* [pbs-devel] [RFC PATCH] apt: add keys as option for proxmox repositories
@ 2025-07-11 13:39 Shannon Sterz
2025-07-15 21:36 ` [pve-devel] applied: [pbs-devel] " Thomas Lamprecht
0 siblings, 1 reply; 3+ messages in thread
From: Shannon Sterz @ 2025-07-11 13:39 UTC (permalink / raw)
To: pbs-devel
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
sending this as rfc for now as i could not do any in-depth testing yet,
but cargo {check,clippy,test} are all happy (or at least not less happy
than before).
proxmox-apt/src/repositories/repository.rs | 2 +-
proxmox-apt/src/repositories/standard.rs | 24 +++++++++++++++-------
2 files changed, 18 insertions(+), 8 deletions(-)
diff --git a/proxmox-apt/src/repositories/repository.rs b/proxmox-apt/src/repositories/repository.rs
index a1263e89..24e7943b 100644
--- a/proxmox-apt/src/repositories/repository.rs
+++ b/proxmox-apt/src/repositories/repository.rs
@@ -122,7 +122,7 @@ impl APTRepositoryImpl for APTRepository {
product: &str,
suite: &str,
) -> bool {
- let (package_type, handle_uris, component) = handle.info(product);
+ let (package_type, handle_uris, component, _key) = handle.info(product);
let mut found_uri = false;
diff --git a/proxmox-apt/src/repositories/standard.rs b/proxmox-apt/src/repositories/standard.rs
index 7eef0502..3dfb917b 100644
--- a/proxmox-apt/src/repositories/standard.rs
+++ b/proxmox-apt/src/repositories/standard.rs
@@ -1,6 +1,6 @@
use proxmox_apt_api_types::{
- APTRepository, APTRepositoryFileType, APTRepositoryHandle, APTRepositoryPackageType,
- APTStandardRepository,
+ APTRepository, APTRepositoryFileType, APTRepositoryHandle, APTRepositoryOption,
+ APTRepositoryPackageType, APTStandardRepository,
};
use crate::repositories::DebianCodename;
@@ -27,10 +27,11 @@ pub trait APTRepositoryHandleImpl {
fn name(self) -> String;
/// Get the standard file path for the repository referenced by the handle.
fn path(self, product: &str, suite: &str) -> String;
- /// Get package type, possible URIs and the component associated with the handle.
+ /// Get package type, possible URIs, the component associated with the handle and the
+ /// associated signing key.
///
/// The first URI is the preferred one.
- fn info(self, product: &str) -> (APTRepositoryPackageType, Vec<String>, String);
+ fn info(self, product: &str) -> (APTRepositoryPackageType, Vec<String>, String, &str);
/// Get the standard repository referenced by the handle.
///
/// An URI in the result is not '/'-terminated (under the assumption that no valid
@@ -111,7 +112,7 @@ impl APTRepositoryHandleImpl for APTRepositoryHandle {
}
}
- fn info(self, product: &str) -> (APTRepositoryPackageType, Vec<String>, String) {
+ fn info(self, product: &str) -> (APTRepositoryPackageType, Vec<String>, String, &str) {
match self {
APTRepositoryHandle::Enterprise => (
APTRepositoryPackageType::Deb,
@@ -123,6 +124,7 @@ impl APTRepositoryHandleImpl for APTRepositoryHandle {
_ => vec![format!("https://enterprise.proxmox.com/debian/{product}")],
},
format!("{product}-enterprise"),
+ "/usr/share/keyrings/proxmox-archive-keyring.gpg",
),
APTRepositoryHandle::NoSubscription => (
APTRepositoryPackageType::Deb,
@@ -134,6 +136,7 @@ impl APTRepositoryHandleImpl for APTRepositoryHandle {
_ => vec![format!("http://download.proxmox.com/debian/{product}")],
},
format!("{product}-no-subscription"),
+ "/usr/share/keyrings/proxmox-archive-keyring.gpg",
),
APTRepositoryHandle::Test => (
APTRepositoryPackageType::Deb,
@@ -145,27 +148,31 @@ impl APTRepositoryHandleImpl for APTRepositoryHandle {
_ => vec![format!("http://download.proxmox.com/debian/{product}")],
},
format!("{product}-test"),
+ "/usr/share/keyrings/proxmox-archive-keyring.gpg",
),
APTRepositoryHandle::CephSquidEnterprise => (
APTRepositoryPackageType::Deb,
vec!["https://enterprise.proxmox.com/debian/ceph-squid".to_string()],
"enterprise".to_string(),
+ "/usr/share/keyrings/proxmox-archive-keyring.gpg",
),
APTRepositoryHandle::CephSquidNoSubscription => (
APTRepositoryPackageType::Deb,
vec!["http://download.proxmox.com/debian/ceph-squid".to_string()],
"no-subscription".to_string(),
+ "/usr/share/keyrings/proxmox-archive-keyring.gpg",
),
APTRepositoryHandle::CephSquidTest => (
APTRepositoryPackageType::Deb,
vec!["http://download.proxmox.com/debian/ceph-squid".to_string()],
"test".to_string(),
+ "/usr/share/keyrings/proxmox-archive-keyring.gpg",
),
}
}
fn to_repository(self, product: &str, suite: &str) -> APTRepository {
- let (package_type, uris, component) = self.info(product);
+ let (package_type, uris, component, key) = self.info(product);
let file_type = match DebianCodename::try_from(suite) {
Ok(codename) if codename >= DebianCodename::Trixie => APTRepositoryFileType::Sources,
@@ -177,7 +184,10 @@ impl APTRepositoryHandleImpl for APTRepositoryHandle {
uris: vec![uris.into_iter().next().unwrap()],
suites: vec![suite.to_string()],
components: vec![component],
- options: vec![],
+ options: vec![APTRepositoryOption {
+ key: "Signed-By".into(),
+ values: vec![key.to_string()],
+ }],
comment: String::new(),
file_type,
enabled: true,
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 3+ messages in thread
* [pbs-devel] applied: [RFC PATCH] apt: add keys as option for proxmox repositories
2025-07-11 13:39 [pbs-devel] [RFC PATCH] apt: add keys as option for proxmox repositories Shannon Sterz
@ 2025-07-15 21:36 ` Thomas Lamprecht
0 siblings, 0 replies; 3+ messages in thread
From: Thomas Lamprecht @ 2025-07-15 21:36 UTC (permalink / raw)
To: pve-devel, pbs-devel, Shannon Sterz
On Fri, 11 Jul 2025 15:39:17 +0200, Shannon Sterz wrote:
>
The patch is rather straight forward and simple e2e test seems alright, so:
Applied, thanks!
[1/1] apt: add keys as option for proxmox repositories
commit: 1452499e67746c955d3d117564fbe5d077984bce
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 3+ messages in thread
* [pve-devel] applied: [pbs-devel] [RFC PATCH] apt: add keys as option for proxmox repositories
@ 2025-07-15 21:36 ` Thomas Lamprecht
0 siblings, 0 replies; 3+ messages in thread
From: Thomas Lamprecht @ 2025-07-15 21:36 UTC (permalink / raw)
To: pve-devel, pbs-devel, Shannon Sterz
On Fri, 11 Jul 2025 15:39:17 +0200, Shannon Sterz wrote:
>
The patch is rather straight forward and simple e2e test seems alright, so:
Applied, thanks!
[1/1] apt: add keys as option for proxmox repositories
commit: 1452499e67746c955d3d117564fbe5d077984bce
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-07-15 21:36 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-07-11 13:39 [pbs-devel] [RFC PATCH] apt: add keys as option for proxmox repositories Shannon Sterz
2025-07-15 21:36 ` [pbs-devel] applied: " Thomas Lamprecht
2025-07-15 21:36 ` [pve-devel] applied: [pbs-devel] " Thomas Lamprecht
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.