From c7021a2f40bf5d42d8070d50e27037a343720156 Mon Sep 17 00:00:00 2001
From: anonymix007 <48598263+anonymix007@users.noreply.github.com>
Date: Wed, 21 Aug 2024 17:06:38 +0300
Subject: [PATCH] builder: component: pacman.py: Add publickey and keyid repo
 properties

---
 builder/component/pacman.py | 31 ++++++++++++++++++++++++++++++-
 1 file changed, 30 insertions(+), 1 deletion(-)

diff --git a/builder/component/pacman.py b/builder/component/pacman.py
index 5108277..c4d0120 100644
--- a/builder/component/pacman.py
+++ b/builder/component/pacman.py
@@ -52,17 +52,23 @@ class PacmanRepo(SerializableDict):
 	name: str = None
 	priority: int = 10000
 	servers: list[PacmanRepoServer] = None
+	publickey: str = None
+	keyid: str = None
 
 	def __init__(
 		self,
 		name: str = None,
 		priority: int = None,
-		servers: list[PacmanRepoServer] = None
+		servers: list[PacmanRepoServer] = None,
+		publickey: str = None,
+		keyid: str = None
 	):
 		if name is not None: self.name = name
 		if priority is not None: self.priority = priority
 		if servers is not None: self.servers = servers
 		else: self.servers = []
+		if publickey is not None: self.publickey = publickey
+		if keyid is not None: self.keyid = keyid
 
 	def add_server(
 		self,
@@ -136,6 +142,19 @@ class Pacman:
 		log.info("initializing pacman keyring")
 		self.pacman_key(["--init"])
 
+		# Download and add public keys
+		for repo in self.repos:
+			if repo.publickey is not None:
+				keypath = os.path.join(self.ctx.work, f"{repo.name}.pub")
+				cmds = ["wget", repo.publickey, "-O", keypath]
+				ret = self.ctx.run_external(cmds)
+				if ret != 0: raise OSError(f"wget failed with {ret}")
+				self.pacman_key(["--add", keypath])
+				self.lsign_key(repo.keyid)
+			elif repo.keyid is not None:
+				self.recv_keys(repo.keyid)
+				self.lsign_key(repo.keyid)
+
 	def init_config(self):
 		"""
 		Create host pacman.conf
@@ -282,6 +301,16 @@ class Pacman:
 			if "priority" in repo:
 				pacman_repo.priority = repo["priority"]
 
+			# add public key url and id
+			if "publickey" in repo and "keyid" not in repo:
+				raise ArchBuilderConfigError("publickey is provided without keyid")
+
+			if "publickey" in repo:
+				pacman_repo.publickey = repo["publickey"]
+
+			if "keyid" in repo:
+				pacman_repo.keyid = repo["keyid"]
+
 			originals: list[str] = []
 			servers: list[str] = []