-
Notifications
You must be signed in to change notification settings - Fork 124
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for Rpm Package signing #3425
Merged
+952
−36
Merged
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Added (tech preview) support for signing RPM packages when uploading to a Repository. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
47 changes: 47 additions & 0 deletions
47
pulp_rpm/app/migrations/0062_rpmpackagesigningservice_and_more.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
# Generated by Django 4.2.10 on 2024-04-25 16:39 | ||
|
||
from django.db import migrations, models | ||
import django.db.models.deletion | ||
|
||
|
||
class Migration(migrations.Migration): | ||
dependencies = [ | ||
("rpm", "0061_fix_modulemd_defaults_digest"), | ||
] | ||
|
||
operations = [ | ||
migrations.CreateModel( | ||
name="RpmPackageSigningService", | ||
fields=[ | ||
( | ||
"signingservice_ptr", | ||
models.OneToOneField( | ||
auto_created=True, | ||
on_delete=django.db.models.deletion.CASCADE, | ||
parent_link=True, | ||
primary_key=True, | ||
serialize=False, | ||
to="core.signingservice", | ||
), | ||
), | ||
], | ||
options={ | ||
"abstract": False, | ||
}, | ||
bases=("core.signingservice",), | ||
), | ||
migrations.AddField( | ||
model_name="rpmrepository", | ||
name="package_signing_fingerprint", | ||
field=models.TextField(max_length=40, null=True), | ||
), | ||
migrations.AddField( | ||
model_name="rpmrepository", | ||
name="package_signing_service", | ||
field=models.ForeignKey( | ||
null=True, | ||
on_delete=django.db.models.deletion.SET_NULL, | ||
to="rpm.rpmpackagesigningservice", | ||
), | ||
), | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
import tempfile | ||
from pathlib import Path | ||
|
||
from django.conf import settings | ||
from pulpcore.plugin.exceptions import PulpException | ||
from pulpcore.plugin.models import SigningService | ||
from typing import Optional | ||
|
||
from pulp_rpm.app.shared_utils import RpmTool | ||
|
||
|
||
class RpmPackageSigningService(SigningService): | ||
""" | ||
A model used for signing RPM packages. | ||
The pubkey_fingerprint should be passed explicitly in the sign method. | ||
""" | ||
|
||
def _env_variables(self, env_vars=None): | ||
# Prevent the signing service pubkey to be used for signing a package. | ||
# The pubkey should be provided explicitly. | ||
_env_vars = {"PULP_SIGNING_KEY_FINGERPRINT": None} | ||
if env_vars: | ||
_env_vars.update(env_vars) | ||
return super()._env_variables(_env_vars) | ||
|
||
def sign( | ||
self, | ||
filename: str, | ||
env_vars: Optional[dict] = None, | ||
pubkey_fingerprint: Optional[str] = None, | ||
): | ||
""" | ||
Sign a package @filename using @pubkey_figerprint. | ||
Args: | ||
filename: The absolute path to the package to be signed. | ||
env_vars: (optional) Dict of env_vars to be passed to the signing script. | ||
pubkey_fingerprint: The V4 fingerprint that correlates with the private key to use. | ||
""" | ||
if not pubkey_fingerprint: | ||
raise ValueError("A pubkey_fingerprint must be provided.") | ||
_env_vars = env_vars or {} | ||
_env_vars["PULP_SIGNING_KEY_FINGERPRINT"] = pubkey_fingerprint | ||
return super().sign(filename, _env_vars) | ||
|
||
def validate(self): | ||
""" | ||
Validate a signing service for a Rpm Package signature. | ||
Specifically, it validates that self.signing_script can sign an rpm package with | ||
the sample key self.pubkey and that the self.sign() method returns: | ||
```json | ||
{"rpm_package": "<path/to/package.rpm>"} | ||
``` | ||
See [RpmTool.verify_signature][] for the signature verificaton method used. | ||
""" | ||
with tempfile.TemporaryDirectory(dir=settings.WORKING_DIRECTORY) as temp_directory_name: | ||
# get and sign sample rpm | ||
temp_file = RpmTool.get_empty_rpm(temp_directory_name) | ||
return_value = self.sign(temp_file, pubkey_fingerprint=self.pubkey_fingerprint) | ||
try: | ||
return_value["rpm_package"] | ||
except KeyError: | ||
raise PulpException(f"Malformed output from signing script: {return_value}") | ||
|
||
# verify with rpm tool | ||
rpm_tool = RpmTool(root=Path(temp_directory_name)) | ||
rpm_tool.import_pubkey_string(self.public_key) | ||
rpm_tool.verify_signature(temp_file) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm, maybe having this in modes/repository.py or models/signing_service.py will be better?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've followed pulpcore, which defines the base SigningService under content. But I agree,
models/signing_service.py
feels better (and its what pulp_deb does also).