CondorCORE/condorcore-keyring
CondorCORE/condorcore-keyring
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Replace sq-keyring-linter with sq >= 0.31.0

Browse Source
This commit is contained in:
David Runge 2023-07-09 15:33:22 +02:00
parent f3d2c171e7
commit 3365f8607c
No known key found for this signature in database
GPG Key ID: 139B09DA5BF0D338
4 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -24,12 +24,11 @@ Build:
Runtime:
* python
* sequoia-sq
* sequoia-sq >= 0.31.0
Optional:
* hopenpgp-tools (verify)
* sq-keyring-linter (verify)
* git (ci)
## Usage

2
libkeyringctl/ci.py
View File

@ -10,7 +10,7 @@ from .verify import verify
def ci(working_dir: Path, keyring_root: Path, project_root: Path) -> None:
"""Verify certificates against modern expectations using sq-keyring-linter and hokey
"""Verify certificates against modern expectations using `sq keyring lint` and hokey
Currently only newly added certificates will be checked against the expectations as existing
keys are not all fully compatible with those assumptions.

2
libkeyringctl/cli.py
View File

@ -118,7 +118,7 @@ verify_parser.add_argument(
)
verify_parser.add_argument("--no-lint-hokey", dest="lint_hokey", action="store_false", help="Do not run hokey lint")
verify_parser.add_argument(
"--no-lint-sq-keyring", dest="lint_sq_keyring", action="store_false", help="Do not run sq-keyring-linter"
"--no-lint-sq-keyring", dest="lint_sq_keyring", action="store_false", help="Do not run sq keyring lint"
)
verify_parser.set_defaults(lint_hokey=True, lint_sq_keyring=True)

6
libkeyringctl/verify.py
View File

@ -29,7 +29,7 @@ def verify( # noqa: ignore=C901
lint_hokey: bool = True,
lint_sq_keyring: bool = True,
) -> None:
"""Verify certificates against modern expectations using sq-keyring-linter and hokey
"""Verify certificates against modern expectations using `sq keyring lint` and hokey
Parameters
----------
@ -38,7 +38,7 @@ def verify( # noqa: ignore=C901
sources: A list of username, fingerprint or directories from which to read PGP packet information
(defaults to `keyring_root`)
lint_hokey: Whether to run hokey lint
lint_sq_keyring: Whether to run sq-keyring-linter
lint_sq_keyring: Whether to run sq keyring lint
"""
if not sources:
@ -71,7 +71,7 @@ def verify( # noqa: ignore=C901
keyring_fd = Popen(("sq", "dearmor", f"{str(keyring_path)}"), stdout=PIPE)
print(system(["hokey", "lint"], _stdin=keyring_fd.stdout), end="")
if lint_sq_keyring:
print(system(["sq-keyring-linter", f"{str(keyring_path)}"]), end="")
print(system(["sq", "keyring", "lint", f"{str(keyring_path)}"]), end="")
def verify_integrity(certificate: Path, all_fingerprints: Set[Fingerprint]) -> None: # noqa: ignore=C901