RubyGems - packaging - Versions diffs - 0.108.0 → 0.108.2 - Mend

packaging 0.108.0 → 0.108.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/lib/packaging/rpm/repo.rb +26 -8
data/lib/packaging/sign/rpm.rb +113 -53
data/spec/lib/packaging/rpm/repo_spec.rb +129 -72
data/spec/lib/packaging/sign_spec.rb +82 -55
metadata +19 -47

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a9056fb1ae6e0953566e9c8fb0f6e287b714386ed41da231511bd319d5bded84
-  data.tar.gz: 21878b9102e278b19c10392b8d171c88bdf344b0727525680462b45820569c6f
+  metadata.gz: f3fd1a48b6b204c719549f2d857edefc600eb504da996e5ec68c0298a11734c0
+  data.tar.gz: 2ccdf98e53f9cea5aaa92346517679e5c468bcc32f6ed6f81c22144906f8b1fe
 SHA512:
-  metadata.gz: 1555def74288b4d4de70211ddfcf2b804875fa1736735a1130a1a69274265c5079bcc92edad3f37a805d5510bd03f2e314cbff6b84f4c8a66cfbba9d04f0e715
-  data.tar.gz: 7c57682a4c8ff21555dcfe2643110221a4095a0c09991333c100d8194f06a641b517ff6f7ca915388f151f63422a0d33d9d1286a5f38c6f5fb98e11f507d8562
+  metadata.gz: ef6517a8347b83b2adbe306302a4a6274a8854731b582f3ec0a1d1a7f6066e7655ad7bf953c40db9cdf359346068a4ebe4e0ebd9cb1cfac733533a1a7c27fe5f
+  data.tar.gz: e359e1e2c06be60e2cb668c2dd478cad89321e8bde6718968d697829dd6987d7800dde683c17325eb1c3be21470d8de497711da9f0610995ac7ea1aecde12697

data/lib/packaging/rpm/repo.rb CHANGED Viewed

@@ -8,17 +8,35 @@ module Pkg::Rpm::Repo
       "http://#{Pkg::Config.builds_server}/#{Pkg::Config.project}/#{Pkg::Config.ref}"
     end
-    def ship_repo_configs(target = "repo_configs")
-      if Pkg::Util::File.empty_dir?("pkg/#{target}/rpm")
-        warn "No repo configs have been generated! Try pl:rpm_repo_configs."
+    def ship_repo_configs(repo_configs_directory = 'repo_configs')
+      local_repos_path = File.join('pkg', repo_configs_directory, 'rpm')
+      remote_repos_path = File.join(
+        Pkg::Config.jenkins_repo_path,
+        Pkg::Config.project,
+        Pkg::Config.ref,
+        repo_configs_directory,
+        'rpm'
+      )
+      if !Dir.exist?(local_repos_path) || Dir.empty?(local_repos_path)
+        warn "No repo_configs found in \"#{Dir.pwd}/#{local_repos_path}\". " \
+             'Skipping repo shipping.'
         return
       end
-      Pkg::Util::RakeUtils.invoke_task("pl:fetch")
-      repo_dir = "#{Pkg::Config.jenkins_repo_path}/#{Pkg::Config.project}/#{Pkg::Config.ref}/#{target}/rpm"
-      Pkg::Util::Net.remote_execute(Pkg::Config.distribution_server, "mkdir -p #{repo_dir}")
-      Pkg::Util::Execution.retry_on_fail(:times => 3) do
-        Pkg::Util::Net.rsync_to("pkg/#{target}/rpm/", Pkg::Config.distribution_server, repo_dir)
+      Pkg::Util::RakeUtils.invoke_task('pl:fetch')
+      Pkg::Util::Net.remote_execute(
+        Pkg::Config.distribution_server,
+        "mkdir -p #{remote_repos_path}"
+      )
+      Pkg::Util::Execution.retry_on_fail(times: 3) do
+        Pkg::Util::Net.rsync_to(
+          "#{local_repos_path}/",
+          Pkg::Config.distribution_server,
+          remote_repos_path
+        )
       end
     end

data/lib/packaging/sign/rpm.rb CHANGED Viewed

@@ -1,72 +1,130 @@
 module Pkg::Sign::Rpm
   module_function
-  def sign(rpm, sign_flags = nil)
+  # For rpm v4-style signing, we have old (gpg < v2.1) style and new-style
+  # Dispatch those cases.
+  def sign(rpm_path, signing_version = :v4)
+    unless %i[v3 v4].include?(signing_version)
+      fail "Unknown signing version: #{signing_version}. Only ':v3' and ':v4' are supported"
+    end
+    if gpg_version_older_than_21?
+      sign_gpg_1(rpm_path, signing_version)
+    else
+      sign_gpg_2(rpm_path, signing_version)
+    end
+  end
+  # Support old, old v3 RPM signing
+  def v3_sign(rpm)
+    sign(rpm, :v3)
+  end
+  alias :legacy_sign :v3_sign
+  # Construct GPG configuration, then call 'rpm --addsign' with it.
+  def sign_gpg_2(rpm_path, signing_version)
     # To enable support for wrappers around rpm and thus support for gpg-agent
     # rpm signing, we have to be able to tell the packaging repo what binary to
     # use as the rpm signing tool.
+    rpm_executable = Pkg::Util::Tool.find_tool('rpm')
+    sign_command = %W[
+      #{rpm_executable} --addsign #{rpm_path}
+      #{define_gpg_name}
+      #{define_gpg_sign_cmd(signing_version)}
+    ].join(' ')
+    Pkg::Util::Execution.capture3(sign_command, true)
+  end
+  def sign_gpg_1(rpm_path, signing_version)
+    # This allows for old-style wrapping of rpmsign with an expect script
     rpm_executable = ENV['RPM'] || Pkg::Util::Tool.find_tool('rpm')
-    # If we're using the gpg agent for rpm signing, we don't want to specify the
-    # input for the passphrase, which is what '--passphrase-fd 3' does. However,
-    # if we're not using the gpg agent, this is required, and is part of the
-    # defaults on modern rpm. The fun part of gpg-agent signing of rpms is
-    # specifying that the gpg check command always return true
-    gpg_check_command = ''
-    input_flag = ''
-    if Pkg::Util.boolean_value(ENV['RPM_GPG_AGENT'])
-      gpg_check_command = "--define '%__gpg_check_password_cmd /bin/true'"
-    else
-      input_flag = "--passphrase-fd 3"
-    end
+    sign_command = %W[
+      #{rpm_executable} --addsign #{rpm_path}
+      #{define_gpg_check_password_cmd}
+      #{define_gpg_name}
+      #{define_gpg_sign_cmd(signing_version)}
+    ].join(' ')
+    Pkg::Util::Execution.capture3(sign_command, true)
+  end
+  def define_gpg_name
+    "--define '%_gpg_name #{Pkg::Util::Gpg.key}'"
+  end
-    # If gpg version is >=2.1, use the gpg1 binary to sign. Otherwise, use the standard sign command.
-    gpg_executable = if gpg_version_greater_than_21?
-                       "%__gpg /usr/bin/gpg1' --define '%__gpg_sign_cmd %{__gpg} gpg1"
-                     else
-                       '%__gpg_sign_cmd %{__gpg} gpg'
-                     end
+  def define_gpg_sign_cmd(signing_version)
+    "--define '%__gpg_sign_cmd #{gpg_sign_cmd_macro(signing_version)}'"
+  end
+  def gpg_sign_cmd_macro(signing_version)
+    gpg_executable = Pkg::Util::Tool.find_tool('gpg')
     # rubocop:disable Lint/NestedPercentLiteral
-    gpg_signing_macro = %W[
-      #{gpg_executable} #{sign_flags} #{input_flag}
-      --batch --no-verbose --no-armor
-      --no-secmem-warning -u %{_gpg_name}
-      -sbo %{__signature_filename} %{__plaintext_filename}
+    %W[
+      #{gpg_executable} --sign --detach-sign
+      #{signing_version_flags(signing_version)}
+      #{passphrase_fd_flag}
+      --batch --no-armor --no-secmem-warning
+      --local-user %{_gpg_name}
+      --output %{__signature_filename}
+        %{__plaintext_filename}
     ].join(' ')
     # rubocop:enable Lint/NestedPercentLiteral
+  end
-    sign_command = %W[
-      #{rpm_executable} #{gpg_check_command}
-      --define '%_gpg_name #{Pkg::Util::Gpg.key}'
-      --define '#{gpg_signing_macro}' --addsign #{rpm}
-    ].join(' ')
-    # Try this up to 5 times, to allow for incorrect passwords
-    Pkg::Util::Execution.retry_on_fail(:times => 5) do
-      # This definition of %__gpg_sign_cmd is the default on modern rpm. We
-      # accept extra flags to override certain signing behavior for older
-      # versions of rpm, e.g. specifying V3 signatures instead of V4.
-      Pkg::Util::Execution.capture3(sign_command)
+  def signing_version_flags(signing_version)
+    case signing_version
+    when :v3
+      '--force-v3-sigs --digest-algo=sha1'
+    when :v4
+      ''
+    else
+      fail "Unrecognized signing_version: '#{signing_version}'"
     end
   end
-  def legacy_sign(rpm)
-    sign(rpm, "--force-v3-sigs --digest-algo=sha1")
+  def passphrase_fd_flag
+    # We use passphrase caching on GPG >= 2.1, so no passphrase-fd is needed.
+    return '' unless gpg_version_older_than_21?
+    # If the user has provided us their gpg agent setup, don't muck with it.
+    return '' if Pkg::Util.boolean_value(ENV['RPM_GPG_AGENT'])
+    # Assume our old setup where expect is providing input on fd 3
+    return '--passphrase-fd 3'
   end
-  def has_sig?(rpm)
+  def define_gpg_check_password_cmd
+    if Pkg::Util.boolean_value(ENV['RPM_GPG_AGENT'])
+      "--define '%__gpg_check_password_cmd /bin/true'"
+    else
+      ''
+    end
+  end
+  def signed?(rpm)
     # This should allow the `Pkg::Util::Gpg.key` method to fail if gpg_key is
     # not set, before shelling out. We also only want the short key, all
     # lowercase, since that's what the `rpm -Kv` output uses.
     key = Pkg::Util::Gpg.key.downcase.chars.last(8).join
     signature_check_output = %x(rpm --checksig --verbose #{rpm})
     # If the signing key has not been loaded on the system this is running on,
     # the check will exit 1, even if the rpm is signed, so we can't use capture3,
     # which bails out with non-0 exit codes. Instead, check that the output
     # looks more-or-less how we expect it to.
-    fail "Something went wrong checking the signature of #{rpm}." unless signature_check_output.include? "Header"
-    return signature_check_output.include? "key ID #{key}"
+    unless signature_check_output.include? "Header"
+      fail "Something went wrong checking the signature of #{rpm}."
+    end
+    signature_check_output.include? "key ID #{key}"
+  end
+  # For backwards compatibility
+  def has_sig?(rpm)
+    signed?(rpm)
   end
   def sign_all(rpm_directory)
@@ -97,8 +155,8 @@ module Pkg::Sign::Rpm
       # We don't sign AIX rpms
       next if platform_tag.include?('aix')
-      if has_sig? rpm
-        puts "#{rpm} is already signed, skipping . . ."
+      if signed?(rpm)
+        puts "#{rpm} is already signed. Skipping."
         next
       end
@@ -113,13 +171,13 @@ module Pkg::Sign::Rpm
     end
     unless v3_rpms.empty?
-      puts "Signing legacy (v3) rpms..."
-      legacy_sign(v3_rpms.join(' '))
+      puts "Signing legacy (v3) rpms:"
+      sign(v3_rpms.join(' '), :v3)
     end
     unless v4_rpms.empty?
-      puts "Signing modern (v4) rpms..."
-      sign(v4_rpms.join(' '))
+      puts "Signing modern (v4) rpms:"
+      sign(v4_rpms.join(' '), :v4)
     end
     # Using the map of paths to basenames, we re-hardlink the rpms we deleted.
@@ -128,16 +186,18 @@ module Pkg::Sign::Rpm
       FileUtils.mkdir_p(File.dirname(link_path))
       # Find paths where the signed rpm has the same basename, but different
       # full path, as the one we need to link.
-      paths_to_link_to = rpms_to_sign.select { |rpm| File.basename(rpm) == rpm_filename && rpm != link_path }
+      paths_to_link_to = rpms_to_sign.select do |rpm|
+        File.basename(rpm) == rpm_filename && rpm != link_path
+      end
       paths_to_link_to.each do |path|
-        FileUtils.ln(path, link_path, :force => true, :verbose => true)
+        FileUtils.ln(path, link_path, force: true, verbose: true)
       end
     end
   end
-  def gpg_version_greater_than_21?
-    gpg_version_output = %x(gpg --version)
-    gpg_version = gpg_version_output.split(' ')[2]
-    Gem::Version.new(gpg_version) >= Gem::Version.new('2.1.0')
+  def gpg_version_older_than_21?
+    gpg_executable = Pkg::Util::Tool.find_tool('gpg')
+    gpg_version = %x(#{gpg_executable} --version).split(' ')[2]
+    Gem::Version.new(gpg_version) < Gem::Version.new('2.1.0')
   end
 end

data/spec/lib/packaging/rpm/repo_spec.rb CHANGED Viewed

@@ -1,20 +1,22 @@
 require 'spec_helper'
-describe "Pkg::Rpm::Repo" do
-  let(:wget)          { "/opt/tools/bin/wget" }
-  let(:builds_server) { "saturn.puppetlabs.net" }
-  let(:project)       { "rpm_repos" }
-  let(:ref)           { "1234abcd" }
+describe 'Pkg::Rpm::Repo' do
+  let(:wget)          { '/opt/tools/bin/wget' }
+  let(:builds_server) { 'saturn.puppetlabs.net' }
+  let(:project)       { 'rpm_repos' }
+  let(:ref)           { '1234abcd' }
   let(:base_url)      { "http://#{builds_server}/#{project}/#{ref}" }
-  let(:mocks)         { ["el-5-i386", "el-5-x86_64", "el-5-SRPMS"] }
-  let(:wget_results)  {
-                        mocks.map do |mock|
-                          dist, version, arch = mock.split('-')
-                          "http://#{builds_server}/#{project}/#{ref}/repos/#{dist}/#{version}/products/#{arch}/repodata/"
-                        end.join("\n")
-                      }
-  let(:wget_garbage)  { "\nother things\n and an index\nhttp://somethingelse.com" }
-  let(:repo_configs)  { mocks.map { |mock| "pkg/repo_configs/rpm/pl-#{project}-#{ref}-#{mock}.repo" } }
+  let(:mocks)         { %w[el-5-i386 el-5-x86_64 el-5-SRPMS] }
+  let(:wget_results) do
+    mocks.map do |mock|
+      dist, version, arch = mock.split('-')
+      "http://#{builds_server}/#{project}/#{ref}/repos/#{dist}/#{version}/products/#{arch}/repodata/"
+    end.join("\n")
+  end
+  let(:wget_garbage) { "\nother things\n and an index\nhttp://somethingelse.com" }
+  let(:repo_configs) do
+    mocks.map { |mock| "pkg/repo_configs/rpm/pl-#{project}-#{ref}-#{mock}.repo" }
+  end
   # Setup and tear down for the tests
   around do |example|
@@ -34,99 +36,154 @@ describe "Pkg::Rpm::Repo" do
     Pkg::Config.jenkins_repo_path = orig_repo_path
   end
-  describe "#generate_repo_configs" do
-    it "fails if wget isn't available" do
-      Pkg::Util::Tool.stub(:find_tool).with("wget", {:required => true}) {false}
-      expect {Pkg::Rpm::Repo.generate_repo_configs}.to raise_error(RuntimeError)
+  describe '#generate_repo_configs' do
+    it 'fails if wget isn\'t available' do
+      allow(Pkg::Util::Tool)
+        .to receive(:find_tool)
+        .with('wget', { required: true })
+        .and_return(false)
+      expect { Pkg::Rpm::Repo.generate_repo_configs }.to raise_error(RuntimeError)
     end
-    it "warns if there are no rpm repos available for the build" do
-      Pkg::Util::Tool.should_receive(:find_tool).with("wget", {:required => true}).and_return(wget)
-      Pkg::Util::Execution.should_receive(:capture3).with("#{wget} --spider -r -l 5 --no-parent #{base_url}/repos/ 2>&1").and_return("")
-      Pkg::Rpm::Repo.should_receive(:warn).with("No rpm repos were found to generate configs from!")
+    it 'warns if there are no rpm repos available for the build' do
+      expect(Pkg::Util::Tool)
+        .to receive(:find_tool)
+        .with('wget', { required: true })
+        .and_return(wget)
+      expect(Pkg::Util::Execution)
+        .to receive(:capture3)
+        .with("#{wget} --spider -r -l 5 --no-parent #{base_url}/repos/ 2>&1")
+        .and_return('')
+      expect(Pkg::Rpm::Repo)
+        .to receive(:warn)
+        .with("No rpm repos were found to generate configs from!")
       Pkg::Rpm::Repo.generate_repo_configs
     end
-    it "writes the expected repo configs to disk" do
-      Pkg::Util::Tool.should_receive(:find_tool).with("wget", {:required => true}).and_return(wget)
-      Pkg::Util::Execution.should_receive(:capture3).with("#{wget} --spider -r -l 5 --no-parent #{base_url}/repos/ 2>&1").and_return(wget_results + wget_garbage)
+    it 'writes the expected repo configs to disk' do
+      expect(Pkg::Util::Tool)
+        .to receive(:find_tool)
+        .with("wget", { required: true })
+        .and_return(wget)
+      expect(Pkg::Util::Execution)
+        .to receive(:capture3)
+        .with("#{wget} --spider -r -l 5 --no-parent #{base_url}/repos/ 2>&1")
+        .and_return(wget_results + wget_garbage)
       wget_results.split.each do |result|
         cur_result = result.chomp('repodata/')
-        Pkg::Util::Execution.should_receive(:capture3).with("#{wget} --spider -r -l 1 --no-parent #{cur_result} 2>&1").and_return("#{cur_result}/thing.rpm")
+        expect(Pkg::Util::Execution)
+          .to receive(:capture3)
+          .with("#{wget} --spider -r -l 1 --no-parent #{cur_result} 2>&1")
+          .and_return("#{cur_result}/thing.rpm")
       end
-      FileUtils.should_receive(:mkdir_p).with("pkg/repo_configs/rpm")
+      expect(FileUtils).to receive(:mkdir_p).with('pkg/repo_configs/rpm')
       config = []
       repo_configs.each_with_index do |repo_config, i|
-        Pkg::Paths.should_receive(:tag_from_artifact_path).and_return(mocks[i])
-        Pkg::Platforms.should_receive(:parse_platform_tag).and_return(mocks[i].split('-'))
+        expect(Pkg::Paths).to receive(:tag_from_artifact_path).and_return(mocks[i])
+        expect(Pkg::Platforms).to receive(:parse_platform_tag).and_return(mocks[i].split('-'))
         config[i] = double(File)
-        File.should_receive(:open).with(repo_config, 'w').and_yield(config[i])
-        config[i].should_receive(:puts)
+        expect(File).to receive(:open).with(repo_config, 'w').and_yield(config[i])
+        expect(config[i]).to receive(:puts)
       end
       Pkg::Rpm::Repo.generate_repo_configs
     end
   end
-  describe "#retrieve_repo_configs" do
-    it "fails if wget isn't available" do
-      Pkg::Util::Tool.stub(:find_tool).with("wget", {:required => true}) {false}
-      expect {Pkg::Rpm::Repo.generate_repo_configs}.to raise_error(RuntimeError)
+  describe '#retrieve_repo_configs' do
+    it 'fails if wget isn\'t available' do
+      allow(Pkg::Util::Tool)
+        .to receive(:find_tool)
+        .with('wget', { required: true })
+        .and_return(false)
+      expect { Pkg::Rpm::Repo.generate_repo_configs }.to raise_error(RuntimeError)
     end
-    it "fails if there are no deb repos available for the build" do
-      Pkg::Util::Tool.should_receive(:find_tool).with("wget", {:required => true}).and_return(wget)
-      FileUtils.should_receive(:mkdir_p).with("pkg/repo_configs").and_return(true)
-      Pkg::Util::Execution.should_receive(:capture3).with("#{wget} -r -np -nH --cut-dirs 3 -P pkg/repo_configs --reject 'index*' #{base_url}/repo_configs/rpm/").and_raise(RuntimeError)
-      expect {Pkg::Rpm::Repo.retrieve_repo_configs}.to raise_error(RuntimeError, /Couldn't retrieve rpm yum repo configs/)
+    it 'fails if there are no deb repos available for the build' do
+      expect(Pkg::Util::Tool)
+        .to receive(:find_tool)
+        .with('wget', { required: true })
+        .and_return(wget)
+      expect(FileUtils)
+        .to receive(:mkdir_p)
+        .with('pkg/repo_configs')
+        .and_return(true)
+      expect(Pkg::Util::Execution)
+        .to receive(:capture3)
+        .with("#{wget} -r -np -nH --cut-dirs 3 -P pkg/repo_configs --reject 'index*' #{base_url}/repo_configs/rpm/")
+        .and_raise(RuntimeError)
+      expect { Pkg::Rpm::Repo.retrieve_repo_configs }
+        .to raise_error(RuntimeError, /Couldn't retrieve rpm yum repo configs/)
     end
   end
-  describe "#create_local_repos" do
-    let(:command) { "/usr/bin/make some repos" }
-    let(:target_directory) { "/tmp/dir/thing" }
+  describe '#create_local_repos' do
+    let(:command) { '/usr/bin/make some repos' }
+    let(:target_directory) { '/tmp/dir/thing' }
-    it "makes a repo in the target directory" do
-      Pkg::Rpm::Repo.should_receive(:repo_creation_command).with(target_directory).and_return("run this thing")
-      Pkg::Util::Execution.should_receive(:capture3).with("bash -c 'run this thing'")
+    it 'makes a repo in the target directory' do
+      expect(Pkg::Rpm::Repo)
+        .to receive(:repo_creation_command)
+        .with(target_directory)
+        .and_return("run this thing")
+      expect(Pkg::Util::Execution)
+        .to receive(:capture3)
+        .with("bash -c 'run this thing'")
       Pkg::Rpm::Repo.create_local_repos(target_directory)
     end
   end
-  describe "#create_remote_repos" do
-    let(:command) { "/usr/bin/make some repos" }
-    let(:artifact_directory) { "/tmp/dir/thing" }
+  describe '#create_remote_repos' do
+    let(:command) { '/usr/bin/make some repos' }
+    let(:artifact_directory) { '/tmp/dir/thing' }
     let(:pkg_directories) { ['el-6-i386', 'el/7/x86_64'] }
-    it "makes a repo in the target directory" do
-      File.stub(:join) {artifact_directory}
-      Pkg::Repo.should_receive(:directories_that_contain_packages).and_return(pkg_directories)
-      Pkg::Repo.should_receive(:populate_repo_directory)
-      Pkg::Rpm::Repo.should_receive(:repo_creation_command).and_return(command)
-      Pkg::Util::Net.should_receive(:remote_execute).with(Pkg::Config.distribution_server, command)
-      Pkg::Rpm::Repo.should_receive(:generate_repo_configs)
-      Pkg::Rpm::Repo.should_receive(:ship_repo_configs)
-      Pkg::Util::Net.should_receive(:remote_execute).with(Pkg::Config.distribution_server, "rm -f #{artifact_directory}/repos/.lock" )
+    it 'makes a repo in the target directory' do
+      allow(File).to receive(:join).and_return(artifact_directory)
+      expect(Pkg::Repo).to receive(:directories_that_contain_packages).and_return(pkg_directories)
+      expect(Pkg::Repo).to receive(:populate_repo_directory)
+      expect(Pkg::Rpm::Repo).to receive(:repo_creation_command).and_return(command)
+      expect(Pkg::Util::Net)
+        .to receive(:remote_execute)
+        .with(Pkg::Config.distribution_server, command)
+      expect(Pkg::Rpm::Repo).to receive(:generate_repo_configs)
+      expect(Pkg::Rpm::Repo).to receive(:ship_repo_configs)
+      expect(Pkg::Util::Net)
+        .to receive(:remote_execute)
+        .with(Pkg::Config.distribution_server, "rm -f #{artifact_directory}/repos/.lock")
       Pkg::Rpm::Repo.create_remote_repos
     end
   end
-  describe "#ship_repo_configs" do
-    it "warn if there are no repo configs to ship" do
-      Pkg::Util::File.should_receive(:empty_dir?).with("pkg/repo_configs/rpm").and_return(true)
-      Pkg::Rpm::Repo.should_receive(:warn).with("No repo configs have been generated! Try pl:rpm_repo_configs.")
+  describe '#ship_repo_configs' do
+    it 'warn if there are no repo configs to ship' do
+      Pkg::Config.jenkins_repo_path = '/a/b/c/d'
+      expect(Dir).to receive(:exist?).with("pkg/repo_configs/rpm").and_return(false)
+      expect(Pkg::Rpm::Repo).to receive(:warn)
+      expect(Pkg::Util::RakeUtils).not_to receive(:invoke_task)
       Pkg::Rpm::Repo.ship_repo_configs
     end
-    it "ships repo configs to the build server" do
-      Pkg::Config.jenkins_repo_path = "/a/b/c/d"
-      Pkg::Config.project = "thing2"
-      Pkg::Config.ref = "abcd1234"
-      Pkg::Config.distribution_server = "a.host.that.wont.exist"
-      repo_dir = "#{Pkg::Config.jenkins_repo_path}/#{Pkg::Config.project}/#{Pkg::Config.ref}/repo_configs/rpm"
-      Pkg::Util::File.should_receive(:empty_dir?).with("pkg/repo_configs/rpm").and_return(false)
-      Pkg::Util::RakeUtils.should_receive(:invoke_task).with("pl:fetch")
-      Pkg::Util::Net.should_receive(:remote_execute).with(Pkg::Config.distribution_server, "mkdir -p #{repo_dir}")
-      Pkg::Util::Execution.should_receive(:retry_on_fail).with(:times => 3)
+    it 'ships repo configs to the build server' do
+      Pkg::Config.jenkins_repo_path = '/a/b/c/d'
+      Pkg::Config.project = 'thing2'
+      Pkg::Config.ref = 'abcd1234'
+      Pkg::Config.distribution_server = 'a.host.that.wont.exist'
+      repo_dir = File.join(
+        Pkg::Config.jenkins_repo_path,
+        Pkg::Config.project,
+        Pkg::Config.ref,
+        'repo_configs',
+        'rpm'
+      )
+      expect(Dir).to receive(:exist?).with('pkg/repo_configs/rpm').and_return(true)
+      expect(Dir).to receive(:empty?).with('pkg/repo_configs/rpm').and_return(false)
+      expect(Pkg::Util::RakeUtils).to receive(:invoke_task).with('pl:fetch')
+      expect(Pkg::Util::Net)
+        .to receive(:remote_execute)
+        .with(Pkg::Config.distribution_server, "mkdir -p #{repo_dir}")
+      expect(Pkg::Util::Net)
+        .to receive(:rsync_to)
+        .with('pkg/repo_configs/rpm/', Pkg::Config.distribution_server, repo_dir)
       Pkg::Rpm::Repo.ship_repo_configs
     end
   end

data/spec/lib/packaging/sign_spec.rb CHANGED Viewed

@@ -3,91 +3,118 @@ require 'packaging/sign'
 describe 'Pkg::Sign' do
   describe 'Pkg::Sign::Rpm' do
     before :each do
       allow(Pkg::Config).to receive(:gpg_key).and_return('7F438280EF8D349F')
     end
-    describe '#has_sig?' do
+    describe '#signed?' do
       let(:rpm) { 'foo.rpm' }
-      let(:el7_signed_response) { <<-DOC
-Header V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
-Header SHA1 digest: OK (3cb7e9861e8bc09783a1b6c8d88243a3c16daa81)
-V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
-MD5 digest: OK (d5f06ba2a9053de532326d0659ec0d11)
-DOC
-      }
-      let(:sles12_signed_response) { <<-DOC
-Header V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
-Header SHA1 digest: OK (e713487cf21ebeb933aefd5ec9211a34603233d2)
-V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
-MD5 digest: OK (3093a09ac39bc17751f913e19ca74432)
-DOC
-      }
-      let(:unsigned_response) { <<-DOC
-Header SHA1 digest: OK (f9404cc95f200568c2dbb1fd24e1119e3e4a40a9)
-MD5 digest: OK (816095f3cee145091c3fa07a0915ce85)
-DOC
-      }
+      let(:el7_signed_response) do
+        <<~DOC
+          Header V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
+          Header SHA1 digest: OK (3cb7e9861e8bc09783a1b6c8d88243a3c16daa81)
+          V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
+          MD5 digest: OK (d5f06ba2a9053de532326d0659ec0d11)
+        DOC
+      end
+      let(:sles12_signed_response) do
+        <<~DOC
+          Header V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
+          Header SHA1 digest: OK (e713487cf21ebeb933aefd5ec9211a34603233d2)
+          V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY
+          MD5 digest: OK (3093a09ac39bc17751f913e19ca74432)
+        DOC
+      end
+      let(:unsigned_response) do
+        <<~DOC
+          Header SHA1 digest: OK (f9404cc95f200568c2dbb1fd24e1119e3e4a40a9)
+          MD5 digest: OK (816095f3cee145091c3fa07a0915ce85)
+        DOC
+      end
       it 'returns true if rpm has been signed (el7)' do
         allow(Pkg::Sign::Rpm).to receive(:`).and_return(el7_signed_response)
-        expect(Pkg::Sign::Rpm.has_sig?(rpm)).to be true
+        expect(Pkg::Sign::Rpm.signed?(rpm)).to be true
       end
       it 'returns true if rpm has been signed (sles12)' do
         allow(Pkg::Sign::Rpm).to receive(:`).and_return(sles12_signed_response)
-        expect(Pkg::Sign::Rpm.has_sig?(rpm)).to be true
+        expect(Pkg::Sign::Rpm.signed?(rpm)).to be true
       end
       it 'returns false if rpm has not been signed' do
         allow(Pkg::Sign::Rpm).to receive(:`).and_return(unsigned_response)
-        expect(Pkg::Sign::Rpm.has_sig?(rpm)).to be false
+        expect(Pkg::Sign::Rpm.signed?(rpm)).to be false
       end
       it 'fails with unexpected output' do
-        allow(Pkg::Sign::Rpm).to receive(:`).and_return('something that is definitely not a normal response')
-        expect { Pkg::Sign::Rpm.has_sig?(rpm) }.to raise_error(RuntimeError, /Something went wrong checking the signature/)
+        allow(Pkg::Sign::Rpm)
+          .to receive(:`)
+          .and_return('something that is definitely not a normal response')
+        expect { Pkg::Sign::Rpm.signed?(rpm) }
+          .to raise_error(RuntimeError, /Something went wrong checking the signature/)
       end
       it 'fails if gpg_key is not set' do
         allow(Pkg::Config).to receive(:gpg_key).and_return(nil)
-        expect { Pkg::Sign::Rpm.has_sig?(rpm) }.to raise_error(RuntimeError, /You need to set `gpg_key` in your build defaults./)
+        expect { Pkg::Sign::Rpm.signed?(rpm) }
+          .to raise_error(RuntimeError, /You need to set `gpg_key` in your build defaults./)
       end
     end
     describe '#sign_all' do
       let(:rpm_directory) { Dir.mktmpdir }
-      let(:rpms_not_to_sign) { [
-        "#{rpm_directory}/aix/7.1/PC1/ppc/puppet-agent-5.5.3-1.aix7.1.ppc.rpm",
-      ] }
-      let(:v3_rpms) { [
-        "#{rpm_directory}/sles/11/PC1/x86_64/puppet-agent-5.5.3-1.sles11.x86_64.rpm",
-      ] }
-      let(:v4_rpms) { [
-        "#{rpm_directory}/el/7/PC1/aarch64/puppet-agent-5.5.3-1.el7.aarch64.rpm",
-      ] }
+      let(:rpms_not_to_sign) do
+        ["#{rpm_directory}/aix/7.1/PC1/ppc/puppet-agent-5.5.3-1.aix7.1.ppc.rpm"]
+      end
+      let(:v3_rpms) do
+        ["#{rpm_directory}/sles/11/PC1/x86_64/puppet-agent-5.5.3-1.sles11.x86_64.rpm"]
+      end
+      let(:v4_rpms) do
+        ["#{rpm_directory}/el/7/PC1/aarch64/puppet-agent-5.5.3-1.el7.aarch64.rpm"]
+      end
       let(:rpms) { rpms_not_to_sign + v3_rpms + v4_rpms }
-      let(:already_signed_rpms) { [
-        "#{rpm_directory}/el/6/PC1/x86_64/puppet-agent-5.5.3-1.el6.x86_64.rpm",
-      ] }
-      let(:noarch_rpms) { [
-        "#{rpm_directory}/el/6/puppet5/i386/puppetserver-5.3.3-1.el6.noarch.rpm",
-        "#{rpm_directory}/el/6/puppet5/x86_64/puppetserver-5.3.3-1.el6.noarch.rpm",
-        "#{rpm_directory}/el/7/puppet5/i386/puppetserver-5.3.3-1.el7.noarch.rpm",
-        "#{rpm_directory}/el/7/puppet5/x86_64/puppetserver-5.3.3-1.el7.noarch.rpm",
-        "#{rpm_directory}/sles/12/puppet5/i386/puppetserver-5.3.3-1.sles12.noarch.rpm",
-        "#{rpm_directory}/sles/12/puppet5/x86_64/puppetserver-5.3.3-1.sles12.noarch.rpm"
-      ] }
+      let(:already_signed_rpms) do
+        ["#{rpm_directory}/el/6/PC1/x86_64/puppet-agent-5.5.3-1.el6.x86_64.rpm"]
+      end
+      let(:noarch_rpms) do
+        [
+          "#{rpm_directory}/el/6/puppet5/i386/puppetserver-5.3.3-1.el6.noarch.rpm",
+          "#{rpm_directory}/el/6/puppet5/x86_64/puppetserver-5.3.3-1.el6.noarch.rpm",
+          "#{rpm_directory}/el/7/puppet5/i386/puppetserver-5.3.3-1.el7.noarch.rpm",
+          "#{rpm_directory}/el/7/puppet5/x86_64/puppetserver-5.3.3-1.el7.noarch.rpm",
+          "#{rpm_directory}/sles/12/puppet5/i386/puppetserver-5.3.3-1.sles12.noarch.rpm",
+          "#{rpm_directory}/sles/12/puppet5/x86_64/puppetserver-5.3.3-1.sles12.noarch.rpm"
+        ]
+      end
       it 'signs both v3 and v4 rpms' do
         allow(Dir).to receive(:[]).with("#{rpm_directory}/**/*.rpm").and_return(rpms)
         rpms.each do |rpm|
-          allow(Pkg::Sign::Rpm).to receive(:has_sig?).and_return(false)
+          allow(Pkg::Sign::Rpm).to receive(:signed?).and_return(false)
         end
-        expect(Pkg::Sign::Rpm).to receive(:legacy_sign).with(v3_rpms.join(' '))
-        expect(Pkg::Sign::Rpm).to receive(:sign).with(v4_rpms.join(' '))
+        v3_items = v3_rpms.length
+        v4_items = v4_rpms.length
+        expect(Pkg::Sign::Rpm)
+          .to receive(:sign)
+          .with(v3_rpms.join(' '), :v3)
+          .exactly(v3_items).times
+        expect(Pkg::Sign::Rpm)
+          .to receive(:sign)
+          .with(v4_rpms.join(' '), :v4)
+          .exactly(v4_items).times
         Pkg::Sign::Rpm.sign_all(rpm_directory)
       end
       it 'does not sign AIX rpms' do
         allow(Dir).to receive(:[]).with("#{rpm_directory}/**/*.rpm").and_return(rpms_not_to_sign)
-        allow(Pkg::Sign::Rpm).to receive(:has_sig?)
+        allow(Pkg::Sign::Rpm).to receive(:signed?)
         expect(Pkg::Sign::Rpm).to_not receive(:legacy_sign)
         expect(Pkg::Sign::Rpm).to_not receive(:sign)
         Pkg::Sign::Rpm.sign_all(rpm_directory)
@@ -96,7 +123,7 @@ DOC
       it 'does not sign already-signed rpms' do
         allow(Dir).to receive(:[]).with("#{rpm_directory}/**/*.rpm").and_return(already_signed_rpms)
         already_signed_rpms.each do |rpm|
-          allow(Pkg::Sign::Rpm).to receive(:has_sig?).and_return(true)
+          allow(Pkg::Sign::Rpm).to receive(:signed?).and_return(true)
         end
         expect(Pkg::Sign::Rpm).to_not receive(:legacy_sign)
         expect(Pkg::Sign::Rpm).to_not receive(:sign)
@@ -106,9 +133,9 @@ DOC
       it 'deletes and relinks rpms with the same basename' do
         allow(Dir).to receive(:[]).with("#{rpm_directory}/**/*.rpm").and_return(noarch_rpms)
         allow(Pkg::Sign::Rpm).to receive(:sign)
-        allow(Pkg::Sign::Rpm).to receive(:has_sig?)
-        expect(FileUtils).to receive(:rm).exactly(noarch_rpms.count/2).times
-        expect(FileUtils).to receive(:ln).exactly(noarch_rpms.count/2).times
+        allow(Pkg::Sign::Rpm).to receive(:signed?)
+        expect(FileUtils).to receive(:rm).exactly(noarch_rpms.count / 2).times
+        expect(FileUtils).to receive(:ln).exactly(noarch_rpms.count / 2).times
         Pkg::Sign::Rpm.sign_all(rpm_directory)
       end

metadata CHANGED Viewed

@@ -1,43 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: packaging
 version: !ruby/object:Gem::Version
-  version: 0.108.0
+  version: 0.108.2
 platform: ruby
 authors:
 - Puppet Labs
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-10-04 00:00:00.000000000 Z
+date: 2023-02-08 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: pry
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: pry-byebug
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -323,28 +295,28 @@ signing_key:
 specification_version: 4
 summary: Puppet Labs' packaging automation
 test_files:
+- spec/lib/packaging/config_spec.rb
 - spec/lib/packaging/platforms_spec.rb
-- spec/lib/packaging/artifactory_spec.rb
-- spec/lib/packaging/util/jenkins_spec.rb
-- spec/lib/packaging/util/rake_utils_spec.rb
-- spec/lib/packaging/util/ship_spec.rb
-- spec/lib/packaging/util/file_spec.rb
-- spec/lib/packaging/util/git_tag_spec.rb
-- spec/lib/packaging/util/net_spec.rb
-- spec/lib/packaging/util/os_spec.rb
+- spec/lib/packaging/gem_spec.rb
+- spec/lib/packaging/sign_spec.rb
+- spec/lib/packaging/paths_spec.rb
+- spec/lib/packaging/deb/repo_spec.rb
+- spec/lib/packaging/rpm/repo_spec.rb
 - spec/lib/packaging/util/git_spec.rb
+- spec/lib/packaging/util/os_spec.rb
+- spec/lib/packaging/util/gpg_spec.rb
 - spec/lib/packaging/util/execution_spec.rb
+- spec/lib/packaging/util/git_tag_spec.rb
+- spec/lib/packaging/util/net_spec.rb
+- spec/lib/packaging/util/ship_spec.rb
+- spec/lib/packaging/util/rake_utils_spec.rb
+- spec/lib/packaging/util/file_spec.rb
 - spec/lib/packaging/util/version_spec.rb
 - spec/lib/packaging/util/misc_spec.rb
-- spec/lib/packaging/util/gpg_spec.rb
-- spec/lib/packaging/retrieve_spec.rb
-- spec/lib/packaging/deb/repo_spec.rb
+- spec/lib/packaging/util/jenkins_spec.rb
+- spec/lib/packaging/deb_spec.rb
 - spec/lib/packaging/tar_spec.rb
-- spec/lib/packaging/gem_spec.rb
-- spec/lib/packaging/paths_spec.rb
-- spec/lib/packaging/config_spec.rb
-- spec/lib/packaging/rpm/repo_spec.rb
-- spec/lib/packaging/sign_spec.rb
 - spec/lib/packaging/repo_spec.rb
-- spec/lib/packaging/deb_spec.rb
+- spec/lib/packaging/artifactory_spec.rb
+- spec/lib/packaging/retrieve_spec.rb
 - spec/lib/packaging_spec.rb