From 42de929adbc256f330816253f7e3ded72ea112b0 Mon Sep 17 00:00:00 2001
From: Tom Gundersen <teg@jklm.no>
Date: Wed, 3 Jun 2020 11:57:46 +0200
Subject: [PATCH] rpmmd/Depsolve: expose whether to check GPG signature for
 each RPM

Currently each repo is annotated with this information, use the mapping
we have from packages to their originating repos to annotate each
PackageSpec with the same information.

This information is not serialized, and not yet used. It may be used to
expose this information to osbuild's org.osbuild.rpm stage.

Signed-off-by: Tom Gundersen <teg@jklm.no>
---
 internal/rpmmd/repository.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/internal/rpmmd/repository.go b/internal/rpmmd/repository.go
index e71a6cb5b..a8a895c1c 100644
--- a/internal/rpmmd/repository.go
+++ b/internal/rpmmd/repository.go
@@ -106,6 +106,7 @@ type PackageSpec struct {
 	RemoteLocation string `json:"remote_location,omitempty"`
 	Checksum       string `json:"checksum,omitempty"`
 	Secrets        string `json:"secrets,omitempty"`
+	CheckGPG       bool   `json:"check_gpg,omitempty"`
 }
 
 type dnfPackageSpec struct {
@@ -416,6 +417,7 @@ func (r *rpmmdImpl) Depsolve(specs, excludeSpecs []string, repos []RepoConfig, m
 		dependencies[i].Arch = dep.Arch
 		dependencies[i].RemoteLocation = dep.RemoteLocation
 		dependencies[i].Checksum = dep.Checksum
+		dependencies[i].CheckGPG = repo.CheckGPG
 		if repo.RHSM {
 			dependencies[i].Secrets = "org.osbuild.rhsm"
 		}