From 7e5a5e7088695bcdd4b822b9a057de8cd221d19c Mon Sep 17 00:00:00 2001 From: Evgeni Golov Date: Mon, 27 May 2024 09:25:20 +0200 Subject: [PATCH] load obsoleted gpg keys from gpg-signatures.json --- .../libraries/removeobsoleterpmgpgkeys.py | 16 ++++------------ .../tests/test_removeobsoleterpmgpgkeys.py | 5 +++++ .../files/distro/centos/gpg-signatures.json | 3 ++- .../files/distro/rhel/gpg-signatures.json | 11 ++++++++++- .../system_upgrade/common/libraries/distro.py | 18 ++++++++++++++++++ 5 files changed, 39 insertions(+), 14 deletions(-) create mode 100644 repos/system_upgrade/common/libraries/distro.py diff --git a/repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py b/repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py index 1cc5d64f81..6e84c2e9f7 100644 --- a/repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py +++ b/repos/system_upgrade/common/actors/removeobsoletegpgkeys/libraries/removeobsoleterpmgpgkeys.py @@ -1,27 +1,19 @@ from leapp.libraries.common.config.version import get_target_major_version +from leapp.libraries.common.distro import get_distribution_data from leapp.libraries.common.rpms import has_package from leapp.libraries.stdlib import api from leapp.models import DNFWorkaround, InstalledRPM -# maps target version to keys obsoleted in that version -OBSOLETED_KEYS_MAP = { - 7: [], - 8: [ - "gpg-pubkey-2fa658e0-45700c69", - "gpg-pubkey-37017186-45761324", - "gpg-pubkey-db42a60e-37ea5438", - ], - 9: ["gpg-pubkey-d4082792-5b32db75"], -} - def _get_obsolete_keys(): """ Return keys obsoleted in target and previous versions """ + distribution = api.current_actor().configuration.os_release.release_id + obsoleted_keys_map = get_distribution_data(distribution).get('obsoleted-keys', {}) keys = [] for version in range(7, int(get_target_major_version()) + 1): - for key in OBSOLETED_KEYS_MAP[version]: + for key in obsoleted_keys_map[str(version)]: name, version, release = key.rsplit("-", 2) if has_package(InstalledRPM, name, version=version, release=release): keys.append(key) diff --git a/repos/system_upgrade/common/actors/removeobsoletegpgkeys/tests/test_removeobsoleterpmgpgkeys.py b/repos/system_upgrade/common/actors/removeobsoletegpgkeys/tests/test_removeobsoleterpmgpgkeys.py index 1d487815a8..4d9a0e844b 100644 --- a/repos/system_upgrade/common/actors/removeobsoletegpgkeys/tests/test_removeobsoleterpmgpgkeys.py +++ b/repos/system_upgrade/common/actors/removeobsoletegpgkeys/tests/test_removeobsoleterpmgpgkeys.py @@ -1,3 +1,5 @@ +import os + import pytest from leapp.libraries.actor import removeobsoleterpmgpgkeys @@ -67,6 +69,9 @@ def get_target_major_version_mocked(): ), ) + cur_dir = os.path.dirname(os.path.abspath(__file__)) + monkeypatch.setattr(api, 'get_common_folder_path', lambda folder: os.path.join(cur_dir, '../../../files/', folder)) + keys = removeobsoleterpmgpgkeys._get_obsolete_keys() assert set(keys) == set(expected) diff --git a/repos/system_upgrade/common/files/distro/centos/gpg-signatures.json b/repos/system_upgrade/common/files/distro/centos/gpg-signatures.json index cf7f819db5..547b13e7de 100644 --- a/repos/system_upgrade/common/files/distro/centos/gpg-signatures.json +++ b/repos/system_upgrade/common/files/distro/centos/gpg-signatures.json @@ -3,5 +3,6 @@ "24c6a8a7f4a80eb5", "05b555b38483c65d", "4eb84e71f2ee9d55" - ] + ], + "obsoleted-keys": {} } diff --git a/repos/system_upgrade/common/files/distro/rhel/gpg-signatures.json b/repos/system_upgrade/common/files/distro/rhel/gpg-signatures.json index 64d9ed1272..0d40e00142 100644 --- a/repos/system_upgrade/common/files/distro/rhel/gpg-signatures.json +++ b/repos/system_upgrade/common/files/distro/rhel/gpg-signatures.json @@ -5,5 +5,14 @@ "938a80caf21541eb", "fd372689897da07a", "45689c882fa658e0" - ] + ], + "obsoleted-keys": { + "7": [], + "8": [ + "gpg-pubkey-2fa658e0-45700c69", + "gpg-pubkey-37017186-45761324", + "gpg-pubkey-db42a60e-37ea5438" + ], + "9": ["gpg-pubkey-d4082792-5b32db75"] + } } diff --git a/repos/system_upgrade/common/libraries/distro.py b/repos/system_upgrade/common/libraries/distro.py new file mode 100644 index 0000000000..2ed5eacdcd --- /dev/null +++ b/repos/system_upgrade/common/libraries/distro.py @@ -0,0 +1,18 @@ +import json +import os + +from leapp.exceptions import StopActorExecutionError +from leapp.libraries.stdlib import api + + +def get_distribution_data(distribution): + distributions_path = api.get_common_folder_path('distro') + + distribution_config = os.path.join(distributions_path, distribution, 'gpg-signatures.json') + if os.path.exists(distribution_config): + with open(distribution_config) as distro_config_file: + return json.load(distro_config_file) + else: + raise StopActorExecutionError( + 'Cannot find distribution signature configuration.', + details={'Problem': 'Distribution {} was not found in {}.'.format(distribution, distributions_path)})