gen-yum: Check for unsigned RPMs

master
neingeist 9 years ago
parent 10034a2b34
commit ba44c53113

@ -11,12 +11,23 @@ for base_dir in $BASE_DIRS; do
if [ -d $YUM ]; then if [ -d $YUM ]; then
echo "== $YUM" echo "== $YUM"
cd $YUM cd $YUM
# Check for unsigned RPMs
unsigned=`rpm --checksig *.rpm | egrep -v ': .*pgp'` || true
if [ ${#unsigned} != 0 ]; then
echo "Unsigned packages:"
echo "$unsigned"
exit 1
fi
# Create and sign repodata
createrepo --update --checkts . createrepo --update --checkts .
if [ ! -e repodata/repomd.xml.asc \ if [ ! -e repodata/repomd.xml.asc \
-o repodata/repomd.xml.asc -ot repodata/repomd.xml ]; then -o repodata/repomd.xml.asc -ot repodata/repomd.xml ]; then
rm -f repodata/repomd.xml.asc rm -f repodata/repomd.xml.asc
gpg -u $GPG_KEY --detach-sign --armor repodata/repomd.xml gpg -u $GPG_KEY --detach-sign --armor repodata/repomd.xml
fi fi
fi fi
done done
done done

Loading…
Cancel
Save