[eclipse/packager#7]: Allow adding only MD5 checksums

This change allows specifying a custom provider for signature configurations. By default it will support "default" and "md5-only".
ctron · Nov 25, 2019 · 3973925 · 3973925
1 parent 2716617
commit 3973925
Show file tree

Hide file tree

Showing 11 changed files with 402 additions and 26 deletions.
diff --git a/src/it/test15-default/pom.xml b/src/it/test15-default/pom.xml
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+
+	<groupId>de.dentrassi.maven.rpm.test</groupId>
+	<artifactId>test15-md5-only</artifactId>
+	<version>1.0.0-SNAPSHOT</version>
+	<packaging>jar</packaging>
+
+	<name>Test Package #15</name>
+	<description>
+	Test Default
+	</description>
+
+	<url>http://dentrassi.de</url>
+
+	<organization>
+		<name>Jens Reimann</name>
+		<url>http://dentrassi.de</url>
+	</organization>
+
+	<licenses>
+		<license>
+			<name>Eclipse Public License - v 1.0</name>
+			<distribution>repo</distribution>
+			<url>https://www.eclipse.org/legal/epl-v10.html</url>
+		</license>
+	</licenses>
+
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+		<skipSigning>true</skipSigning>
+		<rpm.skipSigning>true</rpm.skipSigning>
+	</properties>
+
+	<build>
+
+		<plugins>
+			<plugin>
+				<groupId>de.dentrassi.maven</groupId>
+				<artifactId>rpm</artifactId>
+				<version>@project.version@</version>
+				<executions>
+					<execution>
+						<goals>
+							<goal>rpm</goal>
+						</goals>
+						<configuration>
+							<group>Application/Misc</group>
+
+							<forceRelease>false</forceRelease>
+							<version>1.0.0</version>
+							<outputFileName>test15.rpm</outputFileName>
+							<signatureConfiguration>default</signatureConfiguration>
+
+							<signature>
+								<keyId>${keyId}</keyId>
+								<keyringFile>${user.home}/.gnupg/secring.gpg</keyringFile>
+								<passphrase>${passphrase}</passphrase>
+								<hashAlgorithm>SHA1</hashAlgorithm>
+								<skip>${skipSigning}</skip>
+							</signature>
+
+						</configuration>
+					</execution>
+				</executions>
+			</plugin>
+		</plugins>
+	</build>
+
+	<profiles>
+		<profile>
+			<id>sign</id>
+			<activation>
+				<activeByDefault>false</activeByDefault>
+			</activation>
+			<properties>
+				<skipSigning>false</skipSigning>
+			</properties>
+		</profile>
+	</profiles>
+
+</project>
diff --git a/src/it/test15-default/verify.groovy b/src/it/test15-default/verify.groovy
@@ -0,0 +1,11 @@
+def verify ( ) {
+	Process proc = ('rpm -Kv ' + basedir + "/target/test15.rpm").execute()
+	return proc.in.getText().trim()
+}
+
+def result = verify()
+println "Verify: " + result
+
+def m1 = result =~ /MD5 digest\: OK/
+def m2 = result =~ /Header SHA1 digest\: OK/
+return m1.find() && m2.find()
diff --git a/src/it/test15-md5-only/pom.xml b/src/it/test15-md5-only/pom.xml
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+
+	<groupId>de.dentrassi.maven.rpm.test</groupId>
+	<artifactId>test15-md5-only</artifactId>
+	<version>1.0.0-SNAPSHOT</version>
+	<packaging>jar</packaging>
+
+	<name>Test Package #15</name>
+	<description>
+	Test MD5 only
+	</description>
+
+	<url>http://dentrassi.de</url>
+
+	<organization>
+		<name>Jens Reimann</name>
+		<url>http://dentrassi.de</url>
+	</organization>
+
+	<licenses>
+		<license>
+			<name>Eclipse Public License - v 1.0</name>
+			<distribution>repo</distribution>
+			<url>https://www.eclipse.org/legal/epl-v10.html</url>
+		</license>
+	</licenses>
+
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+		<skipSigning>true</skipSigning>
+		<rpm.skipSigning>true</rpm.skipSigning>
+	</properties>
+
+	<build>
+
+		<plugins>
+			<plugin>
+				<groupId>de.dentrassi.maven</groupId>
+				<artifactId>rpm</artifactId>
+				<version>@project.version@</version>
+				<executions>
+					<execution>
+						<goals>
+							<goal>rpm</goal>
+						</goals>
+						<configuration>
+							<group>Application/Misc</group>
+
+							<forceRelease>false</forceRelease>
+							<version>1.0.0</version>
+							<outputFileName>test15.rpm</outputFileName>
+							<signatureConfiguration>md5-only</signatureConfiguration>
+
+							<signature>
+								<keyId>${keyId}</keyId>
+								<keyringFile>${user.home}/.gnupg/secring.gpg</keyringFile>
+								<passphrase>${passphrase}</passphrase>
+								<hashAlgorithm>SHA1</hashAlgorithm>
+								<skip>${skipSigning}</skip>
+							</signature>
+
+						</configuration>
+					</execution>
+				</executions>
+			</plugin>
+		</plugins>
+	</build>
+
+	<profiles>
+		<profile>
+			<id>sign</id>
+			<activation>
+				<activeByDefault>false</activeByDefault>
+			</activation>
+			<properties>
+				<skipSigning>false</skipSigning>
+			</properties>
+		</profile>
+	</profiles>
+
+</project>
diff --git a/src/it/test15-md5-only/verify.groovy b/src/it/test15-md5-only/verify.groovy
@@ -0,0 +1,11 @@
+def verify ( ) {
+	Process proc = ('rpm -Kv ' + basedir + "/target/test15.rpm").execute()
+	return proc.in.getText().trim()
+}
+
+def result = verify()
+println "Verify: " + result
+
+def m1 = result =~ /MD5 digest\: OK/
+def m2 = result =~ /SHA/
+return m1.find() && !m2.find()
diff --git a/src/it/test15-not-found/invoker.properties b/src/it/test15-not-found/invoker.properties
@@ -0,0 +1 @@
+invoker.buildResult=failure
diff --git a/src/it/test15-not-found/pom.xml b/src/it/test15-not-found/pom.xml
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+
+	<groupId>de.dentrassi.maven.rpm.test</groupId>
+	<artifactId>test15-md5-only</artifactId>
+	<version>1.0.0-SNAPSHOT</version>
+	<packaging>jar</packaging>
+
+	<name>Test Package #15</name>
+	<description>
+	Test "not found"
+	</description>
+
+	<url>http://dentrassi.de</url>
+
+	<organization>
+		<name>Jens Reimann</name>
+		<url>http://dentrassi.de</url>
+	</organization>
+
+	<licenses>
+		<license>
+			<name>Eclipse Public License - v 1.0</name>
+			<distribution>repo</distribution>
+			<url>https://www.eclipse.org/legal/epl-v10.html</url>
+		</license>
+	</licenses>
+
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+		<skipSigning>true</skipSigning>
+		<rpm.skipSigning>true</rpm.skipSigning>
+	</properties>
+
+	<build>
+
+		<plugins>
+			<plugin>
+				<groupId>de.dentrassi.maven</groupId>
+				<artifactId>rpm</artifactId>
+				<version>@project.version@</version>
+				<executions>
+					<execution>
+						<goals>
+							<goal>rpm</goal>
+						</goals>
+						<configuration>
+							<group>Application/Misc</group>
+
+							<forceRelease>false</forceRelease>
+							<version>1.0.0</version>
+							<outputFileName>test15.rpm</outputFileName>
+							<signatureConfiguration>not-found</signatureConfiguration>
+
+							<signature>
+								<keyId>${keyId}</keyId>
+								<keyringFile>${user.home}/.gnupg/secring.gpg</keyringFile>
+								<passphrase>${passphrase}</passphrase>
+								<hashAlgorithm>SHA1</hashAlgorithm>
+								<skip>${skipSigning}</skip>
+							</signature>
+
+						</configuration>
+					</execution>
+				</executions>
+			</plugin>
+		</plugins>
+	</build>
+
+	<profiles>
+		<profile>
+			<id>sign</id>
+			<activation>
+				<activeByDefault>false</activeByDefault>
+			</activation>
+			<properties>
+				<skipSigning>false</skipSigning>
+			</properties>
+		</profile>
+	</profiles>
+
+</project>
diff --git a/src/it/test9-maxversion/verify.groovy b/src/it/test9-maxversion/verify.groovy
diff --git a/src/main/java/de/dentrassi/rpm/builder/RpmMojo.java b/src/main/java/de/dentrassi/rpm/builder/RpmMojo.java
@@ -33,6 +33,7 @@
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Locale;
+import java.util.Map;
 import java.util.Optional;
 import java.util.Set;
 import java.util.function.Consumer;
@@ -70,6 +71,7 @@
 
 import de.dentrassi.rpm.builder.Naming.Case;
 import de.dentrassi.rpm.builder.PackageEntry.Collector;
+import de.dentrassi.rpm.builder.signatures.SignatureConfiguration;
 
 /**
  * Build an RPM file
@@ -537,7 +539,7 @@ public void setGenerateDefaultSourcePackage ( final boolean generateDefaultSourc
     private final List<SimpleDependency> recommends = new LinkedList<> ();;
 
     /**
-     * An optional signature descriptor for GPP signing the final RPM
+     * An optional signature descriptor for GPG signing the final RPM
      * <p>
      * Also see <a href="signing.html">signing</a>
      * </p>
@@ -640,6 +642,40 @@ public void setMaximumSupportedRpmVersion ( final String maximumSupportedRpmVers
         this.maximumSupportedRpmVersion = Version.fromVersionString ( maximumSupportedRpmVersion ).orElseThrow ( () -> new IllegalArgumentException ( String.format ( "Version '%s' is unknown", maximumSupportedRpmVersion ) ) );
     }
 
+    /**
+     * Specify the "hint" for a provider of a signature configuration.
+     * <p>
+     * By default the RPM writer will calculate and add information like MD5,
+     * SHA1, SHA256, etc. to the signature header of the RPM file. However,
+     * some, especially older (really old) RPM versions, have issues when the
+     * encounter signature information they don't understand. This parameter
+     * allows you to configure this process.
+     * <p>
+     * What you configure here is the so called "hint" (Plexus component
+     * name/hint) of the provider to use. This plexus component has to be found
+     * in the class path of the plugin, during runtime. There are two default
+     * providers available, one is <code>default</code> and the other is
+     * <code>md5-only</code>. The latter only adds MD5 checksum information.
+     * <p>
+     * The default is to add as much information as possible to the RPM. So
+     * normally you don't need this parameter.
+     * <p>
+     * Specifying a configuration provider which cannot be found during the
+     * build, will fail the build.
+     *
+     * @since 1.4.0
+     */
+    @Parameter
+    private String signatureConfiguration;
+
+    public void setSignatureConfiguration ( final String signatureConfiguration )
+    {
+        this.signatureConfiguration = signatureConfiguration;
+    }
+
+    @Component ( role = SignatureConfiguration.class )
+    protected Map<String, SignatureConfiguration> signatureConfigurationProviders;
+
     @Override
     public void execute () throws MojoExecutionException, MojoFailureException
     {
@@ -718,7 +754,18 @@ public void execute () throws MojoExecutionException, MojoFailureException
             fillPayload ( builder );
             fillPrefixes ( builder );
 
-            // add signer
+            // setup basic signature processors
+
+            if ( this.signatureConfiguration != null )
+            {
+                this.logger.info ( "Initialize with custom signature configuration: %s (%s)", this.signatureConfiguration, this.signatureConfiguration.getClass () );
+                final SignatureConfiguration provider = this.signatureConfigurationProviders.get ( this.signatureConfiguration );
+                if ( provider == null )
+                {
+                    throw new MojoExecutionException ( String.format ( "Unable to find requested signature configuration provider '%s', have: %s", this.signatureConfiguration, this.signatureConfigurationProviders.keySet () ) );
+                }
+                provider.apply ( builder );
+            }
 
             if ( !this.skipSigning && this.signature != null )
             {