rpmmd: allow check_gpg to be configured for system repos

The sources weldr API already supports this, so hook it up to be
represented on disk and in our internal state tracking too.

This does not yet hook this up to be respected by osbuild, which
currently takes this to be unconditionally set to true.

Signed-off-by: Tom Gundersen <teg@jklm.no>

internal/rpmmd/repository.go

@@ -21,6 +21,7 @@ type repository struct {
 	Metalink       string `json:"metalink,omitempty"`
 	MirrorList     string `json:"mirrorlist,omitempty"`
 	GPGKey         string `json:"gpgkey,omitempty"`
+	CheckGPG       bool   `json:"check_gpg,omitempty"`
 	RHSM           bool   `json:"rhsm,omitempty"`
 	MetadataExpire string `json:"metadata_expire,omitempty"`
 }
@@ -44,6 +45,7 @@ type RepoConfig struct {
 	Metalink       string
 	MirrorList     string
 	GPGKey         string
+	CheckGPG       bool
 	IgnoreSSL      bool
 	MetadataExpire string
 	RHSM           bool
@@ -222,6 +224,7 @@ func LoadRepositories(confPaths []string, distro string) (map[string][]RepoConfi
 				Metalink:       repo.Metalink,
 				MirrorList:     repo.MirrorList,
 				GPGKey:         repo.GPGKey,
+				CheckGPG:       repo.CheckGPG,
 				RHSM:           repo.RHSM,
 				MetadataExpire: repo.MetadataExpire,
 			}
@@ -391,7 +394,8 @@ func (r *rpmmdImpl) Depsolve(specs, excludeSpecs []string, repos []RepoConfig, m
 		if err != nil {
 			panic(err)
 		}
-		if repos[id].RHSM {
+		repo := repos[id]
+		if repo.RHSM {
 			reply.Dependencies[i].Secrets = "org.osbuild.rhsm"
 		}
 	}

internal/store/store.go

@@ -509,7 +509,7 @@ func (s *Store) GetAllSourcesByID() map[string]SourceConfig {
 func NewSourceConfig(repo rpmmd.RepoConfig, system bool) SourceConfig {
 	sc := SourceConfig{
 		Name:     repo.Name,
-		CheckGPG: true,
+		CheckGPG: repo.CheckGPG,
 		CheckSSL: !repo.IgnoreSSL,
 		System:   system,
 	}
@@ -533,6 +533,7 @@ func (s *SourceConfig) RepoConfig(name string) rpmmd.RepoConfig {
 
 	repo.Name = name
 	repo.IgnoreSSL = !s.CheckSSL
+	repo.CheckGPG = s.CheckGPG
 
 	if s.Type == "yum-baseurl" {
 		repo.BaseURL = s.URL

internal/store/store_test.go

@@ -345,8 +345,9 @@ func (suite *storeTest) TestGetAllSourcesByID() {
 
 func (suite *storeTest) TestNewSourceConfigWithBaseURL() {
 	myRepoConfig := rpmmd.RepoConfig{
-		Name:    "testRepo",
-		BaseURL: "testURL",
+		Name:     "testRepo",
+		BaseURL:  "testURL",
+		CheckGPG: true,
 	}
 	expectedSource := SourceConfig{Name: "testRepo", Type: "yum-baseurl", URL: "testURL", CheckGPG: true, CheckSSL: true, System: true}
 	actualSource := NewSourceConfig(myRepoConfig, true)
@@ -357,6 +358,7 @@ func (suite *storeTest) TestNewSourceConfigWithMetaLink() {
 	myRepoConfig := rpmmd.RepoConfig{
 		Name:     "testRepo",
 		Metalink: "testURL",
+		CheckGPG: true,
 	}
 	expectedSource := SourceConfig{Name: "testRepo", Type: "yum-metalink", URL: "testURL", CheckGPG: true, CheckSSL: true, System: true}
 	actualSource := NewSourceConfig(myRepoConfig, true)
@@ -368,7 +370,7 @@ func (suite *storeTest) TestNewSourceConfigWithMirrorList() {
 		Name:       "testRepo",
 		MirrorList: "testURL",
 	}
-	expectedSource := SourceConfig{Name: "testRepo", Type: "yum-mirrorlist", URL: "testURL", CheckGPG: true, CheckSSL: true, System: true}
+	expectedSource := SourceConfig{Name: "testRepo", Type: "yum-mirrorlist", URL: "testURL", CheckGPG: false, CheckSSL: true, System: true}
 	actualSource := NewSourceConfig(myRepoConfig, true)
 	suite.Equal(expectedSource, actualSource)
 }

internal/weldr/api_test.go

@@ -30,7 +30,7 @@ import (
 func createWeldrAPI(fixtureGenerator rpmmd_mock.FixtureGenerator) (*API, *store.Store) {
 	fixture := fixtureGenerator()
 	rpm := rpmmd_mock.NewRPMMDMock(fixture)
-	repos := []rpmmd.RepoConfig{{Name: "test-id", BaseURL: "http://example.com/test/os/x86_64"}}
+	repos := []rpmmd.RepoConfig{{Name: "test-id", BaseURL: "http://example.com/test/os/x86_64", CheckGPG: true}}
 	d := test_distro.New()
 	arch, err := d.GetArch("x86_64")
 	if err != nil {