feat(test): Use rsop instead of sq for OpenPGP operations

The Stateless OpenPGP (SOP) implementations provide an unchanging CLI, which is preferable over sq as that breaks on every release. Use the `.tsk` file ending to indicate that we are dealing with a 'Transferable Secret Key (TSK)' file. Signed-off-by: David Runge <dvzrv@archlinux.org>

feat(test): Use rsop instead of sq for OpenPGP operations
9ddb8180 · David Runge · a86710e5 · 9ddb8180 · 9ddb8180
Verified Commit 9ddb8180 authored 11 months ago by David Runge
--- a/test/Dockerfile
+++ b/test/Dockerfile
@@ -16,7 +16,7 @@ RUN pacman -Syu --noconfirm --needed \
 		git \
 		parallel \
 		coreutils \
-		sequoia-sq
+		rsop

 RUN pacman-key --init && \
 	echo '%wheel ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/wheel && \
@@ -58,10 +58,10 @@ RUN pacman-key --init && \

 USER tester

-RUN sq key generate --userid "Bob Tester <tester@localhost>" --output /build/private.key && \
-	sq cert export --keyring /build/private.key | sudo pacman-key -a - && \
+RUN rsop generate-key "Bob Tester <tester@localhost>" > /build/private.tsk && \
+	rsop extract-cert < /build/private.tsk | sudo pacman-key -a - && \
 	sudo pacman-key --lsign-key tester@localhost && \
-	gpg --import /build/private.key && \
+	gpg --import /build/private.tsk && \
 	gpgconf --kill gpg-agent && \
 	gpgconf --kill keyboxd && \
 	mkdir -p \

--- a/test/lib/common.bash
+++ b/test/lib/common.bash
@@ -122,7 +122,7 @@ __buildPackage() {
 	done

 	for p in ${pkgfiles[@]}; do
-		sq sign --detached --binary --signer-file /build/private.key --output "${p}.sig" "${p}"
+		rsop sign --no-armor /build/private.tsk > "${p}.sig" < "${p}"

 		if [[ -n ${BUILDDIR} ]]; then
 			cp -Lv ${p}{,.sig} ${cache}/