Commit d03bc987 authored by Simon McVittie's avatar Simon McVittie
Browse files

base: Try to use authenticated apt


Signed-off-by: Simon McVittie's avatarSimon McVittie <smcv@collabora.com>
parent cc01a8da
......@@ -5,7 +5,7 @@
{{- $foreignarchs := or .foreignarchs "" -}}
{{- $mirror := or .mirror "http://deb.debian.org/debian" -}}
{{- $mergedusr := or .mergedusr "false" }}
{{- $keyring := or .keyring "debian-archive-keyring.gpg" -}}
{{- $keyring := or .keyring "" -}}
{{- $keyringpackage := or .keyringpackage "" -}}
{{- $version := or .version "0" -}}
{{- $ospack := or .ospack (printf "base_%s_%s_%s.tar.gz" $suite $version $architecture) -}}
......@@ -28,9 +28,12 @@ actions:
components: {{ $components }}
{{ end }}
mirror: {{ $mirror }}
# TODO: See https://github.com/go-debos/debos/issues/21
# keyringpackage: {{ $keyringpackage }}
# keyring: {{ $keyring }}
{{ if $keyring }}
keyring-file: {{ $keyring }}
{{ end }}
{{ if $keyringpackage }}
keyring-package: {{ $keyringpackage }}
{{ end }}
{{ if eq $mergedusr "after_debootstrap" }}
merged-usr: false
{{ else }}
......
......@@ -392,23 +392,6 @@ class Builder:
logger.debug(
'Ignoring /usr/share/debootstrap/scripts/%s', script)
keyring = self.suite_details['sources'][0].get('keyring')
if keyring is not None:
if os.path.exists(os.path.join('suites', keyring)):
keyring = os.path.join('suites', keyring)
elif os.path.exists(keyring):
pass
else:
raise RuntimeError('Cannot open {}'.format(keyring))
dest = '{}/suites/{}/overlay/etc/apt/trusted.gpg.d/{}'.format(
self.worker.scratch,
apt_suite,
os.path.basename(keyring),
)
self.worker.install_file(os.path.abspath(keyring), dest)
self.configure_apt(
'{}/suites/{}/overlay'.format(self.worker.scratch, apt_suite))
......@@ -431,6 +414,33 @@ class Builder:
),
]
keyring = self.suite_details['sources'][0].get('keyring')
if keyring is not None:
if os.path.exists(os.path.join('suites', keyring)):
keyring = os.path.join('suites', keyring)
elif os.path.exists(keyring):
pass
else:
raise RuntimeError('Cannot open {}'.format(keyring))
dest = '{}/suites/{}/overlay/etc/apt/trusted.gpg.d/{}'.format(
self.worker.scratch,
apt_suite,
os.path.basename(keyring),
)
self.worker.install_file(os.path.abspath(keyring), dest)
argv.append('-t')
argv.append(
'keyring:suites/{}/overlay/etc/apt/trusted.gpg.d/{}'.format(
apt_suite,
os.path.basename(keyring),
)
)
else:
keyring = ''
components = self.suite_details.get('apt_components', ['main'])
if components:
......@@ -907,6 +917,11 @@ class Builder:
keyfile.save_to_file(metadata)
self.worker.check_call([
'install', '-d',
'{}/ostree/source/metadata'.format(overlay),
])
self.worker.install_file(
metadata,
'{}/ostree/source/metadata'.format(overlay),
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment