Merge remote-tracking branch 'upstream/merge-requests/52'

* upstream/merge-requests/52: fix(test): Prevent pacman 6.1 regression with gpg.conf option fix(test): Do not use keyboxd as it prevents the use of pacman-key fix(db-functions): Add package signatures back to repo desc files feat(test): Use rsop instead of sq for OpenPGP operations fix(test/Dockerfile): Add debugedit for the test setup

Merge remote-tracking branch 'upstream/merge-requests/52'
cde46716 · Morten Linderud · 5566a1e7 · f1318037 · cde46716 · cde46716
Verified Commit cde46716 authored 11 months ago by Morten Linderud
--- a/db-functions
+++ b/db-functions
@@ -734,7 +734,7 @@ arch_repo_modify() {
 	local arch=$3
 	local pkgs=("${@:4}")
 	local dbfile="${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT}"
-	local repo_action_opts=(--quiet)
+	local repo_action_opts=(--quiet --include-sigs)

 	if [[ ${action} = remove && ! -f ${dbfile} ]]; then
 		error "No database found at '%s'" "$dbfile"

--- a/test/Dockerfile
+++ b/test/Dockerfile
 FROM docker.io/archlinux/archlinux

 RUN pacman -Syu --noconfirm --needed \
+		debugedit \
 		sudo \
 		fakeroot \
 		awk \
@@ -15,7 +16,7 @@ RUN pacman -Syu --noconfirm --needed \
 		git \
 		parallel \
 		coreutils \
-		sequoia-sq
+		rsop

 RUN pacman-key --init && \
 	echo '%wheel ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/wheel && \
@@ -57,10 +58,13 @@ RUN pacman-key --init && \

 USER tester

-RUN sq key generate --userid "Bob Tester <tester@localhost>" --output /build/private.key && \
-	sq cert export --keyring /build/private.key | sudo pacman-key -a - && \
+RUN rsop generate-key "Bob Tester <tester@localhost>" > /build/private.tsk && \
+	rsop extract-cert < /build/private.tsk | sudo pacman-key -a - && \
 	sudo pacman-key --lsign-key tester@localhost && \
-	gpg --import /build/private.key && \
+	printf "create ~/.gnupg dir for tester user as otherwise keyboxd is used (which breaks using pacman-key)\n" && \
+	mkdir -vp /build/.gnupg && \
+	sudo sh -c 'printf "# this option is only needed due to a regression in pacman 6.1\nlock-never\n" >> /etc/pacman.d/gnupg/gpg.conf' && \
+	gpg --import /build/private.tsk && \
 	gpgconf --kill gpg-agent && \
 	gpgconf --kill keyboxd && \
 	mkdir -p \

--- a/test/lib/common.bash
+++ b/test/lib/common.bash
@@ -122,7 +122,7 @@ __buildPackage() {
 	done

 	for p in ${pkgfiles[@]}; do
-		sq sign --detached --binary --signer-file /build/private.key --output "${p}.sig" "${p}"
+		rsop sign --no-armor /build/private.tsk > "${p}.sig" < "${p}"

 		if [[ -n ${BUILDDIR} ]]; then
 			cp -Lv ${p}{,.sig} ${cache}/