Charm Helpers

Merge lp:~taoliu-7/charm-helpers/key into lp:charm-helpers

  1. key
  2. Merge into devel
Proposed by Tony Liu
Status: Needs review
Proposed branch: lp:~taoliu-7/charm-helpers/key
Merge into: lp:charm-helpers
Diff against target: 14 lines (+4/-0)
1 file modified
charmhelpers/fetch/__init__.py (+4/-0)
To merge this branch: bzr merge lp:~taoliu-7/charm-helpers/key
Reviewer Review Type Date Requested Status
Tim Van Steenburgh Needs Fixing
Review via email: mp+269275@code.launchpad.net

Description of the change

Add support to get PGP key by HTTP.
This is for using custom secured repo in a private environment.

To post a comment you must log in.
Revision history for this message
Tim Van Steenburgh (tvansteenburgh) wrote :

Generally looks fine. I questioned the sanity of downloading the key over http, but I suppose it is no less secure than hkp, which we already support.

A couple of requests though:

- Please add a test for this. Existing tests around this code exist in tests/fetch/test_fetch.py
- One comment inline

review: Needs Fixing
Reply

Unmerged revisions

435. By Tony Liu

Get key by HTTP.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'charmhelpers/fetch/__init__.py'
2--- charmhelpers/fetch/__init__.py 2015-08-10 13:34:31 +0000
3+++ charmhelpers/fetch/__init__.py 2015-08-26 21:07:14 +0000
4@@ -306,6 +306,10 @@
5 key_file.flush()
6 key_file.seek(0)
7 subprocess.check_call(['apt-key', 'add', '-'], stdin=key_file)
8+ elif 'http://' in key:
9+ with NamedTemporaryFile('w+') as key_file:
10+ subprocess.check_call(['wget', key, '-O-'], stdout=key_file)
11+ subprocess.check_call(['apt-key', 'add', key_file.name])
12 else:
13 # Note that hkp: is in no way a secure protocol. Using a
14 # GPG key id is pointless from a security POV unless you

Subscribers

People subscribed via source and target branches