Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verify transaction PGP signatures automatically #607

Merged
merged 5 commits into from
Jun 22, 2023
Merged

Verify transaction PGP signatures automatically #607

merged 5 commits into from
Jun 22, 2023

Conversation

m-blaha
Copy link
Member

@m-blaha m-blaha commented Jun 9, 2023
edited by jan-kolarik
Loading

Currently signatures verification requires to manually call transaction.check_gpg_signatures() API.
This PR removes the API and changes the workflow so that the signature verification is done automatically during the transaction run.

Resolves: #556
Resolves: #574
Resolves: #557

Tests adujstments: rpm-software-management/ci-dnf-stack#1314

@m-blaha m-blaha force-pushed the mblaha/gpg branch 2 times, most recently from 6e0a566 to 612dd9a Compare June 9, 2023 15:05
@m-blaha m-blaha self-assigned this Jun 12, 2023
@m-blaha m-blaha mentioned this pull request Jun 13, 2023
Merged
@m-blaha m-blaha marked this pull request as ready for review June 13, 2023 08:28
@m-blaha
Unify repo key import callbacks
9323201 
For confimation of the repo gpg key import into rpmdb use the callback
from repo::RepoCallbacks class. The callback now gets KeyInfo as a
parameter instead of separate key fields.
Also rpm::KeyInfo and repo::Key classes were unified as they contain the
same information about keys.
@m-blaha
transaction: Run transaction PGP verification automatically
d370881 
Instead of requiring user to run the verification manually, do the
checks during `transaction.run()` call.
@m-blaha
RepoCallbacks: New callback to report successfull key import
1e1030c
@m-blaha
dnfdaemon: Fix repokey_import callback
b008f89 
There was an inconsistency in what key was the user asked to confirm
(short key id) and what the server waits for (full key id).
@m-blaha
dnfdaemon: Unify wording of key import confirmation
c8dc178 
Use the same wording as dnf5 does.
@jan-kolarik jan-kolarik added this pull request to the merge queue Jun 22, 2023
Merged via the queue into main with commit 388bda2 Jun 22, 2023
5 of 6 checks passed
@jan-kolarik jan-kolarik deleted the mblaha/gpg branch June 22, 2023 13:14
mkrizek added a commit to mkrizek/ansible that referenced this pull request Jun 28, 2023
@mkrizek
dnf5: utilize automatic gpg check via transaction.run()
e3ea535 
rpm-software-management/dnf5#607
@mkrizek mkrizek mentioned this pull request Jun 28, 2023
Merged
mkrizek added a commit to ansible/ansible that referenced this pull request Jul 10, 2023
@mkrizek
dnf5: utilize automatic gpg check via transaction.run() (#81144)
c3af71a 
rpm-software-management/dnf5#607
mkrizek added a commit to mkrizek/ansible that referenced this pull request Jul 10, 2023
@mkrizek
dnf5: utilize automatic gpg check via transaction.run() (ansible#81144)
369c66c 
rpm-software-management/dnf5#607
(cherry picked from commit c3af71a)
nitzmahone pushed a commit to ansible/ansible that referenced this pull request Jul 10, 2023
@mkrizek
dnf5: utilize automatic gpg check via transaction.run() (#81144) (#81200
83c9bd8 
)

rpm-software-management/dnf5#607
(cherry picked from commit c3af71a)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jrohel jrohel jrohel left review comments

@jan-kolarik jan-kolarik jan-kolarik approved these changes

Assignees

@m-blaha m-blaha

Labels
None yet
Projects
DNF team
Archived in project
Milestone
No milestone
3 participants
@m-blaha @jrohel @jan-kolarik