[tor-commits] [builders/rbm] 04/06: Bug 40028: Add support for keyring directories in modules
gitolite role
git at cupani.torproject.org
Fri Jul 1 09:33:02 UTC 2022
This is an automated email from the git hooks/post-receive script.
gk pushed a commit to branch master
in repository builders/rbm.
commit 03ab77d9190a1c700ca442160cae0e4d7b732858
Author: Nicolas Vigier <boklm at torproject.org>
AuthorDate: Tue Jun 28 14:10:59 2022 +0200
Bug 40028: Add support for keyring directories in modules
We also remove the `gpg_keyring_dir` option since this would make things
more complex, and changing the `keyring` directory name is not very
useful.
---
doc/options_tar.asc | 7 +------
doc/rbm_input_files.asc | 6 +++---
doc/rbm_layout.asc | 3 +--
lib/RBM/DefaultConfig.pm | 18 +++++++++++++++---
4 files changed, 20 insertions(+), 14 deletions(-)
diff --git a/doc/options_tar.asc b/doc/options_tar.asc
index e617c0b..b615dec 100644
--- a/doc/options_tar.asc
+++ b/doc/options_tar.asc
@@ -57,12 +57,7 @@ gpg_wrapper::
gpg_keyring::
The filename of the gpg keyring to use. Path is relative to the
- +gpg_keyring_dir+ directory. This can also be an absolute path.
-
-gpg_keyring_dir::
- The directory containing gpg keyring files. The default is
- +$basedir/keyring+ (with $basedir the directory where the main
- config file is located).
+ keyring directory. This can also be an absolute path.
gpg_bin::
The gpg command to be used. The default is +gpg+.
diff --git a/doc/rbm_input_files.asc b/doc/rbm_input_files.asc
index abe366b..0c450eb 100644
--- a/doc/rbm_input_files.asc
+++ b/doc/rbm_input_files.asc
@@ -112,9 +112,9 @@ file_gpg_id::
If this option is set to 1, the file is checked for a gpg
signature. If it is set to an other non zero value, or an array
of non zero values, those are expected to be the valid gpg key
- IDs. The +gpg_wrapper+, +gpg_keyring+, +gpg_keyring_dir+,
- +gpg_bin+, +gpg_args+ options can be used to configure the gpg
- check. Those options can be overriden in the file descriptor.
+ IDs. The +gpg_wrapper+, +gpg_keyring+, +gpg_bin+, +gpg_args+
+ options can be used to configure the gpg check. Those options
+ can be overriden in the file descriptor.
sig_ext::
An array of file extensions for the gpg signature file. Those
diff --git a/doc/rbm_layout.asc b/doc/rbm_layout.asc
index ef700cb..c85658d 100644
--- a/doc/rbm_layout.asc
+++ b/doc/rbm_layout.asc
@@ -96,8 +96,7 @@ hg_clones::
keyring::
This is the directory where you can store gpg keyring files.
Those keyrings contains the keys that are used to check signed
- commits and tags. The path of this directory can be changed with
- the 'gpg_keyring_dir' option.
+ commits and tags.
projects::
This is the directory containing projects definitions. The path
diff --git a/lib/RBM/DefaultConfig.pm b/lib/RBM/DefaultConfig.pm
index 4fbe079..109ca8d 100644
--- a/lib/RBM/DefaultConfig.pm
+++ b/lib/RBM/DefaultConfig.pm
@@ -146,13 +146,25 @@ our %default_config = (
####
gpg_bin => 'gpg',
gpg_args => '',
- gpg_keyring_dir => '[% config.basedir %]/keyring',
+ gpg_keyring_path => sub {
+ my ($project, $options) = @_;
+ my $gpg_keyring = RBM::project_config($project, 'gpg_keyring', $options);
+ return undef unless $gpg_keyring;
+ return $gpg_keyring if $gpg_keyring =~ m|^/|;
+ my $rootpath = RBM::rbm_path("keyring/$gpg_keyring");
+ return $rootpath if -f $rootpath;
+ for my $module (sort keys %{$RBM::config->{modules}}) {
+ my $modulepath = RBM::rbm_path("modules/$module/keyring/$gpg_keyring");
+ return $modulepath if -f $modulepath;
+ }
+ RBM::exit_error("keyring file $gpg_keyring is missing")
+ },
gpg_wrapper => <<GPGEND,
#!/bin/sh
export LC_ALL=C
[%
- IF c('gpg_keyring');
- SET gpg_kr = '--keyring ' _ path(c('gpg_keyring'), path(c('gpg_keyring_dir')))
+ IF c('gpg_keyring_path');
+ SET gpg_kr = '--keyring ' _ c('gpg_keyring_path')
_ ' --no-default-keyring --no-auto-check-trustdb --trust-model always';
END;
-%]
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the tor-commits
mailing list