ci/jenkins-utils
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update sign-pkg.py

Browse Source
This commit is contained in:
BigfootACA 2023-12-14 06:37:07 +00:00
parent 110e50bc37
commit 15db34e1dc
1 changed files with 34 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
sign-pkg.py
View File

@ -1,33 +1,61 @@
#!/usr/bin/python3 #!/usr/bin/python3
# -*- coding=utf-8 # -*- coding=utf-8
from sys import argv, exit from os import listdir, path
from sys import argv, exit, stdout
from pgpy import PGPKey from pgpy import PGPKey
from logging import info, basicConfig, INFO
from argparse import ArgumentParser from argparse import ArgumentParser
def SignPackage(key: str, pwd: str, file: str, sign: str = None): def LoadKey(key: str) -> PGPKey:
if sign is None:
sign = file + ".sig"
signer = PGPKey.from_file(key)[0] signer = PGPKey.from_file(key)[0]
if signer.is_public: if signer.is_public:
raise Exception("signer not a private key") raise Exception("signer not a private key")
if not signer.is_protected: if not signer.is_protected:
raise Exception("private key unprotected") raise Exception("private key unprotected")
info("loaded key %s" % key)
return signer
def SignPackage(signer: PGPKey, pwd: str, file: str, sign: str = None):
if sign is None:
sign = file + ".sig"
info("signing %s" % file)
with signer.unlock(pwd): with signer.unlock(pwd):
with open(file, "rb") as r: with open(file, "rb") as r:
msg = signer.sign(r.read()) msg = signer.sign(r.read())
with open(sign, "wb") as w: with open(sign, "wb") as w:
w.write(bytes(msg)) w.write(bytes(msg))
info("wrote signature %s" % sign)
def SignOnePackage(key: str, pwd: str, file: str, sign: str = None):
SignPackage(LoadKey(key), pwd, file, sign)
def main(args: list) -> int: def main(args: list) -> int:
prs = ArgumentParser("Renegade Project Arch Linux Repo Uploader") prs = ArgumentParser("Renegade Project Arch Linux Repo Uploader")
prs.add_argument("-f", "--file", help="Package file", required=True) prs.add_argument("-d", "--dir", help="Package folder", required=False)
prs.add_argument("-f", "--file", help="Package file", required=False)
prs.add_argument("-s", "--sign", help="Signature file", required=False) prs.add_argument("-s", "--sign", help="Signature file", required=False)
prs.add_argument("-k", "--key", help="Private key", required=True) prs.add_argument("-k", "--key", help="Private key", required=True)
prs.add_argument("-p", "--pwd", help="Key passphrase", required=True) prs.add_argument("-p", "--pwd", help="Key passphrase", required=True)
ps = prs.parse_args(args[1:]) ps = prs.parse_args(args[1:])
SignPackage(ps.key, ps.pwd, ps.file, ps.sign) basicConfig(level=INFO, stream=stdout)
key = LoadKey(ps.key)
cnt = 0
if ps.file:
SignPackage(key, ps.pwd, ps.file, ps.sign)
cnt += 1
elif ps.dir:
exts = [".pkg.tar.gz", ".pkg.tar.xz", ".pkg.tar.zst"]
for f in listdir(ps.dir):
full = path.join(ps.dir, f)
if any(f.endswith(ext) for ext in exts):
SignPackage(key, ps.pwd, full)
cnt += 1
if cnt <= 0:
raise Exception("no any package found")
return 0 return 0