repo-mgr 0.1.1 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: be8fb6163c79ae7f9956b0237f390c4d7764c23ef6f4ffa24c1531a3726187e0
-  data.tar.gz: 60346b9d260718f3a03745b6c90b1fdb80c34ac62458cd999d67a2cadc7b840d
+  metadata.gz: a977e25ed86d9763543cd445087e3d4e94e6ecf830e707ffb8c9dfb9c5d19541
+  data.tar.gz: a7d2ea6036a1d3a4fc3fc2c6f575e7dda9eaa7bc2db1d7bc0b2fe7dcdb459891
 SHA512:
-  metadata.gz: 8af9d6f12205d03e88d28ed848331708a9c6313ea377fd9c9144a2a2f88070de904784cc63659a42b9f3d110775caeeea636d90953927ed645039f135873eaf9
-  data.tar.gz: 4688c21a24223d81a0b7fb1c9694a59e26cc7b125c4466aecf9a3bbc470c74619d6a2aa61f7469c9acc993c9f48ac4267fece461bc9738018bea819f5019214a
+  metadata.gz: 8044c481083ac23582a3d3133dbd225ab874188217766e71d0e82e3a76bf325776ef6241064347ee5fb39df5e63d89acfe7c086f592314062fe1c3a391645ae8
+  data.tar.gz: d58d378485e4a41741360d308652e56b4dc9a3abd4be396840d1131c6daf187fdce3bde7de00eb2242ac0207dfacd912c591783e6fe38eaf91e266f4e77892d0

data/README.md

@@ -9,8 +9,14 @@ Features:
  * Create/update deb/rpm repositories.
  * Add/remove packages to these repositories and automatically sign packages using GPG.
  * Repository metadata/manifest signing using GPG.
+ * Publish to remote via git.
 
-To simplify things, aptly (which, kind of obviously, manages deb repositories) uses "stable" as distribution and "main" as component.
+To simplify things:
+
+ * aptly (which, kind of obviously, manages deb repositories) uses "stable" as distribution and "main" as component.
+ * The git publisher uses the `main` branch for `sync` only.
+
+The requred aptly version is 1.4.0+ which may be installed from [aptly's deb repository](https://www.aptly.info/download/). The version available in Ubuntu 20.04 (1.3.0) doesn't support gpg2.
 
 ## Install
 
@@ -22,20 +28,21 @@ gem install repo-mgr
 rake install
 ```
 
-As repo-mgr is a frontend for other tools, there's dependencies which must be installed separately.
+As repo-mgr is a frontend for other tools, there are dependencies which must be installed separately. It is not compulsory to install all dependencies, only those needed for a particular use case. The purpose for each tool is explained by `check-depends`.
 
-To check which dependencies are required and their status:
+To check which dependencies are required based on use case and their status:
 
 ```bash
 repo-mgr check-depends
-+------------+--------+
-| Binary     | Status |
-+------------+--------+
-| aptly      | ✔      |
-| dpkg-sig   | ✔      |
-| createrepo | ✔      |
-| rpm        | ✔      |
-+------------+--------+
++------------+--------+-----------------------+
+| Binary     | Status | Purpose               |
++------------+--------+-----------------------+
+| aptly      | ✔      | Manage apt repository |
+| dpkg-sig   | ✔      | Sign deb packages     |
+| createrepo | ✔      | Manage rpm repository |
+| rpm        | ✔      | Sign rpm packages     |
+| git        | ✔      | Use git publisher     |
++------------+--------+-----------------------+
 ```
 
 For managing deb repositories:
@@ -48,6 +55,12 @@ For managing rpm repositories:
 
 ```bash
 sudo apt install createrepo rpm
+```
+
+For using the git publisher:
+
+```bash
+sudo apt install git
 ```
 
     n.b `createrepo` is not normally available for Debian and derrivates (including Ubuntu). This tool
@@ -56,6 +69,12 @@ sudo apt install createrepo rpm
 
 You can get our build of createrepo from our [deb repository](https://deb.staker.ltd/).
 
+Pro tip: if the pkg signing fails because gpg can't open the output device, add this to your shell config:
+
+```bash
+export GPG_TTY=$(tty)
+```
+
 ## How to use
 
 ```bash
@@ -65,11 +84,41 @@ repo-mgr help
 # create repo
 ## --path => a local directory where the repository is published - no remote support at the moment
 ## GPGKEYID is expected as log keyid i.e 16 hex chars
-repo-mgr upsert-repo --name foo --type deb --path path/to/foo --keyid GPGKEYID
+## --publisher - is optional i.e you can still manually publish a local repository
+repo-mgr upsert-repo --name foo --type deb --path path/to/foo --keyid GPGKEYID --publisher git
 
 # sign package, add to repository, and update local repo (includes sign repo release manifest)
 # the local repo is exported to the path indicated in upsert-repo
+# the git publisher also commits the changes as the path for upsert-repo is expected to be
+# a git repository
 repo-mgr add-pkg --repo foo --path path/to/bar_0.0.1_amd64.deb
+
+# publish the repository to a remote - for git publisher this means doing git push
+repo-mgr sync --repo foo
+
+# download repo from remote e.g when changing development machines
+# repo-mgr upsert-repo (...) # needed only once if the machine is brand new
+## --url must point to the root of the remote repository
+## i.e where the pool and dists directories can be found for deb repos
+## --keyring is required for deb repositories; it is a file from
+## /usr/share/keyrings - the base path is automatically prepended
+## WARNING: the packages are not signed when imported via this method!
+repo-mgr dl-repo --repo foo --type deb --url https://apt.example.com --keyring foo-keyring.gpg
+
+## --arch must be specified as each rpm repo arch is self-contained
+## the remote repository gpg key must be imported into the user's keyring and trusted
+## prior to starting the import process from remote rpm repo
+repo-mgr dl-repo --repo foo --type rpm --url https://rpm.example.com --arch x86_64
+```
+
+## Migrating from v0.1
+
+The package list is stored into a structure that's prone to lose the list upon re-running `upsert-repo` for `v0.1.x` of this gem. For this reason, the package list data structure has been redesigned within repo-mgr's config file.
+
+So, to migrate from this earlier version, you must run, for every repo:
+
+```bash
+repo-mgr rebuild-pkg-list --repo foo
 ```
 
-You then need to sync the repo to whatever desired target. For the time being, this isn't implemented as the main use case for this tool is publishing into a git repository which is served as GitHub page.
+This rebuilds the data structure in the new config location.

data/lib/repo_mgr/backends/deb.rb

@@ -14,14 +14,7 @@ module RepoMgr
       end
 
       def add_repo(name)
-        return if aptly_repos.include? name
-
-        cmd = "aptly -config=#{@aptly_config_file} repo create #{name}"
-        out, status = Open3.capture2e cmd
-
-        unless status.exitstatus.zero?
-          Tools.error "aptly repo create failed with:\n#{out}"
-        end
+        aptly "repo create #{name}" unless aptly_repos.include? name
 
         repo_config = @config.cfg[:repos][name]
 
@@ -34,6 +27,24 @@ module RepoMgr
         save_aptly_config
       end
 
+      def dl_repo(options)
+        name = options[:repo]
+        url = options[:url]
+        keyring = options[:keyring]
+
+        if keyring.nil?
+          Tools.error 'you must specify a keyring file for deb repo'
+        end
+
+        keyring = "/usr/share/keyrings/#{keyring}"
+
+        aptly "-keyring=#{keyring} mirror create #{name} #{url} stable main"
+        aptly "-keyring=#{keyring} mirror update #{name}", :output
+        aptly "repo import #{name} #{name} Name"
+        aptly "mirror drop #{name}"
+        aptly("repo search #{name}", :return).split.map { |e| "#{e}.deb" }
+      end
+
       def add_pkg(repo, pkg)
         sign_pkg repo, pkg
         repo_add repo, pkg
@@ -45,20 +56,20 @@ module RepoMgr
         repo_publish repo
       end
 
-      def check_sig(pkg, allow_fail = false)
+      def check_sig(pkg, allow_fail: false)
         out, status = Open3.capture2e "dpkg-sig --verify #{pkg}"
 
         return out if status.exitstatus.zero? || allow_fail
 
         Tools.error "unable to check package signature for #{pkg} - "\
-          "dpkg-sig returned:\n#{out}"
+                    "dpkg-sig returned:\n#{out}"
       end
 
       def sign_pkg(repo, pkg)
-        signature = check_sig pkg, true
+        signature = check_sig pkg, allow_fail: true
 
         unless signature[-6, 5] == 'NOSIG'
-          return puts "-- dpkg-sig returned:\n#{signature.first}"
+          return puts "-- dpkg-sig returned:\n#{signature.split.first}"
         end
 
         if @config.cfg[:repos][repo].nil?
@@ -73,6 +84,16 @@ module RepoMgr
         Tools.error "unable to sign #{pkg} - dpkg-sig returned:\n#{out}"
       end
 
+      def rebuild_pkg_list(repo)
+        aptly("-with-packages repo search #{repo}", :return).split.map do |e|
+          "#{e}.deb"
+        end
+      end
+
+      def export(repo)
+        repo_publish repo
+      end
+
       private
 
       def init_aptly_config
@@ -102,8 +123,6 @@ module RepoMgr
           dependencyVerboseResolve: false,
           gpgDisableSign: false,
           gpgDisableVerify: false,
-          # despite the binary being gpg, this must spell gpg2, otherwise aptly
-          # defaults to gpg1 with less than impressive results
           gpgProvider: 'gpg2',
           downloadSourcePackages: false,
           skipLegacyPool: true,
@@ -117,36 +136,30 @@ module RepoMgr
       end
       # rubocop:enable Metrics/MethodLength
 
-      def aptly_repos
-        cmd = "aptly -raw -config=#{@aptly_config_file} repo list"
+      def aptly(cmd, output = nil)
+        cmd = "aptly -config=#{@aptly_config_file} #{cmd}"
         out, status = Open3.capture2e cmd
 
-        unless status.exitstatus.zero?
-          Tools.error "aptly repo list failed with:\n#{out}"
+        Tools.error "#{cmd} failed with:\n#{out}" unless status.exitstatus.zero?
+
+        case output
+        when :output
+          puts out
+        when :return
+          out
         end
+      end
 
-        out.split("\n")
+      def aptly_repos
+        aptly('-raw repo list', :return).split
       end
 
       def aptly_published_repos
-        cmd = "aptly -raw -config=#{@aptly_config_file} publish list"
-        out, status = Open3.capture2e cmd
-
-        unless status.exitstatus.zero?
-          Tools.error "aptly publish list failed with:\n#{out}"
-        end
-
-        out.split("\n")
+        aptly('-raw publish list', :return).split("\n")
       end
 
       def aptly_publish_drop(repo)
-        cmd = "aptly -config=#{@aptly_config_file} publish drop stable "\
-          "filesystem:#{repo}:"
-        out, status = Open3.capture2e cmd
-
-        return if status.exitstatus.zero?
-
-        Tools.error "aptly publish drop failed with:\n#{out}"
+        aptly "publish drop stable filesystem:#{repo}:"
       end
 
       def save_aptly_config
@@ -154,23 +167,12 @@ module RepoMgr
       end
 
       def repo_add(repo, pkg)
-        cmd = "aptly -config=#{@aptly_config_file} repo add #{repo} #{pkg}"
-        out, status = Open3.capture2e cmd
-
-        return if status.exitstatus.zero?
-
-        Tools.error "aptly repo add failed with:\n#{out}"
+        aptly "repo add #{repo} #{pkg}"
       end
 
       def repo_rm(repo, pkg)
         package = File.basename pkg, File.extname(pkg)
-        cmd = "aptly -config=#{@aptly_config_file} repo remove "\
-          "#{repo} #{package}"
-        out, status = Open3.capture2e cmd
-
-        return if status.exitstatus.zero?
-
-        Tools.error "aptly repo remove failed with:\n#{out}"
+        aptly "repo remove #{repo} #{package}"
       end
 
       def repo_publish(repo)
@@ -179,14 +181,8 @@ module RepoMgr
         end
 
         keyid = @config.cfg[:repos][repo][:keyid]
-        cmd = "aptly -config=#{@aptly_config_file} -distribution=stable "\
-          "-gpg-key=#{keyid} publish repo #{repo} filesystem:#{repo}:"
-
-        out, status = Open3.capture2e cmd
-
-        return if status.exitstatus.zero?
-
-        Tools.error "aptly publish repo failed with:\n#{out}"
+        aptly "-distribution=stable -gpg-key=#{keyid} publish repo #{repo} "\
+              "filesystem:#{repo}:"
       end
     end
   end

data/lib/repo_mgr/backends/rpm.rb

@@ -1,7 +1,12 @@
 # frozen_string_literal: false
 
+require 'zlib'
 require 'open3'
 require 'gpgme'
+require 'digest'
+require 'faraday'
+require 'nokogiri'
+require 'stringio'
 require 'fileutils'
 
 module RepoMgr
@@ -27,6 +32,30 @@ module RepoMgr
         sync_repo repo
       end
 
+      def dl_repo(options)
+        name = options[:repo]
+        url = options[:url]
+        arch = options[:arch]
+
+        Tools.error 'you must specify an arch name for rpm repo' if arch.nil?
+
+        tmpdir = "/tmp/#{name}/#{arch}"
+        dest_dir = "#{@config.cfg_dir}/rpms/#{name}/#{arch}"
+        make_dirs tmpdir, dest_dir
+
+        repomd = dl_repomd url, arch, tmpdir
+        pkgs = dl_primary url, arch, tmpdir, repomd
+
+        pkgs.each do |hash, file|
+          dl_pkg hash, url, arch, file, tmpdir
+          copy_pkg "#{tmpdir}/#{file}", dest_dir
+        end
+
+        sync_repo name
+
+        pkgs.values
+      end
+
       def remove_pkg(repo, pkg)
         name = File.basename pkg
         arch = extract_arch pkg
@@ -43,7 +72,7 @@ module RepoMgr
         return out if status.exitstatus.zero?
 
         Tools.error "unable to check package signature for #{pkg} - "\
-          "rpm -K returned:\n#{out}"
+                    "rpm -K returned:\n#{out}"
       end
 
       def sign_pkg(repo, pkg)
@@ -69,6 +98,16 @@ module RepoMgr
         Tools.error "unable to sign #{pkg} - rpm --addsign returned:\n#{out}"
       end
 
+      def rebuild_pkg_list(repo)
+        Dir["#{@config.cfg_dir}/rpms/#{repo}/**/*.rpm"].map do |e|
+          File.basename e
+        end
+      end
+
+      def export(repo)
+        sync_repo repo
+      end
+
       private
 
       def extract_arch(pkg)
@@ -104,7 +143,7 @@ module RepoMgr
         return if status.exitstatus.zero?
 
         Tools.error "unable to create repo for #{arch} - createrepo "\
-          "returned:\n#{out}"
+                    "returned:\n#{out}"
       end
 
       def sign_repo(repo)
@@ -121,6 +160,83 @@ module RepoMgr
 
         File.write 'repomd.xml.asc', signature
       end
+
+      def faraday_dl(url, tmpdir, file = File.basename(url))
+        puts "-- Download #{file}"
+        File.write "#{tmpdir}/#{file}", Faraday.get(url).body
+      end
+
+      def dl_repomd(url, arch, tmpdir)
+        faraday_dl "#{url}/#{arch}/repodata/repomd.xml", tmpdir
+        faraday_dl "#{url}/#{arch}/repodata/repomd.xml.asc", tmpdir
+
+        valid = false
+        crypto = GPGME::Crypto.new armor: true
+        sig = GPGME::Data.new File.read "#{tmpdir}/repomd.xml.asc"
+        data = File.read "#{tmpdir}/repomd.xml"
+        crypto.verify(sig, signed_text: data) do |sign|
+          valid = sign.valid?
+        end
+
+        unless valid == true
+          Tools.error "unable to check signature for #{tmpdir}/repomd.xml"
+        end
+
+        Nokogiri::XML data
+      end
+
+      def extract_pkgs(primary)
+        pkgs = {}
+
+        primary.css('package').each do |pkg|
+          pkg_hash = pkg.at('checksum[type=sha256]').text
+          pkgs[pkg_hash] = pkg.at('location')['href']
+        end
+
+        pkgs
+      end
+
+      def dl_primary(url, arch, tmpdir, repomd)
+        hash = repomd.at('data[type=primary]').at('checksum').text
+        primary = "#{url}/#{arch}/repodata/#{hash}-primary.xml.gz"
+
+        faraday_dl primary, tmpdir, 'primary.xml.gz'
+
+        primary_xml_gz = "#{tmpdir}/primary.xml.gz"
+        fl_hash = Digest::SHA256.hexdigest(File.read(primary_xml_gz))
+
+        unless fl_hash == hash
+          Tools.error "failed hash check for #{tmpdir}/primary.xml.gz"
+        end
+
+        primary_xml_gz = File.read("#{tmpdir}/primary.xml.gz")
+        primary = Zlib::GzipReader.new(StringIO.new(primary_xml_gz)).read
+        File.write("#{tmpdir}/primary.xml", primary)
+
+        extract_pkgs Nokogiri::XML(primary)
+      end
+
+      def dl_pkg(hash, url, arch, file, tmpdir)
+        unless File.exist? "#{tmpdir}/#{file}"
+          faraday_dl "#{url}/#{arch}/#{file}", tmpdir
+        end
+
+        fl_hash = Digest::SHA256.hexdigest(File.read("#{tmpdir}/#{file}"))
+
+        return if fl_hash == hash
+
+        Tools.error "failed hash check for #{tmpdir}/#{file}"
+      end
+
+      def copy_pkg(file, destdir)
+        puts "-- Copy to repo-mgr #{File.basename(file)}"
+        FileUtils.cp file, destdir
+      end
+
+      def make_dirs(tmpdir, dest_dir)
+        FileUtils.mkdir_p tmpdir
+        FileUtils.mkdir_p dest_dir
+      end
     end
   end
 end

data/lib/repo_mgr/cli.rb

@@ -8,6 +8,7 @@ require 'terminal-table'
 require_relative 'tools'
 require_relative 'config'
 require_relative 'backends'
+require_relative 'publishers'
 
 module RepoMgr
   # implements CLI interface
@@ -20,20 +21,27 @@ module RepoMgr
       %w[deb rpm]
     end
 
+    def self.publishers
+      %w[git]
+    end
+
     desc 'check-depends', 'Check dependencies'
 
     def check_depends
       rows = []
-
-      %w[aptly dpkg-sig createrepo rpm].each do |bin_dep|
-        rows << if Tools.which bin_dep
-                  [bin_dep, '✔'.green]
-                else
-                  [bin_dep, '✘'.red]
-                end
+      deps = {
+        'aptly' => 'Manage apt repository',
+        'dpkg-sig' => 'Sign deb packages',
+        'createrepo' => 'Manage rpm repository',
+        'rpm' => 'Sign rpm packages',
+        'git' => 'Use git publisher'
+      }
+
+      deps.each do |bin_dep, purpose|
+        rows << which_depends(bin_dep, purpose)
       end
 
-      puts Terminal::Table.new headings: %w[Binary Status], rows: rows
+      puts Terminal::Table.new headings: %w[Binary Status Purpose], rows: rows
     end
 
     desc 'upsert-repo', 'Create/Update new repository'
@@ -45,13 +53,14 @@ module RepoMgr
                   desc: 'Directory path where to build the repository'
     option :keyid, type: :string, required: true, aliases: %w[-k],
                    desc: 'GPG key id used to sign the repository metadata'
+    option :publisher, type: :string, aliases: %w[-r], enum: publishers,
+                       desc: 'Publisher used to sync repo data to remote target'
 
     def upsert_repo
       FileUtils.mkdir_p options[:path]
 
       config = Config.new
-      config.upsert_repo options[:name], options[:type], options[:path],
-                         options[:keyid]
+      config.upsert_repo options
 
       backend = Backends.load options[:type], config
       backend.add_repo options[:name]
@@ -66,12 +75,36 @@ module RepoMgr
       config = Config.new
 
       config.cfg[:repos].each do |name, repo|
-        rows << [name, repo[:type], repo[:path], repo[:keyid]]
+        rows << [name, repo[:type], repo[:path], repo[:keyid], repo[:publisher]]
       end
 
       return puts '-- No repos have been created' if rows.count.zero?
 
-      puts Terminal::Table.new headings: %w[Name Type Path KeyID], rows: rows
+      puts Terminal::Table.new(
+        headings: %w[Name Type Path KeyID Publisher], rows: rows
+      )
+    end
+
+    desc 'dl-repo', 'Download repository from remote endpoint'
+    option :repo, type: :string, required: true, aliases: %w[-r],
+                  desc: 'The repository to download packages into'
+    option :type, type: :string, required: true, aliases: %w[-t],
+                  enum: types, desc: 'Repository type'
+    option :url, type: :string, required: true, aliases: %w[-u],
+                 desc: 'The URL for the remote repository'
+    option :keyring, type: :string, aliases: %w[-k],
+                     desc: 'Name of keyring file if required to auth repository'
+    option :arch, type: :string, aliases: %w[-a],
+                  desc: 'Pkg arch if multiple arch are supported by repo'
+
+    def dl_repo
+      backend, config = load_backend options[:type]
+
+      pkgs = backend.dl_repo options
+
+      pkgs.each do |pkg|
+        config.add_pkg options[:repo], pkg
+      end
     end
 
     desc 'add-pkg', 'Add package to repository'
@@ -85,8 +118,14 @@ module RepoMgr
       backend.add_pkg options[:repo], options[:path]
       config.add_pkg options[:repo], options[:path]
 
+      pub_type = config.cfg[:repos][options[:repo]][:publisher]
+      if pub_type
+        publisher = Publishers.load pub_type, config
+        publisher.save options[:repo], options[:path]
+      end
+
       puts "-- Added #{File.basename(options[:path])} to "\
-        "#{options[:repo]} repository"
+           "#{options[:repo]} repository"
     end
 
     desc 'list-pkgs', 'List repository packages'
@@ -94,7 +133,7 @@ module RepoMgr
                   desc: 'The repository to list the packages from'
 
     def list_pkgs
-      packages = Config.new.cfg[:repos][options[:repo]][:packages]
+      packages = Config.new.cfg[:packages][options[:repo]]
 
       if packages.nil?
         Tools.error "#{options[:repo]} repo does not have any packages"
@@ -118,7 +157,7 @@ module RepoMgr
       config.remove_pkg options[:repo], options[:path]
 
       puts "-- Removed #{File.basename(options[:path])} from "\
-        "#{options[:repo]} repository"
+           "#{options[:repo]} repository"
     end
 
     desc 'check-sig', 'Check package signature'
@@ -130,10 +169,61 @@ module RepoMgr
       puts backend.check_sig options[:path]
     end
 
+    desc 'rebuild-pkg-list', 'Rebuild package list from local pkg cache'
+    option :repo, type: :string, required: true, aliases: %w[-r],
+                  desc: 'The repository to rebuild pkg list for'
+    def rebuild_pkg_list
+      config = Config.new
+      backend = Backends.load config.cfg[:repos][options[:repo]][:type], config
+      pkgs = backend.rebuild_pkg_list options[:repo]
+
+      pkgs.each do |pkg|
+        config.add_pkg options[:repo], pkg
+      end
+
+      puts "-- Rebuilt #{options[:repo]} repo pkg list"
+    end
+
+    desc 'sync', 'Sync local repo to remote target using repo publisher'
+    option :repo, type: :string, required: true, aliases: %w[-r],
+                  desc: 'The repository to sync to remote target via publisher'
+    def sync
+      config = Config.new
+      pub_type = config.cfg[:repos][options[:repo]][:publisher]
+
+      unless pub_type
+        Tools.error "#{options[:repo]} repo does not have a publisher"
+      end
+
+      publisher = Publishers.load pub_type, config
+      publisher.sync options[:repo]
+
+      puts "-- Synchronised #{options[:repo]} using #{pub_type} publisher"
+    end
+
+    desc 'export', 'Export packages and metadata as local repository'
+    option :repo, type: :string, required: true, aliases: %w[-r],
+                  desc: 'The repository to export'
+    def export
+      config = Config.new
+      backend = Backends.load config.cfg[:repos][options[:repo]][:type], config
+
+      backend.export options[:repo]
+
+      puts "-- Exported #{options[:repo]} repo"
+    end
+
     private
 
+    def which_depends(bin_dep, purpose)
+      return [bin_dep, '✔'.green, purpose] if Tools.which bin_dep
+
+      [bin_dep, '✘'.red, purpose]
+    end
+
     def load_backend(path)
       type = File.extname(path).strip.downcase[1..-1]
+      type = path if type.nil?
 
       unless CLI.types.include? type
         Tools.error "unsupported package type #{type}"

data/lib/repo_mgr/config.rb

@@ -15,7 +15,9 @@ module RepoMgr
       FileUtils.mkdir_p @cfg_dir
 
       @cfg_file = "#{@cfg_dir}/repo-mgr.yml"
-      File.write @cfg_file, { repos: {} }.to_yaml unless File.exist? @cfg_file
+      unless File.exist? @cfg_file
+        File.write @cfg_file, { repos: {}, packages: {} }.to_yaml
+      end
 
       @cfg = YAML.load_file @cfg_file
     end
@@ -24,17 +26,24 @@ module RepoMgr
       File.write @cfg_file, @cfg.to_yaml
     end
 
-    def upsert_repo(name, type, path, keyid)
+    def upsert_repo(options)
+      name = options[:name]
+      type = options[:type]
+
       if @cfg[:repos][name] && @cfg[:repos][name][:type] != type
         Tools.error "unable to change type for #{name} repository"
       end
 
       @cfg[:repos][name] = {
         type: type,
-        path: path,
-        keyid: keyid
+        path: options[:path],
+        keyid: options[:keyid]
       }
 
+      if options[:publisher]
+        @cfg[:repos][name][:publisher] = options[:publisher]
+      end
+
       save
     end
 
@@ -43,14 +52,15 @@ module RepoMgr
         Tools.error "unable to add packages to #{repo} - repo does not exist"
       end
 
-      @cfg[:repos][repo][:packages] ||= []
+      @cfg[:packages] ||= {}
+      @cfg[:packages][repo] ||= []
       pkg = File.basename path
 
-      if @cfg[:repos][repo][:packages].include?(pkg)
+      if @cfg[:packages][repo].include?(pkg)
         Tools.error "you already have #{pkg} in your #{repo} repo"
       end
 
-      @cfg[:repos][repo][:packages] << pkg
+      @cfg[:packages][repo] << pkg
 
       save
     end
@@ -58,12 +68,13 @@ module RepoMgr
     def remove_pkg(repo, path)
       if @cfg[:repos][repo].nil?
         Tools.error "unable to remove packages from #{repo} "\
-          '- repo does not exist'
+                    '- repo does not exist'
       end
 
-      @cfg[:repos][repo][:packages] ||= []
+      @cfg[:packages] ||= {}
+      @cfg[:packages][repo] ||= []
       pkg = File.basename path
-      @cfg[:repos][repo][:packages].delete pkg
+      @cfg[:packages][repo].delete pkg
 
       save
     end

data/lib/repo_mgr/publishers/git.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: false
+
+require 'git'
+
+module RepoMgr
+  module Publisher
+    # git publisher
+    class Git
+      def initialize(config)
+        @config = config
+      end
+
+      # method invoked when the local deb/rpm repository is built
+      # for git, this requires a commit into the target git repository
+      # which is the target for deb/rpm repository export
+      def save(repo, pkg)
+        git = ::Git.open @config.cfg[:repos][repo][:path]
+        git.add(all: true)
+        git.commit "Add #{File.basename(pkg)}."
+      end
+
+      # method invoked when the local deb/rpm repository is published
+      # for git, this is pushing to a remote
+      def sync(repo)
+        git = ::Git.open @config.cfg[:repos][repo][:path]
+        git.push(git.remote('origin'), 'main')
+      end
+    end
+  end
+end

data/lib/repo_mgr/publishers.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: false
+
+require_relative 'publishers/git'
+
+module RepoMgr
+  # factory loader for RepoMgr::Publisher::Foo objects
+  class Publishers
+    def self.load(publisher, config)
+      @obj ||= {}
+
+      @obj[publisher] ||= Object.const_get(
+        "RepoMgr::Publisher::#{publisher.capitalize}"
+      ).new(config)
+
+      @obj[publisher]
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: repo-mgr
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.3.0
 platform: ruby
 authors:
 - Ștefan Rusu
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-04-17 00:00:00.000000000 Z
+date: 2022-03-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colored
@@ -24,6 +24,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.2'
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.9.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.9.3
+- !ruby/object:Gem::Dependency
+  name: git
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.8.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.8.1
 - !ruby/object:Gem::Dependency
   name: gpgme
   requirement: !ruby/object:Gem::Requirement
@@ -38,6 +66,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.13.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.13.3
 - !ruby/object:Gem::Dependency
   name: terminal-table
   requirement: !ruby/object:Gem::Requirement
@@ -67,7 +109,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1.1'
 - !ruby/object:Gem::Dependency
-  name: jeweler
+  name: juwelier
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -140,6 +182,8 @@ files:
 - lib/repo_mgr/backends/rpm.rb
 - lib/repo_mgr/cli.rb
 - lib/repo_mgr/config.rb
+- lib/repo_mgr/publishers.rb
+- lib/repo_mgr/publishers/git.rb
 - lib/repo_mgr/tools.rb
 homepage: https://github.com/mr-staker/repo-mgr
 licenses:
@@ -160,7 +204,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.2.32
 signing_key: 
 specification_version: 4
 summary: deb and rpm repository manager