Make trusted-keys paths in manifest relative to manifest

2025-08-22 18:00:35 +00:00 · 2017-07-14 18:25:07 +02:00 · 2017-07-14 18:25:07 +02:00 · 85a0e6a191
commit 85a0e6a191
parent 58c682818c
3 changed files with 10 additions and 7 deletions
--- a/bootstrapvz/base/manifest-schema.yml
+++ b/bootstrapvz/base/manifest-schema.yml
@ -121,7 +121,7 @@ properties:
      trusted-keys:
        type: array
        items:
-          $ref: '#/definitions/absolute_path'
+          $ref: '#/definitions/path'
        minItems: 1
      include-source-type: {type: boolean}
    additionalProperties: false
--- a/bootstrapvz/common/tasks/apt.py
+++ b/bootstrapvz/common/tasks/apt.py
@ -1,6 +1,7 @@
 from bootstrapvz.base import Task
 from bootstrapvz.common import phases
 from bootstrapvz.common.tools import log_check_call
+from bootstrapvz.common.tools import rel_path
 import locale
 import logging
 import os
@ -14,7 +15,8 @@ class ValidateTrustedKeys(Task):
    def run(cls, info):
        from bootstrapvz.common.tools import log_call

-        for i, key_path in enumerate(info.manifest.packages.get('trusted-keys', {})):
+        for i, rel_key_path in enumerate(info.manifest.packages.get('trusted-keys', {})):
+            key_path = rel_path(info.manifest.path, rel_key_path)
            if not os.path.isfile(key_path):
                info.manifest.validation_error('File not found: {}'.format(key_path),
                                               ['packages', 'trusted-keys', i])
@ -108,7 +110,8 @@ class InstallTrustedKeys(Task):
    @classmethod
    def run(cls, info):
        from shutil import copy
-        for key_path in info.manifest.packages['trusted-keys']:
+        for rel_key_path in info.manifest.packages['trusted-keys']:
+            key_path = rel_path(info.manifest.path, rel_key_path)
            key_name = os.path.basename(key_path)
            destination = os.path.join(info.root, 'etc/apt/trusted.gpg.d', key_name)
            copy(key_path, destination)
--- a/manifests/README.rst
+++ b/manifests/README.rst
@ -206,8 +206,8 @@ variety of sources.
   default apt sources. For example ``contrib`` or ``non-free``
   ``optional``
   Default: ``['main']``
-  ``trusted-keys``: List of paths to ``.gpg`` keyrings that should
-   be added to the aptitude keyring of trusted signatures for
+-  ``trusted-keys``: List of paths (relative to the manifest) to ``.gpg`` keyrings
+   that should be added to the aptitude keyring of trusted signatures for
   repositories.
   ``optional``
 -  ``apt.conf.d``: A map of ``apt.conf(5)`` configuration snippets.