parent
59d6cfd097
commit
325a684f02
@ -0,0 +1,17 @@
|
||||
# msvsphere.ci.pgp_test_key
|
||||
|
||||
An Ansible role that generates a PGP key for testing purposes.
|
||||
|
||||
## Variables
|
||||
|
||||
| Variable | Default value | Type | Description | Required |
|
||||
| -------- | ------------- | ---- | ----------- | -------- |
|
||||
| msvsphere_major_ver | "9" | str | MSVSphere OS major version. | no |
|
||||
|
||||
## License
|
||||
|
||||
MIT.
|
||||
|
||||
## Authors
|
||||
|
||||
* [Eugene Zamriy](mailto:ezamriy@msvsphere-os.ru)
|
@ -0,0 +1,2 @@
|
||||
---
|
||||
msvsphere_major_ver: '9'
|
@ -0,0 +1,12 @@
|
||||
---
|
||||
argument_specs:
|
||||
main:
|
||||
short_description: A role that generates a PGP key for testing purposes.
|
||||
author: Eugene Zamriy
|
||||
version_added: '0.1.9'
|
||||
options:
|
||||
msvsphere_major_ver:
|
||||
description: MSVSphere OS major version.
|
||||
default: '9'
|
||||
type: 'str'
|
||||
required: false
|
@ -0,0 +1,15 @@
|
||||
---
|
||||
galaxy_info:
|
||||
author: Eugene Zamriy
|
||||
description: A role that generates a PGP key for testing purposes.
|
||||
company: Softline PJSC
|
||||
license: MIT
|
||||
min_ansible_version: 2.13
|
||||
platforms:
|
||||
- name: EL
|
||||
versions:
|
||||
- "9"
|
||||
galaxy_tags:
|
||||
- koji
|
||||
|
||||
dependencies: []
|
@ -0,0 +1,64 @@
|
||||
---
|
||||
- name: Check if MSVSphere test PGP key exists
|
||||
ansible.builtin.shell:
|
||||
cmd: "gpg --list-secret-keys | grep 'MSVSphere {{ msvsphere_major_ver }} Test Key'"
|
||||
ignore_errors: true
|
||||
register: pgp_test_key_check
|
||||
changed_when: pgp_test_key_check.rc != 0
|
||||
|
||||
- name: Generate MSVSphere test PGP key
|
||||
block:
|
||||
- name: Create PGP batch file
|
||||
ansible.builtin.tempfile:
|
||||
state: file
|
||||
prefix: scbs_
|
||||
register: pgp_test_key_batch
|
||||
|
||||
- name: Populate PGP batch file
|
||||
ansible.builtin.template:
|
||||
src: msvsphere-test-key.batch.j2
|
||||
dest: "{{ pgp_test_key_batch.path }}"
|
||||
|
||||
- name: Generate test PGP key
|
||||
ansible.builtin.command: "gpg --batch --generate-key {{ pgp_test_key_batch.path }}"
|
||||
|
||||
- name: Delete PGP batch file
|
||||
ansible.builtin.file:
|
||||
path: "{{ pgp_test_key_batch.path }}"
|
||||
state: absent
|
||||
when: pgp_test_key_check.rc != 0
|
||||
|
||||
- name: Check if MSVSphere test PGP key imported
|
||||
ansible.builtin.shell:
|
||||
cmd: rpm -q --queryformat "%{SUMMARY}\n" $(rpm -q gpg-pubkey) | grep 'MSVSphere 9 Test Key'
|
||||
ignore_errors: true
|
||||
register: pgp_test_key_imported
|
||||
changed_when: pgp_test_key_imported.rc != 0
|
||||
|
||||
- name: Import MSVSphere test PGP key to RPM DB
|
||||
block:
|
||||
- name: Get user home directory
|
||||
ansible.builtin.shell: "getent passwd $(id -u) | awk -F: '{ print $6 }'"
|
||||
changed_when: false
|
||||
register: pgp_test_key_user
|
||||
|
||||
- name: Export MSVSphere test PGP public key
|
||||
ansible.builtin.command:
|
||||
cmd: "gpg --output {{ [pgp_test_key_user.stdout, 'RPM-GPG-KEY-MSVSphere-' + msvsphere_major_ver + '-Test-Key'] | path_join }} --export --armor --batch --yes 'MSVSphere {{ msvsphere_major_ver }} Test Key'"
|
||||
|
||||
- name: Copy MSVSphere test PGP public key to /etc/pki/rpm-gpg/
|
||||
ansible.builtin.copy:
|
||||
remote_src: true
|
||||
src: "{{ [pgp_test_key_user.stdout, 'RPM-GPG-KEY-MSVSphere-' + msvsphere_major_ver + '-Test-Key'] | path_join }}"
|
||||
dest: "/etc/pki/rpm-gpg/RPM-GPG-KEY-MSVSphere-{{ msvsphere_major_ver }}-Test-Key"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
become: true
|
||||
|
||||
- name: Import MSVSphere test PGP key to RPM DB
|
||||
ansible.builtin.rpm_key:
|
||||
key: "{{ [pgp_test_key_user.stdout, 'RPM-GPG-KEY-MSVSphere-' + msvsphere_major_ver + '-Test-Key'] | path_join }}"
|
||||
state: present
|
||||
become: true
|
||||
when: pgp_test_key_imported.rc != 0
|
@ -0,0 +1,15 @@
|
||||
%echo Generating OpenPGP key
|
||||
%no-protection
|
||||
Key-Type: RSA
|
||||
Key-Length: 4096
|
||||
Key-Usage: sign
|
||||
Name-Real: MSVSphere {{ msvsphere_major_ver }} Test Key
|
||||
Name-Email: packager@msvsphere.test
|
||||
Expire-Date: 0
|
||||
{% if msvsphere_major_ver | string == '9' %}
|
||||
Preferences: AES256,AES192,AES,SHA512,SHA384,SHA256,ZLIB,ZIP,BZIP2
|
||||
{% else %}
|
||||
Preferences: AES256,AES192,AES,3DES,SHA512,SHA384,SHA256,SHA1,ZLIB,ZIP,BZIP2
|
||||
{% endif %}
|
||||
%commit
|
||||
%echo done
|
Loading…
Reference in new issue