From 1b7462de5d95b8d195866c1bafb9fb8b6957334e Mon Sep 17 00:00:00 2001 From: "Chris St. Pierre" Date: Wed, 21 Mar 2012 16:40:52 -0400 Subject: fixed automatic handling of GPGKeys --- doc/server/plugins/generators/packages.txt | 8 ++-- src/lib/Server/Plugins/Packages/Yum.py | 64 +++++++++++++++++++----------- 2 files changed, 46 insertions(+), 26 deletions(-) diff --git a/doc/server/plugins/generators/packages.txt b/doc/server/plugins/generators/packages.txt index 93b5308be..276b73093 100644 --- a/doc/server/plugins/generators/packages.txt +++ b/doc/server/plugins/generators/packages.txt @@ -158,9 +158,11 @@ Handling GPG Keys .. versionadded:: 1.2.0 -Packages can automatically handle GPG signing keys for Yum and Pulp -repositories. Simply specify the URL to the GPG key(s) for a -repository in ``sources.xml``:: +If you have yum libraries installed, Packages can automatically handle +GPG signing keys for Yum and Pulp repositories. (You do not need to +use the native yum resolver; if yum libraries are available, GPG +signing keys can be handled automatically.) Simply specify the URL to +the GPG key(s) for a repository in ``sources.xml``:: diff --git a/src/lib/Server/Plugins/Packages/Yum.py b/src/lib/Server/Plugins/Packages/Yum.py index 1937dbf83..e13b28251 100644 --- a/src/lib/Server/Plugins/Packages/Yum.py +++ b/src/lib/Server/Plugins/Packages/Yum.py @@ -197,8 +197,21 @@ class YumCollection(Collection): needkeys.add(key) if len(needkeys): - keypkg = lxml.etree.Element('BoundPackage', name="gpg-pubkey", - type=self.ptype, origin='Packages') + if has_yum: + # this must be be has_yum, not use_yum, because + # regardless of whether the user wants to use the yum + # resolver we want to include gpg key data + keypkg = lxml.etree.Element('BoundPackage', name="gpg-pubkey", + type=self.ptype, origin='Packages') + else: + self.logger.warning("GPGKeys were specified for yum sources in " + "sources.xml, but no yum libraries were " + "found") + self.logger.warning("GPG key version/release data cannot be " + "determined automatically") + self.logger.warning("Install yum libraries, or manage GPG keys " + "manually") + keypkg = None for key in needkeys: # figure out the path of the key on the client @@ -219,7 +232,8 @@ class YumCollection(Collection): # hook to add version/release info if possible self._add_gpg_instances(keypkg, kdata, localkey, remotekey) independent.append(keypath) - independent.append(keypkg) + if keypkg is not None: + independent.append(keypkg) # see if there are any pulp sources to handle has_pulp_sources = False @@ -274,20 +288,25 @@ class YumCollection(Collection): def _add_gpg_instances(self, keyentry, keydata, localkey, remotekey): """ add gpg keys to the specification to ensure they get installed """ - if self.use_yum: - try: - kinfo = yum.misc.getgpgkeyinfo(keydata) - version = yum.misc.keyIdToRPMVer(kinfo['keyid']) - release = yum.misc.keyIdToRPMVer(kinfo['timestamp']) - - lxml.etree.SubElement(keyentry, 'Instance', - version=version, - release=release, - simplefile=remotekey) - except ValueError: - err = sys.exc_info()[1] - self.logger.error("Packages: Could not read GPG key %s: %s" % - (localkey, err)) + # this must be be has_yum, not use_yum, because regardless of + # whether the user wants to use the yum resolver we want to + # include gpg key data + if not has_yum: + return + + try: + kinfo = yum.misc.getgpgkeyinfo(keydata) + version = yum.misc.keyIdToRPMVer(kinfo['keyid']) + release = yum.misc.keyIdToRPMVer(kinfo['timestamp']) + + lxml.etree.SubElement(keyentry, 'Instance', + version=version, + release=release, + simplefile=remotekey) + except ValueError: + err = sys.exc_info()[1] + self.logger.error("Packages: Could not read GPG key %s: %s" % + (localkey, err)) def is_package(self, package): if not self.use_yum: @@ -436,19 +455,18 @@ class YumSource(Source): repoapi = RepositoryAPI() try: self.repo = repoapi.repository(self.pulp_id) - self.gpgkeys = ["%s/%s" % (PULPCONFIG.cds['keyurl'], key) + self.gpgkeys = [os.path.join(PULPCONFIG.cds['keyurl'], key) for key in repoapi.listkeys(self.pulp_id)] except server.ServerRequestError: err = sys.exc_info()[1] if err[0] == 401: msg = "Packages: Error authenticating to Pulp: %s" % err[1] elif err[0] == 404: - msg = "Packages: Pulp repo id %s not found: %s" % (self.pulp_id, - err[1]) + msg = "Packages: Pulp repo id %s not found: %s" % \ + (self.pulp_id, err[1]) else: - msg = "Packages: Error %d fetching pulp repo %s: %s" % (err[0], - self.pulp_id, - err[1]) + msg = "Packages: Error %d fetching pulp repo %s: %s" % \ + (err[0], self.pulp_id, err[1]) raise SourceInitError(msg) except socket.error: err = sys.exc_info()[1] -- cgit v1.2.3-1-g7c22