commit 04c369b5e829d4007929f00febc44fd433c18601 Author: Julien 'Lta' BALLET Date: Wed Jan 21 18:16:36 2015 -0800 yummy:patch0:sign-plugin.patch diff --git a/Makefile.am b/Makefile.am index 597906d..84ca35e 100644 --- a/Makefile.am +++ b/Makefile.am @@ -57,7 +57,8 @@ plugins_PYTHON = \ py/mockbuild/plugins/yum_cache.py \ py/mockbuild/plugins/selinux.py \ py/mockbuild/plugins/mount.py \ - py/mockbuild/plugins/lvm_root.py + py/mockbuild/plugins/lvm_root.py \ + py/mockbuild/plugins/sign.py mockbuilddir = $(pythondir)/mockbuild mockbuild_PYTHON = \ diff --git a/py/mockbuild/backend.py b/py/mockbuild/backend.py index 1fbc228..d1ddede 100644 --- a/py/mockbuild/backend.py +++ b/py/mockbuild/backend.py @@ -188,6 +188,7 @@ class Commands(object): @traceLog() def build(self, srpm, timeout, check=True): """build an srpm into binary rpms, capture log""" + results = None # tell caching we are building self.plugins.call_hooks('earlyprebuild') @@ -226,7 +227,7 @@ class Commands(object): results = self.rebuild_package(spec_path, timeout, check) if results: - self.copy_build_results(results) + results = self.copy_build_results(results) elif self.config.get('short_circuit'): self.buildroot.root_log.info("Short circuit builds don't produce RPMs") else: @@ -238,7 +239,7 @@ class Commands(object): if not util.USE_NSPAWN: self.uid_manager.restorePrivs() # tell caching we are done building - self.plugins.call_hooks('postbuild') + self.plugins.call_hooks('postbuild', results) self.state.finish(buildstate) @@ -299,6 +300,7 @@ class Commands(object): @traceLog() def buildsrpm(self, spec, sources, timeout, follow_links): """build an srpm, capture log""" + result = None # tell caching we are building self.plugins.call_hooks('earlyprebuild') @@ -336,13 +338,14 @@ class Commands(object): self.buildroot.root_log.debug("Copying package to result dir") shutil.copy2(rebuilt_srpm, self.buildroot.resultdir) - return os.path.join(self.buildroot.resultdir, srpm_basename) + result = os.path.join(self.buildroot.resultdir, srpm_basename) + return result finally: self.uid_manager.restorePrivs() # tell caching we are done building - self.plugins.call_hooks('postbuild') + self.plugins.call_hooks('postbuild', [result]) self.state.finish("buildsrpm") @@ -440,5 +443,10 @@ class Commands(object): @traceLog() def copy_build_results(self, results): self.buildroot.root_log.debug("Copying packages to result dir") + + copied_results = [] for item in results: shutil.copy2(item, self.buildroot.resultdir) + copied_results.append(os.path.join(self.buildroot.resultdir, + os.path.basename(item))) + return copied_results diff --git a/py/mockbuild/plugin.py b/py/mockbuild/plugin.py index 435e0f5..be74a87 100644 --- a/py/mockbuild/plugin.py +++ b/py/mockbuild/plugin.py @@ -24,6 +24,7 @@ class Plugins(object): self.plugin_conf[key]['cache_topdir'] = buildroot.cache_topdir self.plugin_conf[key]['cachedir'] = buildroot.cachedir self.plugin_conf[key]['root'] = buildroot.shared_root_name + self.plugin_conf[key]['resultdir'] = buildroot.resultdir self.state.start("init plugins") # Import plugins (simplified copy of what yum does). Can add yum diff --git a/py/mockbuild/plugins/sign.py b/py/mockbuild/plugins/sign.py new file mode 100644 index 0000000..9825c85 --- /dev/null +++ b/py/mockbuild/plugins/sign.py @@ -0,0 +1,44 @@ +# vim:expandtab:autoindent:tabstop=4:shiftwidth=4:filetype=python:textwidth=0: +# License: GPL2 or later see COPYING +# Written by Julien BALLET +# Copyright (C) 2014 Facebook + +# python library imports +from mockbuild.trace_decorator import traceLog, getLog +from mockbuild.util import do +import re + +requires_api_version = "1.1" + +# plugin entry point +@traceLog() +def init(plugins, conf, buildroot): + Sign(plugins, conf, buildroot) + + +class Sign(object): + """Automatically sign package after build""" + + @traceLog() + def __init__(self, plugins, conf, buildroot): + self.plugins = plugins + self.conf = conf + self.buildroot = buildroot + self.plugins.add_hook('postbuild', self.sign_results) + + getLog().info(conf) + getLog().info("enabled package signing") + + def sign_rpm(self, rpm): + getLog().info("Signing %s", rpm) + + opts = self.conf['opts'] % {'rpm': rpm} + cmd = "{0} {1}".format(self.conf['cmd'], opts) + do(cmd, pty=True, printOutput=True, shell=True) + + def sign_results(self, results, *args, **kwargs): + if results is None: + return + for item in results: + if re.search(r'\.rpm$', item): + self.sign_rpm(item) diff --git a/py/mockbuild/util.py b/py/mockbuild/util.py index 33bc617..2fc237c 100644 --- a/py/mockbuild/util.py +++ b/py/mockbuild/util.py @@ -72,7 +72,7 @@ personality_defs = { PLUGIN_LIST = ['tmpfs', 'root_cache', 'yum_cache', 'bind_mount', 'ccache', 'selinux', 'package_state', 'chroot_scan', - 'lvm_root', 'compress_logs'] + 'lvm_root', 'compress_logs', 'sign'] # This is set to False on EL6 in build time USE_NSPAWN = False @@ -685,6 +685,11 @@ def setup_default_config_opts(unprivUid, version, pkgpythondir): "\\bcore(\\.\\d+)?$", "\\.log$", ]}, + 'sign_enable': False, + 'sign_opts': { + 'cmd' : 'rpmsign', + 'opts' : '--addsign %(rpm)s', + }, } config_opts['environment'] = {