Fix rpm GPG import for ELN

ELN needs to import the current key as well as keys a few releases
back, since it doesn't (currently) re-sign at Fedora branching.

Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
This commit is contained in:
Stephen Gallagher 2022-01-19 15:07:46 -05:00 committed by sgallagh
parent 379a3025a9
commit fc62a6121f
2 changed files with 13 additions and 1 deletions

View File

@ -68,7 +68,13 @@ echo 'LANG="C.UTF-8"' > /etc/locale.conf
# https://bugzilla.redhat.com/show_bug.cgi?id=1400682
echo "Import RPM GPG key"
releasever=$(rpm --eval '%{fedora}')
releasever=$(rpm --eval '%{?fedora}')
# When building ELN containers, we don't have the %{fedora} macro
if [ -z $releasever ]; then
releasever=eln
fi
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$releasever-primary
echo "# fstab intentionally empty for containers" > /etc/fstab

View File

@ -18,6 +18,12 @@ sudo
%end
%post --erroronfail --log=/root/anaconda-post.log
set -eux
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-33-primary \
/etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-34-primary \
/etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-35-primary
# remove some extraneous files
rm -rf /var/cache/dnf/*
rm -rf /tmp/*