Overview

File openSUSE-build-key.spec of Package openSUSE-build-key.17940

#
# spec file for package openSUSE-build-key
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#

%define containerkeydir  %{_datadir}/container-keys/
%define pemcontainerkeydir  /%{_datadir}/pki/containers/

Name:           openSUSE-build-key
BuildRequires:  gpg
Provides:       build-key
Conflicts:      suse-build-key
Requires:       gpg
AutoReqProv:    off
Summary:        The public gpg keys for rpm package signature verification
License:        GPL-2.0+
Group:          System/Packages
Version:        1.0
Release:        0
# build@suse.de for SLE11
# should not be in anymore, sle11 is eol for a while, also 1024bit key.
# Source0:        gpg-pubkey-307e3d54-5aaa90a5.asc
Obsoletes:	gpg-pubkey-307e3d54

# opensuse@opensuse.org
Source1:        gpg-pubkey-3dbdc284-53674dd4.asc
# build@suse.de for SLE12 / SLE15
Source2:        gpg-pubkey-39db7c82-5847eb1f.asc
# openSUSE Backports needed since Leap 15.3
Source3:        gpg-pubkey-65176565-61a0ee8f.asc
# openSUSE Backports since 15.5
Source4:        gpg-pubkey-25db7ae0-645bae34.asc
# SLE 15 4k RSA key
Source5:	gpg-pubkey-3fa1d6ce-63c9481c.asc

# Container key openSUSE
Source7:        opensuse-container-9ab48ce9-5ae3116a.asc

# new 4096bit RSA key for openSUSE
Source8:	build-container-202304-d684afec-64390cff.pem
Source9:	build-container-202304-d684afec-64390cff.asc


# openSUSE RSA 4096 key
Source10:       gpg-pubkey-29b700a4-62b07e22.asc

Source98:       security_at_suse_de.asc
Source100:      dumpsigs
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildArch:      noarch
%define keydir  %{_prefix}/lib/rpm/gnupg/keys
PreReq:         sh-utils gpg fileutils mktemp

%description
This package contains the gpg keys that are used to sign the
openSUSE rpm packages. The keys installed here are not actually
used by anything. rpm/zypper use the keys in the rpm db instead.

%prep
%setup -qcT

%build
cp %SOURCE98 .

%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{keydir}
for i in %SOURCE0 %SOURCE1 %SOURCE2 %SOURCE3 %SOURCE4 %SOURCE5 %SOURCE10; do
    case "$i" in
	*/gpg-pubkey-*.asc)
	install -m 644 "$i" $RPM_BUILD_ROOT%{keydir}
	;;
    esac
done
install -m 755 %{SOURCE100} $RPM_BUILD_ROOT/usr/lib/rpm/gnupg

install -d -m 755 %{buildroot}%{containerkeydir}
install -c -m 644 %{SOURCE7} %{buildroot}%{containerkeydir}/opensuse-container-key.asc
install -c -m 644 %{SOURCE9} %{buildroot}%{containerkeydir}/opensuse-container-key-2023.asc

install -d -m 755 %{buildroot}%{pemcontainerkeydir}/
install -c -m 644 %{SOURCE9} %{buildroot}%{pemcontainerkeydir}/opensuse-container-key-2023.pem

%files
%defattr(644,root,root)
%doc security_at_suse_de.asc
%attr(755,root,root) %dir %{_prefix}/lib/rpm/gnupg
%attr(755,root,root) %dir %{keydir}
%attr(755,root,root) %{_prefix}/lib/rpm/gnupg/dumpsigs
%dir %containerkeydir
/%containerkeydir/opensuse-container-key.asc
/%containerkeydir/opensuse-container-key-2023.asc
%dir %_datadir/pki
%dir %pemcontainerkeydir
/%pemcontainerkeydir/opensuse-container-key-2023.pem
%{keydir}/gpg-pubkey-3dbdc284-53674dd4.asc
%{keydir}/gpg-pubkey-39db7c82-5847eb1f.asc
%{keydir}/gpg-pubkey-65176565-61a0ee8f.asc
%{keydir}/gpg-pubkey-29b700a4-62b07e22.asc
%{keydir}/gpg-pubkey-25db7ae0-645bae34.asc
%{keydir}/gpg-pubkey-3fa1d6ce-63c9481c.asc

%changelog
openSUSE Build Service is sponsored by
Places