loading up the forgejo repo on tangled to test page performance
Add signature support for the RPM module (#4780)
This pull request comes from https://github.com/go-gitea/gitea/pull/27069.
If the rpm package does not contain a matching gpg signature, the installation will fail. See ([gitea/gitea#27031](https://github.com/go-gitea/gitea/issues/27031)) , now auto-signing all new rpm uploads.
This option is turned off by default for compatibility.
<!--start release-notes-assistant-->
## Draft release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
- [PR](https://codeberg.org/forgejo/forgejo/pulls/4780): <!--number 4780 --><!--line 0 --><!--description QWRkIHNpZ25hdHVyZSBzdXBwb3J0IGZvciB0aGUgUlBNIG1vZHVsZQ==-->Add signature support for the RPM module<!--description-->
<!--end release-notes-assistant-->
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4780
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
Co-committed-by: Exploding Dragon <explodingfkl@gmail.com>
authored by
Exploding Dragon
Exploding Dragon
and committed by
Earl Warren
471265c4
35ea7457
+107
-40
+2
custom/conf/app.example.ini
+2
custom/conf/app.example.ini
···
2603
2603
;LIMIT_SIZE_SWIFT = -1
2604
2604
;; Maximum size of a Vagrant upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`)
2605
2605
;LIMIT_SIZE_VAGRANT = -1
2606
+
;; Enable RPM re-signing by default. (It will overwrite the old signature ,using v4 format, not compatible with CentOS 6 or older)
2607
+
;DEFAULT_RPM_SIGN_ENABLED = false
2606
2608
2607
2609
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
2608
2610
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+3
-3
go.mod
+3
-3
go.mod
···
90
90
github.com/redis/go-redis/v9 v9.5.2
91
91
github.com/robfig/cron/v3 v3.0.1
92
92
github.com/santhosh-tekuri/jsonschema/v6 v6.0.1
93
-
github.com/sassoftware/go-rpmutils v0.2.1-0.20240124161140-277b154961dd
93
+
github.com/sassoftware/go-rpmutils v0.4.0
94
94
github.com/sergi/go-diff v1.3.1
95
95
github.com/shurcooL/vfsgen v0.0.0-20230704071429-0000e147ea92
96
96
github.com/stretchr/testify v1.9.0
97
97
github.com/syndtr/goleveldb v1.0.0
98
-
github.com/ulikunitz/xz v0.5.11
98
+
github.com/ulikunitz/xz v0.5.12
99
99
github.com/urfave/cli/v2 v2.27.2
100
100
github.com/valyala/fastjson v1.6.4
101
101
github.com/xanzy/go-gitlab v0.96.0
···
163
163
github.com/caddyserver/zerossl v0.1.2 // indirect
164
164
github.com/cention-sany/utf7 v0.0.0-20170124080048-26cad61bd60a // indirect
165
165
github.com/cespare/xxhash/v2 v2.3.0 // indirect
166
-
github.com/cloudflare/circl v1.3.7 // indirect
166
+
github.com/cloudflare/circl v1.3.8 // indirect
167
167
github.com/couchbase/go-couchbase v0.1.1 // indirect
168
168
github.com/couchbase/gomemcached v0.3.0 // indirect
169
169
github.com/couchbase/goutils v0.1.2 // indirect
+6
-14
go.sum
+6
-14
go.sum
···
47
47
github.com/ClickHouse/ch-go v0.61.5/go.mod h1:s1LJW/F/LcFs5HJnuogFMta50kKDO0lf9zzfrbl0RQg=
48
48
github.com/ClickHouse/clickhouse-go/v2 v2.26.0 h1:j4/y6NYaCcFkJwN/TU700ebW+nmsIy34RmUAAcZKy9w=
49
49
github.com/ClickHouse/clickhouse-go/v2 v2.26.0/go.mod h1:iDTViXk2Fgvf1jn2dbJd1ys+fBkdD1UMRnXlwmhijhQ=
50
-
github.com/DataDog/zstd v1.4.5/go.mod h1:1jcaCB/ufaK+sKp1NBhlGmpz41jOoPQ35bpF36t7BBo=
51
50
github.com/DataDog/zstd v1.5.5 h1:oWf5W7GtOLgp6bciQYDmhHHjdhYkALu6S/5Ni9ZgSvQ=
52
51
github.com/DataDog/zstd v1.5.5/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwSAmyw=
53
52
github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=
···
163
162
github.com/chzyer/readline v1.5.1/go.mod h1:Eh+b79XXUwfKfcPLepksvw2tcLE/Ct21YObkaSkeBlk=
164
163
github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38GC8=
165
164
github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
166
-
github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU=
167
-
github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA=
165
+
github.com/cloudflare/circl v1.3.8 h1:j+V8jJt09PoeMFIu2uh5JUyEaIHTXVOHslFoLNAKqwI=
166
+
github.com/cloudflare/circl v1.3.8/go.mod h1:PDRU+oXvdD7KCtgKxW95M5Z8BpSCJXQORiZFnBQS5QU=
168
167
github.com/couchbase/go-couchbase v0.1.1 h1:ClFXELcKj/ojyoTYbsY34QUrrYCBi/1G749sXSCkdhk=
169
168
github.com/couchbase/go-couchbase v0.1.1/go.mod h1:+/bddYDxXsf9qt0xpDUtRR47A2GjaXmGGAqQ/k3GJ8A=
170
169
github.com/couchbase/gomemcached v0.3.0 h1:XkMDdP6w7rtvLijDE0/RhcccX+XvAk5cboyBv1YcI0U=
···
462
461
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
463
462
github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
464
463
github.com/klauspost/compress v1.11.4/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
465
-
github.com/klauspost/compress v1.11.7/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
466
464
github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
467
465
github.com/klauspost/compress v1.15.0/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
468
466
github.com/klauspost/compress v1.15.6/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU=
···
634
632
github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ=
635
633
github.com/santhosh-tekuri/jsonschema/v6 v6.0.1 h1:PKK9DyHxif4LZo+uQSgXNqs0jj5+xZwwfKHgph2lxBw=
636
634
github.com/santhosh-tekuri/jsonschema/v6 v6.0.1/go.mod h1:JXeL+ps8p7/KNMjDQk3TCwPpBy0wYklyWTfbkIzdIFU=
637
-
github.com/sassoftware/go-rpmutils v0.2.1-0.20240124161140-277b154961dd h1:KpbqRPDwcAQTyaP+L+YudTRb3CnJlQ64Hfn1SF/zHBA=
638
-
github.com/sassoftware/go-rpmutils v0.2.1-0.20240124161140-277b154961dd/go.mod h1:TJJQYtLe/BeEmEjelI3b7xNZjzAukEkeWKmoakvaOoI=
635
+
github.com/sassoftware/go-rpmutils v0.4.0 h1:ojND82NYBxgwrV+mX1CWsd5QJvvEZTKddtCdFLPWhpg=
636
+
github.com/sassoftware/go-rpmutils v0.4.0/go.mod h1:3goNWi7PGAT3/dlql2lv3+MSN5jNYPjT5mVcQcIsYzI=
639
637
github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys=
640
638
github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs=
641
639
github.com/serenize/snaker v0.0.0-20171204205717-a683aaf2d516/go.mod h1:Yow6lPLSAXx2ifx470yD/nUe22Dv5vBvxK/UK9UUTVs=
···
700
698
github.com/toqueteos/webbrowser v1.2.0/go.mod h1:XWoZq4cyp9WeUeak7w7LXRUQf1F1ATJMir8RTqb4ayM=
701
699
github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
702
700
github.com/ulikunitz/xz v0.5.9/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
703
-
github.com/ulikunitz/xz v0.5.11 h1:kpFauv27b6ynzBNT/Xy+1k+fK4WswhN/6PN5WhFAGw8=
704
-
github.com/ulikunitz/xz v0.5.11/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
701
+
github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc=
702
+
github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
705
703
github.com/unknwon/com v0.0.0-20190804042917-757f69c95f3e/go.mod h1:tOOxU81rwgoCLoOVVPHb6T/wt8HZygqH5id+GNnlCXM=
706
704
github.com/unknwon/com v1.0.1 h1:3d1LTxD+Lnf3soQiD4Cp/0BRB+Rsa/+RTvz8GMMzIXs=
707
705
github.com/unknwon/com v1.0.1/go.mod h1:tOOxU81rwgoCLoOVVPHb6T/wt8HZygqH5id+GNnlCXM=
···
760
758
go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
761
759
go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
762
760
go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
763
-
go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
764
761
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
765
762
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
766
763
go.uber.org/mock v0.4.0 h1:VcM4ZOtdbR4f6VXfiOpwpVJDL6lCReaZ6mw31wqh7KU=
···
773
770
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
774
771
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
775
772
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
776
-
golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
777
773
golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
778
774
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
779
775
golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
···
789
785
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08=
790
786
golang.org/x/image v0.18.0 h1:jGzIakQa/ZXI1I0Fxvaa9W7yP25TqT6cHIHn+6CqvSQ=
791
787
golang.org/x/image v0.18.0/go.mod h1:4yyo5vMFQjVjUcVk4jEQcU9MGy/rulF5WvUILseCM2E=
792
-
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
793
788
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
794
789
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
795
790
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
···
863
858
golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
864
859
golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
865
860
golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
866
-
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
867
861
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
868
862
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
869
863
golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
···
892
886
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
893
887
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
894
888
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
895
-
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
896
889
golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
897
890
golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
898
-
golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
899
891
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
900
892
golang.org/x/tools v0.0.0-20200325010219-a49f79bcc224/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
901
893
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
+25
-23
modules/setting/packages.go
+25
-23
modules/setting/packages.go
···
21
21
ChunkedUploadPath string
22
22
RegistryHost string
23
23
24
-
LimitTotalOwnerCount int64
25
-
LimitTotalOwnerSize int64
26
-
LimitSizeAlpine int64
27
-
LimitSizeCargo int64
28
-
LimitSizeChef int64
29
-
LimitSizeComposer int64
30
-
LimitSizeConan int64
31
-
LimitSizeConda int64
32
-
LimitSizeContainer int64
33
-
LimitSizeCran int64
34
-
LimitSizeDebian int64
35
-
LimitSizeGeneric int64
36
-
LimitSizeGo int64
37
-
LimitSizeHelm int64
38
-
LimitSizeMaven int64
39
-
LimitSizeNpm int64
40
-
LimitSizeNuGet int64
41
-
LimitSizePub int64
42
-
LimitSizePyPI int64
43
-
LimitSizeRpm int64
44
-
LimitSizeRubyGems int64
45
-
LimitSizeSwift int64
46
-
LimitSizeVagrant int64
24
+
LimitTotalOwnerCount int64
25
+
LimitTotalOwnerSize int64
26
+
LimitSizeAlpine int64
27
+
LimitSizeCargo int64
28
+
LimitSizeChef int64
29
+
LimitSizeComposer int64
30
+
LimitSizeConan int64
31
+
LimitSizeConda int64
32
+
LimitSizeContainer int64
33
+
LimitSizeCran int64
34
+
LimitSizeDebian int64
35
+
LimitSizeGeneric int64
36
+
LimitSizeGo int64
37
+
LimitSizeHelm int64
38
+
LimitSizeMaven int64
39
+
LimitSizeNpm int64
40
+
LimitSizeNuGet int64
41
+
LimitSizePub int64
42
+
LimitSizePyPI int64
43
+
LimitSizeRpm int64
44
+
LimitSizeRubyGems int64
45
+
LimitSizeSwift int64
46
+
LimitSizeVagrant int64
47
+
DefaultRPMSignEnabled bool
47
48
}{
48
49
Enabled: true,
49
50
LimitTotalOwnerCount: -1,
···
102
103
Packages.LimitSizeRubyGems = mustBytes(sec, "LIMIT_SIZE_RUBYGEMS")
103
104
Packages.LimitSizeSwift = mustBytes(sec, "LIMIT_SIZE_SWIFT")
104
105
Packages.LimitSizeVagrant = mustBytes(sec, "LIMIT_SIZE_VAGRANT")
106
+
Packages.DefaultRPMSignEnabled = sec.Key("DEFAULT_RPM_SIGN_ENABLED").MustBool(false)
105
107
return nil
106
108
}
107
109
+14
routers/api/packages/rpm/rpm.go
+14
routers/api/packages/rpm/rpm.go
···
132
132
return
133
133
}
134
134
defer buf.Close()
135
+
// if rpm sign enabled
136
+
if setting.Packages.DefaultRPMSignEnabled || ctx.FormBool("sign") {
137
+
pri, _, err := rpm_service.GetOrCreateKeyPair(ctx, ctx.Package.Owner.ID)
138
+
if err != nil {
139
+
apiError(ctx, http.StatusInternalServerError, err)
140
+
return
141
+
}
142
+
buf, err = rpm_service.NewSignedRPMBuffer(buf, pri)
143
+
if err != nil {
144
+
// Not in rpm format, parsing failed.
145
+
apiError(ctx, http.StatusBadRequest, err)
146
+
return
147
+
}
148
+
}
135
149
136
150
pck, err := rpm_module.ParsePackage(buf)
137
151
if err != nil {
+32
services/packages/rpm/repository.go
+32
services/packages/rpm/repository.go
···
21
21
rpm_model "code.gitea.io/gitea/models/packages/rpm"
22
22
user_model "code.gitea.io/gitea/models/user"
23
23
"code.gitea.io/gitea/modules/json"
24
+
"code.gitea.io/gitea/modules/log"
24
25
packages_module "code.gitea.io/gitea/modules/packages"
25
26
rpm_module "code.gitea.io/gitea/modules/packages/rpm"
26
27
"code.gitea.io/gitea/modules/util"
···
29
30
"github.com/ProtonMail/go-crypto/openpgp"
30
31
"github.com/ProtonMail/go-crypto/openpgp/armor"
31
32
"github.com/ProtonMail/go-crypto/openpgp/packet"
33
+
"github.com/sassoftware/go-rpmutils"
32
34
)
33
35
34
36
// GetOrCreateRepositoryVersion gets or creates the internal repository package
···
641
643
OpenSize: wc.Written(),
642
644
}, nil
643
645
}
646
+
647
+
func NewSignedRPMBuffer(rpm *packages_module.HashedBuffer, privateKey string) (*packages_module.HashedBuffer, error) {
648
+
keyring, err := openpgp.ReadArmoredKeyRing(bytes.NewReader([]byte(privateKey)))
649
+
if err != nil {
650
+
// failed to parse key
651
+
return nil, err
652
+
}
653
+
entity := keyring[0]
654
+
h, err := rpmutils.SignRpmStream(rpm, entity.PrivateKey, nil)
655
+
if err != nil {
656
+
// error signing rpm
657
+
return nil, err
658
+
}
659
+
signBlob, err := h.DumpSignatureHeader(false)
660
+
if err != nil {
661
+
// error writing sig header
662
+
return nil, err
663
+
}
664
+
if len(signBlob)%8 != 0 {
665
+
log.Info("incorrect padding: got %d bytes, expected a multiple of 8", len(signBlob))
666
+
return nil, err
667
+
}
668
+
669
+
// move fp to sign end
670
+
if _, err := rpm.Seek(int64(h.OriginalSignatureHeaderSize()), io.SeekStart); err != nil {
671
+
return nil, err
672
+
}
673
+
// create signed rpm buf
674
+
return packages_module.CreateHashedBufferFromReader(io.MultiReader(bytes.NewReader(signBlob), rpm))
675
+
}
+25
tests/integration/api_packages_rpm_test.go
+25
tests/integration/api_packages_rpm_test.go
···
24
24
"code.gitea.io/gitea/modules/util"
25
25
"code.gitea.io/gitea/tests"
26
26
27
+
"github.com/ProtonMail/go-crypto/openpgp"
28
+
"github.com/sassoftware/go-rpmutils"
27
29
"github.com/stretchr/testify/assert"
28
30
"github.com/stretchr/testify/require"
29
31
)
···
431
433
req = NewRequest(t, "DELETE", fmt.Sprintf("%s/package/%s/%s/%s", groupURL, packageName, packageVersion, packageArchitecture)).
432
434
AddBasicAuth(user.Name)
433
435
MakeRequest(t, req, http.StatusNotFound)
436
+
})
437
+
438
+
t.Run("UploadSign", func(t *testing.T) {
439
+
url := groupURL + "/upload?sign=true"
440
+
req := NewRequestWithBody(t, "PUT", url, bytes.NewReader(content)).
441
+
AddBasicAuth(user.Name)
442
+
MakeRequest(t, req, http.StatusCreated)
443
+
444
+
gpgReq := NewRequest(t, "GET", rootURL+"/repository.key")
445
+
gpgResp := MakeRequest(t, gpgReq, http.StatusOK)
446
+
pub, err := openpgp.ReadArmoredKeyRing(gpgResp.Body)
447
+
require.NoError(t, err)
448
+
449
+
req = NewRequest(t, "GET", fmt.Sprintf("%s/package/%s/%s/%s", groupURL, packageName, packageVersion, packageArchitecture))
450
+
resp := MakeRequest(t, req, http.StatusOK)
451
+
452
+
_, sigs, err := rpmutils.Verify(resp.Body, pub)
453
+
require.NoError(t, err)
454
+
require.NotEmpty(t, sigs)
455
+
456
+
req = NewRequest(t, "DELETE", fmt.Sprintf("%s/package/%s/%s/%s", groupURL, packageName, packageVersion, packageArchitecture)).
457
+
AddBasicAuth(user.Name)
458
+
MakeRequest(t, req, http.StatusNoContent)
434
459
})
435
460
})
436
461
}