diff --git a/osbuild/formats/v1.py b/osbuild/formats/v1.py index 3da4ec02..b7bba23c 100644 --- a/osbuild/formats/v1.py +++ b/osbuild/formats/v1.py @@ -82,7 +82,20 @@ def load_stage(description: Dict, index: Index, pipeline: Pipeline): name = description["name"] opts = description.get("options", {}) info = index.get_module_info("Stage", name) - pipeline.add_stage(info, opts) + + stage = pipeline.add_stage(info, opts) + + if stage.name == "org.osbuild.rpm": + info = index.get_module_info("Input", "org.osbuild.files") + ip = stage.add_input("packages", info, "org.osbuild.source") + for pkg in stage.options["packages"]: + options = None + if isinstance(pkg, dict): + gpg = pkg.get("check_gpg") + if gpg: + options = {"metadata": {"rpm.check_gpg": gpg}} + pkg = pkg["checksum"] + ip.add_reference(pkg, options) def load_pipeline(description: Dict, index: Index, manifest: Manifest, n: int = 0) -> Pipeline: diff --git a/stages/org.osbuild.rpm b/stages/org.osbuild.rpm index 031dd047..446dad37 100755 --- a/stages/org.osbuild.rpm +++ b/stages/org.osbuild.rpm @@ -36,7 +36,6 @@ import subprocess import sys import tempfile -import osbuild.sources from osbuild import api @@ -80,16 +79,6 @@ SCHEMA = """ """ -def packages_from_legacy(legacy): - packages = [] - for package in legacy: - if isinstance(package, dict): - packages.append(package) - else: - packages.append({"checksum": package, "check_gpg": False}) - return packages - - def generate_package_metadata(tree): query = r"""\{ "name": "%{NAME}", @@ -118,9 +107,17 @@ def generate_package_metadata(tree): return json.loads(jsdata) -def main(tree, sources, options): - packages = packages_from_legacy(options.get("packages", [])) - checksums = [p["checksum"] for p in packages] +def parse_input(inputs): + packages = inputs["packages"] + path = packages["path"] + data = packages["data"] + refs = data["refs"] + return path, refs + + +def main(tree, inputs, options): + pkgpath, packages = parse_input(inputs) + for key in options.get("gpgkeys", []): with tempfile.NamedTemporaryFile(prefix="gpgkey.", mode="w") as keyfile: keyfile.write(key) @@ -132,17 +129,14 @@ def main(tree, sources, options): ], check=True) print("imported gpg key") - print("fetching sources") - osbuild.sources.get("org.osbuild.files", checksums) - - for pkg in packages: - if pkg.get("check_gpg"): + for checksum, data in packages.items(): + if data.get("rpm.check_gpg"): subprocess.run([ "rpmkeys", "--root", tree, "--checksig", - pkg["checksum"] - ], cwd=f"{sources}/org.osbuild.files", stdout=subprocess.DEVNULL, check=True) + checksum + ], cwd=pkgpath, stdout=subprocess.DEVNULL, check=True) script = f""" set -e @@ -165,7 +159,7 @@ def main(tree, sources, options): subprocess.run(["/bin/sh", "-c", script], check=True) with tempfile.NamedTemporaryFile(prefix="manifest.", mode='w') as manifest: - manifest.writelines(c+'\n' for c in checksums) + manifest.writelines(c+'\n' for c in packages) manifest.flush() subprocess.run([ "rpm", @@ -175,7 +169,7 @@ def main(tree, sources, options): # verifying again (see /usr/lib/rpm/macros for more info) "--define", "_pkgverify_level none", "--install", manifest.name - ], cwd=f"{sources}/org.osbuild.files", check=True) + ], cwd=pkgpath, check=True) # remove temporary machine ID if it was created by us if not machine_id_set_previously: @@ -197,5 +191,5 @@ def main(tree, sources, options): if __name__ == '__main__': args = api.arguments() - r = main(args["tree"], args["sources"], args["options"]) + r = main(args["tree"], args["inputs"], args["options"]) sys.exit(r) diff --git a/test/data/stages/rpm/metadata.json b/test/data/stages/rpm/metadata.json index c4c231a0..ad3fde36 100644 --- a/test/data/stages/rpm/metadata.json +++ b/test/data/stages/rpm/metadata.json @@ -1,5 +1,5 @@ { - "9b0987bd54cd0303d5eb3fba0286ce116be6b60c0282ade989645b5b7f8620e2": { + "9415f5f6316e954318d716b5c92bd69e26a4ae475593ffef32ea0a52cc90b9e8": { "packages": [ { "name": "libgcc",