blob: bc3329a404c501db53efe46145a0b5db01731a3b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
#!/usr/bin/env bash
declare -a REPOS
declare GPGID
REPOSDEF=( 'all' 'el' 'suse' )
function hayulp {
printf 'USAGE: %b -g GPG_ID [ -r REPO [ -r REPO ... ] ]\n' "$(basename "$0")"
printf '\n'
(
printf -- '-r,\n'
printf -- '--repos;Repo to be published.\n'
printf ';Specify multiple times for multiple repositores.\n'
printf ';Default: all, el, suse\n'
printf -- '-g,\n'
printf -- '--gpg-id;GPG key ID with which to sign the repository metadata file\n'
)|column -ts\;
}
while [[ $# -gt 0 ]]; do
case "$1" in
"-r"|"--repo")
REPOS+=( "$2" )
shift # past argument
shift # past value
;;
"-g"|"--gpg")
GPGID="$2"
shift
shift
;;
"-"*)
hayulp
printf '\nUnknown option: %b\n' "$1" >&2
exit 101
;;
*)
hayulp
printf '\nWrong syntax.\n' "$1" >&2
exit 101
;;
esac
done
if [ "${#REPOS[@]}" -lt 1 ]; then
REPOS=( "${REPOSDEF[@]}" )
# if we can't be sure that indexes are sequential ints:
# for idx in "${!REPOSDEF[@]}"; do REPOS["$idx"]="${REPOSDEF[$idx]}"; done
fi
if [ -z "$GPGID" ]; then
# We do not accept that, we mandate here that repositories have to be GPG signed.
# You actually can set up repositories without GPG signatures - we don't, it's
# insecure and bad practice.
hayulp
printf '\nNo GPG ID supplied, exiting.\n' >&2
exit 101
fi
# test signature creation
printf 'Testing GPG signing: '
MYTMP="$(mktemp -p /tmp createrepo-lirionde.XXXXXX)" || exit 110
gpg --local-user "$GPGID" --detach-sign --armour "$MYTMP" || exit 111
rm -f "$MYTMP" "${MYTMP}.asc" || exit 112
printf 'done.\n'
for repo in "${REPOS[@]}"; do
faketime "$(date -I) 13:37:08" createrepo_c --update "/var/cache/rpm/$repo" &&\
rm -vf "/var/cache/rpm/${repo}/repodata/repomd.xml.asc" &&\
faketime "$(date -I) 13:37:08" gpg --local-user 0x5421594BF1AB46F4 --detach-sign --armour "/var/cache/rpm/${repo}/repodata/repomd.xml"
done
|
