
+            if (_arg=='--homedir' and (i+1)<len(_cmdargs)):
+                gpgpath = _cmdargs[i+1]
+            if (_arg=='-u' or _arg=='--local-user') and ((i+1)<len(_cmdargs)):
+                keyname = _cmdargs[i+1]
+        if keyname:
+            sign_key_check(keyname,gpgpath)
+
+
 def install_copy(src,dest,overwrite=False):
     """shutil.copy2 a file, but by default don't overwrite destination"""
     if not overwrite and os.path.exists(dest):


Index: Push.py
===================================================================
RCS file: /cvs/fedora/extras-buildsys/utils/pushscript/Push.py,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61
--- Push.py	22 Mar 2009 08:17:20 -0000	1.60
+++ Push.py	22 Mar 2009 10:01:17 -0000	1.61
@@ -416,6 +416,8 @@
 
     os.umask(cfg.signersumask)
     Utils.signer_gid_check(cfg.signersgid)
+    if cfg.opts.signkeycheck:
+        Utils.sign_key_check_all(cfg)
 
     if '-c' in sys.argv[2:]:
         sys.argv.remove('-c')
@@ -442,20 +444,6 @@
     if not len(diststopush):
         usage()
 
-    if cfg.opts.signkeycheck:
-        # Check old single sign-key, if defined.
-        if hasattr(cfg,'signkeyname'):
-            Utils.sign_key_check(cfg.signkeyname)
-        # Check any sign-keys defined in new config dict.
-        if hasattr(cfg,'rpmsigncmds'):
-            for d in diststopush+['DEFAULT']:
-                if d in cfg.rpmsigncmds.keys():
-                    _cmdargs = cfg.rpmsigncmds[d].split()
-                    for i in range( len(_cmdargs) ):
-                        _arg = _cmdargs[i]
-                        if (_arg=='-u' or _arg=='--local-user') and ((i+1)<len(_cmdargs)):
-                            Utils.sign_key_check(_cmdargs[i+1])
-
     if not os.path.exists(cfg.rundir):
         os.makedirs(cfg.rundir)
     lockfile = os.path.join(cfg.rundir,'pushscript.lock')


Index: PushPackage.py
===================================================================
RCS file: /cvs/fedora/extras-buildsys/utils/pushscript/PushPackage.py,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- PushPackage.py	29 Sep 2008 15:54:07 -0000	1.4
+++ PushPackage.py	22 Mar 2009 10:01:18 -0000	1.5
@@ -49,10 +49,10 @@
     if hasattr(cfg.opts,'pushtotesting') and cfg.opts.pushtotesting and argstable:
         del cfg.opts.pushtotesting
 
+    os.umask(cfg.signersumask)
     Utils.signer_gid_check(cfg.signersgid)
     if cfg.opts.signkeycheck:
-        Utils.sign_key_check(cfg.signkeyname)
-    os.umask(cfg.signersumask)
+        Utils.sign_key_check_all(cfg)
 
     if not os.path.exists(cfg.rundir):
         os.makedirs(cfg.rundir)

More information about the fedora-extras-commits mailing list