From 9ddb8180a3ea1e6163040fc66921c307c06d1f8d Mon Sep 17 00:00:00 2001
From: David Runge <dvzrv@archlinux.org>
Date: Mon, 25 Mar 2024 19:40:33 +0100
Subject: [PATCH] feat(test): Use rsop instead of sq for OpenPGP operations

The Stateless OpenPGP (SOP) implementations provide an unchanging CLI,
which is preferable over sq as that breaks on every release.

Use the `.tsk` file ending to indicate that we are dealing with a
'Transferable Secret Key (TSK)' file.

Signed-off-by: David Runge <dvzrv@archlinux.org>
---
 test/Dockerfile      | 8 ++++----
 test/lib/common.bash | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/test/Dockerfile b/test/Dockerfile
index f113737..9201352 100644
--- a/test/Dockerfile
+++ b/test/Dockerfile
@@ -16,7 +16,7 @@ RUN pacman -Syu --noconfirm --needed \
 		git \
 		parallel \
 		coreutils \
-		sequoia-sq
+		rsop
 
 RUN pacman-key --init && \
 	echo '%wheel ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/wheel && \
@@ -58,10 +58,10 @@ RUN pacman-key --init && \
 
 USER tester
 
-RUN sq key generate --userid "Bob Tester <tester@localhost>" --output /build/private.key && \
-	sq cert export --keyring /build/private.key | sudo pacman-key -a - && \
+RUN rsop generate-key "Bob Tester <tester@localhost>" > /build/private.tsk && \
+	rsop extract-cert < /build/private.tsk | sudo pacman-key -a - && \
 	sudo pacman-key --lsign-key tester@localhost && \
-	gpg --import /build/private.key && \
+	gpg --import /build/private.tsk && \
 	gpgconf --kill gpg-agent && \
 	gpgconf --kill keyboxd && \
 	mkdir -p \
diff --git a/test/lib/common.bash b/test/lib/common.bash
index 8176eed..b739e8c 100644
--- a/test/lib/common.bash
+++ b/test/lib/common.bash
@@ -122,7 +122,7 @@ __buildPackage() {
 	done
 
 	for p in ${pkgfiles[@]}; do
-		sq sign --detached --binary --signer-file /build/private.key --output "${p}.sig" "${p}"
+		rsop sign --no-armor /build/private.tsk > "${p}.sig" < "${p}"
 
 		if [[ -n ${BUILDDIR} ]]; then
 			cp -Lv ${p}{,.sig} ${cache}/
-- 
GitLab