build: test signing on fedora 34 and 36

2026-06-19 08:05:04 +00:00 · 2023-06-24 16:17:52 +00:00
parent 7f1f65a942
commit 907d1d4e39
3 changed files with 46 additions and 2 deletions
@@ -0,0 +1,22 @@
+FROM fedora:34 AS test_base
+ARG package
+RUN echo "${package}"
+COPY ${package} /tmp/foo.rpm
+
+# ---- signed test ----
+FROM test_base AS signed
+COPY keys/pubkey.asc /tmp/pubkey.asc
+RUN rpm --import /tmp/pubkey.asc
+RUN rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n'
+RUN rpm -K /tmp/foo.rpm
+RUN rpm -K /tmp/foo.rpm | grep -E "(?:pgp|digests signatures) OK"
+RUN rpm -vK /tmp/foo.rpm
+RUN rpm -vK /tmp/foo.rpm | grep "RSA/SHA256 Signature, key ID 15bd80b3: OK"
+
+# Test with a repo
+RUN yum install -y createrepo yum-utils
+RUN rm -rf /etc/yum.repos.d/*.repo
+COPY keys/test.rpm.repo /etc/yum.repos.d/test.rpm.repo
+RUN createrepo /tmp
+RUN yum install -y foo
+
@@ -0,0 +1,22 @@
+FROM fedora:36 AS test_base
+ARG package
+RUN echo "${package}"
+COPY ${package} /tmp/foo.rpm
+
+# ---- signed test ----
+FROM test_base AS signed
+COPY keys/pubkey.asc /tmp/pubkey.asc
+RUN rpm --import /tmp/pubkey.asc
+RUN rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n'
+RUN rpm -K /tmp/foo.rpm
+RUN rpm -K /tmp/foo.rpm | grep -E "(?:pgp|digests signatures) OK"
+RUN rpm -vK /tmp/foo.rpm
+RUN rpm -vK /tmp/foo.rpm | grep "RSA/SHA256 Signature, key ID 15bd80b3: OK"
+
+# Test with a repo
+RUN yum install -y createrepo yum-utils
+RUN rm -rf /etc/yum.repos.d/*.repo
+COPY keys/test.rpm.repo /etc/yum.repos.d/test.rpm.repo
+RUN createrepo /tmp
+RUN yum install -y foo
+