From 8e8232d773a55f9cd997cafc82408a120c31c64a Mon Sep 17 00:00:00 2001 From: Guilherme Caulada Date: Thu, 24 Aug 2023 10:25:59 -0300 Subject: [PATCH] Revert "Cleanup of gpg variables and improved error handling (#128)" This reverts commit 9f95a0c58aea51a70ea28fade036105f1055ce95. --- containers/base_rpm.go | 38 ++++++++++++++------------------------ 1 file changed, 14 insertions(+), 24 deletions(-) diff --git a/containers/base_rpm.go b/containers/base_rpm.go index ff5fef59..a258892e 100644 --- a/containers/base_rpm.go +++ b/containers/base_rpm.go @@ -3,7 +3,6 @@ package containers import ( "encoding/base64" "log" - "time" "dagger.io/dagger" ) @@ -27,38 +26,29 @@ func RPMContainer(d *dagger.Client, opts *GPGOpts) *dagger.Container { if !opts.Sign { return container } - var gpgPublicKeySecret, gpgPrivateKeySecret, gpgPassphraseSecret *dagger.Secret - - if sec, err := base64.StdEncoding.DecodeString(opts.GPGPublicKeyBase64); err == nil { - gpgPublicKeySecret = d.SetSecret("gpg-public-key", string(sec)) - } else { - log.Printf("gpg-public-key-base64 cannot be decoded %s", err.Error()) - } - - if sec, err := base64.StdEncoding.DecodeString(opts.GPGPrivateKeyBase64); err == nil { - gpgPrivateKeySecret = d.SetSecret("gpg-private-key", string(sec)) + var gpgPublicKeyBase64Secret, gpgPrivateKeyBase64Secret *dagger.Secret + if decodedGPGPublicKeyBase64Secret, err := base64.StdEncoding.DecodeString(opts.GPGPublicKeyBase64); err == nil { + gpgPublicKeyBase64Secret = d.SetSecret("gpg-public-key-base64", string(decodedGPGPublicKeyBase64Secret)) } else { - log.Printf("gpg-private-key-base64 cannot be decoded %s", err.Error()) + log.Println("gpg-public-key-base64 cannot be decoded %w", err) } - - if sec, err := base64.StdEncoding.DecodeString(opts.GPGPassphraseBase64); err == nil { - gpgPassphraseSecret = d.SetSecret("gpg-passphrase-base64", string(sec)) + if decodedGPGPrivateKeyBase64Secret, err := base64.StdEncoding.DecodeString(opts.GPGPrivateKeyBase64); err == nil { + gpgPrivateKeyBase64Secret = d.SetSecret("gpg-private-key-base64", string(decodedGPGPrivateKeyBase64Secret)) } else { - log.Printf("gpg-private-key-base64 cannot be decoded %s", err.Error()) + log.Println("gpg-private-key-base64 cannot be decoded %w", err) } - + gpgPassphraseBase64Secret := d.SetSecret("gpg-passphrase-base64", opts.GPGPassphraseBase64) return container. + WithSecretVariable("GPG_PUBLIC_KEY_BASE64", gpgPublicKeyBase64Secret). + WithSecretVariable("GPG_PRIVATE_KEY_BASE64", gpgPrivateKeyBase64Secret). + WithSecretVariable("GPG_PASSPHRASE_BASE64", gpgPassphraseBase64Secret). WithExec([]string{"apt-get", "install", "-yq", "gnupg2"}). WithExec([]string{"mkdir", "-p", "/root/.rpmdb/privkeys"}). WithExec([]string{"mkdir", "-p", "/root/.rpmdb/passkeys"}). WithExec([]string{"mkdir", "-p", "/root/.rpmdb/pubkeys"}). - WithEnvVariable("now", time.Now().String()). - WithSecretVariable("GPG_PUBLIC_KEY", gpgPublicKeySecret). - WithSecretVariable("GPG_PRIVATE_KEY", gpgPrivateKeySecret). - WithSecretVariable("GPG_PASSPHRASE", gpgPassphraseSecret). - WithExec([]string{"/bin/sh", "-c", "echo \"$GPG_PRIVATE_KEY\" > /root/.rpmdb/privkeys/grafana.key"}). - WithExec([]string{"/bin/sh", "-c", "echo \"$GPG_PASSPHRASE\" > /root/.rpmdb/passkeys/grafana.key"}). - WithExec([]string{"/bin/sh", "-c", "echo \"$GPG_PUBLIC_KEY\" > /root/.rpmdb/pubkeys/grafana.key"}). + WithExec([]string{"/bin/sh", "-c", "echo \"$GPG_PRIVATE_KEY_BASE64\" > /root/.rpmdb/privkeys/grafana.key"}). + WithExec([]string{"/bin/sh", "-c", "echo \"$GPG_PASSPHRASE_BASE64\" > /root/.rpmdb/passkeys/grafana.key"}). + WithExec([]string{"/bin/sh", "-c", "echo \"$GPG_PUBLIC_KEY_BASE64\" > /root/.rpmdb/pubkeys/grafana.key"}). WithNewFile("/root/.rpmmacros", dagger.ContainerWithNewFileOpts{ Permissions: 0400, Contents: RPMMacros,